Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:07-02-2016
Executado por Victor (2016-02-11 17:32:31)
Executando a partir de C:\Users\Victor\Desktop
Microsoft Windows 8.1 Pro (X86) (2013-11-21 15:12:12)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-4261171341-52529390-1025842320-500 - Administrator - Disabled)
Convidado (S-1-5-21-4261171341-52529390-1025842320-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4261171341-52529390-1025842320-1038 - Limited - Enabled)
Victor (S-1-5-21-4261171341-52529390-1025842320-1001 - Administrator - Enabled) => C:\Users\Victor
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 9.21beta (HKLM\...\7-Zip) (Version: - )
ACBrMonitor-0.8.2b (HKLM\...\ACBrMonitor_is1) (Version: - Projeto ACBr)
ACBrNFeMonitor2-CAPICOM-0.8.12.3 (HKLM\...\ACBrNFeMonitor_is1) (Version: - Projeto ACBr)
Adobe Photoshop CS3 (HKLM\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Aplicativo Itaú (HKLM\...\{F88F4F33-A3C7-4B34-AFEA-944E29A95F62}) (Version: 1.0.58 - Banco Itaú)
Ares 2.2.2 (HKLM\...\Ares) (Version: 2.2.2-Build#3046 - Ares Development Group)
AsuOnline 1.3 (HKLM\...\{E3DACD3C-E527-4AC1-99A3-B82D8D4C24D1}_is1) (Version: - ASU - Associação dos Servidores da Unesp)
Bematech WinMFD2 2.4 (HKLM\...\Bematech WinMFD2_is1) (Version: - Bematech S.A)
BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4500 (Version: 140.0.425.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
Classic Shell (HKLM\...\{ED436519-8A0E-4CD0-987C-174D134513C2}) (Version: 4.0.2 - IvoSoft)
ClientASU 3.0 (HKLM\...\ClientASU_is1) (Version: - ConsCiência Soluções e Tecnologia)
CMS (HKLM\...\CMS) (Version: - )
Comunix - Terminal v06.08 (HKLM\...\Terminal_is1) (Version: - )
Copy (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 5.4.5.124 - Foxit Corporation)
GBBD Caixa Economica Federal (HKLM\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
GemPcCCID (HKLM\...\{8BD3AFAF-636E-4516-A7E8-D57CCDBE28B8}) (Version: 2.0.1 - Gemalto)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Guardião - Itaú 30 horas (HKLM\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.10.0.1 - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C4500 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{0EC01D72-4906-42DD-BCC0-AF89EDA7493D}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 43.0.1 (x86 pt-BR)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MySQL Administrator 1.1 (HKLM\...\{77F4E1C1-C8DF-40C9-AF2A-D3C77C3D59ED}) (Version: 1.1.3 - MySQL AB)
MySQL Query Browser 1.1 (HKLM\...\{1444B16A-766B-4AD1-8AE8-F0C04C782E2F}) (Version: 1.1.20 - MySQL AB)
MySQL Server 5.0 (HKLM\...\{46F441C8-4193-4D54-9F93-751D27EFB8F4}) (Version: 5.0.24a - MySQL AB)
Network (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Orçamento Pessoal 2013 (HKLM\...\ST6UNST #1) (Version: - )
Orgcard Terminal 2.1.63 (HKLM\...\Orgcard Terminal_is1) (Version: - Orgsystem Software)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Project System (HKLM\...\Project SystemUSB) (Version: USB - Project)
PS_AIO_04_C4500_Software_Min (Version: 140.0.425.000 - Hewlett-Packard) Hidden
SafeSign (HKLM\...\{6347401C-C260-4B30-9816-8F5A1419CC49}) (Version: 3.0.39 - A.E.T. Europe B.V.)
Scan (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 140.0.342.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1116 - SUPERAntiSpyware.com)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.44109 - TeamViewer)
Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Uninstall Project System DVR (HKLM\...\TibetSystem - Uninstall Project System DVR) (Version: Versão 5.3.1.0 - )
Validador Sintegra 5.2.16 (HKLM\...\{169CEB91-BD47-46C1-A0EA-7943B0E667DA}_is1) (Version: - Secretaria da Fazenda do Estado do Rio Grande do Sul)
WebCam (HKLM\...\{2567B22D-4CAC-44ED-8B31-FB92636E2E0F}) (Version: - )
WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR Packages (HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\WinRAR Packages) (Version: - ) <==== ATENÇÃO
Yahoo Search Set (HKLM\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Zebra Font Downloader (HKLM\...\Zebra Font Downloader_is1) (Version: - Zebra Technologies Corporation)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-4261171341-52529390-1025842320-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Victor\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-4261171341-52529390-1025842320-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Victor\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-4261171341-52529390-1025842320-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Victor\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-4261171341-52529390-1025842320-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Victor\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-4261171341-52529390-1025842320-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0169F879-659E-47D3-BC15-1EB14BD6838B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {8F909CAA-3FC4-4FBF-B798-3456497A9EC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A1CC31EA-0882-49C9-B210-95FB308140E9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {B2F747BF-E408-450F-A70A-5DB06DFB0D87} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {DC190AB9-1B1A-4BE9-A881-A21251C48288} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {E3774842-4A5D-4DF0-AC65-8F028D9F9DEB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {F346E861-AC0F-4096-9194-AA7C7A263C22} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Victor\Desktop\BACKUP DIARIO.lnk -> C:\Sistema\bkpwil.bat ()
Shortcut: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sub.bat - Atalho.lnk -> C:\Sistema\sub.bat.bat ()
ShortcutWithArgument: C:\Users\Victor\Desktop\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk -> C:\Program Files\Java\jre1.8.0_73\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://downloadnfe.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\Victor\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\585cbec4-20c6174e"
ShortcutWithArgument: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk -> C:\Program Files\Java\jre1.8.0_73\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://downloadnfe.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\Victor\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\585cbec4-20c6174e"
==================== Módulos Carregados (Whitelisted) ==============
2014-08-17 11:26 - 2013-07-04 04:32 - 00936728 _____ () C:\Program Files\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-08-17 11:26 - 2016-02-05 08:07 - 00026112 _____ () C:\Program Files\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-08-17 11:26 - 2013-07-04 04:32 - 00104448 _____ () C:\Program Files\ASUS\AXSP\1.01.02\ATKEX.dll
2006-08-26 02:14 - 2006-08-26 02:14 - 04435968 _____ () C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
2015-06-20 11:23 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-06-20 11:23 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-06-20 11:23 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-06-20 11:23 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-06-20 11:23 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-05-08 10:42 - 2012-09-25 16:32 - 05996544 _____ () C:\ClientASU\ClientASU.exe
2013-04-11 12:01 - 2008-01-29 12:56 - 02169856 _____ () C:\ACBrMonitor\ACBrMonitor.exe
2013-04-11 12:28 - 2014-12-28 22:40 - 05958656 _____ () C:\ACBrNFeMonitor\ACBrNFeMonitor.exe
2016-01-18 10:16 - 2016-01-18 10:16 - 02259456 _____ () C:\Sistema\CAIXA6\CAIXA.EXE
2015-05-05 13:18 - 2006-08-26 01:14 - 01519616 _____ () C:\Sistema\CAIXA6\LIBMYSQL.DLL
2016-01-15 18:45 - 2016-01-15 18:45 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-02-11 08:19 - 2016-02-09 09:58 - 01632584 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-11 08:19 - 2016-02-09 09:58 - 00087880 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.109\libegl.dll
2016-02-11 08:19 - 2016-02-09 09:58 - 16810824 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll
2016-01-18 09:46 - 2016-01-18 09:47 - 02894848 _____ () C:\Sistema\ESTOQUE6\ESTOQUE.EXE
2015-05-05 13:19 - 2006-08-26 01:14 - 01519616 _____ () C:\Sistema\ESTOQUE6\LIBMYSQL.DLL
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 04:13 - 2015-11-06 14:00 - 00000822 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-4261171341-52529390-1025842320-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 201.94.160.48 - 201.94.160.46
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "SDTray"
HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\StartupFolder: => "Project Vision USB.lnk"
HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\StartupFolder: => "Project System DVR.lnk"
HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.3.lnk"
HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\StartupFolder: => "sub.bat - Atalho.lnk"
HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{281CA402-7957-4CF2-85DE-01C5F561B875}] => (Allow) C:\Users\Victor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2446EE39-161E-4BDF-A7A0-84F53C1E7AE1}] => (Allow) C:\Users\Victor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9A1E38AE-F49E-4357-9170-1E0ADECF1B44}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{6721AFC8-ED2F-4065-AAF2-208F552FC598}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{91C615A5-1C38-4F64-830A-2FB130ABFF63}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{E3513678-3BC4-4835-AC31-6E2BCBBDA065}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{267C662D-B75C-4789-B46A-05E47FD238EA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{96A2262E-0C59-44DD-99DD-C36FE0803800}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{40803E53-8DA5-4E7B-B9EC-F6EE2F99A78E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{767A9EA6-9926-4CD3-B8FD-9E554BC1CD58}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{DB406947-8B0C-450F-82CF-379D03E55864}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{9C651BEF-BBC7-4524-A5DC-57480E506492}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{C1AA308A-B1E3-42E6-A2ED-908D2E40D322}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7D9F731B-97C2-42CE-BBEB-48235E616276}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{EFACCAE2-85AB-4EFB-B103-F50A73EF1B4A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{153B1DAB-4480-4E09-A0F3-3B993E6FDAEF}] => (Allow) LPort=3306
FirewallRules: [UDP Query User{457B1CF5-1D74-4A5C-AFF9-3B144EF4FC9A}C:\program files\ares\chatserver.exe] => (Block) C:\program files\ares\chatserver.exe
FirewallRules: [TCP Query User{3EC7AD67-313B-406C-BA84-33ADE6DACED1}C:\program files\ares\chatserver.exe] => (Block) C:\program files\ares\chatserver.exe
FirewallRules: [UDP Query User{14AA037B-8C0C-4329-B399-3E3276AC93E9}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [TCP Query User{9248143B-AF26-45B8-BEEA-75C5AF48CA9D}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [TCP Query User{7239FB04-F617-4E5B-BEFB-B0C4A6BB53C9}C:\program files\cms\cms.exe] => (Allow) C:\program files\cms\cms.exe
FirewallRules: [UDP Query User{5F4B72CF-6A86-4295-9CD5-F81B92CA7032}C:\program files\cms\cms.exe] => (Allow) C:\program files\cms\cms.exe
FirewallRules: [{E606B623-6BC2-4AAE-B704-BED8C5CEF48A}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{BE273636-C17E-4963-82D9-38EC8A4F9093}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{2B0B2F71-5C83-4DF1-BB64-968EB194AC68}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{8BD9F2FD-E815-4936-8767-03CA048D722B}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{36CA3E61-ABDD-48FD-B599-54CE22D8CC1D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E743FFEE-F908-4F50-8F94-A9F5A676DFC7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6D228451-3ED0-4F3A-8940-01862E4E29B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D72189D7-4327-4B91-9ED0-CC10110A22FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{36F28CE2-89E6-4F77-A29F-2189E2486E6C}C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe] => (Block) C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe
FirewallRules: [UDP Query User{51A91F1D-7540-4BFB-9A29-03A7F6C638D7}C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe] => (Block) C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe
FirewallRules: [{CAB5A6AE-F70D-44DA-807A-849427178E83}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Pontos de Restauração =========================
26-01-2016 10:15:31 Instalado Aplicativo Itaú
02-02-2016 10:44:16 Ponto de Verificação Agendado
10-02-2016 10:03:44 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Controlador de comunicação PCI simples
Description: Controlador de comunicação PCI simples
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controlador de barramento SM
Description: Controlador de barramento SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/11/2016 05:28:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 1584
Hora de Início: 01d16501afa3ab1e
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe
ID do Relatório: a3212fc0-d0f5-11e5-b0e7-e03f49830a11
Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/11/2016 04:59:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: d60
Hora de Início: 01d164fd9e31c33a
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe
ID do Relatório: 91b3cd8a-d0f1-11e5-b0e7-e03f49830a11
Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/11/2016 04:29:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 1e40
Hora de Início: 01d164f96d4f982f
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe
ID do Relatório: 60cb8436-d0ed-11e5-b0e7-e03f49830a11
Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/11/2016 03:59:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 9bc
Hora de Início: 01d164f53c6cb1f7
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe
ID do Relatório: 2fe956e4-d0e9-11e5-b0e7-e03f49830a11
Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/11/2016 03:29:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 894
Hora de Início: 01d164f10b853479
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe
ID do Relatório: ff084abc-d0e4-11e5-b0e7-e03f49830a11
Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/11/2016 02:59:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 1520
Hora de Início: 01d164ecdaa0328d
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe
ID do Relatório: ce207def-d0e0-11e5-b0e7-e03f49830a11
Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/11/2016 02:29:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: ea8
Hora de Início: 01d164e8a9c05f76
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe
ID do Relatório: 9d3d6433-d0dc-11e5-b0e7-e03f49830a11
Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/11/2016 02:02:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (02/11/2016 01:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 1bcc
Hora de Início: 01d164e469e979ff
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe
ID do Relatório: 5d69c0ba-d0d8-11e5-b0e7-e03f49830a11
Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/11/2016 01:53:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Erros de Sistema:
=============
Error: (02/11/2016 02:06:12 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/11/2016 02:04:12 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/11/2016 01:57:56 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/11/2016 01:55:56 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/11/2016 01:43:59 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/11/2016 01:41:59 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/11/2016 01:41:23 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (02/11/2016 01:40:53 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (02/11/2016 01:39:59 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/11/2016 01:22:00 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
CodeIntegrity:
===================================
Date: 2016-02-11 14:10:58.792
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-02-11 14:10:58.792
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-02-11 14:10:58.792
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-02-11 14:10:52.833
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-02-11 14:10:52.833
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-02-11 14:10:52.833
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-02-11 14:10:52.833
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-02-11 14:10:52.818
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-02-11 14:10:52.818
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-02-11 14:10:52.802
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentagem de memória em uso: 66%
RAM física total: 3457.82 MB
RAM física disponível: 1141.33 MB
Virtual Total: 5634.07 MB
Virtual disponível: 1888.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.32 GB) (Free:415.06 GB) NTFS
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 245A032C)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================