Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:04-05-2016 Executado por Admin (2016-05-04 14:48:01) Executando a partir de C:\Users\Admin\Downloads Microsoft Windows 7 Professional Service Pack 1 (X86) (2016-01-04 17:00:05) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Admin (S-1-5-21-3401157911-477135185-2131724802-1001 - Administrator - Enabled) => C:\Users\Admin Administrador (S-1-5-21-3401157911-477135185-2131724802-500 - Administrator - Disabled) Convidado (S-1-5-21-3401157911-477135185-2131724802-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3401157911-477135185-2131724802-1004 - Limited - Enabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 2 (SP2) (Version: - Microsoft) Hidden Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform) Corel Graphics - Windows Shell Extension (HKLM\...\_{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - BR (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (HKLM\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.1.0.572 - Corel Corporation) CorelDRAW Graphics Suite X7 (Version: 17.1 - Corel Corporation) Hidden Ext2Fsd 0.52 (HKLM\...\Ext2Fsd_is1) (Version: 0.52 - Matt Wu) Google Chrome (HKLM\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.) Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - ) HP Support Solutions Framework (HKLM\...\{F58E2607-024E-4E05-8016-6948B24D40F8}) (Version: 12.2.8.17 - Hewlett-Packard Company) LG Mobile Driver (HKLM\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.3 - LG Electronics) Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden PhotoScape (HKLM\...\PhotoScape) (Version: - ) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.) Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP) SiS VGA Utilities (HKLM\...\SiS VGA Utilities) (Version: 5.26 - Silicon Integrated Systems Corporation) USB2.0 UVC WebCam (HKLM\...\{EA901E9F-6204-4974-8530-CA87F24DA464}) (Version: 6.11.701.002 - D-MAX) Warsaw 1.11.1.24 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.1.24 - GAS Tecnologia) WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.7.3 - X Codec Pack team) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {05159BFB-F789-40A4-BE44-A2E0607BD97D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.) Task: {3A8390EC-6F4B-458D-8629-42715CF17059} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software) Task: {4B905C08-ABF4-407D-BE0D-2E8190577AAB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard) Task: {510E1EC0-46FD-4E21-9A56-E670F4EE4CD7} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {54E414B8-EB2A-4ED1-9302-22504BCCA8E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {7EFDDE0F-5ED0-4B67-858E-73811A1FF500} - System32\Tasks\HPCeeScheduleForAdmin => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {874FE2A2-3B45-40BC-84CC-A046FF336C4E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {BC619B63-AD40-4A01-895A-078829021214} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {C18BAFD4-5228-4DD4-936B-59F01FC809DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard) Task: {E6B97D60-0545-4A4E-9068-73DDBFE53518} - \Format Factory -> Nenhum Arquivo <==== ATENÇÃO Task: {ED0D6C91-7B4A-42F2-8270-D25779F6FA2D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd) Task: {F03FEF12-F9EF-44E2-BFFB-788F5547C369} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.) Task: {F467C815-DF39-4797-997C-5BA28525D312} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForAdmin.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2016-04-28 15:58 - 2010-03-31 11:50 - 00167936 _____ () C:\Windows\System32\HPM1210LM.DLL 2016-04-28 16:04 - 2010-03-31 11:50 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HPM1210PP.dll 2015-09-16 16:34 - 2015-09-16 16:34 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll 2014-06-03 23:07 - 2014-06-03 23:07 - 00555888 _____ () c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Draw\PsiClient.dll 2016-04-28 15:58 - 2010-03-31 11:50 - 00262144 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\hpm1210sd.dll 2016-04-28 15:58 - 2010-03-31 12:17 - 00794624 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\HPM1210GC.dll 2016-04-28 15:58 - 2010-03-31 11:50 - 02363392 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\hpm1210su.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8] AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [212] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-3401157911-477135185-2131724802-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-3401157911-477135185-2131724802-1001\...\caixa.gov.br -> imagem.caixa.gov.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:04 - 2016-04-26 23:06 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3401157911-477135185-2131724802-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 187.23.64.22 - 187.23.64.24 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está desabilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{B2E8F696-455A-41C9-85DA-7E645439738A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{F6497B66-B059-4B1C-BD66-D0EA68A74610}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe FirewallRules: [{A52A551A-56BD-4D6A-884A-1D0F3EDC1F14}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe FirewallRules: [{3615E267-C224-4D85-88A8-4CDAA8146F82}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{715E7AA1-BABB-4B38-909A-FCCD5909C932}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= 18-04-2016 11:17:23 Windows Update 25-04-2016 13:45:50 Ponto de Verificação Agendado 26-04-2016 16:26:19 Windows Update 04-05-2016 13:40:10 Ponto de Verificação Agendado ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (05/03/2016 01:31:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/03/2016 09:58:11 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/03/2016 09:57:57 AM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Não é possível inicializar o índice. Detalhes: O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/03/2016 09:57:57 AM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Não é possível inicializar o aplicativo. Contexto: Aplicativo Windows Detalhes: O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/03/2016 09:57:57 AM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Não é possível inicializar o objeto coletor. Contexto: Aplicativo Windows, Catálogo SystemIndex Detalhes: O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/03/2016 09:57:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Não é possível inicializar o plug-in em . Contexto: Aplicativo Windows, Catálogo SystemIndex Detalhes: Elemento não encontrado. (HRESULT : 0x80070490) (0x80070490) Error: (05/03/2016 09:57:56 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Não é possível inicializar o plug-in em . Contexto: Aplicativo Windows, Catálogo SystemIndex Detalhes: O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/03/2016 09:57:56 AM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: O Windows Search Service não pode carregar informações do repositório de propriedades. Contexto: Aplicativo Windows, Catálogo SystemIndex Detalhes: O banco de dados do índice de conteúdo está corrompido. (HRESULT : 0xc0041800) (0xc0041800) Error: (05/03/2016 09:57:56 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: O serviço Pesquisa do Windows está sendo interrompido devido a um problema no indexador:The catalog is corrupt. Detalhes: O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/03/2016 09:57:56 AM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: O serviço de pesquisa detectou arquivos de dados corrompidos no índice {id=4700}. O serviço tentará corrigir automaticamente esse problema recriando o índice. Detalhes: O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801) Erros de Sistema: ============= Error: (05/04/2016 12:59:27 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR8. Error: (05/04/2016 12:59:27 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR8. Error: (05/04/2016 12:59:26 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR8. Error: (05/04/2016 12:59:26 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR8. Error: (05/04/2016 12:59:25 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR8. Error: (05/04/2016 09:39:40 AM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR6. Error: (05/04/2016 09:39:39 AM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR6. Error: (05/04/2016 09:39:38 AM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR6. Error: (05/04/2016 09:38:26 AM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR5. Error: (05/04/2016 09:38:25 AM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR5. ==================== Informações da Memória =========================== Processador: Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz Percentagem de memória em uso: 81% RAM física total: 1789.17 MB RAM física disponível: 322.08 MB Virtual Total: 3578.34 MB Virtual disponível: 1360.35 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:86.31 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 37A2BF8C) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================