Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01 Executado por Stephan (2016-03-22 16:20:30) Executando a partir de C:\Users\Stephan\Downloads Windows 10 Home Single Language Versão 1511 (X64) (2015-12-16 13:20:34) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-3784612424-1927122839-2387606973-500 - Administrator - Disabled) => C:\Users\Administrator Convidado (S-1-5-21-3784612424-1927122839-2387606973-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3784612424-1927122839-2387606973-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3784612424-1927122839-2387606973-1003 - Limited - Enabled) Stephan (S-1-5-21-3784612424-1927122839-2387606973-1001 - Administrator - Enabled) => C:\Users\Stephan ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (32 Bit) (HKLM-x32\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.2.2 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.) Andy OS (HKLM-x32\...\Andy OS) (Version: 0.43 - Andy OS, Inc) aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden CodeBlocks (HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.5901 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2608 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5108 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Disketch Disc Label Software (HKLM-x32\...\Disketch) (Version: 3.39 - NCH Software) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.89 - NCH Software) Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 1.97 - NCH Software) Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden GlassFish Server Open Source Edition 4.1 (HKLM\...\nbi-glassfish-mod-4.1.0.13.0) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP Deskjet 1000 J110 series Ajuda (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard) HP Deskjet 1000 J110 series Estudo de aprimoramento de produtos (HKLM\...\{7B98C121-8254-4393-8833-D79E572DE715}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 1000 J110 series Software básico do dispositivo (HKLM\...\{E3B463AE-4069-4736-B803-1C416E6E88D8}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Documentation (HKLM-x32\...\{8C1ADF61-4F87-44BC-804C-C20FC70D98BB}) (Version: 1.4.0.0 - Hewlett-Packard) HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Quick Start (HKLM-x32\...\{EF0B5432-4DEC-4B91-BC73-4767E290C84E}) (Version: 1.0.4660.30220 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{57A79409-9C79-4080-9FFA-09D4DAECC26B}) (Version: 12.0.30.473 - HP) HP System Event Utility (HKLM-x32\...\{B2F0406F-1609-489A-8626-7DB46776AB57}) (Version: 1.0.5 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation) Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation) KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - ) Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - ) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 44.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 pt-BR)) (Version: 44.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla) MPC-HC 1.7.8 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team) NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version: 2.99 - NCH Software) Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29053 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Spotify (HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sweet Home 3D version 5.0 (HKLM\...\Sweet Home 3D_is1) (Version: 5.0 - eTeks) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) The Sims 4 Deluxe Edition version 1.0.732.20 Update 5 (HKLM-x32\...\The Sims 4 Deluxe Edition_is1) (Version: 1.0.732.20 Update 5 - GMT-MAX.ORG) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUSR_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114831) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{319F14FC-24A0-4A07-B84C-C7450AF9422F}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114831) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUSR_{319F14FC-24A0-4A07-B84C-C7450AF9422F}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114831) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{319F14FC-24A0-4A07-B84C-C7450AF9422F}) (Version: - Microsoft) VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.33 - NCH Software) Warsaw 1.10.0.8776 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.10.0.8776 - GAS Tecnologia) WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.38 - NCH Software) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-3784612424-1927122839-2387606973-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Stephan\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-3784612424-1927122839-2387606973-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Stephan\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-3784612424-1927122839-2387606973-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Stephan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3784612424-1927122839-2387606973-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {06E674CD-113F-434D-8860-4C8CDCF9960F} - System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.) Task: {1A30C7E6-51F2-4CED-94EE-9E8A90DA0F8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {1AAB63E0-0DEC-4FDC-90C3-2CF2D6EF2D46} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {1E35D407-1CBA-4E8C-9782-7219213CC112} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-02-18] () Task: {1F5EA7D8-1B92-4E93-BA65-D37B6A1CCFE4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company) Task: {22561241-4F02-4DAB-A1A3-948DE7BC0639} - \AutoPico Daily Restart -> Nenhum Arquivo <==== ATENÇÃO Task: {31E14FDD-037E-498A-A227-BE4DF66F0667} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation) Task: {3878D551-4789-48D1-986B-8378E82C61AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard) Task: {3DFDE9CD-38F7-4964-A55C-1C7A0A2FB7FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {4A6D7DFA-EF90-4FDA-A4D3-AE6DB6B2A2DD} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe [2016-03-15] () Task: {4E73AD7F-B85D-4F49-A23D-E30BCBFE9C95} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe Task: {5076622A-B12B-45B9-900F-455FEC41278B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink) Task: {55473471-8F92-4EC2-ADD9-AF333AD64B59} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {65AB267F-ED57-4684-B427-58CF017194C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {7BA0B758-9D9D-4620-8DC7-B7BF0A312DB1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO Task: {7BE56AD8-845B-474A-8AB4-3BA71A12AFD6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-24] (Realtek Semiconductor) Task: {81FEB5D4-06F4-4A10-8B48-CC72261DC9A0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO Task: {87B40F53-EBBF-4D5B-9EB8-97987FC757CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-12] (Google Inc.) Task: {8B9534AA-5B7E-48D1-986B-58411E7099B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {9585B1B0-F5E3-4CF5-9C7C-30FB400A9BAA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {A25F06D9-3569-4C9A-9843-43227CEC2641} - System32\Tasks\AdobeAAMUpdater-1.0-Stephan_not-Stephan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-25] (Adobe Systems Incorporated) Task: {B0EBCC24-C4B0-4543-B3CA-C029961B6345} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-02-09] () Task: {CC4F518C-0D52-43C8-A9F1-4772BE1F75CD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {D1FEB297-6384-4AC1-A8C5-DDA0E9EA4CAB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {D236C01A-E1BF-4BA6-A102-5C25BED1E061} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-12] (Google Inc.) Task: {D3BB13CF-4DD8-4DC4-B3C5-02CA2A03F439} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe Task: {D90F790C-BA09-48C2-A731-15B5CBA6D349} - System32\Tasks\{41CE1505-D5D4-44C0-BCF8-41970A78270D} => pcalua.exe -a C:\Users\Stephan\AppData\Roaming\istartpageing\UninstallManager.exe -c -ptid=cmi Task: {D9CE3746-14D7-40C3-81D5-92ADC359D780} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {DAC24381-79C5-46E9-B7A6-5561EDAE1D3D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO Task: {DB397B39-3559-4DAF-B1CD-59C8A812EAC1} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.) Task: {DF2B320C-93B9-46F4-9584-DC63228E258D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO Task: {E8269F00-6E9A-4BE0-9F24-73F06E4E0B55} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {F93304F8-0FAE-4DA7-99EA-F36B97779448} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {FCFB32F0-2382-44E3-825A-D8D5B7050E19} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-03-22 15:03 - 2016-03-22 15:03 - 00153112 _____ () C:\Program Files (x86)\SFK\SSFK.exe 2016-03-02 10:41 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-02 10:41 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-02-11 15:13 - 2015-02-11 15:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2015-12-17 18:38 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-03-02 10:40 - 2016-02-23 05:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-03-22 15:01 - 2016-02-09 12:30 - 02036224 _____ () C:\ProgramData\WindowsMsg\osmsg.exe 2016-01-22 21:13 - 2016-01-22 21:14 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-01-13 20:41 - 2016-01-04 22:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 20:41 - 2016-01-04 22:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-27 19:47 - 2016-01-16 02:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-27 19:47 - 2016-01-16 02:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2013-11-15 11:52 - 2012-06-26 06:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-11-15 12:09 - 2012-06-08 00:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2016-03-14 23:27 - 2016-03-07 23:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll 2016-03-14 23:26 - 2016-03-07 23:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll 2016-01-22 21:13 - 2016-01-22 21:14 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 21:13 - 2016-01-22 21:14 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-03-09 23:31 - 2016-03-08 12:16 - 17541312 _____ () C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1254] AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\bb.com.br -> hxxps://seg.bb.com.br ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2016-03-22 14:51 - 00001006 ____N C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 82.163.143.177 - 82.163.142.179 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) HKLM\...\StartupApproved\Run: => "Diebold - Warsaw" HKLM\...\StartupApproved\Run: => "IDSCPRODUCT" HKLM\...\StartupApproved\Run: => "Sound+" HKLM\...\StartupApproved\Run32: => "AVG_UI" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "mbot_en_037050275" HKLM\...\StartupApproved\Run32: => "sun21" HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\StartupApproved\Run: => "ares" HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\StartupApproved\Run: => "osmsg" HKU\S-1-5-21-3784612424-1927122839-2387606973-1001\...\StartupApproved\Run: => "Steam" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{4A29FDBD-F1E0-419F-AD95-CD7F29653D1F}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{9DDF688D-94FF-4663-95FB-99EE476A8D4C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{86EDF96C-E78D-4087-B7F2-3A415486DF2D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E802B409-FBE3-40F6-9130-18FE71F9B83C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D01170FB-16CA-4491-86BA-EBE706C02771}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{81F17772-758F-4E51-ACC6-C2EC33039755}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{D6E02304-F234-4777-8ECF-4FB8C93F95DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [UDP Query User{32D050BC-9DEF-451E-A524-746499AF5CD0}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe FirewallRules: [TCP Query User{A67F2D0C-6EE1-4F47-9803-0AE372826C2E}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe FirewallRules: [{51D01F8E-2C6A-486B-B7D9-7D5CC94A9DFD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{08687B29-5A4C-4D0E-95FE-856C653434BD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{CA335EFD-2136-4B89-9945-32A4DF976E35}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1A51091B-2B65-4173-86D8-A7A0DE04E771}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{30B87A40-7E69-4A23-87F4-1A9A7F0ECA0E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{21E1F096-C4BE-4094-92F3-0C1BC09AD7E8}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [UDP Query User{BB5FB251-B8F1-48B7-8B89-AA4ECDEEA3F6}C:\users\stephan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stephan\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{8CAFA92F-BFF1-420A-9705-01B45C58F467}C:\users\stephan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stephan\appdata\roaming\spotify\spotify.exe FirewallRules: [{7026FACD-9BFD-427A-93F1-73F907863425}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EA3F8CD3-7DAE-433C-B5F3-AE654C2AC921}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A23479B8-7666-4943-8BA1-AB832AC11D51}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{70C9CD81-A513-4827-B955-007E6840CC94}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{5F46B6B7-79D6-4E35-A93C-B8659E351E75}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{92D81285-2F80-46A9-90EC-030B3F933413}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{6BD68D14-D557-4B0D-9A10-6BBD0CA05DF9}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{8E43D058-17A7-4EFF-A1CF-AC33CB655AF9}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [UDP Query User{8AB61883-5705-4DB3-8D28-B32BC93796E7}C:\users\stephan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stephan\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{E93AEF07-655C-4126-A795-AE0FE475922F}C:\users\stephan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stephan\appdata\roaming\spotify\spotify.exe FirewallRules: [{90681979-1BC7-414D-BE5D-2C95E2AEA014}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{5812BB05-AA08-4254-AA7D-BBB0C8D3F2BE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{B497364F-D6BC-4A0E-BEDA-4CA15A8AC56A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{BC294A6E-250C-47DA-B9AC-E7E5EE9FB24D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{4DBDF39A-DC67-4C89-B984-5590DB2F2718}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe FirewallRules: [{99B6407B-369F-49C5-AD90-1AC6CD6D1ACB}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{1ACD0CAC-40B1-441B-B863-38E851D158E6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{1842F267-CDA0-4AB6-B161-5F5A79A16A7C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{375B3A89-C67E-49CC-ACE2-0CC4C4593E61}] => (Allow) C:\Users\Stephan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{087CE93E-5047-4FF0-9D13-7728A99D86F4}] => (Allow) C:\Users\Stephan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{AC81E69A-44BB-4D8C-97E2-32485B9E2CC0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{EC22E947-9E05-4366-8F57-4A3770FCD746}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe FirewallRules: [{95790515-3653-433D-AD9D-86488E680385}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe FirewallRules: [{FCB9B122-5A3C-4826-AF32-DF6A24C8B6F2}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{0A3B2A06-70D6-46C6-A84C-141D3F3208AF}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{9602FD83-EA9D-478B-AD28-D260A1BE5436}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{2955BC29-EB0A-4064-BA09-903BC3007F1F}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{09F8004C-31C8-4A4F-8CEF-8134274AB770}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{9A31202B-4052-4BE1-A3E0-F67DDF202444}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{321B9E0C-A4D8-4989-BB5E-9BF08E2A524F}] => (Allow) LPort=1900 FirewallRules: [{E901AF77-8D22-4AB0-BB94-3E42CE0ECCA7}] => (Allow) LPort=2869 FirewallRules: [{594AECB6-EECF-48B5-88BE-59BFA347ADEE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{92DB6E35-15C7-4684-9FC6-FB55D2BDF92A}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [TCP Query User{2B98260A-4EB1-4836-A546-3A8C0B1A4CDE}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe FirewallRules: [UDP Query User{E4D078D1-67DE-416D-A8AF-D4E984F046BA}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe FirewallRules: [{C946A025-41F8-47F8-8628-AFCDB566D822}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe FirewallRules: [{8B13F016-CC06-47A4-946A-C7954A34EA82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{63D5226E-8D20-44DC-85C0-AC83E6ED1F91}] => (Allow) LPort=1688 FirewallRules: [{35185EAA-83B9-4F3D-8787-05768193C0D9}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{F376FEA0-C09E-464D-83A2-BB3D2B94C174}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{829CCF00-7122-49CD-A409-8075B2A1D218}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{3DF2DAF7-4589-4914-BB35-5C0C0D991FF8}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{1E189A9A-CF12-40E4-82CC-280D248BEB32}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{C1AF224D-0751-4ED0-A0BD-08A9EC705CF4}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{746AAC1F-ED0C-46B1-9D4E-9F5069641106}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{0DEBC992-1120-436E-9710-4CEA5FB6ED5C}] => (Allow) C:\Program Files\NewExt\jsinjector.exe ==================== Pontos de Restauração ========================= 02-03-2016 12:53:08 Windows Update 09-03-2016 01:58:33 Windows Update 14-03-2016 00:12:26 Windows Update 21-03-2016 11:28:53 Ponto de Verificação Agendado ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/22/2016 03:12:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de data/hora: 0x55c117d5 Nome do módulo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de data/hora: 0x55c117d5 Código de exceção: 0x40000015 Deslocamento da falha: 0x00052d24 ID do processo com falha: 0x1160 Hora de início do aplicativo com falha: 0xjucheck.exe0 Caminho do aplicativo com falha: jucheck.exe1 Caminho do módulo com falha: jucheck.exe2 ID do Relatório: jucheck.exe3 Nome completo do pacote com falha: jucheck.exe4 ID do aplicativo relativo ao pacote com falha: jucheck.exe5 Error: (03/22/2016 03:07:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.10586.63, carimbo de data/hora: 0x568b1fdc Nome do módulo com falha: Windows.Globalization.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d886 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000006b7c5 ID do processo com falha: 0x16a4 Hora de início do aplicativo com falha: 0xSearchUI.exe0 Caminho do aplicativo com falha: SearchUI.exe1 Caminho do módulo com falha: SearchUI.exe2 ID do Relatório: SearchUI.exe3 Nome completo do pacote com falha: SearchUI.exe4 ID do aplicativo relativo ao pacote com falha: SearchUI.exe5 Error: (03/22/2016 02:57:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0x00000000 Deslocamento da falha: 0x00007ffd6de50668 ID do processo com falha: 0xa04 Hora de início do aplicativo com falha: 0xService_KMS.exe0 Caminho do aplicativo com falha: Service_KMS.exe1 Caminho do módulo com falha: Service_KMS.exe2 ID do Relatório: Service_KMS.exe3 Nome completo do pacote com falha: Service_KMS.exe4 ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5 Error: (03/21/2016 11:29:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (03/19/2016 02:42:56 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (03/18/2016 11:10:20 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de data/hora: 0x55c117d5 Nome do módulo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de data/hora: 0x55c117d5 Código de exceção: 0x40000015 Deslocamento da falha: 0x00052d24 ID do processo com falha: 0xfd8 Hora de início do aplicativo com falha: 0xjucheck.exe0 Caminho do aplicativo com falha: jucheck.exe1 Caminho do módulo com falha: jucheck.exe2 ID do Relatório: jucheck.exe3 Nome completo do pacote com falha: jucheck.exe4 ID do aplicativo relativo ao pacote com falha: jucheck.exe5 Error: (03/16/2016 11:23:36 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (03/15/2016 03:44:50 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (03/14/2016 11:04:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Stephan_not) Description: Falha na ativação do aplicativo Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/14/2016 06:09:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Stephan_not) Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Erros de Sistema: ============= Error: (03/22/2016 04:12:17 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (03/22/2016 04:04:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço ggbugreport devido ao seguinte erro: %%2 Error: (03/22/2016 04:02:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço wucotusy devido ao seguinte erro: %%2 Error: (03/22/2016 04:02:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço WsAppService devido ao seguinte erro: %%2 Error: (03/22/2016 04:02:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço vinijixuzbt devido ao seguinte erro: %%2 Error: (03/22/2016 04:02:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço gerocyni devido ao seguinte erro: %%2 Error: (03/22/2016 04:01:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_699c7 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (03/22/2016 04:01:20 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (03/22/2016 03:59:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Tab Key Asterisk foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/22/2016 03:59:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Site Barcode Reader foi encerrado inesperadamente. Isso aconteceu 1 vez(es). CodeIntegrity: =================================== Date: 2016-03-22 14:50:57.570 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-15 11:17:25.633 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-13 11:54:11.471 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-11 03:50:50.775 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-10 12:45:20.692 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-09 21:21:02.434 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-05 19:15:21.758 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-04 12:25:39.155 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-02 19:38:49.708 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-01 11:03:07.099 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Percentagem de memória em uso: 54% RAM física total: 3985.27 MB RAM física disponível: 1794.48 MB Virtual Total: 6161.27 MB Virtual disponível: 4016.95 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:443.51 GB) (Free:334.96 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive d: (RECOVERY) (Fixed) (Total:20.2 GB) (Free:2.04 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 9ABCF18D) Partition: GPT. ==================== Fim de Addition.txt ============================