cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01
Executado por Jorge Chumbo (2016-03-22 09:13:18)
Executando a partir de C:\Users\Jorge Chumbo\Desktop
Windows 8.1 Pro (X64) (2014-06-02 20:26:46)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2527664994-1075259347-2330048758-500 - Administrator - Disabled)
Convidado (S-1-5-21-2527664994-1075259347-2330048758-501 - Limited - Disabled)
Jorge Chumbo (S-1-5-21-2527664994-1075259347-2330048758-1001 - Administrator - Enabled) => C:\Users\Jorge Chumbo

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
D110 (x32 Version: 140.0.353.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Documents To Go Desktop para iOS (HKLM-x32\...\DTGDesktop) (Version: 5.0000.013 - DataViz, Inc.)
DraftSight 2015 SP3 x64 (HKLM\...\{7A99414C-07F9-48FE-B75F-31B7070639A5}) (Version: 13.3.1040 - Dassault Systemes)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
FormatFactory 3.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\Google Photos Backup) (Version: 1.1.1.276 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Google Photos Backup) (Version: 1.1.1.276 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.2 - Receita Federal do Brasil)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
Microsoft Office 64-bit Components 2013 (HKLM\...\{90150000-002A-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 43.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 pt-BR)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1 - Mozilla)
Music Manager (HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\MusicManager) (Version: - Google, Inc.)
Music Manager (HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MusicManager) (Version: - Google, Inc.)
ONDA All 5.41.8882 (HKLM-x32\...\{9397E0AA-05AA-4F46-8C23-242B963BEB1C}) (Version: 5.41.8882 - ONDA)
Polaris Office (HKLM-x32\...\InstallShield_{E98E2612-D7E2-4F48-BF45-CE32C40A4695}) (Version: 7.1.252 - POLARIS OFFICE Corp.)
Polaris Office (x32 Version: 7.1.252 - POLARIS OFFICE Corp.) Hidden
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.365.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 1.48.2066.44 (x32 Version: 1.48.2066.44 - Avast Software) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SeekerMaker (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{977a63}) (Version: - SeekerMaker) <==== ATENÇÃO
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Nome de sua empresa:)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for PriceMeter (HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\Price Meter Updater) (Version: - Update for PriceMeter) <==== ATENÇÃO
Update for PriceMeter (HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Price Meter Updater) (Version: - Update for PriceMeter) <==== ATENÇÃO
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUSR_{7BDD179E-C954-438B-937D-EB411B701EAB}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114831) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BAEE7A38-3C9E-44DC-9E43-19FC94DD77E2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114831) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUSR_{BAEE7A38-3C9E-44DC-9E43-19FC94DD77E2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114831) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{BAEE7A38-3C9E-44DC-9E43-19FC94DD77E2}) (Version: - Microsoft)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
youtubeadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATENÇÃO

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jorge Chumbo\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jorge Chumbo\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jorge Chumbo\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0604F0A3-C60F-42D6-AE44-BE4074556137} - System32\Tasks\{3CF1AD02-97C1-4A8B-B4AF-A3AE51A2167D} => pcalua.exe -a "C:\Users\Jorge Chumbo\AppData\Roaming\istartsurf\UninstallManager.exe" -c -ptid=tugs
Task: {083B4049-6EF0-467B-88D6-612E9A86702B} - System32\Tasks\{CB7838B4-126F-4D57-BCA5-39FCC1BCBBEE} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.8.0.102/pt/abandoninstall?source=lightinstaller&page=tsInstall
Task: {0E8636F4-9141-4448-90E0-0748B29560AA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-25] (Dropbox, Inc.)
Task: {0F9E083A-5403-41B5-B84C-7343D20E8649} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {20464D54-044E-4621-807B-B1E75DB202A1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {28FCE74C-EA12-4434-8AB7-E586980B2433} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {3E69EA81-0541-43E0-9029-504EA9CE4484} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {4C84CDB5-A9B2-4C38-B509-490099E64FC1} - System32\Tasks\{B33A51D2-ED11-44ED-BB81-C28EF05A9A8E} => pcalua.exe -a "C:\Users\Jorge Chumbo\AppData\Roaming\istartsurf\UninstallManager.exe" -c -ptid=cor
Task: {5DD6C726-70F7-4CC0-8533-76B0B90C413A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2527664994-1075259347-2330048758-1001Core => C:\Users\Jorge Chumbo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {5FBBF2C5-1A95-4E21-8AE8-36013E9AEA70} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {701F7456-41A0-4FD1-9081-15AEE2297316} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-14] (AVAST Software)
Task: {73011A07-6AA7-4A9A-8327-6B75EB5DD13C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-25] (Dropbox, Inc.)
Task: {7C07125F-54B3-44E1-B7D3-666BDCD2D199} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.)
Task: {82C0D939-7379-49F1-9E4C-C7AB3B4BDB6E} - System32\Tasks\{DAAF117E-A35D-48EE-BBF2-275F593A932E} => pcalua.exe -a "C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe" -c /UNINSTALL=dde5a5b2-e3f2-4725-94b9-0e16aa7fec5d
Task: {8348BD8A-BC7E-4719-B689-547ED19FD249} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {8D9DE5CA-4217-4317-A390-80DD35B22F61} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-03-30] ()
Task: {9D30E4EB-8233-4096-ADA0-925133211135} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {9D5AB33E-65FA-4532-A3CD-0AA299EEF88A} - System32\Tasks\SafeZone scheduled Autoupdate 1455452385 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {B5EE8981-28F0-404E-9779-EAF51F414045} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {B6286E83-63AE-45D1-8321-CFF1A3A65FC3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {B99555F0-81CB-4B3C-82DE-E64478998C1E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {BC6434E1-9F47-45AE-A31F-6AF0693CC7A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C0FB2481-3F2E-445F-BBC9-FAFE18FC297C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {CB738AD8-BE53-4ED9-9839-1E0D7E9A7844} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {CEC3ED7A-B838-430B-8373-03F3B434E4C9} - System32\Tasks\new tab helper oursurfing => C:\Users\Jorge Chumbo\AppData\Roaming\oursurfing\newtab_hlpr.exe
Task: {D44487A7-9A26-4BF9-B242-4741D6A1B973} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2527664994-1075259347-2330048758-1001UA => C:\Users\Jorge Chumbo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {D6F2E8BD-81F6-45C6-A46A-F7434A6FDC4C} - System32\Tasks\MaxComputerCleaner_Start => C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe <==== ATENÇÃO
Task: {DCCF1312-325C-40E2-8692-8CFF71124ECE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {E1514BD5-7B41-4453-9F7B-2639C82820BF} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATENÇÃO
Task: {E421EA8B-C4A8-4433-A8CC-BCDE6814AB91} - System32\Tasks\7862C8D9-066E-4051-A850-CEFDAE4E2322{5CBC8F9C-F3CB-4C1C-B4B8-7A00F69720BE} => C:\Program Files\Shop For Rewards\PrefHelper.exe <==== ATENÇÃO
Task: {E5DC2C9D-E4B0-481B-A282-6A927DB07B8F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E6B067FC-C279-4141-98B3-B1879457604D} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\7862C8D9-066E-4051-A850-CEFDAE4E2322{5CBC8F9C-F3CB-4C1C-B4B8-7A00F69720BE}.job => C:\Program Files\Shop For Rewards\PrefHelper.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2527664994-1075259347-2330048758-1001Core.job => C:\Users\Jorge Chumbo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2527664994-1075259347-2330048758-1001UA.job => C:\Users\Jorge Chumbo\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Jorge Chumbo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.top8844.com?oem=mbtkv3&uid=S2ZYJ9FF300083_ST500LM012HN-M500MBB&tm=1429239448
ShortcutWithArgument: C:\Users\Jorge Chumbo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.123rede.com?oem=mbtkv3&uid=S2ZYJ9FF300083_ST500LM012HN-M500MBB&tm=1431383375
ShortcutWithArgument: C:\Users\Jorge Chumbo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.jogostempo.com?oem=mbtkv3&uid=S2ZYJ9FF300083_ST500LM012HN-M500MBB&tm=1429239447

==================== Módulos Carregados (Whitelisted) ==============

2015-01-20 21:35 - 2015-01-20 21:35 - 00085832 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-11 10:09 - 2013-01-27 23:49 - 00239184 ____N () C:\ProgramData\MobileBrServ\mbbservice.exe
2016-02-14 09:10 - 2016-02-14 09:10 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-14 09:10 - 2016-02-14 09:10 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-21 21:41 - 2016-03-21 20:37 - 02856960 _____ () C:\Program Files\AVAST Software\Avast\defs\16032102\algo.dll
2016-02-14 09:10 - 2016-02-14 09:10 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-14 09:10 - 2016-02-14 09:10 - 00307808 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2015-12-11 08:30 - 2015-12-11 08:30 - 03473408 _____ () C:\Users\Jorge Chumbo\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
2016-03-10 15:47 - 2016-03-10 15:47 - 00233920 _____ () C:\Program Files (x86)\Polaris Office\PCloudService.dll
2016-03-10 15:47 - 2016-03-10 15:47 - 00148416 _____ () C:\Program Files (x86)\Polaris Office\zlibwapi.dll
2016-03-10 15:47 - 2016-03-10 15:47 - 00586784 _____ () C:\Program Files (x86)\Polaris Office\sqlite3.dll
2016-03-10 15:47 - 2016-03-10 15:47 - 00337856 _____ () C:\Program Files (x86)\Polaris Office\glew32.dll
2016-03-10 15:47 - 2016-03-10 15:47 - 00102848 _____ () C:\Program Files (x86)\Polaris Office\pcre16.dll
2016-02-01 10:31 - 2016-02-01 10:31 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-10-13 14:07 - 2015-10-13 14:07 - 01032360 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\Users\Jorge Chumbo\Documents\51_5w2h_e_fluxograma.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Jorge Chumbo\Documents\MapaMaccaferriBrasil.pdf:Roxio EMC Stream [38]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\bb.com.br -> aapj.bb.com.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2016-02-23 08:00 - 00000860 ____N C:\Windows\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jorge Chumbo\Pictures\Fundos\SOL1.jpeg
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jorge Chumbo\Pictures\Fundos\SOL1.jpeg
DNS Servers: 94.102.53.185 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Cobian Backup 11 interface"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\StartupApproved\Run: => "PriceMeterW"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\StartupApproved\Run: => "SoftonicAssistant"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\StartupApproved\Run: => "MusicManager"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001\...\StartupApproved\Run: => "Polais Office Sync"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "PriceMeterW"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SoftonicAssistant"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MusicManager"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2527664994-1075259347-2330048758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Polais Office Sync"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5094AF78-5877-42BF-BCFF-25F5540B7A64}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{8725EE16-953C-4C7F-BA91-36700B3DFD88}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{3E9B2381-A12F-4DBC-B8ED-4162FB93E46E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{DFC27F25-69AE-48F7-828C-2CB54D772274}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{BA64A1CD-9BD0-4A49-822A-E4421375465F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{6E6A5190-F42A-4990-A535-7307411DBD78}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{F895670D-6DAB-4888-BCDD-A01060FBD6C9}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{E90EED84-32D9-43EC-A835-E89CAE0C4F8B}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{6E716A5E-8925-4111-BB2F-BA98DFDC44DD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{08B14E8C-B3E8-45B9-9F52-6EF9E51D2F8D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{12780E7E-219C-4D76-9F65-C193FA88C8AE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9B64E75C-6BF6-48B7-A6B3-185D6A7BB31D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B0FD9941-08BB-419E-8F8E-D8AF86038AAA}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{97F4FA50-E641-40DD-B231-39472BFD4136}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{593D5FAB-8C2F-4985-91F5-151FF2648F09}] => (Allow) LPort=4481
FirewallRules: [{F0F4439F-E72B-49FD-ABB7-8DF9C9780BA8}] => (Allow) LPort=4481
FirewallRules: [{AAAAB522-B1B9-4F8B-8C2F-C644D3EA0CD5}] => (Allow) LPort=4482
FirewallRules: [{99C6F6FB-979D-449F-882C-E04DE8A87A7F}] => (Allow) LPort=4482
FirewallRules: [{A8930026-2790-4926-95D7-C1B7B8667AD4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8436C010-277F-46BB-8DF4-774B05468722}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D4C98BD2-187E-4136-B508-66B8B21C39C4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{02DD90F2-399A-4493-BE95-67FA23C7DBC0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{EC300771-E3DE-40E2-AD44-70BF6A8C137C}C:\program files (x86)\cobian backup 11\cbremotemanager.exe] => (Allow) C:\program files (x86)\cobian backup 11\cbremotemanager.exe
FirewallRules: [UDP Query User{3B1FA421-4D94-4202-A3E1-5B37F9BF54D2}C:\program files (x86)\cobian backup 11\cbremotemanager.exe] => (Allow) C:\program files (x86)\cobian backup 11\cbremotemanager.exe
FirewallRules: [{8EE5C5B3-F5E4-4032-8BAB-2C721F7F1200}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{54EE461B-641D-4EDD-B1B1-E00AD993AC76}C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{5A7A48B0-3A88-4919-9915-0F9C668BEA50}C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [TCP Query User{B1CBC0EE-DE61-43CF-9E40-A70746DA2235}C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_rescue.exe] => (Allow) C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{CD5C72A1-F693-4E6E-9BE7-48C849826EAE}C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_rescue.exe] => (Allow) C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_rescue.exe
FirewallRules: [{CB465BE0-BCB0-4C07-BF73-4E32B7747358}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5021819B-1BA7-4006-A433-531CE06DE155}] => (Allow) LPort=2869
FirewallRules: [{928CF416-AC48-4D5F-8C20-DAF4746B23AF}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{1E82BC78-120A-4A0A-9547-F0126E9DBBD9}C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe] => (Allow) C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{9B815270-AC10-4138-BBD3-F00DF421B2B1}C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe] => (Allow) C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe
FirewallRules: [TCP Query User{E575A25D-3B7A-4E86-A1FD-882ABFE7CEA0}C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0005.tmp\lmi_rescue.exe] => (Allow) C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0005.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{65AC95C6-9872-4613-8C45-5E9825BCA967}C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0005.tmp\lmi_rescue.exe] => (Allow) C:\users\jorge chumbo\appdata\local\logmein rescue applet\lmir0005.tmp\lmi_rescue.exe
FirewallRules: [{8BE6171F-1E67-4363-A3F5-CA46681A935E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{92F02267-4AF1-4441-A653-60D0EE08BBC8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{289EBB21-F804-4A84-8278-978A47EDF2E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3A3DA06B-4A48-49CB-A55D-FF5AB882AE17}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F0293956-A4C9-4222-88C5-A740318BAC99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{79A5D082-601C-4B6D-93F2-FA8B9A926991}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{7E8235E2-A7DC-4097-A448-6D1CF7A1FA6F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B5152BC6-EC28-45F4-9138-80D600C82622}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{68B3FB93-564C-4FEA-8A40-100DD92D1C5E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{2DC3804E-8390-4DE8-BFD7-39E47B95A150}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{857C1C32-F9FE-4890-9263-DFF4E5DFB4A4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{D6A1CCDC-EB4B-46CA-9FDB-F6CB0D823689}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{25CD31D8-DB74-4DBC-B82F-99204EB9C0C9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{1096C860-2BEA-41C8-84FD-102C4300508E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{BE610635-72BE-40D9-815B-211768B6004F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{4ABE389E-0C68-416E-9347-B471EF83BF2F}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{0963FC70-2C94-453E-A3EF-5FF1D197A15B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{A5E2418D-B360-419D-AAAD-0D8F2E98FBF6}\setup\hpznui40.exe
FirewallRules: [{E892B88E-E23A-4FC0-91E9-FDCB00F8C680}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C220D860-8698-4885-8C33-F69352E73DB3}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{832FDF70-0A3C-405D-B467-6C6946C4F6D7}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{555ACB3B-A152-4A67-9A99-6B5D8BAC35EF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{0EE792E9-B793-4332-8E6C-1DEF17233DBC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97C4B7A5-BF0B-44A1-B9F5-403A6670CF9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DC376370-B907-4527-8D51-C9C7A1F7D025}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{608B77B5-7731-4176-948E-D341F340F7C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{660DC756-C8D6-4AF4-AD3A-BF01D6821835}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{F1F5C3A7-9C00-425D-8F89-699DCE2DEABB}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{33DC0BE7-432D-448C-B045-CE5C7169A04C}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{2B9BFB5D-6A89-4114-9A5B-CC04F29229AA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4B714F24-E499-439A-846E-C4BE9B8E55E0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{98AADF68-7161-46D3-9852-D949A13611EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F4220B89-561E-4133-A234-BE39F8B4D2FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9241017D-A309-4611-8B33-F27253AF2558}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7DDAC63C-7448-4EA0-AD3F-14974C4620D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3E449D7F-B32F-4A2B-AD7E-1ADBC14E75D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1C394640-6323-4EF5-BCD7-43186AC97EEE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CE69EF0D-3ABC-45B5-BF7B-1EE99D0346DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F28CF33A-B6C5-49E4-B58D-030B1FE4D573}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C201BD14-4B07-4770-81D2-CEBE643C1066}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4BC2FF1F-9B77-4341-92B4-C54E3B566FA6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{72E66CE1-6312-46ED-851D-51E4BA70297D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{87C08C97-FF39-4954-9FE1-9A504E3FE520}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{40DEC9A2-C4E2-417D-82AF-BFD40F903013}] => (Allow) LPort=1688

==================== Pontos de Restauração =========================

18-03-2016 15:14:15 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
18-03-2016 15:15:48 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
18-03-2016 16:34:01 Installed DWGSee Pro 2013
18-03-2016 16:44:42 Installed Free DWG Viewer
18-03-2016 16:52:07 Removed Free DWG Viewer
18-03-2016 17:07:53 Installed Free DWG Viewer
18-03-2016 17:11:58 Removed Free DWG Viewer
19-03-2016 15:19:06 Uniblue SpeedUpMyPC installation
21-03-2016 21:00:39 Operação de restauração

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (03/22/2016 12:39:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9203

Error: (03/22/2016 12:39:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9203

Error: (03/22/2016 12:39:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/22/2016 12:20:59 AM) (Source: MsiInstaller) (EventID: 1041) (User: AUTORIDADE NT)
Description: Falha ao iniciar uma transação do Windows InstallerASU_MSI_TRAN. Erro 1603 ao iniciar a transação.

Error: (03/21/2016 11:48:01 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (1120) SRUJet: Falha na recuperação/restauração do banco de dados com erro inesperado -539.

Error: (03/21/2016 11:47:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: EXCEL.EXE, versão: 15.0.4805.1001, carimbo de data/hora: 0x56c42ee6
Nome do módulo com falha: EXCEL.EXE, versão: 15.0.4805.1001, carimbo de data/hora: 0x56c42ee6
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00069b4c
ID do processo com falha: 0x199c
Hora de início do aplicativo com falha: 0xEXCEL.EXE0
Caminho do aplicativo com falha: EXCEL.EXE1
Caminho do módulo com falha: EXCEL.EXE2
ID do Relatório: EXCEL.EXE3
Nome completo do pacote com falha: EXCEL.EXE4
ID do aplicativo relativo ao pacote com falha: EXCEL.EXE5

Error: (03/21/2016 11:40:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007ffa11500565
ID do processo com falha: 0xa14
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5

Error: (03/21/2016 11:15:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007ffa3a420565
ID do processo com falha: 0x804
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5

Error: (03/21/2016 11:13:55 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Erro não especificado durante a Restauração do Sistema: (Operação de restauração). Informações adicionais: 0xc0000022.

Error: (03/21/2016 10:54:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1076) SRUJet: Erro -1811 (0xfffff8ed) ao abrir o arquivo de log C:\Windows\system32\SRU\SRU02146.log.


Erros de Sistema:
=============
Error: (03/22/2016 08:44:29 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: JORGECHUMBO)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2527664994-1075259347-2330048758-1001-0-ntuser.dat

Error: (03/22/2016 08:43:50 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: JORGECHUMBO)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2527664994-1075259347-2330048758-1001-0-ntuser.dat

Error: (03/22/2016 12:39:07 AM) (Source: DCOM) (EventID: 10010) (User: JORGECHUMBO)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/22/2016 12:39:05 AM) (Source: DCOM) (EventID: 10010) (User: JORGECHUMBO)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/21/2016 11:40:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Service KMSELDI foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (03/21/2016 11:40:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (03/21/2016 11:40:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (03/21/2016 11:37:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (03/21/2016 11:36:40 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Houve falha na inicialização porque não foi possível criar o dispositivo de driver.
Use a cadeia de caracteres "1A1132A850DB" para identificar a interface
para a qual houve falha na inicialização. A cadeia de caracteres representa o endereço MAC da interface
que falhou ou a GUID se o NetBT não conseguir
mapear da GUID para o endereço MAC. Se nem o endereço MAC, nem a GUID
estavam disponíveis, a cadeia de caracteres representará um nome de
dispositivo de cluster.

Error: (03/21/2016 11:36:40 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Houve falha na inicialização porque não foi possível criar o dispositivo de driver.
Use a cadeia de caracteres "1A1132A850DB" para identificar a interface
para a qual houve falha na inicialização. A cadeia de caracteres representa o endereço MAC da interface
que falhou ou a GUID se o NetBT não conseguir
mapear da GUID para o endereço MAC. Se nem o endereço MAC, nem a GUID
estavam disponíveis, a cadeia de caracteres representará um nome de
dispositivo de cluster.


CodeIntegrity:
===================================
Date: 2015-08-30 19:24:03.149
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-30 19:24:02.462
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-30 19:22:17.889
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-30 19:22:17.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-30 19:20:05.345
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-30 19:20:04.952
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-30 19:20:04.545
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-30 19:20:03.999
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-30 19:20:03.436
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-30 19:20:02.764
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentagem de memória em uso: 56%
RAM física total: 4009.54 MB
RAM física disponível: 1749.89 MB
Virtual Total: 8105.54 MB
Virtual disponível: 5580.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:295.1 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CAA8CAA8)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité