Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:10-06-2016
Executado por Junnyor (2016-06-11 01:12:06)
Executando a partir de C:\Users\Junnyor\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-11-11 14:36:53)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3825613264-254327883-1314251483-500 - Administrator - Disabled)
Convidado (S-1-5-21-3825613264-254327883-1314251483-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3825613264-254327883-1314251483-1002 - Limited - Enabled)
Junnyor (S-1-5-21-3825613264-254327883-1314251483-1000 - Administrator - Enabled) => C:\Users\Junnyor
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3825613264-254327883-1314251483-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 15.10 beta (x64) (HKLM\...\7-Zip) (Version: 15.10 - Igor Pavlov)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Ashampoo Burning Studio 2016 v.16.0.0 (HKLM-x32\...\{91B33C97-B4A4-B41A-6B97-C62C82CEB6A9}_is1) (Version: 16.0.0 - Ashampoo GmbH & Co. KG)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.448 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (Version: 18.0 - Corel Corporation) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Freemake Video Converter versão 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HP Deskjet 1510 series Software básico do dispositivo (HKLM\...\{649F7314-489F-4E1D-877B-EAE9CB34D7AA}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 2540 series Software básico do dispositivo (HKLM\...\{A4BA74B3-3DCB-47CC-9C80-C2CBAC26C6EB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
IPM_Installer (Version: 2.1 - Your Company Name) Hidden
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.1 - Receita Federal do Brasil)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 pt-BR)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{293C9DF5-7669-4826-BBB2-E1F182D71046}) (Version: 7.02.8631 - Nero AG)
Orbit Downloader (HKLM-x32\...\Orbit_is1) (Version: - www.orbitdownloader.com)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version: - CPUID)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Setup versão 1.5 (HKLM-x32\...\{009476EE-71CA-4629-9823-FBB0616E4C9C}_is1) (Version: 1.5 - Microsoft, Inc.)
SimpleCast v3 (HKLM-x32\...\SimpleCast) (Version: v3 - Spacial Audio Solutions, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Desktop Weather 2.0 (HKLM\...\WeatherTool) (Version: 2.0.1.11076 - ShenZhen Enode Techology co,.Ltd) <==== ATENÇÃO
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Viva version 1.0 (HKLM-x32\...\{15436961-4543-4CA2-ACBF-0B5C73D9E737}_is1) (Version: 1.0 - )
Warsaw 1.9.0.10533 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.9.0.10533 - GAS Tecnologia)
ZaraRadio 1.6.2 (HKLM-x32\...\ZaraRadio_is1) (Version: - Kero Systems S.L.)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {00D03628-5261-4210-A5A3-710A78959F02} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-07-12] (@ByELDI)
Task: {039C395F-A7B4-4883-A952-864B3DD55CC2} - System32\Tasks\Run_Bobby_Browser => C:\Users\Junnyor\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATENÇÃO
Task: {268CBA08-2B5B-4290-A09F-A43A6323F4C8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {26B9A1F0-357D-498F-95BF-3F8FB17B808F} - System32\Tasks\{48C38A9C-356F-4FDE-AC34-1F34767E654B} => c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe [2016-03-05] (Corel Corporation)
Task: {58670E06-2127-44B1-B009-2AEA86D73DCF} - System32\Tasks\Toolbox.exe_{666E3493-1110-41D5-AF8F-1060D4AA7F7B} => C:\Program Files\HP\HP Deskjet 2540 series\Bin\Toolbox.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {5ABC7918-BFD1-4DA3-A326-12344460D4DD} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {63F3CC77-3D8C-4480-B69E-703FC7500356} - System32\Tasks\Driver Booster SkipUAC (Junnyor) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {7ABAE847-68C2-442F-B8AC-3ED14BCBC53F} - System32\Tasks\{A1A8A594-BBEB-4A02-AB8B-778846062619} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe" -d "C:\Arquivos de Programas RFB\IRPF2016"
Task: {7D4A05C8-3718-4CC7-9EED-0D64B56C83A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-11] (Google Inc.)
Task: {8536EF9E-AA25-4BFC-9292-327B6BCADD7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-11] (Google Inc.)
Task: {896826E4-4383-47CB-959D-0675E4B44317} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated)
Task: {997F46C9-4588-4D5E-AE32-AFB24D8FF9A6} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-02-26] (Corel Corporation)
Task: {C462A01D-FB0A-4B69-A664-200FB4B2CFF4} - System32\Tasks\crash_service => C:\Users\Junnyor\AppData\Local\BoBrowser\Application\crash_service.exe <==== ATENÇÃO
Task: {C63834DD-15E9-43E9-83A3-846355CBD803} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {CA717E5D-4CD6-4B45-A76D-A6E5B936B417} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EFE6D004-F850-4AE3-84B6-CEFC8A307C39} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {F4E9BCBF-F94B-48B1-95EF-49A3A276EF55} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-11-25 01:16 - 2015-11-25 01:16 - 01050056 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11076\WeatherEntryDll.dll
2016-04-17 00:02 - 2016-04-07 13:20 - 00075264 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-06-10 12:40 - 2016-06-10 12:40 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-04-08 16:53 - 2015-04-08 16:53 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2015-11-25 01:16 - 2015-11-25 01:16 - 00152008 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11076\WeatherService.exe
2016-06-10 13:02 - 2015-10-05 22:30 - 00346624 _____ () C:\Program Files (x86)\Viva\viva.exe
2016-06-11 00:44 - 2016-06-03 22:01 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-11 00:44 - 2016-06-03 22:01 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:738D1645_Bnb.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1270]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3825613264-254327883-1314251483-1000\...\bnb.gov.br -> hxxps://nel.bnb.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2016-02-18 00:18 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3825613264-254327883-1314251483-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Junnyor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{AAB90ECF-A5DA-46A9-A181-97ACA61FC842}C:\rádio canaã\playlist\pgm\foldersrv.exe] => (Allow) C:\rádio canaã\playlist\pgm\foldersrv.exe
FirewallRules: [UDP Query User{D98B5B79-5510-428E-B0A8-1C65D523D705}C:\rádio canaã\playlist\pgm\foldersrv.exe] => (Allow) C:\rádio canaã\playlist\pgm\foldersrv.exe
FirewallRules: [{D9004C33-E917-4361-8798-55CCEC07DC92}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{04268718-445D-424C-8C49-E32B93924A43}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{17533687-2AC2-486C-9801-CD41BFDD539E}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{05DB01F9-9B7B-420C-B28D-1053133A866B}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A9B3EC32-3A5A-453A-B9DD-F7B35C089E91}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{284F9F27-0FA7-467B-A133-2FC5110BD3FB}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6CCC5DB7-BB63-43F7-9C0C-88FBF722B4D0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{5F9CBC80-5E09-4A72-B570-EE1D6E318A2A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8AAE8F8D-2B6A-457B-9598-D68591AF84CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{190F712C-8E71-4C84-92D4-1BEE876E4E42}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{9938B613-6866-4554-8078-3A095072056C}C:\rádio canaã\playlist\pgm\foldersrv.exe] => (Allow) C:\rádio canaã\playlist\pgm\foldersrv.exe
FirewallRules: [UDP Query User{997B700B-3BA1-41F2-A6B0-4DB200EC3A76}C:\rádio canaã\playlist\pgm\foldersrv.exe] => (Allow) C:\rádio canaã\playlist\pgm\foldersrv.exe
FirewallRules: [{4466005C-A3EB-4D42-84D1-2DD3D4F6FEAA}] => (Allow) LPort=1688
FirewallRules: [{A94D037E-7B59-42DE-B40A-1F316E1F65C0}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{9565F68F-32BA-4724-994D-6AE53B880369}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{0E1AC761-9A74-4C16-B85A-1AB23B699771}] => (Allow) C:\Program Files (x86)\Megacubo\megacubo.exe
FirewallRules: [{F4B510E1-EE6D-472E-BA53-03379811648F}] => (Allow) C:\Program Files (x86)\Megacubo\megacubo.exe
FirewallRules: [{69573089-3B72-4D81-8EF0-4C0B5EE212D2}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{24FD2507-E220-4632-AA73-6D8F2CAD4F47}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E9122EAF-1660-4D77-A032-13D980A7F29E}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{66411611-AD0B-4FA4-AB2E-81EBE86BCE65}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [TCP Query User{94283C3C-67A2-4D4C-8C18-0AFF53A2B111}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{4C6A7609-B090-41ED-9373-29D68AE4CB01}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [{2343F8ED-1282-4B44-9BB8-68723DDEFC35}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3035487F-FB79-4704-B8BD-67753A88834B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FFA6A5FC-005D-408B-825A-CF3DA682E7F0}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{81D8B63D-7FD4-4B81-AF1E-2D6659C895EB}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [{9BF66ACA-C081-4A71-B496-796810585727}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{6B4FBC4A-8943-4967-B1E5-5B7ADC827663}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{98A6A389-FFA7-46A1-85D2-1114773F97C3}] => (Allow) LPort=5357
FirewallRules: [{5F570910-14F0-4575-BCA1-492D1A49F8A1}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A5E734FC-22B3-49F0-9333-D6EFB2064604}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C4D3BF03-054C-4E9C-82CC-0918401F7DDE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{03476769-6C88-4365-BC0E-6A9EFA853842}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{9F88E164-831B-4721-8E37-D919EB6B10AB}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [TCP Query User{38A8A840-B7D2-435C-B3EE-C37D999BDCE7}C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe
FirewallRules: [UDP Query User{882BE247-12E9-4614-BB0C-19B7BC76265E}C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe
FirewallRules: [{6C4D5708-6CAD-4279-8224-4A537F275266}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{57102DC4-3324-43FE-8701-79BB7EF5A4D3}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{F29E80C8-B673-49A6-B054-8C703947E378}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D3F34565-BBE9-473A-978C-810ECF94538D}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
FirewallRules: [{B39285CC-8362-494F-A10C-8AD877E7C41F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Orbitdownloader\orbitdm.exe] => Enabled:Orbit
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Orbitdownloader\orbitnet.exe] => Enabled:Orbit
==================== Pontos de Restauração =========================
10-06-2016 18:10:52 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
11-06-2016 00:41:14 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
11-06-2016 00:47:10 Microsoft Visual Studio Tools for Applications 2015
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: BlueStacks Hypervisor
Description: BlueStacks Hypervisor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BstHdDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: BlueStacks Plus Hypervisor
Description: BlueStacks Plus Hypervisor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BstkDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (06/11/2016 12:39:29 AM) (Source: MsiInstaller) (EventID: 11706) (User: Junnyor-PC)
Description: Product: CorelDRAW Graphics Suite X8 -- Error 1706.No valid source could be found for product CorelDRAW Graphics Suite X8. The Windows Installer cannot continue.
Error: (06/11/2016 12:39:29 AM) (Source: MsiInstaller) (EventID: 11706) (User: Junnyor-PC)
Description: Product: CorelDRAW Graphics Suite X8 -- Error 1706.No valid source could be found for product CorelDRAW Graphics Suite X8. The Windows Installer cannot continue.
Error: (06/11/2016 12:00:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Nome do módulo de falhas: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Código de exceção: 0x40000015
Deslocamento com falha: 0x00012d34
Identificação do processo com falha: 0x7c4
Hora de início do aplicativo com falha: 0xMustangSer2756.exe0
Caminho do aplicativo com falha: MustangSer2756.exe1
FCaminho do módulo de falhas: MustangSer2756.exe2
Identificação do Relatório: MustangSer2756.exe3
Error: (06/11/2016 12:00:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: burningstudio2016.exe, versão: 16.0.0.17, carimbo de hora: 0x5643420a
Nome do módulo de falhas: burningstudio2016.exe, versão: 16.0.0.17, carimbo de hora: 0x5643420a
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00162de0
Identificação do processo com falha: 0xea0
Hora de início do aplicativo com falha: 0xburningstudio2016.exe0
Caminho do aplicativo com falha: burningstudio2016.exe1
FCaminho do módulo de falhas: burningstudio2016.exe2
Identificação do Relatório: burningstudio2016.exe3
Error: (06/10/2016 11:59:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/10/2016 06:18:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: IEXPLORE.EXE, versão: 11.0.9600.16428, carimbo de hora: 0x525b664c
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.22436, carimbo de hora: 0x521eaa80
Código de exceção: 0xc000000d
Deslocamento com falha: 0x00095843
Identificação do processo com falha: 0x984
Hora de início do aplicativo com falha: 0xIEXPLORE.EXE0
Caminho do aplicativo com falha: IEXPLORE.EXE1
FCaminho do módulo de falhas: IEXPLORE.EXE2
Identificação do Relatório: IEXPLORE.EXE3
Error: (06/10/2016 05:01:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Nome do módulo de falhas: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Código de exceção: 0x40000015
Deslocamento com falha: 0x00012d34
Identificação do processo com falha: 0x708
Hora de início do aplicativo com falha: 0xMustangSer2756.exe0
Caminho do aplicativo com falha: MustangSer2756.exe1
FCaminho do módulo de falhas: MustangSer2756.exe2
Identificação do Relatório: MustangSer2756.exe3
Error: (06/10/2016 04:59:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/10/2016 12:47:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Nome do módulo de falhas: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Código de exceção: 0x40000015
Deslocamento com falha: 0x00012d34
Identificação do processo com falha: 0x6c4
Hora de início do aplicativo com falha: 0xMustangSer2756.exe0
Caminho do aplicativo com falha: MustangSer2756.exe1
FCaminho do módulo de falhas: MustangSer2756.exe2
Identificação do Relatório: MustangSer2756.exe3
Error: (06/10/2016 12:45:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Erros de Sistema:
=============
Error: (06/11/2016 12:00:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço MustangService DispalyName foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (06/10/2016 11:59:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Service KMSELDI foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (06/10/2016 11:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Plus Hypervisor devido ao seguinte erro:
%%2
Error: (06/10/2016 11:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Updater Service devido ao seguinte erro:
%%2
Error: (06/10/2016 11:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Log Rotator Service devido ao seguinte erro:
%%2
Error: (06/10/2016 11:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Hypervisor devido ao seguinte erro:
%%2
Error: (06/10/2016 05:01:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço MustangService DispalyName foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (06/10/2016 04:59:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Plus Hypervisor devido ao seguinte erro:
%%2
Error: (06/10/2016 04:59:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Updater Service devido ao seguinte erro:
%%2
Error: (06/10/2016 04:59:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Log Rotator Service devido ao seguinte erro:
%%2
==================== Informações da Memória ===========================
Processador: Intel(R) Celeron(R) CPU E3400 @ 2.60GHz
Percentagem de memória em uso: 72%
RAM física total: 4061.24 MB
RAM física disponível: 1108.59 MB
Virtual Total: 8120.67 MB
Virtual disponível: 4695.19 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:332.03 GB) (Free:262.19 GB) NTFS
Drive d: () (Fixed) (Total:133.39 GB) (Free:133.25 GB) NTFS
Drive f: (CDGSX8) (CDROM) (Total:2.03 GB) (Free:0 GB) CDFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00005957)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=332 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=133.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Junnyor (2016-06-11 01:12:06)
Executando a partir de C:\Users\Junnyor\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-11-11 14:36:53)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3825613264-254327883-1314251483-500 - Administrator - Disabled)
Convidado (S-1-5-21-3825613264-254327883-1314251483-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3825613264-254327883-1314251483-1002 - Limited - Enabled)
Junnyor (S-1-5-21-3825613264-254327883-1314251483-1000 - Administrator - Enabled) => C:\Users\Junnyor
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3825613264-254327883-1314251483-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 15.10 beta (x64) (HKLM\...\7-Zip) (Version: 15.10 - Igor Pavlov)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Ashampoo Burning Studio 2016 v.16.0.0 (HKLM-x32\...\{91B33C97-B4A4-B41A-6B97-C62C82CEB6A9}_is1) (Version: 16.0.0 - Ashampoo GmbH & Co. KG)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.448 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (Version: 18.0 - Corel Corporation) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Freemake Video Converter versão 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HP Deskjet 1510 series Software básico do dispositivo (HKLM\...\{649F7314-489F-4E1D-877B-EAE9CB34D7AA}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 2540 series Software básico do dispositivo (HKLM\...\{A4BA74B3-3DCB-47CC-9C80-C2CBAC26C6EB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
IPM_Installer (Version: 2.1 - Your Company Name) Hidden
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.1 - Receita Federal do Brasil)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 pt-BR)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{293C9DF5-7669-4826-BBB2-E1F182D71046}) (Version: 7.02.8631 - Nero AG)
Orbit Downloader (HKLM-x32\...\Orbit_is1) (Version: - www.orbitdownloader.com)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version: - CPUID)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Setup versão 1.5 (HKLM-x32\...\{009476EE-71CA-4629-9823-FBB0616E4C9C}_is1) (Version: 1.5 - Microsoft, Inc.)
SimpleCast v3 (HKLM-x32\...\SimpleCast) (Version: v3 - Spacial Audio Solutions, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Desktop Weather 2.0 (HKLM\...\WeatherTool) (Version: 2.0.1.11076 - ShenZhen Enode Techology co,.Ltd) <==== ATENÇÃO
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Viva version 1.0 (HKLM-x32\...\{15436961-4543-4CA2-ACBF-0B5C73D9E737}_is1) (Version: 1.0 - )
Warsaw 1.9.0.10533 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.9.0.10533 - GAS Tecnologia)
ZaraRadio 1.6.2 (HKLM-x32\...\ZaraRadio_is1) (Version: - Kero Systems S.L.)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {00D03628-5261-4210-A5A3-710A78959F02} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-07-12] (@ByELDI)
Task: {039C395F-A7B4-4883-A952-864B3DD55CC2} - System32\Tasks\Run_Bobby_Browser => C:\Users\Junnyor\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATENÇÃO
Task: {268CBA08-2B5B-4290-A09F-A43A6323F4C8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {26B9A1F0-357D-498F-95BF-3F8FB17B808F} - System32\Tasks\{48C38A9C-356F-4FDE-AC34-1F34767E654B} => c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe [2016-03-05] (Corel Corporation)
Task: {58670E06-2127-44B1-B009-2AEA86D73DCF} - System32\Tasks\Toolbox.exe_{666E3493-1110-41D5-AF8F-1060D4AA7F7B} => C:\Program Files\HP\HP Deskjet 2540 series\Bin\Toolbox.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {5ABC7918-BFD1-4DA3-A326-12344460D4DD} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {63F3CC77-3D8C-4480-B69E-703FC7500356} - System32\Tasks\Driver Booster SkipUAC (Junnyor) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {7ABAE847-68C2-442F-B8AC-3ED14BCBC53F} - System32\Tasks\{A1A8A594-BBEB-4A02-AB8B-778846062619} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe" -d "C:\Arquivos de Programas RFB\IRPF2016"
Task: {7D4A05C8-3718-4CC7-9EED-0D64B56C83A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-11] (Google Inc.)
Task: {8536EF9E-AA25-4BFC-9292-327B6BCADD7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-11] (Google Inc.)
Task: {896826E4-4383-47CB-959D-0675E4B44317} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated)
Task: {997F46C9-4588-4D5E-AE32-AFB24D8FF9A6} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-02-26] (Corel Corporation)
Task: {C462A01D-FB0A-4B69-A664-200FB4B2CFF4} - System32\Tasks\crash_service => C:\Users\Junnyor\AppData\Local\BoBrowser\Application\crash_service.exe <==== ATENÇÃO
Task: {C63834DD-15E9-43E9-83A3-846355CBD803} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {CA717E5D-4CD6-4B45-A76D-A6E5B936B417} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EFE6D004-F850-4AE3-84B6-CEFC8A307C39} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {F4E9BCBF-F94B-48B1-95EF-49A3A276EF55} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-11-25 01:16 - 2015-11-25 01:16 - 01050056 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11076\WeatherEntryDll.dll
2016-04-17 00:02 - 2016-04-07 13:20 - 00075264 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-06-10 12:40 - 2016-06-10 12:40 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-04-08 16:53 - 2015-04-08 16:53 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2015-11-25 01:16 - 2015-11-25 01:16 - 00152008 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11076\WeatherService.exe
2016-06-10 13:02 - 2015-10-05 22:30 - 00346624 _____ () C:\Program Files (x86)\Viva\viva.exe
2016-06-11 00:44 - 2016-06-03 22:01 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-11 00:44 - 2016-06-03 22:01 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:738D1645_Bnb.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1270]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3825613264-254327883-1314251483-1000\...\bnb.gov.br -> hxxps://nel.bnb.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2016-02-18 00:18 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3825613264-254327883-1314251483-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Junnyor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{AAB90ECF-A5DA-46A9-A181-97ACA61FC842}C:\rádio canaã\playlist\pgm\foldersrv.exe] => (Allow) C:\rádio canaã\playlist\pgm\foldersrv.exe
FirewallRules: [UDP Query User{D98B5B79-5510-428E-B0A8-1C65D523D705}C:\rádio canaã\playlist\pgm\foldersrv.exe] => (Allow) C:\rádio canaã\playlist\pgm\foldersrv.exe
FirewallRules: [{D9004C33-E917-4361-8798-55CCEC07DC92}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{04268718-445D-424C-8C49-E32B93924A43}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{17533687-2AC2-486C-9801-CD41BFDD539E}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{05DB01F9-9B7B-420C-B28D-1053133A866B}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A9B3EC32-3A5A-453A-B9DD-F7B35C089E91}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{284F9F27-0FA7-467B-A133-2FC5110BD3FB}] => (Allow) C:\Users\Junnyor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6CCC5DB7-BB63-43F7-9C0C-88FBF722B4D0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{5F9CBC80-5E09-4A72-B570-EE1D6E318A2A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8AAE8F8D-2B6A-457B-9598-D68591AF84CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{190F712C-8E71-4C84-92D4-1BEE876E4E42}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{9938B613-6866-4554-8078-3A095072056C}C:\rádio canaã\playlist\pgm\foldersrv.exe] => (Allow) C:\rádio canaã\playlist\pgm\foldersrv.exe
FirewallRules: [UDP Query User{997B700B-3BA1-41F2-A6B0-4DB200EC3A76}C:\rádio canaã\playlist\pgm\foldersrv.exe] => (Allow) C:\rádio canaã\playlist\pgm\foldersrv.exe
FirewallRules: [{4466005C-A3EB-4D42-84D1-2DD3D4F6FEAA}] => (Allow) LPort=1688
FirewallRules: [{A94D037E-7B59-42DE-B40A-1F316E1F65C0}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{9565F68F-32BA-4724-994D-6AE53B880369}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{0E1AC761-9A74-4C16-B85A-1AB23B699771}] => (Allow) C:\Program Files (x86)\Megacubo\megacubo.exe
FirewallRules: [{F4B510E1-EE6D-472E-BA53-03379811648F}] => (Allow) C:\Program Files (x86)\Megacubo\megacubo.exe
FirewallRules: [{69573089-3B72-4D81-8EF0-4C0B5EE212D2}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{24FD2507-E220-4632-AA73-6D8F2CAD4F47}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E9122EAF-1660-4D77-A032-13D980A7F29E}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{66411611-AD0B-4FA4-AB2E-81EBE86BCE65}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [TCP Query User{94283C3C-67A2-4D4C-8C18-0AFF53A2B111}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{4C6A7609-B090-41ED-9373-29D68AE4CB01}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [{2343F8ED-1282-4B44-9BB8-68723DDEFC35}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3035487F-FB79-4704-B8BD-67753A88834B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FFA6A5FC-005D-408B-825A-CF3DA682E7F0}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{81D8B63D-7FD4-4B81-AF1E-2D6659C895EB}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [{9BF66ACA-C081-4A71-B496-796810585727}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{6B4FBC4A-8943-4967-B1E5-5B7ADC827663}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{98A6A389-FFA7-46A1-85D2-1114773F97C3}] => (Allow) LPort=5357
FirewallRules: [{5F570910-14F0-4575-BCA1-492D1A49F8A1}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A5E734FC-22B3-49F0-9333-D6EFB2064604}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C4D3BF03-054C-4E9C-82CC-0918401F7DDE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{03476769-6C88-4365-BC0E-6A9EFA853842}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{9F88E164-831B-4721-8E37-D919EB6B10AB}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [TCP Query User{38A8A840-B7D2-435C-B3EE-C37D999BDCE7}C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe
FirewallRules: [UDP Query User{882BE247-12E9-4614-BB0C-19B7BC76265E}C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe
FirewallRules: [{6C4D5708-6CAD-4279-8224-4A537F275266}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{57102DC4-3324-43FE-8701-79BB7EF5A4D3}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{F29E80C8-B673-49A6-B054-8C703947E378}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D3F34565-BBE9-473A-978C-810ECF94538D}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
FirewallRules: [{B39285CC-8362-494F-A10C-8AD877E7C41F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Orbitdownloader\orbitdm.exe] => Enabled:Orbit
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Orbitdownloader\orbitnet.exe] => Enabled:Orbit
==================== Pontos de Restauração =========================
10-06-2016 18:10:52 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
11-06-2016 00:41:14 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
11-06-2016 00:47:10 Microsoft Visual Studio Tools for Applications 2015
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: BlueStacks Hypervisor
Description: BlueStacks Hypervisor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BstHdDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: BlueStacks Plus Hypervisor
Description: BlueStacks Plus Hypervisor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BstkDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (06/11/2016 12:39:29 AM) (Source: MsiInstaller) (EventID: 11706) (User: Junnyor-PC)
Description: Product: CorelDRAW Graphics Suite X8 -- Error 1706.No valid source could be found for product CorelDRAW Graphics Suite X8. The Windows Installer cannot continue.
Error: (06/11/2016 12:39:29 AM) (Source: MsiInstaller) (EventID: 11706) (User: Junnyor-PC)
Description: Product: CorelDRAW Graphics Suite X8 -- Error 1706.No valid source could be found for product CorelDRAW Graphics Suite X8. The Windows Installer cannot continue.
Error: (06/11/2016 12:00:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Nome do módulo de falhas: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Código de exceção: 0x40000015
Deslocamento com falha: 0x00012d34
Identificação do processo com falha: 0x7c4
Hora de início do aplicativo com falha: 0xMustangSer2756.exe0
Caminho do aplicativo com falha: MustangSer2756.exe1
FCaminho do módulo de falhas: MustangSer2756.exe2
Identificação do Relatório: MustangSer2756.exe3
Error: (06/11/2016 12:00:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: burningstudio2016.exe, versão: 16.0.0.17, carimbo de hora: 0x5643420a
Nome do módulo de falhas: burningstudio2016.exe, versão: 16.0.0.17, carimbo de hora: 0x5643420a
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00162de0
Identificação do processo com falha: 0xea0
Hora de início do aplicativo com falha: 0xburningstudio2016.exe0
Caminho do aplicativo com falha: burningstudio2016.exe1
FCaminho do módulo de falhas: burningstudio2016.exe2
Identificação do Relatório: burningstudio2016.exe3
Error: (06/10/2016 11:59:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/10/2016 06:18:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: IEXPLORE.EXE, versão: 11.0.9600.16428, carimbo de hora: 0x525b664c
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.22436, carimbo de hora: 0x521eaa80
Código de exceção: 0xc000000d
Deslocamento com falha: 0x00095843
Identificação do processo com falha: 0x984
Hora de início do aplicativo com falha: 0xIEXPLORE.EXE0
Caminho do aplicativo com falha: IEXPLORE.EXE1
FCaminho do módulo de falhas: IEXPLORE.EXE2
Identificação do Relatório: IEXPLORE.EXE3
Error: (06/10/2016 05:01:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Nome do módulo de falhas: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Código de exceção: 0x40000015
Deslocamento com falha: 0x00012d34
Identificação do processo com falha: 0x708
Hora de início do aplicativo com falha: 0xMustangSer2756.exe0
Caminho do aplicativo com falha: MustangSer2756.exe1
FCaminho do módulo de falhas: MustangSer2756.exe2
Identificação do Relatório: MustangSer2756.exe3
Error: (06/10/2016 04:59:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/10/2016 12:47:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Nome do módulo de falhas: MustangSer2756.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1
Código de exceção: 0x40000015
Deslocamento com falha: 0x00012d34
Identificação do processo com falha: 0x6c4
Hora de início do aplicativo com falha: 0xMustangSer2756.exe0
Caminho do aplicativo com falha: MustangSer2756.exe1
FCaminho do módulo de falhas: MustangSer2756.exe2
Identificação do Relatório: MustangSer2756.exe3
Error: (06/10/2016 12:45:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Erros de Sistema:
=============
Error: (06/11/2016 12:00:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço MustangService DispalyName foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (06/10/2016 11:59:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Service KMSELDI foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (06/10/2016 11:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Plus Hypervisor devido ao seguinte erro:
%%2
Error: (06/10/2016 11:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Updater Service devido ao seguinte erro:
%%2
Error: (06/10/2016 11:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Log Rotator Service devido ao seguinte erro:
%%2
Error: (06/10/2016 11:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Hypervisor devido ao seguinte erro:
%%2
Error: (06/10/2016 05:01:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço MustangService DispalyName foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (06/10/2016 04:59:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Plus Hypervisor devido ao seguinte erro:
%%2
Error: (06/10/2016 04:59:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Updater Service devido ao seguinte erro:
%%2
Error: (06/10/2016 04:59:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Log Rotator Service devido ao seguinte erro:
%%2
==================== Informações da Memória ===========================
Processador: Intel(R) Celeron(R) CPU E3400 @ 2.60GHz
Percentagem de memória em uso: 72%
RAM física total: 4061.24 MB
RAM física disponível: 1108.59 MB
Virtual Total: 8120.67 MB
Virtual disponível: 4695.19 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:332.03 GB) (Free:262.19 GB) NTFS
Drive d: () (Fixed) (Total:133.39 GB) (Free:133.25 GB) NTFS
Drive f: (CDGSX8) (CDROM) (Total:2.03 GB) (Free:0 GB) CDFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00005957)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=332 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=133.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================