Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 23-02-2017 Executado por Joaozinho Aneth (22-02-2017 22:44:39) Executando a partir de C:\Users\Joaozinho Aneth\Downloads Microsoft Windows 7 Starter (X86) (2011-10-16 19:14:01) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-564728665-1158893581-1868220276-500 - Administrator - Disabled) Convidado (S-1-5-21-564728665-1158893581-1868220276-501 - Limited - Disabled) Joaozinho Aneth (S-1-5-21-564728665-1158893581-1868220276-1000 - Administrator - Enabled) => C:\Users\Joaozinho Aneth ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM\...\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}) (Version: 11.5.8.612 - Adobe Systems, Inc) Alcor Micro USB Card Reader (HKLM\...\InstallShield_{1588DD21-B959-4674-9CF0-4D13B7D75020}) (Version: 1.9.17.35420 - Alcor Micro Corp.) Alcor Micro USB Card Reader (Version: 1.9.17.35420 - Alcor Micro Corp.) Hidden Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft) Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft) Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft) Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft) Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation) Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden D-Link Connection Manager v2.0.4CL (HKLM\...\Broad Mobi HSPA Modem Normal Version_is1) (Version: - ) Energy Star Digital Logo (HKLM\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) ESU for Microsoft Windows 7 (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (Version: 1.3.23.0 - PriceMeter) Hidden <==== ATENÇÃO Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Power Manager (HKLM\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company) HP Quick Launch (HKLM\...\{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}) (Version: 2.5.2 - Hewlett-Packard Company) HP QuickSync (HKLM\...\{40C19172-F700-4056-8683-2C64BE3202C8}) (Version: 6.2.684.10454 - Hewlett-Packard Company) HP QuickWeb Installer (HKLM\...\{394FA67A-FF0A-4356-BB77-D85E5A300BDE}) (Version: 1.4.6.0 - DeviceVM Inc.) HP Setup (HKLM\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company) HP Setup Manager (HKLM\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company) HP Software Framework (HKLM\...\{C7D8A2B0-6853-49F1-8E63-6B28FB5958CD}) (Version: 4.0.66.1 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM\...\{4E50F2E2-5C9E-4C02-B8A9-259BC8A7B6A5}) (Version: 12.5.32.203 - HP) HP Wireless Assistant (HKLM\...\{0E031407-ABA9-42EA-89E4-3A4B8134A25A}) (Version: 4.0.10.0 - Hewlett-Packard) IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6292.0 - IDT) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation) Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mozilla Firefox 47.0.2 (x86 pt-BR) (HKLM\...\Mozilla Firefox 47.0.2 (x86 pt-BR)) (Version: 47.0.2 - Mozilla) Opera 10.63 (HKLM\...\{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}) (Version: 10.63 - Opera Software ASA) Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation) RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Recovery Manager (Version: 5.5.3223 - CyberLink Corp.) Hidden SiteFinder (HKLM\...\SiteFinder) (Version: 1.0.0.0 - SiteFinder) <==== ATENÇÃO StarterBackgroundChanger (HKLM\...\StarterBackgroundChanger) (Version: 0.8.0.0 - Renaud Gerson) StarterBackgroundChanger 2, 0, 0, 35 (HKLM\...\StarterBackgroundChanger 2, 0, 0, 35) (Version: 2, 0, 0, 35 - StringFileInfo) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for PriceMeter (HKU\S-1-5-21-564728665-1158893581-1868220276-1000\...\PriceMeterUpdater) (Version: - Update for PriceMeter) <==== ATENÇÃO USB Disk Security Packages (HKU\S-1-5-21-564728665-1158893581-1868220276-1000\...\USB Disk Security Packages) (Version: - ) <==== ATENÇÃO VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) Warsaw 1.12.3.5 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.3.5 - GAS Tecnologia) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {18A34ADC-346E-4829-A5C6-ADBDEF987247} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-02-15] (Google Inc.) Task: {2FBEF8CF-893F-4A08-AFF3-42BA9989A79F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-02-15] (Google Inc.) Task: {6FFCED47-A4F8-4B38-9BDF-037C111EAA89} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {86D4E23B-2D14-46A4-B978-647DFEFA0B49} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.) Task: {86E39EE7-29CF-4CAC-A549-726B87140F2C} - System32\Tasks\Search Provided by Bing macim => Wscript.exe "C:\ProgramData\{F5C930AA-7F8B-BA6C-F94D-242E630FAFE0}\casa.txt" "687474703a2f2f79786870612e636f6d" "433a5c50726f6772616d446174615c7b46354339333041412d374638422d424136432d463934442d3234324536333046414645307d5c6c6564696e6f" "433a5c50726f6772616d446174615c7b46354339333041412d374638422d424136432d463934 (a entrada de dados tem 78 mais caracteres). (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\PriceMeterUpdater.job => C:\Users\JOAOZI~1\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: C:\Windows\Tasks\Yahoo! Powered macim.job => Wscript.exe C:\ProgramData\{C2CD07AE-488F-8D68-CE49-132A540B98E4}\casa.txt <==== ATENÇÃO ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Joaozinho Aneth\AppData\Local\Google\Chrome\User Data\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Joaozinho Aneth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Pessoa 1 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Módulos Carregados (Whitelisted) ============== 2016-09-19 22:43 - 2017-02-22 22:14 - 01695696 _____ () C:\Windows\vonetframeHelp.dll 2013-05-08 10:51 - 2013-05-08 10:51 - 00019056 _____ () C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll 2010-07-29 18:46 - 2010-07-29 18:46 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll 2010-07-21 13:33 - 2010-07-21 13:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll 2014-08-03 13:43 - 2014-08-03 13:43 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bc86836625a08b5af8192179aa3709dd\IsdiInterop.ni.dll 2011-09-06 22:19 - 2010-06-08 10:44 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2016-09-17 11:41 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\Joaozinho Aneth\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll 2016-09-17 11:41 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\Joaozinho Aneth\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8] AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\Windows\System32:F6332E77_Cef.gbp [2] AlternateDataStreams: C:\Windows\System32:F6332E77_Uni.gbp [2] AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [314] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [0] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-564728665-1158893581-1868220276-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-564728665-1158893581-1868220276-1000\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-564728665-1158893581-1868220276-1000\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-564728665-1158893581-1868220276-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:04 - 2015-12-03 23:18 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-564728665-1158893581-1868220276-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Joaozinho Aneth\AppData\Roaming\RGE\StarterBackgroundChanger\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AmIcoSinglun => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe MSCONFIG\startupreg: Chromium => c:\users\joaozinho aneth\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session MSCONFIG\startupreg: Diebold - Warsaw => C:\Program Files\Diebold\Warsaw\core.exe MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: HP Quick Launch => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Syncables => C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{FF764D19-D2E0-411B-B406-F46D02C0AC63}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{7FC0F097-04DD-4FE8-87CC-C374E7C4D509}] => (Allow) LPort=2869 FirewallRules: [{D75D7BAE-7575-4E9B-AB79-788B6D44EE61}] => (Allow) LPort=1900 FirewallRules: [{698349D1-E6E7-4B70-8BD7-DFF21A3CFACB}] => (Allow) LPort=5353 FirewallRules: [{71474E31-9CFA-4D5C-BFD1-D217130C63D5}] => (Allow) LPort=8182 FirewallRules: [TCP Query User{86996C8D-D841-441D-BFB3-E63412173FF1}C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe] => (Block) C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe FirewallRules: [UDP Query User{8C9D8B9E-B235-4855-A263-B2AFD99117D8}C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe] => (Block) C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe FirewallRules: [{BBB47B6B-0FC2-407A-A8B0-99A78EADF35E}] => (Allow) C:\Windows\System32\msiexec.exe FirewallRules: [{B0D6D82B-E1BF-42D6-9DB3-21BB66F5D1F2}] => (Allow) C:\Windows\System32\msiexec.exe FirewallRules: [{F1275C7A-43E5-4DE9-BCDA-D20A480F8B40}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{4DE0AE3C-FD99-4C3A-B7E0-19212051602D}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{0E421DC2-7708-4705-BD21-4AAAC8A54F08}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{324F8880-6D63-4FAD-AF0D-103754F5B274}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{CF380BA3-E6F5-4E29-B6D8-27BC5018B54A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{977E6606-BA02-4B0A-BF26-F5BE1542ECD0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{83EFEC29-30BB-4B08-9599-FD6A8A5EAC6A}] => (Allow) C:\Program Files\Opera\opera.exe FirewallRules: [{EEF27FB5-CE80-4940-BB72-B9563A13103D}] => (Allow) C:\Program Files\Opera\opera.exe FirewallRules: [{89712110-8141-425F-9676-27E54E25C3DC}] => (Allow) C:\Users\Joaozinho Aneth\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{B1F38DAC-869C-4935-AD54-2A0463E8962E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= 19-02-2017 23:57:34 Windows 7 Service Pack 1 20-02-2017 01:00:23 Windows Update 22-02-2017 22:20:36 Removed Visual Studio 2012 x86 Redistributables ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Dispositivo Periférico Bluetooth Description: Dispositivo Periférico Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Warsaw - Driver (PP) Description: Warsaw - Driver (PP) Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wsddpp Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Bnbase Description: Bnbase Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Bnbase Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Baidu NetDefense Description: Baidu NetDefense Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Bndef Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Dispositivo Bluetooth (Rede Pessoal) Description: Dispositivo Bluetooth (Rede Pessoal) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Baidu Protect Description: Baidu Protect Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Bprotect Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Realtek PCIe FE Family Controller Description: Realtek PCIe FE Family Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: RTL8167 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (02/22/2017 09:25:57 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "C:\Windows\Temp\AvgSetup\244924ad-2f64-47cf-b86d-64e41958717e\install\fmw\avgrdsttestx.exe". Assembly dependente AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (02/15/2017 07:06:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: plugin-container.exe, versão: 47.0.2.6148, carimbo de hora: 0x5817d1a1 Nome do módulo de falhas: mozglue.dll, versão: 47.0.2.6148, carimbo de hora: 0x5817c26a Código de exceção: 0x80000003 Deslocamento com falha: 0x0000f03d Identificação do processo com falha: 0x3a8 Hora de início do aplicativo com falha: 0x01d287d758e01ef5 Caminho do aplicativo com falha: C:\Program Files\Mozilla Firefox\plugin-container.exe FCaminho do módulo de falhas: C:\Program Files\Mozilla Firefox\mozglue.dll Identificação do Relatório: ef30536b-f3ca-11e6-9bb3-a408b675b491 Error: (02/15/2017 07:06:01 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa firefox.exe versão 47.0.2.6148 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 14a4 Hora de Início: 01d287a57f95d127 Hora de Término: 110 Caminho do Aplicativo: C:\Program Files\Mozilla Firefox\firefox.exe Id do Relatório: e2968f45-f3ca-11e6-9bb3-a408b675b491 Error: (02/15/2017 01:06:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: PPSSPPWindows.exe, versão: 1.3.0.0, carimbo de hora: 0x57dd46bf Nome do módulo de falhas: PPSSPPWindows.exe, versão: 1.3.0.0, carimbo de hora: 0x57dd46bf Código de exceção: 0xc0000005 Deslocamento com falha: 0x000865a8 Identificação do processo com falha: 0x184 Hora de início do aplicativo com falha: 0x01d287a54fb294a6 Caminho do aplicativo com falha: C:\Users\Joaozinho Aneth\Downloads\PSP3\ppsspp\PPSSPPWindows.exe FCaminho do módulo de falhas: C:\Users\Joaozinho Aneth\Downloads\PSP3\ppsspp\PPSSPPWindows.exe Identificação do Relatório: b3dcab5c-f398-11e6-9bb3-a408b675b491 Error: (02/14/2017 09:16:30 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa Megacubo_7.2.0.tmp versão 51.49.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 4fc Hora de Início: 01d2871ca560e423 Hora de Término: 37 Caminho do Aplicativo: C:\Users\JOAOZI~1\AppData\Local\Temp\is-VO825.tmp\Megacubo_7.2.0.tmp Id do Relatório: Error: (02/14/2017 08:37:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: megacubo.exe, versão: 1.8.4.0, carimbo de hora: 0x489b06aa Nome do módulo de falhas: megacubo.exe, versão: 1.8.4.0, carimbo de hora: 0x489b06aa Código de exceção: 0xc0000005 Deslocamento com falha: 0x0002e14d Identificação do processo com falha: 0xd50 Hora de início do aplicativo com falha: 0x01d2871b3cf0b171 Caminho do aplicativo com falha: C:\Program Files\Megacubo\megacubo.exe FCaminho do módulo de falhas: C:\Program Files\Megacubo\megacubo.exe Identificação do Relatório: 9405856c-f30e-11e6-beb3-deac8f1c7d95 Error: (02/14/2017 08:37:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: megacubo.exe, versão: 1.8.4.0, carimbo de hora: 0x489b06aa Nome do módulo de falhas: megacubo.exe, versão: 1.8.4.0, carimbo de hora: 0x489b06aa Código de exceção: 0xc0000005 Deslocamento com falha: 0x0002e14d Identificação do processo com falha: 0xefc Hora de início do aplicativo com falha: 0x01d2871b41607030 Caminho do aplicativo com falha: C:\Program Files\Megacubo\megacubo.exe FCaminho do módulo de falhas: C:\Program Files\Megacubo\megacubo.exe Identificação do Relatório: 86edf3ea-f30e-11e6-beb3-deac8f1c7d95 Error: (02/14/2017 08:27:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: megacubo.exe, versão: 1.8.4.0, carimbo de hora: 0x489b06aa Nome do módulo de falhas: megacubo.exe, versão: 1.8.4.0, carimbo de hora: 0x489b06aa Código de exceção: 0xc0000005 Deslocamento com falha: 0x0002e14d Identificação do processo com falha: 0x106c Hora de início do aplicativo com falha: 0x01d28719dce2c0fa Caminho do aplicativo com falha: C:\Program Files\Megacubo\megacubo.exe FCaminho do módulo de falhas: C:\Program Files\Megacubo\megacubo.exe Identificação do Relatório: 2b769317-f30d-11e6-9c76-f456bd7f0f94 Error: (02/14/2017 08:27:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: megacubo.exe, versão: 1.8.4.0, carimbo de hora: 0x489b06aa Nome do módulo de falhas: megacubo.exe, versão: 1.8.4.0, carimbo de hora: 0x489b06aa Código de exceção: 0xc0000005 Deslocamento com falha: 0x0002e14d Identificação do processo com falha: 0x9a4 Hora de início do aplicativo com falha: 0x01d28719defd061e Caminho do aplicativo com falha: C:\Program Files\Megacubo\megacubo.exe FCaminho do módulo de falhas: C:\Program Files\Megacubo\megacubo.exe Identificação do Relatório: 20c5249c-f30d-11e6-9c76-f456bd7f0f94 Error: (02/13/2017 02:43:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmplayer.exe, versão: 12.0.7600.16667, carimbo de hora: 0x4c7dc5a1 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7600.16915, carimbo de hora: 0x4ec49caf Código de exceção: 0xc0000005 Deslocamento com falha: 0x0002f963 Identificação do processo com falha: 0x1254 Hora de início do aplicativo com falha: 0x01d286208b5ea1d9 Caminho do aplicativo com falha: C:\Program Files\Windows Media Player\wmplayer.exe FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll Identificação do Relatório: ea815771-f213-11e6-9176-bc1075039b84 Erros de Sistema: ============= Error: (02/22/2017 10:16:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (02/22/2017 10:14:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: Bnbase Bndef Bprotect cdrom gbpddreg wsddfac Error: (02/22/2017 10:01:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (02/22/2017 09:58:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: Bnbase Bndef Bprotect cdrom gbpddreg wsddfac Error: (02/22/2017 08:51:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (02/22/2017 08:49:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: Bnbase Bndef Bprotect cdrom gbpddreg wsddfac Error: (02/21/2017 09:43:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (02/21/2017 09:41:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: Bnbase Bndef Bprotect cdrom gbpddreg wsddfac Error: (02/20/2017 09:44:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (02/20/2017 09:42:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070490: Windows 7 Service Pack 1 (KB976932). CodeIntegrity: =================================== Date: 2014-12-12 16:18:02.608 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-12 16:18:02.037 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-12 15:11:30.609 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-12 15:11:29.618 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-12 14:23:52.654 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-12 14:23:51.058 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-12 13:16:53.854 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-12 13:16:47.313 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-12 11:04:10.605 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-12 11:04:08.124 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Atom(TM) CPU N455 @ 1.66GHz Percentagem de memória em uso: 65% RAM física total: 2035.87 MB RAM física disponível: 696.08 MB Virtual Total: 4071.73 MB Virtual disponível: 2718.91 MB ==================== Drives ================================ Drive c: (HPmini) (Fixed) (Total:216.1 GB) (Free:104.76 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive d: (RECOVERY) (Fixed) (Total:16.49 GB) (Free:2.38 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.1 GB) FAT32 Drive g: () (Removable) (Total:3.69 GB) (Free:3.69 GB) FAT32 ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 2B44701F) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=216.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=16.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ======================================================== Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fim de Addition.txt ============================