Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 31-08-2016
Executado por Ivan (06-09-2016 23:30:04)
Executando a partir de C:\Users\Ivan\Desktop
Windows 10 Home Versão 1511 (X64) (2015-11-26 14:34:30)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1793361252-1642306814-3946400002-500 - Administrator - Disabled)
Ana (S-1-5-21-1793361252-1642306814-3946400002-1004 - Limited - Enabled) => C:\Users\Ana
Convidado (S-1-5-21-1793361252-1642306814-3946400002-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1793361252-1642306814-3946400002-503 - Limited - Disabled)
Ivan (S-1-5-21-1793361252-1642306814-3946400002-1000 - Administrator - Enabled) => C:\Users\Ivan
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
AzureTools.Notifications.VwdExpress (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
BurnAware Free 6.4 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Claro 3G (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - )
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Gerenciador de Downloads (HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\a54e16f5d00985b6) (Version: 0.9.3.123 - Level Up! Gerenciador)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Web - ENU (HKLM-x32\...\{3e544097-53d1-4252-98a6-93cc12a6d487}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Platform Installer 4.6 (HKLM\...\{16C7D2AD-20CA-491E-80BC-8607A9AACED9}) (Version: 4.0.40719.0 - Microsoft Corporation)
Módulo de Proteção - Banco Santander (Brasil) S.A. (HKLM-x32\...\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1) (Version: 3.12.1.2 - )
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
Mozilla Firefox 48.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 pt-BR)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MySQL Connector C++ 1.1.6 (HKLM\...\{80EE5F65-5553-47A1-B6A9-8BF3211D21A3}) (Version: 1.1.6 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{8A9B23F6-9C1D-4DB2-8254-EAB70EF4325B}) (Version: 5.1.36 - Oracle Corporation)
MySQL Connector Net 6.9.6 (HKLM-x32\...\{71458704-E552-4A3E-8BFA-4F61C1F70724}) (Version: 6.9.6 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{ABC3A516-54E3-414B-B501-762E7FB2F9D5}) (Version: 6.1.6 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{39E12863-FE9F-4F26-B0B7-946882D8490C}) (Version: 5.6.26 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{D7C94327-B568-45D9-9EBA-E2167D2EE6F7}) (Version: 5.6.26 - Oracle Corporation)
MySQL Fabric 1.5.4 & MySQL Utilities 1.5.4 (HKLM-x32\...\{1F7D4F80-DF56-48DD-9FC5-220720F7517C}) (Version: 1.5.4 - Oracle Corporation)
MySQL For Excel 1.3.4 (HKLM-x32\...\{A0352E65-6E78-48B3-B6D6-B3208E663249}) (Version: 1.3.4 - Oracle)
MySQL for Visual Studio 1.2.3 (HKLM-x32\...\{EF7630BF-DC4E-4493-9C0F-5B0A739390EF}) (Version: 1.2.3 - Oracle)
MySQL Installer for Windows - Community (HKLM-x32\...\{3BA103F3-9F80-468F-A4D0-52ED5709B871}) (Version: 1.4.11.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Server 5.6 (HKLM\...\{F9D015C6-E9AE-455D-8DDA-BE8B77F3004E}) (Version: 5.6.26 - Oracle Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{40AFAA5A-72EE-45A7-B8D2-CC7E08C9370B}) (Version: 6.3.4 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Paltalk Messenger 11.7 (HKLM-x32\...\Paltalk Messenger) (Version: 11.7.646.17836 - AVM Software Inc.)
PHP Manager 1.2 for IIS 7 (HKLM\...\{E851486F-1FE2-44F0-85ED-F969088A68EE}) (Version: 1.2.0 - )
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Shadow Era Launcher 1.02 (HKLM-x32\...\{69EE23BB-4A14-4631-B2B3-B14748F56FF7}_is1) (Version: 1.02 - Wulven Game Studios)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16034.4 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16034.4 - Samsung Electronics Co., Ltd.) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
Unchecky v1.0.1 (HKLM-x32\...\Unchecky) (Version: 1.0.1 - RaMMicHaeL)
Unity Web Player (HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{7BDD179E-C954-438B-937D-EB411B701EAB}) (Version: - Microsoft)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
Warsaw 1.9.0.10533 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.9.0.10533 - GAS Tecnologia)
wc3270 3.3.9ga12 (HKLM-x32\...\wc3270_is1) (Version: - Paul Mattes)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0001}\InprocServer32 -> C:\Users\Ivan\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Ivan\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0001}\InprocServer32 -> C:\Users\Ivan\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Ivan\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {01D57A2E-D727-4424-8797-95EFED78F596} - System32\Tasks\{A89F789C-846C-41F6-944A-800668A6424C} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2015\IRPF2015.exe" -d "C:\Arquivos de Programas RFB\IRPF2015"
Task: {06B9EE25-2C6B-47B8-84ED-7099A460B6FD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {14BE1C41-212D-46E0-8BB4-DA309E8DFB0F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {196900B9-AC17-48EB-96B7-A03ADCA1A3EC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {1AD5D07F-C685-46B7-9BEE-9B4C2CC0FCBA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {211986DB-DBA1-47A3-A248-3C08B1C8F9E4} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask =>
Task: {21A2416A-3C53-41B6-A44E-5DD6705E3C29} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2015-08-19] (Oracle Corporation)
Task: {286C5235-7D5E-4075-B139-D0C5900B5E6B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2CEAA31A-63A9-4810-ADA3-B42767B1F840} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3151711A-756C-4C10-8505-F75B9F50E2AB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {343AF021-5BEA-488E-8547-40E73649E9F4} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {37CCA156-CC0D-4A2B-B906-BCE5A050920E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {3BF8C3FB-EE15-4052-8E0E-49B347050DA8} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {4B7643DD-C6B7-4EA0-AE84-D821BF531611} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4C23293E-BECB-4C89-BD8E-4DB3F37B47E0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {555C686F-2601-43DB-B092-ECA12D5F65B6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5796F8F3-07C5-4AEC-A827-972B8C26D94A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {60896297-F226-4319-8F74-503ACA3928A7} - System32\Tasks\{DFAF1978-31D7-4441-8CAD-C747513E1BB4} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.7.0.102/pt/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {63615E2A-9705-416E-B859-A82152D4A5DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {6380E8FF-851D-48F0-8FBE-80CA2836EB6C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {64177631-9678-436D-8C50-14930D90CC9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {6A335224-665E-4436-8C52-633885F9F08B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {6D03D49A-0512-409A-B6E6-D6C35223B6A3} - System32\Tasks\{3B20EE6C-E0E6-4A2D-BDDD-183D79447EE2} => pcalua.exe -a "C:\Program Files (x86)\Mobile Partner\uninst.exe"
Task: {6D24B6EA-06C2-41EC-BF1C-E0AA5C050E0B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6E424A6C-AAEC-408A-9005-9B727AFF2FFA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {708B1E1F-BBF2-4DBD-91C4-DCE91F01AD40} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {76116F33-800A-47BD-B968-BC53564B7703} - System32\Tasks\{132E324D-F56D-43AB-B8A1-5DB1F4D6648C} => pcalua.exe -a "C:\Program Files\iGBPCEFsf.exe" -d "C:\Program Files"
Task: {7962E69E-DFFF-4ABC-9747-967B7D8A7150} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {7A17D296-A89B-4001-930B-DA6F48D6101E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {7EFC2C90-FE6B-43D1-9CFE-DFC2AB09854B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7F5ED2B7-E379-44F1-B5ED-8164F040A58B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {85160301-7DD4-4F44-B566-42E05CB94885} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8A63A62D-6AE1-4C2F-B429-6B64A95EEA33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {8B305C2B-E3C7-4E33-A073-056157D35FBC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {8E3DF4D6-35C7-42C4-A3B4-1F684D2D4764} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {914B79C5-0A34-4B16-B476-6BCA78790BFA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {A2B9D029-7243-4168-80F8-4FEF011677DE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-25] (Microsoft Corporation)
Task: {A67B39FE-7A95-4F3A-A9DE-2B1524264471} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {B01B22AF-89D2-44CF-83AD-A4FE8277FE93} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B21BE69D-B70C-4B49-91C9-946EF67E1F71} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C518C286-2630-4166-A47B-D6D58D7B902A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {C5AE579C-D16F-4C70-8051-93CE929A85FC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D64E77D4-FC21-4E8F-9505-09C015DE279F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {D6ED6D94-BF7B-4655-B654-2F9EDA9BD8F9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {DABC9D1C-059F-4CBB-8C82-6E9BC86551F3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DB27A538-4B02-4950-A7A4-0E67F316E0AE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {E7B98416-A630-459A-A306-538A746F5551} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F076E734-D422-44CE-B162-28B69E0D4E1B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F7AD33B4-05E3-4613-81BA-8A83F3A054BD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {F8D3449A-7DFA-47A9-8127-34ACE6DF7983} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Local\Microsoft\Windows\GameExplorer\{CCB6F9C9-1B87-4BC4-A2B5-B355204370E3}\SupportTasks\1\Suporte.lnk -> hxxp://www.strategyfirst.com/en/support/
Shortcut: C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Local\Microsoft\Windows\GameExplorer\{CCB6F9C9-1B87-4BC4-A2B5-B355204370E3}\SupportTasks\0\Página inicial.lnk -> hxxp://www.warriorkingsbattles.com/
ShortcutWithArgument: C:\Users\Ivan\Desktop\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Ivan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Ivan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Ivan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
==================== Módulos Carregados (Whitelisted) ==============
2015-07-15 00:13 - 2015-07-15 00:13 - 13061632 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 17:44 - 2016-07-01 01:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 17:44 - 2016-07-01 01:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-22 12:04 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 17:45 - 2016-07-01 00:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-18 22:31 - 2016-04-19 00:45 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-13 17:44 - 2016-07-01 00:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 17:44 - 2016-07-01 00:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 17:44 - 2016-07-01 00:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 17:44 - 2016-07-01 00:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-22 18:02 - 2013-04-25 12:55 - 10870528 _____ () C:\Program Files (x86)\Claro 3G\UIMain.exe
2014-09-22 18:02 - 2013-04-25 12:55 - 00680192 _____ () C:\Program Files (x86)\Claro 3G\CMUpdater.exe
2014-06-12 17:22 - 2014-06-12 17:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2016-04-18 22:31 - 2016-04-19 00:45 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-18 22:31 - 2016-04-19 00:45 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-09-22 18:02 - 2012-09-24 16:01 - 01177424 _____ () C:\Program Files (x86)\Claro 3G\WAITINGFORM.DLL
2014-09-22 18:02 - 2013-04-25 12:54 - 01180928 _____ () C:\Program Files (x86)\Claro 3G\DLL_NETCARD_R.DLL
2014-09-22 18:02 - 2010-12-10 12:42 - 00238928 _____ () C:\Program Files (x86)\Claro 3G\UICommonDlg.dll
2014-09-22 18:02 - 2010-12-10 12:42 - 00349520 _____ () C:\Program Files (x86)\Claro 3G\UISkin.dll
2014-09-22 18:02 - 2010-12-10 12:42 - 00165712 _____ () C:\Program Files (x86)\Claro 3G\BIXml.dll
2014-09-22 18:02 - 2010-12-10 12:42 - 00617808 _____ () C:\Program Files (x86)\Claro 3G\UpdateAgent.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\bancoreal.com.br -> hxxp://www.bancoreal.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\bancosantander.com.br -> hxxp://www.bancosantander.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\bancosantander.com.br -> hxxps://www.bancosantander.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\realsecureweb.com.br -> hxxps://www.realsecureweb.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santander.com.br -> hxxp://www.santander.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santander.com.br -> www.santander.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santanderempresarial.com.br -> hxxp://www.santanderempresarial.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santanderempresarial.com.br -> www.santanderempresarial.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santandernet.com.br -> hxxps://www.santandernet.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santandernet.com.br -> www.santandernet.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santandernetibe.com.br -> hxxps://www.santandernetibe.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santandernetibe.com.br -> www.santandernetibe.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\secureweb.com.br -> hxxps://www.secureweb.com.br
IE trusted site: HKU\User-4\...\bancoreal.com.br -> hxxp://www.bancoreal.com.br
IE trusted site: HKU\User-4\...\bancosantander.com.br -> hxxp://www.bancosantander.com.br
IE trusted site: HKU\User-4\...\bancosantander.com.br -> hxxps://www.bancosantander.com.br
IE trusted site: HKU\User-4\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\User-4\...\realsecureweb.com.br -> hxxps://www.realsecureweb.com.br
IE trusted site: HKU\User-4\...\santander.com.br -> hxxp://www.santander.com.br
IE trusted site: HKU\User-4\...\santanderempresarial.com.br -> hxxp://www.santanderempresarial.com.br
IE trusted site: HKU\User-4\...\santandernet.com.br -> hxxps://www.santandernet.com.br
IE trusted site: HKU\User-4\...\santandernetibe.com.br -> hxxps://www.santandernetibe.com.br
IE trusted site: HKU\User-4\...\secureweb.com.br -> hxxps://www.secureweb.com.br
IE trusted site: HKU\User-5\...\bancoreal.com.br -> hxxp://www.bancoreal.com.br
IE trusted site: HKU\User-5\...\bancosantander.com.br -> hxxp://www.bancosantander.com.br
IE trusted site: HKU\User-5\...\bancosantander.com.br -> hxxps://www.bancosantander.com.br
IE trusted site: HKU\User-5\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\User-5\...\realsecureweb.com.br -> hxxps://www.realsecureweb.com.br
IE trusted site: HKU\User-5\...\santander.com.br -> hxxp://www.santander.com.br
IE trusted site: HKU\User-5\...\santanderempresarial.com.br -> hxxp://www.santanderempresarial.com.br
IE trusted site: HKU\User-5\...\santandernet.com.br -> hxxps://www.santandernet.com.br
IE trusted site: HKU\User-5\...\santandernetibe.com.br -> hxxps://www.santandernetibe.com.br
IE trusted site: HKU\User-5\...\secureweb.com.br -> hxxps://www.secureweb.com.br
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2016-09-01 12:27 - 00002022 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Existem ainda 4 mais linhas.
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\User-4\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\User-5\Control Panel\Desktop\\Wallpaper -> C:\Users\Ana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\User-6\Control Panel\Desktop\\Wallpaper ->
HKU\User-7\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 200.169.117.221 - 200.169.117.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\startupfolder: C:^Users^Ivan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\StartupApproved\StartupFolder: => "PalTalk.lnk"
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C76D497934B1A0EE0E3BF23C3F10F9A7"
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\StartupApproved\Run: => "MySQL Notifier"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{740EBEE1-94E3-4F8D-9187-F46539E1CC6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E1F7BD42-7CC4-4105-B951-05B99FCE2344}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{644CEC67-4834-4D09-90BB-8068B196FECB}] => (Block) C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [{35EC8EDD-A749-452A-B40A-A4E851C10864}] => (Block) C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [UDP Query User{50950C22-6928-4AFD-A394-8B6DFE72B063}C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [TCP Query User{F0BFEFE3-C68E-4D5C-84DF-FF93D13532AB}C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [{18A3FC7C-F42F-4A47-85A0-F0D166CF5D19}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{92E62D73-F3F4-4F82-B296-6C926A63A5DC}] => (Allow) LPort=3306
FirewallRules: [UDP Query User{341B29CB-F830-44EC-8CAF-45FF1D7B5772}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3F0170D4-B642-46D1-B9CB-3D628078FD8F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B423ECA4-6D65-4348-94BF-CF10F3B55632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7736D09C-21AD-4AB4-85CB-2DB6D0888294}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{34F04954-3F08-432C-8C55-AF5A50CEB8AD}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [TCP Query User{AF813AFC-52FD-41B6-AD46-2AE7558693F3}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{7371C823-E1AF-4E41-B76E-EEEE81AD1BF7}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{36F3AB7D-C0FF-42BA-A699-3F92BD859365}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [UDP Query User{940752C4-EA29-403C-ACBF-C6C5563F9B67}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [TCP Query User{3EA8CBCB-96E6-40D3-92A6-43D116758E13}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{B263243F-8ED1-4188-8A1B-5434E6C6ACDA}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{6F27820B-54DF-4641-9F30-902AAD0BE97C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{A0ED3BA6-9F8A-453F-BBB3-B7C599C3FE62}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [TCP Query User{1B7ED2FD-D801-4AE8-85D9-D68BBE043EE7}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{DD22D721-A34D-476A-8F69-D094C08FADBC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7F7C1768-CBF4-4D67-B32A-5132C73B9415}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{24BC3941-B637-4F21-B9FF-43DC1F16B01D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{3D3D20BB-CD69-4C88-9F87-CEEE610EE2F8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{E95EE1D5-EA99-47AB-B04C-6CB8A7AD4FE5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ED3BD995-8A85-4DD6-A0C7-37B01B3A0962}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
25-08-2016 00:17:18 Windows Update
25-08-2016 00:18:38 Windows Update
04-09-2016 19:07:08 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (09/06/2016 11:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 11:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 10:41:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 10:39:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 10:39:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 10:38:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa UIMain.exe versão 1.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 1fc4
Hora de Início: 01d20881f672afaa
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files (x86)\Claro 3G\UIMain.exe
ID do Relatório: b5a83bc6-749b-11e6-ae65-00158307c667
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (09/06/2016 10:36:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 10:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 09:36:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 09:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Erros de Sistema:
=============
Error: (09/06/2016 12:18:41 PM) (Source: DCOM) (EventID: 10010) (User: IVAN-PC)
Description: O servidor App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca não se registrou no DCOM dentro do tempo limite necessário.
Error: (09/05/2016 11:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_51019bc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/05/2016 11:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_51019bc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/05/2016 11:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_51019bc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/05/2016 11:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_51019bc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/04/2016 11:02:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_4954678 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/04/2016 11:02:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_4954678 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/04/2016 11:02:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_4954678 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/04/2016 11:02:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_4954678 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/04/2016 01:41:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_30da4d7 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-09-04 19:19:52.764
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-25 23:40:00.272
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-25 12:16:33.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 22:06:10.552
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-16 20:38:48.915
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-16 20:16:14.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-28 11:47:28.058
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-27 22:50:20.198
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-27 21:47:58.523
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-19 22:26:33.168
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
Percentagem de memória em uso: 54%
RAM física total: 4086.18 MB
RAM física disponível: 1863.62 MB
Virtual Total: 8182.18 MB
Virtual disponível: 5372.98 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.22 GB) (Free:328.72 GB) NTFS
Drive g: (ZTEMODEM) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CB93B4AD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== Fim de Addition.txt ============================
Executado por Ivan (06-09-2016 23:30:04)
Executando a partir de C:\Users\Ivan\Desktop
Windows 10 Home Versão 1511 (X64) (2015-11-26 14:34:30)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1793361252-1642306814-3946400002-500 - Administrator - Disabled)
Ana (S-1-5-21-1793361252-1642306814-3946400002-1004 - Limited - Enabled) => C:\Users\Ana
Convidado (S-1-5-21-1793361252-1642306814-3946400002-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1793361252-1642306814-3946400002-503 - Limited - Disabled)
Ivan (S-1-5-21-1793361252-1642306814-3946400002-1000 - Administrator - Enabled) => C:\Users\Ivan
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
AzureTools.Notifications.VwdExpress (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
BurnAware Free 6.4 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Claro 3G (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - )
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Gerenciador de Downloads (HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\a54e16f5d00985b6) (Version: 0.9.3.123 - Level Up! Gerenciador)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Web - ENU (HKLM-x32\...\{3e544097-53d1-4252-98a6-93cc12a6d487}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Platform Installer 4.6 (HKLM\...\{16C7D2AD-20CA-491E-80BC-8607A9AACED9}) (Version: 4.0.40719.0 - Microsoft Corporation)
Módulo de Proteção - Banco Santander (Brasil) S.A. (HKLM-x32\...\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1) (Version: 3.12.1.2 - )
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
Mozilla Firefox 48.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 pt-BR)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MySQL Connector C++ 1.1.6 (HKLM\...\{80EE5F65-5553-47A1-B6A9-8BF3211D21A3}) (Version: 1.1.6 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{8A9B23F6-9C1D-4DB2-8254-EAB70EF4325B}) (Version: 5.1.36 - Oracle Corporation)
MySQL Connector Net 6.9.6 (HKLM-x32\...\{71458704-E552-4A3E-8BFA-4F61C1F70724}) (Version: 6.9.6 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{ABC3A516-54E3-414B-B501-762E7FB2F9D5}) (Version: 6.1.6 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{39E12863-FE9F-4F26-B0B7-946882D8490C}) (Version: 5.6.26 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{D7C94327-B568-45D9-9EBA-E2167D2EE6F7}) (Version: 5.6.26 - Oracle Corporation)
MySQL Fabric 1.5.4 & MySQL Utilities 1.5.4 (HKLM-x32\...\{1F7D4F80-DF56-48DD-9FC5-220720F7517C}) (Version: 1.5.4 - Oracle Corporation)
MySQL For Excel 1.3.4 (HKLM-x32\...\{A0352E65-6E78-48B3-B6D6-B3208E663249}) (Version: 1.3.4 - Oracle)
MySQL for Visual Studio 1.2.3 (HKLM-x32\...\{EF7630BF-DC4E-4493-9C0F-5B0A739390EF}) (Version: 1.2.3 - Oracle)
MySQL Installer for Windows - Community (HKLM-x32\...\{3BA103F3-9F80-468F-A4D0-52ED5709B871}) (Version: 1.4.11.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Server 5.6 (HKLM\...\{F9D015C6-E9AE-455D-8DDA-BE8B77F3004E}) (Version: 5.6.26 - Oracle Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{40AFAA5A-72EE-45A7-B8D2-CC7E08C9370B}) (Version: 6.3.4 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Paltalk Messenger 11.7 (HKLM-x32\...\Paltalk Messenger) (Version: 11.7.646.17836 - AVM Software Inc.)
PHP Manager 1.2 for IIS 7 (HKLM\...\{E851486F-1FE2-44F0-85ED-F969088A68EE}) (Version: 1.2.0 - )
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Shadow Era Launcher 1.02 (HKLM-x32\...\{69EE23BB-4A14-4631-B2B3-B14748F56FF7}_is1) (Version: 1.02 - Wulven Game Studios)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16034.4 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16034.4 - Samsung Electronics Co., Ltd.) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
Unchecky v1.0.1 (HKLM-x32\...\Unchecky) (Version: 1.0.1 - RaMMicHaeL)
Unity Web Player (HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{7BDD179E-C954-438B-937D-EB411B701EAB}) (Version: - Microsoft)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
Warsaw 1.9.0.10533 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.9.0.10533 - GAS Tecnologia)
wc3270 3.3.9ga12 (HKLM-x32\...\wc3270_is1) (Version: - Paul Mattes)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0001}\InprocServer32 -> C:\Users\Ivan\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Ivan\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0001}\InprocServer32 -> C:\Users\Ivan\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Ivan\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {01D57A2E-D727-4424-8797-95EFED78F596} - System32\Tasks\{A89F789C-846C-41F6-944A-800668A6424C} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2015\IRPF2015.exe" -d "C:\Arquivos de Programas RFB\IRPF2015"
Task: {06B9EE25-2C6B-47B8-84ED-7099A460B6FD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {14BE1C41-212D-46E0-8BB4-DA309E8DFB0F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {196900B9-AC17-48EB-96B7-A03ADCA1A3EC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {1AD5D07F-C685-46B7-9BEE-9B4C2CC0FCBA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {211986DB-DBA1-47A3-A248-3C08B1C8F9E4} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask =>
Task: {21A2416A-3C53-41B6-A44E-5DD6705E3C29} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2015-08-19] (Oracle Corporation)
Task: {286C5235-7D5E-4075-B139-D0C5900B5E6B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2CEAA31A-63A9-4810-ADA3-B42767B1F840} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3151711A-756C-4C10-8505-F75B9F50E2AB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {343AF021-5BEA-488E-8547-40E73649E9F4} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {37CCA156-CC0D-4A2B-B906-BCE5A050920E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {3BF8C3FB-EE15-4052-8E0E-49B347050DA8} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {4B7643DD-C6B7-4EA0-AE84-D821BF531611} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4C23293E-BECB-4C89-BD8E-4DB3F37B47E0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {555C686F-2601-43DB-B092-ECA12D5F65B6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5796F8F3-07C5-4AEC-A827-972B8C26D94A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {60896297-F226-4319-8F74-503ACA3928A7} - System32\Tasks\{DFAF1978-31D7-4441-8CAD-C747513E1BB4} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.7.0.102/pt/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {63615E2A-9705-416E-B859-A82152D4A5DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {6380E8FF-851D-48F0-8FBE-80CA2836EB6C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {64177631-9678-436D-8C50-14930D90CC9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {6A335224-665E-4436-8C52-633885F9F08B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {6D03D49A-0512-409A-B6E6-D6C35223B6A3} - System32\Tasks\{3B20EE6C-E0E6-4A2D-BDDD-183D79447EE2} => pcalua.exe -a "C:\Program Files (x86)\Mobile Partner\uninst.exe"
Task: {6D24B6EA-06C2-41EC-BF1C-E0AA5C050E0B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6E424A6C-AAEC-408A-9005-9B727AFF2FFA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {708B1E1F-BBF2-4DBD-91C4-DCE91F01AD40} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {76116F33-800A-47BD-B968-BC53564B7703} - System32\Tasks\{132E324D-F56D-43AB-B8A1-5DB1F4D6648C} => pcalua.exe -a "C:\Program Files\iGBPCEFsf.exe" -d "C:\Program Files"
Task: {7962E69E-DFFF-4ABC-9747-967B7D8A7150} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {7A17D296-A89B-4001-930B-DA6F48D6101E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {7EFC2C90-FE6B-43D1-9CFE-DFC2AB09854B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7F5ED2B7-E379-44F1-B5ED-8164F040A58B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {85160301-7DD4-4F44-B566-42E05CB94885} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8A63A62D-6AE1-4C2F-B429-6B64A95EEA33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {8B305C2B-E3C7-4E33-A073-056157D35FBC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {8E3DF4D6-35C7-42C4-A3B4-1F684D2D4764} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {914B79C5-0A34-4B16-B476-6BCA78790BFA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {A2B9D029-7243-4168-80F8-4FEF011677DE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-25] (Microsoft Corporation)
Task: {A67B39FE-7A95-4F3A-A9DE-2B1524264471} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {B01B22AF-89D2-44CF-83AD-A4FE8277FE93} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B21BE69D-B70C-4B49-91C9-946EF67E1F71} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C518C286-2630-4166-A47B-D6D58D7B902A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {C5AE579C-D16F-4C70-8051-93CE929A85FC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D64E77D4-FC21-4E8F-9505-09C015DE279F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {D6ED6D94-BF7B-4655-B654-2F9EDA9BD8F9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {DABC9D1C-059F-4CBB-8C82-6E9BC86551F3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DB27A538-4B02-4950-A7A4-0E67F316E0AE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {E7B98416-A630-459A-A306-538A746F5551} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F076E734-D422-44CE-B162-28B69E0D4E1B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F7AD33B4-05E3-4613-81BA-8A83F3A054BD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {F8D3449A-7DFA-47A9-8127-34ACE6DF7983} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Local\Microsoft\Windows\GameExplorer\{CCB6F9C9-1B87-4BC4-A2B5-B355204370E3}\SupportTasks\1\Suporte.lnk -> hxxp://www.strategyfirst.com/en/support/
Shortcut: C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Local\Microsoft\Windows\GameExplorer\{CCB6F9C9-1B87-4BC4-A2B5-B355204370E3}\SupportTasks\0\Página inicial.lnk -> hxxp://www.warriorkingsbattles.com/
ShortcutWithArgument: C:\Users\Ivan\Desktop\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Ivan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Ivan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Ivan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
==================== Módulos Carregados (Whitelisted) ==============
2015-07-15 00:13 - 2015-07-15 00:13 - 13061632 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 17:44 - 2016-07-01 01:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 17:44 - 2016-07-01 01:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-22 12:04 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 17:45 - 2016-07-01 00:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-18 22:31 - 2016-04-19 00:45 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-13 17:44 - 2016-07-01 00:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 17:44 - 2016-07-01 00:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 17:44 - 2016-07-01 00:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 17:44 - 2016-07-01 00:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-22 18:02 - 2013-04-25 12:55 - 10870528 _____ () C:\Program Files (x86)\Claro 3G\UIMain.exe
2014-09-22 18:02 - 2013-04-25 12:55 - 00680192 _____ () C:\Program Files (x86)\Claro 3G\CMUpdater.exe
2014-06-12 17:22 - 2014-06-12 17:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2016-04-18 22:31 - 2016-04-19 00:45 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-18 22:31 - 2016-04-19 00:45 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-09-22 18:02 - 2012-09-24 16:01 - 01177424 _____ () C:\Program Files (x86)\Claro 3G\WAITINGFORM.DLL
2014-09-22 18:02 - 2013-04-25 12:54 - 01180928 _____ () C:\Program Files (x86)\Claro 3G\DLL_NETCARD_R.DLL
2014-09-22 18:02 - 2010-12-10 12:42 - 00238928 _____ () C:\Program Files (x86)\Claro 3G\UICommonDlg.dll
2014-09-22 18:02 - 2010-12-10 12:42 - 00349520 _____ () C:\Program Files (x86)\Claro 3G\UISkin.dll
2014-09-22 18:02 - 2010-12-10 12:42 - 00165712 _____ () C:\Program Files (x86)\Claro 3G\BIXml.dll
2014-09-22 18:02 - 2010-12-10 12:42 - 00617808 _____ () C:\Program Files (x86)\Claro 3G\UpdateAgent.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\bancoreal.com.br -> hxxp://www.bancoreal.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\bancosantander.com.br -> hxxp://www.bancosantander.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\bancosantander.com.br -> hxxps://www.bancosantander.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\realsecureweb.com.br -> hxxps://www.realsecureweb.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santander.com.br -> hxxp://www.santander.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santander.com.br -> www.santander.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santanderempresarial.com.br -> hxxp://www.santanderempresarial.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santanderempresarial.com.br -> www.santanderempresarial.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santandernet.com.br -> hxxps://www.santandernet.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santandernet.com.br -> www.santandernet.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santandernetibe.com.br -> hxxps://www.santandernetibe.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\santandernetibe.com.br -> www.santandernetibe.com.br
IE trusted site: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\secureweb.com.br -> hxxps://www.secureweb.com.br
IE trusted site: HKU\User-4\...\bancoreal.com.br -> hxxp://www.bancoreal.com.br
IE trusted site: HKU\User-4\...\bancosantander.com.br -> hxxp://www.bancosantander.com.br
IE trusted site: HKU\User-4\...\bancosantander.com.br -> hxxps://www.bancosantander.com.br
IE trusted site: HKU\User-4\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\User-4\...\realsecureweb.com.br -> hxxps://www.realsecureweb.com.br
IE trusted site: HKU\User-4\...\santander.com.br -> hxxp://www.santander.com.br
IE trusted site: HKU\User-4\...\santanderempresarial.com.br -> hxxp://www.santanderempresarial.com.br
IE trusted site: HKU\User-4\...\santandernet.com.br -> hxxps://www.santandernet.com.br
IE trusted site: HKU\User-4\...\santandernetibe.com.br -> hxxps://www.santandernetibe.com.br
IE trusted site: HKU\User-4\...\secureweb.com.br -> hxxps://www.secureweb.com.br
IE trusted site: HKU\User-5\...\bancoreal.com.br -> hxxp://www.bancoreal.com.br
IE trusted site: HKU\User-5\...\bancosantander.com.br -> hxxp://www.bancosantander.com.br
IE trusted site: HKU\User-5\...\bancosantander.com.br -> hxxps://www.bancosantander.com.br
IE trusted site: HKU\User-5\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\User-5\...\realsecureweb.com.br -> hxxps://www.realsecureweb.com.br
IE trusted site: HKU\User-5\...\santander.com.br -> hxxp://www.santander.com.br
IE trusted site: HKU\User-5\...\santanderempresarial.com.br -> hxxp://www.santanderempresarial.com.br
IE trusted site: HKU\User-5\...\santandernet.com.br -> hxxps://www.santandernet.com.br
IE trusted site: HKU\User-5\...\santandernetibe.com.br -> hxxps://www.santandernetibe.com.br
IE trusted site: HKU\User-5\...\secureweb.com.br -> hxxps://www.secureweb.com.br
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2016-09-01 12:27 - 00002022 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Existem ainda 4 mais linhas.
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\User-4\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\User-5\Control Panel\Desktop\\Wallpaper -> C:\Users\Ana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\User-6\Control Panel\Desktop\\Wallpaper ->
HKU\User-7\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 200.169.117.221 - 200.169.117.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\startupfolder: C:^Users^Ivan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\StartupApproved\StartupFolder: => "PalTalk.lnk"
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C76D497934B1A0EE0E3BF23C3F10F9A7"
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\StartupApproved\Run: => "MySQL Notifier"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{740EBEE1-94E3-4F8D-9187-F46539E1CC6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E1F7BD42-7CC4-4105-B951-05B99FCE2344}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{644CEC67-4834-4D09-90BB-8068B196FECB}] => (Block) C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [{35EC8EDD-A749-452A-B40A-A4E851C10864}] => (Block) C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [UDP Query User{50950C22-6928-4AFD-A394-8B6DFE72B063}C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [TCP Query User{F0BFEFE3-C68E-4D5C-84DF-FF93D13532AB}C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse-sdk-4-2-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [{18A3FC7C-F42F-4A47-85A0-F0D166CF5D19}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{92E62D73-F3F4-4F82-B296-6C926A63A5DC}] => (Allow) LPort=3306
FirewallRules: [UDP Query User{341B29CB-F830-44EC-8CAF-45FF1D7B5772}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3F0170D4-B642-46D1-B9CB-3D628078FD8F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B423ECA4-6D65-4348-94BF-CF10F3B55632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7736D09C-21AD-4AB4-85CB-2DB6D0888294}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{34F04954-3F08-432C-8C55-AF5A50CEB8AD}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [TCP Query User{AF813AFC-52FD-41B6-AD46-2AE7558693F3}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{7371C823-E1AF-4E41-B76E-EEEE81AD1BF7}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{36F3AB7D-C0FF-42BA-A699-3F92BD859365}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [UDP Query User{940752C4-EA29-403C-ACBF-C6C5563F9B67}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [TCP Query User{3EA8CBCB-96E6-40D3-92A6-43D116758E13}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{B263243F-8ED1-4188-8A1B-5434E6C6ACDA}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{6F27820B-54DF-4641-9F30-902AAD0BE97C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{A0ED3BA6-9F8A-453F-BBB3-B7C599C3FE62}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [TCP Query User{1B7ED2FD-D801-4AE8-85D9-D68BBE043EE7}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{DD22D721-A34D-476A-8F69-D094C08FADBC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7F7C1768-CBF4-4D67-B32A-5132C73B9415}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{24BC3941-B637-4F21-B9FF-43DC1F16B01D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{3D3D20BB-CD69-4C88-9F87-CEEE610EE2F8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{E95EE1D5-EA99-47AB-B04C-6CB8A7AD4FE5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ED3BD995-8A85-4DD6-A0C7-37B01B3A0962}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
25-08-2016 00:17:18 Windows Update
25-08-2016 00:18:38 Windows Update
04-09-2016 19:07:08 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (09/06/2016 11:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 11:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 10:41:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 10:39:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 10:39:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 10:38:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa UIMain.exe versão 1.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 1fc4
Hora de Início: 01d20881f672afaa
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files (x86)\Claro 3G\UIMain.exe
ID do Relatório: b5a83bc6-749b-11e6-ae65-00158307c667
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (09/06/2016 10:36:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 10:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 09:36:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/06/2016 09:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IVAN-PC)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Erros de Sistema:
=============
Error: (09/06/2016 12:18:41 PM) (Source: DCOM) (EventID: 10010) (User: IVAN-PC)
Description: O servidor App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca não se registrou no DCOM dentro do tempo limite necessário.
Error: (09/05/2016 11:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_51019bc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/05/2016 11:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_51019bc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/05/2016 11:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_51019bc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/05/2016 11:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_51019bc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/04/2016 11:02:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_4954678 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/04/2016 11:02:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_4954678 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/04/2016 11:02:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_4954678 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/04/2016 11:02:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_4954678 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (09/04/2016 01:41:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_30da4d7 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-09-04 19:19:52.764
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-25 23:40:00.272
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-25 12:16:33.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 22:06:10.552
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-16 20:38:48.915
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-16 20:16:14.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-28 11:47:28.058
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-27 22:50:20.198
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-27 21:47:58.523
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-19 22:26:33.168
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
Percentagem de memória em uso: 54%
RAM física total: 4086.18 MB
RAM física disponível: 1863.62 MB
Virtual Total: 8182.18 MB
Virtual disponível: 5372.98 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.22 GB) (Free:328.72 GB) NTFS
Drive g: (ZTEMODEM) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CB93B4AD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== Fim de Addition.txt ============================