cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:15-06-2016
Executado por 123456 (2016-06-15 15:41:00)
Executando a partir de C:\Users\123456\Desktop
Microsoft Windows 10 Pro Versão 1511 (X86) (2016-05-09 15:33:48)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

123456 (S-1-5-21-1140255356-2539845174-965481581-1000 - Administrator - Enabled) => C:\Users\123456
Administrador (S-1-5-21-1140255356-2539845174-965481581-500 - Administrator - Disabled)
Convidado (S-1-5-21-1140255356-2539845174-965481581-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1140255356-2539845174-965481581-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1140255356-2539845174-965481581-1002 - Limited - Enabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

802.11n Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{68E28802-F93D-9F47-095C-5D0580F8DD23}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
Atualizador MapaRadar (HKU\S-1-5-21-1140255356-2539845174-965481581-1000\...\57d28c6af7e739f9) (Version: 1.0.1.12 - MapaRadar)
Avast Premier (HKLM\...\Avast) (Version: 11.2.2262 - AVAST Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Management Programs (HKLM\...\{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}) (Version: 9.03.02 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Corel WordPerfect Office - iFilter (HKLM\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.00.000 - Corel Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Documento Eletrônico Client Components (HKLM\...\{D9B544A1-6841-4C2A-AB84-E1EE9A3D9CB2}) (Version: 1.0.37 - QualiSoft Informática LTDA)
Dropbox (HKLM\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.27.77 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
GIRDAC PDF Creator (HKLM\...\GIRDAC PDF Creator) (Version: 9.2.1.2 - GIRDAC InfoTechnologies)
GIRDAC Port (HKLM\...\GIRDAC Port) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
iCloud (HKLM\...\{39C05E71-5881-4EE2-B00D-27AFA010CAA4}) (Version: 5.2.1.69 - Apple Inc.)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2015) (Version: 1.2 - Receita Federal do Brasil)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
iTunes (HKLM\...\{7C14EFF4-6BD4-4398-AF8D-41F40F8D71F1}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.63.1 - JMicron Technology Corp.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Juris Síntese DVD (HKLM\...\{66281488-FDE8-4C16-A0B3-68649E1EBEBB}) (Version: 118 - Síntese)
Lexmark Pro200-S500 Series (HKLM\...\Lexmark Pro200-S500 Series) (Version: - Lexmark International, Inc.)
Lotus SmartSuite 97 (HKLM\...\SmartSuite V97.0) (Version: - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Portuguese (Portugal)) (HKLM\...\{95120000-00AF-0816-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 pt-BR) (HKLM\...\Mozilla Firefox 47.0 (x86 pt-BR)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
PDF Architect 4 (HKLM\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
SafeSign (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.87 - A.E.T. Europe B.V.)
SafeZone Stable 1.48.2066.101 (Version: 1.48.2066.101 - Avast Software) Hidden
Skype™ 7.24 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Suporte para Aplicativos Apple (32-bit) (HKLM\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Warsaw 1.11.0.42826 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.42826 - GAS Tecnologia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EE}) (Version: 20.0.11659 - WinZip Computing, S.L. )
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24104}) (Version: 20.5.12118 - WinZip Computing, S.L. )
WordPerfect Lightning - IPM (Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - Messages (Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - MSOM (Version: 1.1 - Corel Corporation) Hidden
WordPerfect Lightning (Version: 2.0 - Corel Corporation) Hidden
WordPerfect Office X5 - Common (Version: 15.1 - Corel Corporation) Hidden
Wordperfect Office X5 - EN (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Filters (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Graphics (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - IPM (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - LegalTools (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Migration Manager (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Oxford (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - PerfectExperts EN (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - PR (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - QP (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Setup Files (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Sharepoint (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Skins (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - System EN (Version: 15.0 - Corel Corporation) Hidden
WordPerfect Office X5 - Templates (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - WP (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - WT (Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 (HKLM\...\_{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}) (Version: 15.0.0.431 - Corel Corporation)
WordPerfect Office X5 (Version: 15.1 - Corel Corporation) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1140255356-2539845174-965481581-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\123456\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1140255356-2539845174-965481581-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\123456\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1140255356-2539845174-965481581-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {01EE33E9-C653-4841-B657-D26D8D476B35} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-09] (AVAST Software)
Task: {03BD7976-C6C4-4960-9A57-208C01D1E6F8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {063869DF-72C5-4A35-890D-123A33192B47} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {06E66A52-BDE9-44EB-B243-B34714167AFC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-01-15] (Dropbox, Inc.)
Task: {0D984F96-2A5B-4A58-84D4-C7952AC43DC7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E3CF205-37E1-400C-96F5-D4A87E8C359D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {15FFAB51-BE0C-4B4D-89E3-76A69893A776} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2016-04-22] (Apple Inc.)
Task: {17552122-4722-4305-AA3D-6D9827D5ABC3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {1E78F2C8-17E0-422B-B8F0-70F2A84D00DD} - System32\Tasks\{4CD40627-3FDC-4892-81A6-46BDD0680747} => pcalua.exe -a C:\Users\123456\Downloads\chromeinstall-8u40.exe -d C:\Users\123456\Downloads
Task: {1E99AAEE-D836-4094-9AAF-31A8C561558F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1FFF5929-2655-4009-8AE4-ABA2AE0E3DBA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {23D1B3B3-FF4C-4B6B-8612-FC2E5D85FA80} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24593C68-614A-4940-9F11-C2ED97241D61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-06] (Google Inc.)
Task: {28321CFC-CA3E-4C9D-9760-7A605FFA7EFA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {3625113E-AC71-404B-A8F0-95E6DED7D69F} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\WINDOWS\System32\GWX\GWX.exe
Task: {36C3145D-DAA5-4D02-9ADA-399E5605077F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3895EB7E-C8CE-4058-AB16-B62A39F95116} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3F50E7D7-6169-493B-B1B4-855657F90E5A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {4E5C82B2-DAB2-49A6-91EC-2CA446F32BE1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-12] (Adobe Systems Incorporated)
Task: {4F25D2E9-4E0A-43AA-B1B9-6779F132AD85} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {53CC7872-FF49-4BD4-86B3-E863C2031F5B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {561BA3EC-C8E2-4C5A-A875-F6DCA4CD7431} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {57D2821A-BF2A-436D-977C-00B13EDE94E3} - System32\Tasks\{4116A8FC-F939-4537-9E36-3E128C3BCB90} => pcalua.exe -a "C:\Users\123456\Downloads\wlsetup-web (5).exe" -d C:\Users\123456\Downloads
Task: {59695E5C-2DC1-4D11-AE2E-13F94C652DE3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {5EE97761-116B-48E4-88A5-98323A656521} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {5F219804-2701-4E3A-BDFD-A40BE5765EAA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5FE7597B-9585-4CB4-A935-5BF95697E20D} - System32\Tasks\{E8EFE033-A5BB-48DE-B367-3DD5AB26E0C9} => pcalua.exe -a "C:\Users\123456\Downloads\chromeinstall-8u31 (2).exe" -d C:\Users\123456\Downloads
Task: {60293127-901D-4358-9818-C56412DA656C} - System32\Tasks\{D2B03FBF-2B2C-4365-8E4A-C51BCB648BBD} => pcalua.exe -a C:\Users\123456\Downloads\jxpiinstall(4).exe -d C:\Users\123456\Downloads
Task: {65ECD924-0C0D-4EF4-878D-1AE9F4F2C90A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-01-15] (Dropbox, Inc.)
Task: {65F1F618-9C75-4B98-81CB-8098B5FBFB07} - System32\Tasks\{6199AEA1-2562-4371-9D3E-3BD550DD001F} => pcalua.exe -a "C:\Users\123456\Downloads\wlsetup-web (4).exe" -d C:\Users\123456\Downloads
Task: {6DE3B083-29FF-495F-B07E-F62F6029DE64} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70756C80-494F-4B87-B79C-CF0579E633B7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {746E83ED-E600-450E-9CA9-6F2A38D95F44} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E1E81F3-4C7B-430D-B72A-02DC26A06BB9} - System32\Tasks\{DC923366-DBD5-48A8-A5A9-428E842CA764} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2015\IRPF2015.exe" -d "C:\Arquivos de Programas RFB\IRPF2015"
Task: {88809902-5AB0-4AF3-B9AF-3F5E788C14F1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {93379DC6-53A3-42A6-8117-6F8876868B7D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {94B91CD5-76CD-4A36-82CC-ACEC2157C2AB} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.)
Task: {95DA280E-026A-4F55-9CBF-3A730684EF60} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A446A5C5-D62E-48BA-A52F-5C40FCF013E1} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {A5DF5D77-29A0-438E-B190-CC582708C285} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {A7A0F3BB-438B-4C2E-B523-51E175E664EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated)
Task: {AA1807D0-71A2-4985-AC7D-E055E0707B83} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {ABF17569-FAC4-4076-98A9-79D1269C837B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B056813B-B8E3-4AFE-AB86-41B88C867954} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {B8433052-545D-4EBE-A3FB-83FF8F242B47} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {BB6ACD2A-1E4D-4B3B-9B10-7297912D02B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-06] (Google Inc.)
Task: {BF237249-861D-47D0-BDF9-831936FE21BF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {C1DFBC70-0012-44B8-8B56-4429D5F112DE} - System32\Tasks\{466B42BD-63D0-4B7F-8E06-58A244A7D6E2} => pcalua.exe -a "C:\Users\123456\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\POIT2XIF\delinf_10230[1].EXE" -d C:\Windows\system32
Task: {C4769E12-2C35-48EA-8AC3-0725BB1C642A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C5972B86-5A50-4C12-A7B0-A99FCB31D0C1} - System32\Tasks\{35E0E6FF-A782-4D1C-AEC0-F68E2F737C6C} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe" -d "C:\Arquivos de Programas RFB\IRPF2016"
Task: {C6FA0140-D863-47A5-8066-3EC4988814DC} - System32\Tasks\{2EB9B543-5B00-48C3-9C48-C13B53F4B0EA} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {CE87B364-C167-4516-A908-66E23EC16FD4} - \Microsoft\Windows\Setup\gwx\rundetector -> Nenhum Arquivo <==== ATENÇÃO
Task: {D00154EA-2AA4-47DF-A2E2-6C84F222BE89} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D0CEAF56-5DDC-4FE0-B7BB-8FF1BFEA3F69} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {D2C0AEDC-CD1C-4AF4-BFEA-F8298849D90B} - System32\Tasks\SafeZone scheduled Autoupdate 1450361997 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {D457E5EF-B991-4911-8C42-9ACAD6B7EFBC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D7728DAD-E089-4856-BEB7-9823E8EAAC64} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2575E7C-0495-44F6-914A-D7282C1EBAC3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {E6A0C79C-FC76-4D9E-A8DA-683BA628A052} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {F0D191FA-4CC2-431D-A021-E36740882651} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {F187D9E7-3585-412A-A66E-7DAB2191263E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {F5407ABE-597D-4D68-8CF1-BC22F9BBC476} - System32\Tasks\{6D4146D0-29C8-4240-8503-CF3EE06D5525} => pcalua.exe -a C:\Users\123456\Downloads\jxpiinstall(5).exe -d C:\Users\123456\Downloads

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2016-05-09 15:30 - 2016-05-09 15:30 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-09 15:30 - 2016-05-09 15:30 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-14 09:00 - 2016-06-14 09:00 - 02932736 _____ () C:\Program Files\AVAST Software\Avast\defs\16061400\algo.dll
2016-05-09 15:30 - 2016-05-09 15:30 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-09 15:30 - 2016-05-09 15:30 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-15 15:20 - 2016-06-15 15:20 - 02934272 _____ () C:\Program Files\AVAST Software\Avast\defs\16061501\algo.dll
2016-05-09 12:01 - 2009-11-04 12:14 - 00157696 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\lxebdrpp.dll
2015-08-21 22:08 - 2015-08-21 22:08 - 00114688 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-30 02:44 - 2015-10-30 02:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-05-09 11:49 - 2016-05-09 11:49 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-17 11:14 - 2015-12-17 11:14 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-03-21 12:50 - 2016-05-05 07:09 - 00034768 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2016-06-03 15:40 - 2016-05-05 07:10 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd
2016-06-03 15:40 - 2016-05-05 07:09 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2016-03-21 12:50 - 2016-05-05 07:09 - 00093640 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2016-03-21 12:50 - 2016-05-05 07:09 - 00018376 _____ () C:\Program Files\Dropbox\Client\select.pyd
2016-03-21 12:50 - 2016-05-31 15:34 - 00019760 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2016-06-03 15:40 - 2016-05-05 07:09 - 00392144 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2016-03-21 12:50 - 2016-05-31 15:34 - 00381752 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2016-03-21 12:50 - 2016-05-05 07:09 - 00692688 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-03-21 12:50 - 2016-05-05 07:10 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 01682760 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00020808 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-03-21 12:50 - 2016-05-31 15:34 - 00021840 _____ () C:\Program Files\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00038696 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2016-06-03 15:40 - 2016-05-05 07:11 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00114640 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2016-03-21 12:50 - 2016-05-31 15:34 - 00021832 _____ () C:\Program Files\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2016-03-21 12:50 - 2016-05-31 15:34 - 00023872 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-06-03 15:40 - 2016-05-05 07:09 - 00134088 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00026456 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2016-06-03 15:40 - 2016-05-31 15:33 - 00246592 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00052024 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2016-03-21 12:50 - 2016-05-05 07:09 - 00134608 _____ () C:\Program Files\Dropbox\Client\_elementtree.pyd
2016-06-03 15:40 - 2016-05-05 07:10 - 00240584 _____ () C:\Program Files\Dropbox\Client\jpegtran.pyd
2016-03-21 12:50 - 2016-05-31 15:34 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-03-21 12:50 - 2016-05-31 15:34 - 00019776 _____ () C:\Program Files\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-03-21 12:50 - 2016-05-31 15:34 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00020280 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-03-21 12:50 - 2016-05-31 15:34 - 00023376 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00350152 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2016-03-21 12:50 - 2016-05-31 15:34 - 00022352 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00024392 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-06-03 15:40 - 2016-05-05 07:12 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2016-06-03 15:40 - 2016-05-31 15:34 - 00031568 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-06-03 15:40 - 2016-03-11 21:46 - 00293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll
2016-06-03 15:40 - 2016-05-31 15:34 - 00084280 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-06-03 15:40 - 2016-05-31 15:34 - 01826096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2016-03-21 12:50 - 2016-05-05 07:10 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 03928880 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 01971504 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00531248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00132912 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00223544 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00207672 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-03-21 12:50 - 2016-05-05 07:11 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2016-04-14 19:48 - 2016-05-31 15:34 - 00025928 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-03-21 12:50 - 2016-05-31 15:34 - 00024904 _____ () C:\Program Files\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00546096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd
2016-06-03 15:40 - 2016-05-31 15:34 - 00357680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd
2015-02-10 14:59 - 2013-01-23 12:29 - 00772712 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe
2015-02-10 14:59 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebscw.dll
2009-05-27 11:16 - 2009-05-27 11:16 - 00192512 _____ () C:\WINDOWS\system32\spool\drivers\w32x86\3\lxebdatr.dll
2009-05-27 11:13 - 2009-05-27 11:13 - 00081920 _____ () C:\WINDOWS\system32\spool\drivers\w32x86\3\lxebcats.dll
2015-02-10 14:59 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebDRS.dll
2015-02-10 14:59 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebcaps.dll
2009-02-20 07:48 - 2009-02-20 07:48 - 00299008 _____ () C:\WINDOWS\SYSTEM32\lxebsm.dll
2009-04-28 06:56 - 2009-04-28 06:56 - 00023552 _____ () C:\WINDOWS\system32\lxebsmr.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2016-05-24 10:27 - 2016-05-24 10:27 - 00679624 _____ () C:\Users\123456\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-01-06 13:41 - 2016-01-06 13:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-05-13 13:44 - 2016-05-13 13:44 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
1995-11-05 15:23 - 1995-11-05 15:23 - 00045056 _____ () C:\lotus\register\remind32.exe
2016-05-18 11:57 - 2016-05-18 11:58 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-05-18 11:57 - 2016-05-18 11:58 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-18 11:57 - 2016-05-18 11:58 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-06-09 16:23 - 2016-06-03 22:56 - 01745560 _____ () C:\Program Files\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-09 16:23 - 2016-06-03 22:56 - 00091288 _____ () C:\Program Files\Google\Chrome\Application\51.0.2704.84\libegl.dll
2014-03-31 20:35 - 2014-03-31 20:35 - 00278208 _____ () C:\Program Files\Windows Live\Writer\pt-BR\WindowsLive.Writer.Localization.resources.dll
2016-05-18 14:12 - 2016-04-23 00:58 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-18 14:10 - 2016-04-23 00:58 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-13 08:57 - 2016-02-13 08:57 - 02411360 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-10-30 02:45 - 2015-10-30 02:45 - 00164224 _____ () c:\windows\system32\WerEtw.dll
2016-05-09 11:49 - 2016-05-09 11:49 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-13 08:57 - 2016-02-13 08:57 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-18 14:10 - 2016-04-23 01:20 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-18 14:10 - 2016-04-23 01:05 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-18 14:12 - 2016-04-23 01:01 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8]
AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-1140255356-2539845174-965481581-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1140255356-2539845174-965481581-1000\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-1140255356-2539845174-965481581-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:04 - 2016-04-15 15:07 - 00000035 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1140255356-2539845174-965481581-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Notificador de atualização.lnk => C:\Windows\pss\Notificador de atualização.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupreg: CertificateRegistration => aetcrss1.exe
MSCONFIG\startupreg: Diebold - Warsaw => C:\Program Files\Diebold\Warsaw\core.exe
MSCONFIG\startupreg: Dropbox => "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: EzPrint => "C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: lxebmon.exe => "C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WinSweep => C:\Program Files\WinSweeper\WinSweeper.exe

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{7456FDA8-B149-443E-902B-74AA1971C2E8}] => (Allow) C:\WINDOWS\system32\lxebcoms.exe
FirewallRules: [{DD13399B-DE6B-4353-8010-539BB3380344}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{B70B5B26-667E-4E4F-AFFE-DE75BE44F034}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{683DDF9A-CAAE-430F-A794-DDE93DDD1CFE}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe
FirewallRules: [{03ABDBA3-AF7D-4C95-970C-FA0F4770BFF0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A050901D-9716-4200-81EB-DD929BA16EB6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{61ACEE1E-9523-4DE2-828E-12AB0C3AD703}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{F2C88C8A-B614-4748-96E3-3D7CB4551EF3}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [{93689681-9445-40EA-8554-5B1F57A7DAA2}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [{87D8A800-6013-404A-A2B9-33847234728C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{892C7046-C928-4DAD-9683-6500E0944DAE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{4E3CE519-F124-4A3C-9A44-1F4AF7D7D175}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe

==================== Pontos de Restauração =========================

ATENÇÃO: A Restauração do Sistema está desabilitada

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (06/15/2016 03:43:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af5c4
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000
ID do processo com falha: 0xa28
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (06/15/2016 03:40:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af5c4
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000
ID do processo com falha: 0x460
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (06/15/2016 03:38:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af5c4
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000
ID do processo com falha: 0x22a8
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (06/15/2016 03:37:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: 123456-PC)
Description: O pacote Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App foi terminado porque levou muito tempo para ser suspenso.

Error: (06/15/2016 03:36:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af5c4
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000
ID do processo com falha: 0x2088
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (06/15/2016 03:34:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af5c4
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000
ID do processo com falha: 0x10e8
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (06/15/2016 03:33:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: 123456-PC)
Description: O pacote Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App foi terminado porque levou muito tempo para ser suspenso.

Error: (06/15/2016 03:32:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af5c4
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000
ID do processo com falha: 0xb0
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (06/15/2016 03:30:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af5c4
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000
ID do processo com falha: 0x188c
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (06/15/2016 03:30:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571afa7d
Nome do módulo com falha: StartUI.dll, versão: 10.0.10586.306, carimbo de data/hora: 0x571af863
Código de exceção: 0x80000003
Deslocamento da falha: 0x002547ea
ID do processo com falha: 0x430
Hora de início do aplicativo com falha: 0xShellExperienceHost.exe0
Caminho do aplicativo com falha: ShellExperienceHost.exe1
Caminho do módulo com falha: ShellExperienceHost.exe2
ID do Relatório: ShellExperienceHost.exe3
Nome completo do pacote com falha: ShellExperienceHost.exe4
ID do aplicativo relativo ao pacote com falha: ShellExperienceHost.exe5


Erros de Sistema:
=============
Error: (06/15/2016 03:43:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/15/2016 03:42:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/15/2016 03:34:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/15/2016 03:20:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/14/2016 06:49:46 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (06/14/2016 06:49:22 PM) (Source: DCOM) (EventID: 10010) (User: 123456-PC)
Description: CortanaUI.AppXr0dtzccx33hvam1xwfz3c1354p6222qd.mca

Error: (06/14/2016 06:49:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_23207.

Error: (06/14/2016 06:49:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_23207 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (06/14/2016 06:48:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/14/2016 06:47:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.



CodeIntegrity:
===================================
Date: 2016-06-13 21:43:18.533
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-06-13 21:43:18.220
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-06-13 21:43:17.867
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2016-06-13 21:43:16.906
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-06-13 21:43:16.600
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-06-13 21:43:15.842
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2016-06-13 21:43:11.742
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2016-06-13 21:43:09.761
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2016-05-30 16:11:40.048
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-25 10:15:33.454
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: AMD E-450 APU with Radeon(tm) HD Graphics
Percentagem de memória em uso: 72%
RAM física total: 2676.66 MB
RAM física disponível: 741.85 MB
Virtual Total: 5364.66 MB
Virtual disponível: 2630.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:454 GB) (Free:351.53 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.22 GB) (Free:1.37 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive e: (JSDVD) (CDROM) (Total:3.7 GB) (Free:0 GB) CDFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 494C6357)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=454 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=11.2 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité