Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:25-04-2016
Executado por Marcos (2016-04-26 22:08:12)
Executando a partir de C:\Users\Marcos\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-10-28 15:14:13)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1231958544-1669365884-389720028-500 - Administrator - Disabled)
Convidado (S-1-5-21-1231958544-1669365884-389720028-501 - Limited - Disabled)
Marcos (S-1-5-21-1231958544-1669365884-389720028-1000 - Administrator - Enabled) => C:\Users\Marcos
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
"Nero SoundTrax Help (Version: 4.0.15.0 - Nero AG) Hidden
32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden
ABBYY FineReader 9.0 Sprint (HKLM\...\{F9000000-0018-0000-0000-074957833700}) (Version: - )
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Aplicativo Itaú (HKLM\...\{FE13BDC8-9044-4CA5-8446-819F2CB43CF7}) (Version: 1.0.61 - Banco Itaú)
Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ares 2.2.8 (HKLM\...\Ares) (Version: 2.2.8-Build#3052 - Seekar Ltd)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
BBSAK (HKLM\...\{B23F12D4-17DE-453A-B1F4-55E501FE0EBF}) (Version: 1.9.2 - JMT Labs)
Bíblia Glow Software (HKLM\...\Glo Bible Software) (Version: - Immersion Digital)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Software Updater (HKLM\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - )
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell SupportAssistAgent (HKLM\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
Dell System Detect - 1 (HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\73f463568823ebbe) (Version: 6.1.0.3 - Dell)
Desinstalar Impressora EPSON L355 Series (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation)
DolbyFiles (Version: 2.0 - Nero AG) Hidden
Driver Easy 5.0.3 (HKLM\...\DriverEasy_is1) (Version: 5.0.3 - Easeware)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.18.44 - Dell Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM\...\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM\...\EEPPPlugIn) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden
Epson Event Manager (HKLM\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
FormatFactory (HKLM\...\{7664204E-CD57-4ACE-927C-40DED265C611}) (Version: 1.45 - FormatFactory)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
iCloud (HKLM\...\{C3867553-D9F8-416E-8F14-EFF234A48577}) (Version: 5.1.0.34 - Apple Inc.)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Iminent (Version: 6.44.21.0 - Iminent) Hidden <==== ATENÇÃO
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2016) (Version: 1.1 - Receita Federal do Brasil)
iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lollipop (HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\lollipop_05300012) (Version: - Lollipop Network, S.L.) <==== ATENÇÃO
Menu Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
MoneyMe versão 1.063 (HKLM\...\{7B3D4AE8-61A7-4B65-B346-BF2D10A05387}_is1) (Version: 1.063 - MoneyMe)
Movavi PowerPoint To Video Converter 2 (HKLM\...\Movavi PowerPoint To Video Converter 2) (Version: 2.2.0 - Movavi)
Movie Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM\...\{489852e3-e88e-4f6f-ae19-8246aecb3ed9}) (Version: - Nero AG)
O2Micro 1394 OHCI Compliant Host Controller Driver (HKLM\...\InstallShield_{4A1D333E-557E-46A6-A4A7-5F8FBC862D49}) (Version: 1.0.00 - O2Micro International LTD.)
PDFConverter Printer Driver (HKLM\...\{74669C8B-4D0A-4237-997F-3E1C92331F7D}) (Version: - )
PDFConverter Printer Driver version 2.00 (HKLM\...\PDFConverter Printer Driver_is1) (Version: 2.00 - PDF-Convert, Inc.)
PPT to Image Converter 5.00 (HKLM\...\PPT to Image Converter_is1) (Version: 5.0.0.0 - PDF-Convert, Inc.)
QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Software Updater (HKLM\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
SoundTrax (Version: 4.0.18.0 - Nero AG) Hidden
Suporte para Aplicativos Apple (32-bit) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Warsaw 1.8.0.10356 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WindowsProtectManger20.0.0.339 (HKLM\...\WindowsProtectManger) (Version: 20.0.0.339 - Fuyu LIMITED) <==== ATENÇÃO
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1231958544-1669365884-389720028-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Marcos\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1231958544-1669365884-389720028-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Marcos\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0ECFAC0F-DD61-42A5-9703-1612C2A3057B} - System32\Tasks\{E2464F3D-7BDA-43AC-966A-62C61FBED88C} => pcalua.exe -a C:\Dell\Drivers\R129472\BtSwSP2.exe -d C:\Dell\Drivers\R129472
Task: {1A18AC90-DECD-425B-BED8-0D1E04A6B5EB} - System32\Tasks\Pritc => C:\Users\Marcos\AppData\Local\Temp\00027936\casrss.exe [2016-04-23] (VLOME) <==== ATENÇÃO
Task: {1A2E8589-90A5-40F7-B60C-D5DD15DDA299} - System32\Tasks\ttwifi => C:\Program Files\ttwifi\tiantianwifi.exe
Task: {1DEE7752-7BBE-42EE-9B73-D09DF112CD1B} - System32\Tasks\{DB4DBEB3-AA7C-4D07-9E89-8BB8E2206B95} => pcalua.exe -a C:\Users\Marcos\Downloads\software_terminal_programador_maxcom\TerminalProgramadorMaxcom110701.exe -d C:\Users\Marcos\Downloads\software_terminal_programador_maxcom
Task: {2CC1D59F-AC3E-4533-833B-21B9E39832F3} - System32\Tasks\Systweak-Support-Dock => C:\Program Files\Systweak Support Dock\SystweakDock.exe
Task: {2D145EAF-EA46-4CE5-80D8-706D3D542588} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files\QQBrowser\Update\90FBF83FE4382ECC2675D2CFB2FA9F29\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ATENÇÃO
Task: {385644A3-2039-43BD-888A-A12C2F8008C2} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.)
Task: {399D9687-8730-4555-BF21-2EC29B1D7A13} - System32\Tasks\DNSBAHAMA => dnsbahama.exe <==== ATENÇÃO
Task: {431C2821-33CB-4CFC-BAE8-4A13A49B2FD4} - System32\Tasks\{5131F16B-826C-4257-983A-2734CA9B0511} => C:\Windows\twain_32\escndv\escndv.exe [2009-01-27] (SEIKO EPSON CORP.)
Task: {46C8913C-E240-4FDD-A936-1F96FB3D9E17} - System32\Tasks\{7EA4F5D8-84F6-4B7E-BDF2-AD01ED644FBD} => pcalua.exe -a E:\A050000T.exe -d E:\
Task: {5049F939-8651-4FEF-ADA8-EFDE63119C0B} - System32\Tasks\{5E93EEB7-49C1-41AA-8402-9FEF11400B4F} => pcalua.exe -a c:\users\marcos\appdata\local\lollipop_05300012\lollipop_05300012.bat
Task: {5BAAF363-AFD7-4493-81E0-372809E2E324} - System32\Tasks\Price Fountain => C:\Users\Marcos\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {63BCBAAF-955B-4FC7-BA8D-EABC93D611EF} - System32\Tasks\AppCloudUpdater => C:\Users\Marcos\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {693AEAFB-E961-4B6E-A1C5-DE0A289883ED} - System32\Tasks\{1E4A2DA8-11D8-40AF-9032-406F4B28ECFF} => pcalua.exe -a E:\R174366\Setup.exe -d E:\R174366
Task: {6A69E4ED-D9C5-4C77-993F-DBA55068BFE7} - System32\Tasks\{78E6442E-C553-4DCA-970A-3D5053F50D24} => pcalua.exe -a C:\Dell\Drivers\V91MY\2KXP\setup.exe -d C:\Dell\Drivers\V91MY\2KXP
Task: {6E61BE14-1800-429D-A63E-6DF422CDE707} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {73D84735-BAEE-4C5D-BEA4-F066F559EB3D} - System32\Tasks\{8BEF4D3C-C2A0-40F0-9E7C-1B4333BFC5F4} => pcalua.exe -a C:\Dell\Drivers\R253891\Setup.EXE -d C:\Dell\Drivers\R253891
Task: {77E01A61-F6C0-4AC1-806F-2DD2AA627281} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-04-14] (Easeware)
Task: {7DE574C5-F505-44F8-9697-C7F4D6BACB6D} - System32\Tasks\Microsoft\Windows\Apps\UpService => C:\ProgramData\UpService\UpService.exe [2015-12-24] () <==== ATENÇÃO
Task: {7F2FB6A2-284D-4A64-B693-08AF38EF5AE0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {7FF7759A-6D46-4BE0-8F83-BC4692D43A50} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {826998B6-5D65-4A6C-83C9-E0F8740947C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {83FDB628-6DF7-465F-88AF-51358002F79A} - System32\Tasks\{EE8335A2-3268-4F0F-AAF4-F1709526DCC2} => pcalua.exe -a "C:\Users\Marcos\Desktop\chipset INFs\chipset INFs\Ssetup.exe" -d "C:\Users\Marcos\Desktop\chipset INFs\chipset INFs"
Task: {87B048A5-79AE-4FE2-A247-14A8F00D9778} - System32\Tasks\{02B7C244-C256-47D9-9125-417A631596C5} => pcalua.exe -a "C:\Users\Marcos\AppData\Roaming\Easeware\DriverEasy\drivers\agvvnbcw.n0q\chipset INFs\chipset INFs\Ssetup.exe" -d "C:\Users\Marcos\AppData\Roaming\Easeware\DriverEasy\drivers\agvvnbcw.n0q\chipset INFs\chipset INFs"
Task: {8E93CC76-4831-4E39-811C-35771ADDB980} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-04-14] (Easeware)
Task: {91163B9E-DED9-4EA0-BE89-8545A8767732} - System32\Tasks\Dravsynlether Core => C:\Program Files\Dravsynlether\Drvcoretsk.exe [2016-04-22] ()
Task: {93A0B0AE-F53E-4046-8FCF-B4906D856779} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-04-16] ()
Task: {A8F51158-B622-4BEE-8DCB-993D69296479} - System32\Tasks\{15C3E1B0-B987-443B-AC27-FCA33A8BFA74} => pcalua.exe -a C:\Users\Marcos\Desktop\HXFSetup.exe -d C:\Users\Marcos\Desktop
Task: {B6E0DC59-2346-4B3D-B784-0A599CC8DBB4} - \Inst_Rep -> Nenhum Arquivo <==== ATENÇÃO
Task: {CABFFA64-BEA6-460A-BB52-D8876619C96B} - System32\Tasks\{5497F83B-352E-4461-928F-06BDF8FA3FE7} => pcalua.exe -a C:\Drivers\HXFSetup.exe -d C:\Drivers
Task: {D0D00F93-91FE-4804-8EB1-5EEE0D7AB4FC} - System32\Tasks\{C75C1525-B29E-46E3-B465-C489FCB4DFC2} => pcalua.exe -a C:\Dell\Drivers\R157674\DFUInstaller.exe -d C:\Dell\Drivers\R157674
Task: {DA79FA10-A650-482F-B6F1-4E6283A6F72D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {DDCC5E9D-31FD-431A-ABBB-E14898B52590} - System32\Tasks\{9A9E0091-41DD-4867-9C82-B7587A0A5243} => pcalua.exe -a C:\Dell\Drivers\R117967\2KXP\setup.exe -d C:\Dell\Drivers\R117967\2KXP
Task: {DF3B8812-13CB-47FA-B8D4-842786369E39} - System32\Tasks\{99492E2E-3630-409F-AAD6-5C2A7CEF31D8} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe" -d "C:\Arquivos de Programas RFB\IRPF2016"
Task: {E6CCFAF4-60AC-4AE4-BEEA-79ADB095DFE3} - System32\Tasks\PFExe => C:\Users\Marcos\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO
Task: {FA1C7D4B-1760-465F-A047-625079D3D165} - System32\Tasks\OKABEPSHNWPJMSKM => C:\ProgramData\Service5184\Service5184.exe [2016-04-23] () <==== ATENÇÃO
Task: {FC7A4E11-6311-4294-A2F3-48DB7959000D} - \svchost -> Nenhum Arquivo <==== ATENÇÃO
Task: {FFD22207-27FD-4E23-98EB-B413F11CA1AA} - System32\Tasks\Update Service for Torrent Search2 => C:\Program Files\Torrent Search\emYdFg1.exe <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AppCloudUpdater.job => C:\Users\Marcos\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OKABEPSHNWPJMSKM.job => C:\ProgramData\Service5184\Service5184.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\Marcos\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: C:\Windows\Tasks\Update Service for Torrent Search2.job => C:\Program Files\Torrent Search\emYdFg1.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/
==================== Módulos Carregados (Whitelisted) ==============
2013-10-28 14:23 - 2013-10-28 14:23 - 00026112 _____ () C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
2016-04-24 15:39 - 2001-10-29 01:42 - 00116224 _____ () C:\Windows\System32\pdfmonnt.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-24 14:31 - 2016-04-21 05:54 - 01745920 _____ () C:\ProgramData\service.exe
2014-07-28 11:31 - 2014-07-28 18:25 - 00321824 _____ () C:\Program Files\trolatunt\updatetrolatunt.exe
2014-07-28 14:24 - 2014-07-28 18:24 - 00321824 _____ () C:\Program Files\trolatunt\bin\utiltrolatunt.exe
2016-04-24 13:45 - 2016-04-24 13:46 - 00605184 _____ () C:\Program Files\SpaceSoundPro\idscservice.exe
2016-04-24 13:46 - 2016-04-24 13:50 - 03935232 _____ () C:\Program Files\SpaceSoundPro\idsccom_HKK.exe
2016-04-24 17:04 - 2016-04-24 13:55 - 01907200 _____ () C:\ProgramData\msiql.exe
2016-04-25 19:15 - 2016-04-25 11:47 - 01266688 _____ () c:\programdata\conhost51495.exe
2016-04-26 20:19 - 2016-04-26 20:20 - 00599904 _____ () c:\users\marcos\appdata\local\temp\24357\setup.exe
2016-04-26 20:19 - 2016-04-24 13:17 - 02363392 _____ () C:\Windows\TEMP\24301\tim.exe
2016-04-26 21:27 - 2016-04-26 21:27 - 00110064 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMAntiInject.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\zlib.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00482800 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\sqlite.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\tinyxml.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00040944 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00065008 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2016-04-26 21:27 - 2016-02-27 19:55 - 00036128 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\oDayProtect.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00122352 _____ () c:\program files\tencent\qqpcmgr\11.4.17339.217\qmrtpcontroller.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00137568 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\libexpatw.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 02156896 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\GF.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00092512 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\xGraphic32.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00342368 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\arkGraphic.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00045408 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\jgImage.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00158048 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\libpng.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00285024 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\libjpegturbo.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00014176 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\jgIOStub.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00194912 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\xImage.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00019440 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQFileFlt.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00163312 _____ () c:\program files\tencent\qqpcmgr\11.4.17339.217\qmhipslogpolicy.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00077296 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\MemDefrag.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00261616 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00379232 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\DlForQd.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00245232 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMWlanMacDll.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\zlib.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00137568 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libexpatw.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\tinyxml.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 02156896 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\GF.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00092512 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\xGraphic32.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00342368 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\arkGraphic.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00045408 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\jgImage.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00158048 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libpng.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00285024 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libjpegturbo.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00014176 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\jgIOStub.dll
2015-02-23 21:33 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\Marcos\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-02-23 21:33 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\Marcos\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8]
AlternateDataStreams: C:\Windows\System32:105D9771_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:105D9771_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [369]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2015-08-20 20:28 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1231958544-1669365884-389720028-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcos\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.163.143.185 - 82.163.142.185
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{17F3491F-85E2-49B6-AFE7-55105C064B48}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [UDP Query User{23881AD7-62FB-4B70-BE97-F618B2A54A35}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [TCP Query User{A8B638C2-FB4C-466D-846D-FAA3764F22BC}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Allow) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe
FirewallRules: [UDP Query User{39A06E1B-06DF-489A-9019-CAB9192343EE}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Allow) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe
FirewallRules: [TCP Query User{EE17C3F2-3E6C-4A66-9BC4-E3C6F75C2A6E}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [UDP Query User{5E1B4B93-6DA4-404C-8A03-F233E8674561}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [TCP Query User{A178B9E4-0530-4248-9357-EB0DEDC1A728}C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe] => (Block) C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe
FirewallRules: [UDP Query User{D696FDF6-2D08-425D-BA7B-4D8561624C68}C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe] => (Block) C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe
FirewallRules: [{CD1A7B6C-D4EB-4B56-876F-3118BB66B267}] => (Allow) C:\Users\Marcos\AppData\Local\Temp\12488\download\MiniThunderPlatform.exe
FirewallRules: [{67E223EB-D39F-4ACF-87A6-0A72F1358CA4}] => (Allow) C:\Users\Marcos\AppData\Local\Temp\12488\download\MiniThunderPlatform.exe
FirewallRules: [TCP Query User{05B1B79C-D6BE-401F-B41D-F85815A9201D}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Block) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe
FirewallRules: [UDP Query User{6A95B3BF-059D-4960-9DAB-CCD6487261F5}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Block) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe
FirewallRules: [{C6ACC528-A7F8-447E-9912-7A567420B018}] => (Allow) C:\Windows\TEMP\24678\download\MiniThunderPlatform.exe
FirewallRules: [{239FE33C-F7B1-478B-862F-20A1C70009BF}] => (Allow) C:\Windows\TEMP\24678\download\MiniThunderPlatform.exe
FirewallRules: [{0E5276BD-9E07-488C-A5E1-271C09CD7ED5}] => (Allow) C:\Windows\TEMP\24301\download\MiniThunderPlatform.exe
FirewallRules: [{1565D561-17AD-4440-9F0E-BC2FE5DCC82C}] => (Allow) C:\Windows\TEMP\24301\download\MiniThunderPlatform.exe
FirewallRules: [{44C8BE32-BD75-4657-8E1F-E158621B22DC}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCmgrInstallGuide.exe
FirewallRules: [{AAC12274-9A05-4076-B9A0-624BCFD62E86}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{D05CF982-BB98-4F05-9F01-9A6C77A511D4}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{F3BC230A-7A7F-4223-840E-38DB7E47BB21}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe
FirewallRules: [{8E684C30-C50B-4EEB-99F1-403F19BA5E09}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCMgr.exe
FirewallRules: [{B995202D-C221-4720-B1F8-AD69C41BD0BC}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe
FirewallRules: [{886F10A6-50AC-465D-8B8F-5D18D74A9548}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMDL.exe
FirewallRules: [{D8E65958-D105-4AEC-9D64-B037B4E11663}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\bugreport.exe
FirewallRules: [{3A65770A-0F03-4638-8A71-5D607BA1C48E}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCFileOpen.exe
FirewallRules: [{BD419893-D245-487F-BADC-9AD33AD98FB4}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCLeakScan.exe
FirewallRules: [{BC8C0EE0-6811-43D7-B83D-5EF2AD38CF0D}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPConfig.exe
FirewallRules: [{E8B41976-DD44-40D6-B28B-349B923AC410}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftMgr.exe
FirewallRules: [{05FB1913-4049-4252-8F0D-46660AF487CF}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{49D7197F-137E-4032-A740-C028477EB16A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCBTU.exe
FirewallRules: [{6AB25C56-CB14-4E1F-9EA9-EFE30E6CEFCA}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCClinic.exe
FirewallRules: [{1FEFBDB6-39A7-48A6-83AA-FCD5237CF1A2}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCLaunch.exe
FirewallRules: [{C2F20CEB-516F-403F-A23D-5CFB84AA260B}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{29BDB29B-5A78-4113-8F17-14403AA34286}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftGame.exe
FirewallRules: [{395AA3E8-E028-4DA7-81BE-12EFFACBAF60}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCSysOptimize.exe
FirewallRules: [{475D8775-046B-43AF-8175-49A266E9202A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCUpdateAVLib.exe
FirewallRules: [{A1D5C0CC-F260-40E2-B7A5-FC2A22AF9996}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQRepair.exe
FirewallRules: [{01D0E476-616A-4540-A933-D9AEE3E2FA97}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\Uninst.exe
FirewallRules: [{3C251BD3-53A2-4561-B6CE-DFE89C84548C}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCPatch.exe
FirewallRules: [{521A14AD-DE62-480E-869B-C8276FB496DD}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\TpkUpdate.exe
FirewallRules: [{B2AB8C9B-1959-4A7B-B62B-51872769CB17}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMRouterMgr.exe
FirewallRules: [{7607424C-4FAB-4C34-B1C4-53CFEC9CED61}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMAccountProtection.exe
FirewallRules: [{44445DFD-8441-44E6-A98F-57B3E43FD60A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMAdBlock.exe
==================== Pontos de Restauração =========================
04-04-2016 23:25:51 Windows Update
08-04-2016 22:32:59 Windows Update
12-04-2016 00:38:18 Windows Update
14-04-2016 03:00:43 Windows Update
16-04-2016 03:00:15 Windows Update
21-04-2016 12:07:07 Windows Update
24-04-2016 13:54:29 Windows Update
26-04-2016 00:08:31 Removed BlackBerry Device Software v7.1.0 para o smartphone BlackBerry 9860.
26-04-2016 00:11:23 Removed BlackBerry Device Software v7.1.0 para o smartphone BlackBerry 9860.
26-04-2016 00:15:49 Removed BlackBerry Device Software v7.1.0 para o smartphone BlackBerry 9860.
26-04-2016 00:24:58 Removed Bluetooth Stack for Windows by Toshiba.
26-04-2016 00:30:08 Removed Mediatek Bluetooth.
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Bnbase
Description: Bnbase
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bnbase
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Baidu NetDefense
Description: Baidu NetDefense
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bndef
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Baidu Protect
Description: Baidu Protect
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bprotect
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Adaptador de Túnel Teredo da Microsoft
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/26/2016 08:19:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: osmsg.exe, versão: 1.0.0.42, carimbo de hora: 0x57119990
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb2fd9
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00056aa4
Identificação do processo com falha: 0x1114
Hora de início do aplicativo com falha: 0xosmsg.exe0
Caminho do aplicativo com falha: osmsg.exe1
FCaminho do módulo de falhas: osmsg.exe2
Identificação do Relatório: osmsg.exe3
Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: O agente de extensão de log de eventos do SNMP não foi inicializado corretamente.
Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 1020) (User: )
Description: Erro ao processar parâmetros do Registro. O agente de extensão está sendo terminado.
Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: O agente de extensão de log de eventos do SNMP não foi inicializado corretamente.
Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 3003) (User: )
Description: Erro ao posicionar-se no final do arquivo de log -- não é possível obter o registro de log mais antigo. O identificador especificado é 4784148. O código de retorno de GetOldestEventLogRecord é 6.
Error: (04/25/2016 11:54:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/25/2016 11:54:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/25/2016 07:24:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: casrss.exe, versão: 2.0.0.30, carimbo de hora: 0x5715ce71
Nome do módulo de falhas: casrss.exe, versão: 2.0.0.30, carimbo de hora: 0x5715ce71
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000225c5
Identificação do processo com falha: 0x594
Hora de início do aplicativo com falha: 0xcasrss.exe0
Caminho do aplicativo com falha: casrss.exe1
FCaminho do módulo de falhas: casrss.exe2
Identificação do Relatório: casrss.exe3
Error: (04/24/2016 04:12:48 PM) (Source: Microsoft Office 12) (EventID: 2001) (User: )
Description: Rejected Safe Mode action : Microsoft Office PowerPoint.
Error: (04/23/2016 01:36:10 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1"1". Erro no arquivo de manifesto ou de diretiva Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1"2", na linha Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1".
A definição é Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Erros de Sistema:
=============
Error: (04/26/2016 09:44:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço WinZiper service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (04/26/2016 09:34:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2
Error: (04/26/2016 09:28:55 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço QQPCMgr RTP Service está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (04/26/2016 08:48:59 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 40.
Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas.
Nova Versão da Assinatura:
Versão da Assinatura Anterior: 115.57.0.0
Origem da Atualização: %AUTORIDADE NT51
Etapa da Atualização: 4.9.0218.00
Caminho de Origem: 4.9.0218.01
Tipo de Assinatura: %AUTORIDADE NT602
Tipo de Atualização: %AUTORIDADE NT604
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: %AUTORIDADE NT605
Versão do Mecanismo Anterior: %AUTORIDADE NT606
Código de Erro: %AUTORIDADE NT607
Descrição do erro: %AUTORIDADE NT608
Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas.
Nova Versão da Assinatura:
Versão da Assinatura Anterior: 1.217.2238.0
Origem da Atualização: %AUTORIDADE NT51
Etapa da Atualização: 4.9.0218.00
Caminho de Origem: 4.9.0218.01
Tipo de Assinatura: %AUTORIDADE NT602
Tipo de Atualização: %AUTORIDADE NT604
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: %AUTORIDADE NT605
Versão do Mecanismo Anterior: %AUTORIDADE NT606
Código de Erro: %AUTORIDADE NT607
Descrição do erro: %AUTORIDADE NT608
Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas.
Nova Versão da Assinatura:
Versão da Assinatura Anterior: 1.217.2238.0
Origem da Atualização: %AUTORIDADE NT51
Etapa da Atualização: 4.9.0218.00
Caminho de Origem: 4.9.0218.01
Tipo de Assinatura: %AUTORIDADE NT602
Tipo de Atualização: %AUTORIDADE NT604
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: %AUTORIDADE NT605
Versão do Mecanismo Anterior: %AUTORIDADE NT606
Código de Erro: %AUTORIDADE NT607
Descrição do erro: %AUTORIDADE NT608
Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas.
Nova Versão da Assinatura:
Versão da Assinatura Anterior: 1.217.2238.0
Origem da Atualização: %AUTORIDADE NT59
Etapa da Atualização: 4.9.0218.00
Caminho de Origem: 4.9.0218.01
Tipo de Assinatura: %AUTORIDADE NT602
Tipo de Atualização: %AUTORIDADE NT604
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: %AUTORIDADE NT605
Versão do Mecanismo Anterior: %AUTORIDADE NT606
Código de Erro: %AUTORIDADE NT607
Descrição do erro: %AUTORIDADE NT608
Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas.
Nova Versão da Assinatura:
Versão da Assinatura Anterior: 1.217.2238.0
Origem da Atualização: %AUTORIDADE NT59
Etapa da Atualização: 4.9.0218.00
Caminho de Origem: 4.9.0218.01
Tipo de Assinatura: %AUTORIDADE NT602
Tipo de Atualização: %AUTORIDADE NT604
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: %AUTORIDADE NT605
Versão do Mecanismo Anterior: %AUTORIDADE NT606
Código de Erro: %AUTORIDADE NT607
Descrição do erro: %AUTORIDADE NT608
Error: (04/26/2016 08:28:58 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 40.
CodeIntegrity:
===================================
Date: 2016-04-24 14:17:38.882
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:17:38.703
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:16:05.558
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:16:05.357
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:16:05.181
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:15:58.520
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:15:58.360
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:15:56.828
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:15:56.658
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:15:55.077
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Percentagem de memória em uso: 70%
RAM física total: 3318.44 MB
RAM física disponível: 982.65 MB
Virtual Total: 6635.21 MB
Virtual disponível: 4027.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.89 GB) (Free:130.04 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: DA721E51)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Marcos (2016-04-26 22:08:12)
Executando a partir de C:\Users\Marcos\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-10-28 15:14:13)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1231958544-1669365884-389720028-500 - Administrator - Disabled)
Convidado (S-1-5-21-1231958544-1669365884-389720028-501 - Limited - Disabled)
Marcos (S-1-5-21-1231958544-1669365884-389720028-1000 - Administrator - Enabled) => C:\Users\Marcos
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
"Nero SoundTrax Help (Version: 4.0.15.0 - Nero AG) Hidden
32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden
ABBYY FineReader 9.0 Sprint (HKLM\...\{F9000000-0018-0000-0000-074957833700}) (Version: - )
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Aplicativo Itaú (HKLM\...\{FE13BDC8-9044-4CA5-8446-819F2CB43CF7}) (Version: 1.0.61 - Banco Itaú)
Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ares 2.2.8 (HKLM\...\Ares) (Version: 2.2.8-Build#3052 - Seekar Ltd)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
BBSAK (HKLM\...\{B23F12D4-17DE-453A-B1F4-55E501FE0EBF}) (Version: 1.9.2 - JMT Labs)
Bíblia Glow Software (HKLM\...\Glo Bible Software) (Version: - Immersion Digital)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Software Updater (HKLM\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - )
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell SupportAssistAgent (HKLM\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
Dell System Detect - 1 (HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\73f463568823ebbe) (Version: 6.1.0.3 - Dell)
Desinstalar Impressora EPSON L355 Series (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation)
DolbyFiles (Version: 2.0 - Nero AG) Hidden
Driver Easy 5.0.3 (HKLM\...\DriverEasy_is1) (Version: 5.0.3 - Easeware)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.18.44 - Dell Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM\...\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM\...\EEPPPlugIn) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden
Epson Event Manager (HKLM\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
FormatFactory (HKLM\...\{7664204E-CD57-4ACE-927C-40DED265C611}) (Version: 1.45 - FormatFactory)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
iCloud (HKLM\...\{C3867553-D9F8-416E-8F14-EFF234A48577}) (Version: 5.1.0.34 - Apple Inc.)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Iminent (Version: 6.44.21.0 - Iminent) Hidden <==== ATENÇÃO
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2016) (Version: 1.1 - Receita Federal do Brasil)
iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lollipop (HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\lollipop_05300012) (Version: - Lollipop Network, S.L.) <==== ATENÇÃO
Menu Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
MoneyMe versão 1.063 (HKLM\...\{7B3D4AE8-61A7-4B65-B346-BF2D10A05387}_is1) (Version: 1.063 - MoneyMe)
Movavi PowerPoint To Video Converter 2 (HKLM\...\Movavi PowerPoint To Video Converter 2) (Version: 2.2.0 - Movavi)
Movie Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM\...\{489852e3-e88e-4f6f-ae19-8246aecb3ed9}) (Version: - Nero AG)
O2Micro 1394 OHCI Compliant Host Controller Driver (HKLM\...\InstallShield_{4A1D333E-557E-46A6-A4A7-5F8FBC862D49}) (Version: 1.0.00 - O2Micro International LTD.)
PDFConverter Printer Driver (HKLM\...\{74669C8B-4D0A-4237-997F-3E1C92331F7D}) (Version: - )
PDFConverter Printer Driver version 2.00 (HKLM\...\PDFConverter Printer Driver_is1) (Version: 2.00 - PDF-Convert, Inc.)
PPT to Image Converter 5.00 (HKLM\...\PPT to Image Converter_is1) (Version: 5.0.0.0 - PDF-Convert, Inc.)
QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Software Updater (HKLM\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
SoundTrax (Version: 4.0.18.0 - Nero AG) Hidden
Suporte para Aplicativos Apple (32-bit) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Warsaw 1.8.0.10356 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WindowsProtectManger20.0.0.339 (HKLM\...\WindowsProtectManger) (Version: 20.0.0.339 - Fuyu LIMITED) <==== ATENÇÃO
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1231958544-1669365884-389720028-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Marcos\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1231958544-1669365884-389720028-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Marcos\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0ECFAC0F-DD61-42A5-9703-1612C2A3057B} - System32\Tasks\{E2464F3D-7BDA-43AC-966A-62C61FBED88C} => pcalua.exe -a C:\Dell\Drivers\R129472\BtSwSP2.exe -d C:\Dell\Drivers\R129472
Task: {1A18AC90-DECD-425B-BED8-0D1E04A6B5EB} - System32\Tasks\Pritc => C:\Users\Marcos\AppData\Local\Temp\00027936\casrss.exe [2016-04-23] (VLOME) <==== ATENÇÃO
Task: {1A2E8589-90A5-40F7-B60C-D5DD15DDA299} - System32\Tasks\ttwifi => C:\Program Files\ttwifi\tiantianwifi.exe
Task: {1DEE7752-7BBE-42EE-9B73-D09DF112CD1B} - System32\Tasks\{DB4DBEB3-AA7C-4D07-9E89-8BB8E2206B95} => pcalua.exe -a C:\Users\Marcos\Downloads\software_terminal_programador_maxcom\TerminalProgramadorMaxcom110701.exe -d C:\Users\Marcos\Downloads\software_terminal_programador_maxcom
Task: {2CC1D59F-AC3E-4533-833B-21B9E39832F3} - System32\Tasks\Systweak-Support-Dock => C:\Program Files\Systweak Support Dock\SystweakDock.exe
Task: {2D145EAF-EA46-4CE5-80D8-706D3D542588} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files\QQBrowser\Update\90FBF83FE4382ECC2675D2CFB2FA9F29\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ATENÇÃO
Task: {385644A3-2039-43BD-888A-A12C2F8008C2} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.)
Task: {399D9687-8730-4555-BF21-2EC29B1D7A13} - System32\Tasks\DNSBAHAMA => dnsbahama.exe <==== ATENÇÃO
Task: {431C2821-33CB-4CFC-BAE8-4A13A49B2FD4} - System32\Tasks\{5131F16B-826C-4257-983A-2734CA9B0511} => C:\Windows\twain_32\escndv\escndv.exe [2009-01-27] (SEIKO EPSON CORP.)
Task: {46C8913C-E240-4FDD-A936-1F96FB3D9E17} - System32\Tasks\{7EA4F5D8-84F6-4B7E-BDF2-AD01ED644FBD} => pcalua.exe -a E:\A050000T.exe -d E:\
Task: {5049F939-8651-4FEF-ADA8-EFDE63119C0B} - System32\Tasks\{5E93EEB7-49C1-41AA-8402-9FEF11400B4F} => pcalua.exe -a c:\users\marcos\appdata\local\lollipop_05300012\lollipop_05300012.bat
Task: {5BAAF363-AFD7-4493-81E0-372809E2E324} - System32\Tasks\Price Fountain => C:\Users\Marcos\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {63BCBAAF-955B-4FC7-BA8D-EABC93D611EF} - System32\Tasks\AppCloudUpdater => C:\Users\Marcos\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {693AEAFB-E961-4B6E-A1C5-DE0A289883ED} - System32\Tasks\{1E4A2DA8-11D8-40AF-9032-406F4B28ECFF} => pcalua.exe -a E:\R174366\Setup.exe -d E:\R174366
Task: {6A69E4ED-D9C5-4C77-993F-DBA55068BFE7} - System32\Tasks\{78E6442E-C553-4DCA-970A-3D5053F50D24} => pcalua.exe -a C:\Dell\Drivers\V91MY\2KXP\setup.exe -d C:\Dell\Drivers\V91MY\2KXP
Task: {6E61BE14-1800-429D-A63E-6DF422CDE707} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {73D84735-BAEE-4C5D-BEA4-F066F559EB3D} - System32\Tasks\{8BEF4D3C-C2A0-40F0-9E7C-1B4333BFC5F4} => pcalua.exe -a C:\Dell\Drivers\R253891\Setup.EXE -d C:\Dell\Drivers\R253891
Task: {77E01A61-F6C0-4AC1-806F-2DD2AA627281} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-04-14] (Easeware)
Task: {7DE574C5-F505-44F8-9697-C7F4D6BACB6D} - System32\Tasks\Microsoft\Windows\Apps\UpService => C:\ProgramData\UpService\UpService.exe [2015-12-24] () <==== ATENÇÃO
Task: {7F2FB6A2-284D-4A64-B693-08AF38EF5AE0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {7FF7759A-6D46-4BE0-8F83-BC4692D43A50} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {826998B6-5D65-4A6C-83C9-E0F8740947C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {83FDB628-6DF7-465F-88AF-51358002F79A} - System32\Tasks\{EE8335A2-3268-4F0F-AAF4-F1709526DCC2} => pcalua.exe -a "C:\Users\Marcos\Desktop\chipset INFs\chipset INFs\Ssetup.exe" -d "C:\Users\Marcos\Desktop\chipset INFs\chipset INFs"
Task: {87B048A5-79AE-4FE2-A247-14A8F00D9778} - System32\Tasks\{02B7C244-C256-47D9-9125-417A631596C5} => pcalua.exe -a "C:\Users\Marcos\AppData\Roaming\Easeware\DriverEasy\drivers\agvvnbcw.n0q\chipset INFs\chipset INFs\Ssetup.exe" -d "C:\Users\Marcos\AppData\Roaming\Easeware\DriverEasy\drivers\agvvnbcw.n0q\chipset INFs\chipset INFs"
Task: {8E93CC76-4831-4E39-811C-35771ADDB980} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-04-14] (Easeware)
Task: {91163B9E-DED9-4EA0-BE89-8545A8767732} - System32\Tasks\Dravsynlether Core => C:\Program Files\Dravsynlether\Drvcoretsk.exe [2016-04-22] ()
Task: {93A0B0AE-F53E-4046-8FCF-B4906D856779} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-04-16] ()
Task: {A8F51158-B622-4BEE-8DCB-993D69296479} - System32\Tasks\{15C3E1B0-B987-443B-AC27-FCA33A8BFA74} => pcalua.exe -a C:\Users\Marcos\Desktop\HXFSetup.exe -d C:\Users\Marcos\Desktop
Task: {B6E0DC59-2346-4B3D-B784-0A599CC8DBB4} - \Inst_Rep -> Nenhum Arquivo <==== ATENÇÃO
Task: {CABFFA64-BEA6-460A-BB52-D8876619C96B} - System32\Tasks\{5497F83B-352E-4461-928F-06BDF8FA3FE7} => pcalua.exe -a C:\Drivers\HXFSetup.exe -d C:\Drivers
Task: {D0D00F93-91FE-4804-8EB1-5EEE0D7AB4FC} - System32\Tasks\{C75C1525-B29E-46E3-B465-C489FCB4DFC2} => pcalua.exe -a C:\Dell\Drivers\R157674\DFUInstaller.exe -d C:\Dell\Drivers\R157674
Task: {DA79FA10-A650-482F-B6F1-4E6283A6F72D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {DDCC5E9D-31FD-431A-ABBB-E14898B52590} - System32\Tasks\{9A9E0091-41DD-4867-9C82-B7587A0A5243} => pcalua.exe -a C:\Dell\Drivers\R117967\2KXP\setup.exe -d C:\Dell\Drivers\R117967\2KXP
Task: {DF3B8812-13CB-47FA-B8D4-842786369E39} - System32\Tasks\{99492E2E-3630-409F-AAD6-5C2A7CEF31D8} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe" -d "C:\Arquivos de Programas RFB\IRPF2016"
Task: {E6CCFAF4-60AC-4AE4-BEEA-79ADB095DFE3} - System32\Tasks\PFExe => C:\Users\Marcos\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO
Task: {FA1C7D4B-1760-465F-A047-625079D3D165} - System32\Tasks\OKABEPSHNWPJMSKM => C:\ProgramData\Service5184\Service5184.exe [2016-04-23] () <==== ATENÇÃO
Task: {FC7A4E11-6311-4294-A2F3-48DB7959000D} - \svchost -> Nenhum Arquivo <==== ATENÇÃO
Task: {FFD22207-27FD-4E23-98EB-B413F11CA1AA} - System32\Tasks\Update Service for Torrent Search2 => C:\Program Files\Torrent Search\emYdFg1.exe <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AppCloudUpdater.job => C:\Users\Marcos\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OKABEPSHNWPJMSKM.job => C:\ProgramData\Service5184\Service5184.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\Marcos\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: C:\Windows\Tasks\Update Service for Torrent Search2.job => C:\Program Files\Torrent Search\emYdFg1.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/
==================== Módulos Carregados (Whitelisted) ==============
2013-10-28 14:23 - 2013-10-28 14:23 - 00026112 _____ () C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
2016-04-24 15:39 - 2001-10-29 01:42 - 00116224 _____ () C:\Windows\System32\pdfmonnt.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-24 14:31 - 2016-04-21 05:54 - 01745920 _____ () C:\ProgramData\service.exe
2014-07-28 11:31 - 2014-07-28 18:25 - 00321824 _____ () C:\Program Files\trolatunt\updatetrolatunt.exe
2014-07-28 14:24 - 2014-07-28 18:24 - 00321824 _____ () C:\Program Files\trolatunt\bin\utiltrolatunt.exe
2016-04-24 13:45 - 2016-04-24 13:46 - 00605184 _____ () C:\Program Files\SpaceSoundPro\idscservice.exe
2016-04-24 13:46 - 2016-04-24 13:50 - 03935232 _____ () C:\Program Files\SpaceSoundPro\idsccom_HKK.exe
2016-04-24 17:04 - 2016-04-24 13:55 - 01907200 _____ () C:\ProgramData\msiql.exe
2016-04-25 19:15 - 2016-04-25 11:47 - 01266688 _____ () c:\programdata\conhost51495.exe
2016-04-26 20:19 - 2016-04-26 20:20 - 00599904 _____ () c:\users\marcos\appdata\local\temp\24357\setup.exe
2016-04-26 20:19 - 2016-04-24 13:17 - 02363392 _____ () C:\Windows\TEMP\24301\tim.exe
2016-04-26 21:27 - 2016-04-26 21:27 - 00110064 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMAntiInject.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\zlib.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00482800 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\sqlite.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\tinyxml.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00040944 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00065008 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2016-04-26 21:27 - 2016-02-27 19:55 - 00036128 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\oDayProtect.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00122352 _____ () c:\program files\tencent\qqpcmgr\11.4.17339.217\qmrtpcontroller.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00137568 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\libexpatw.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 02156896 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\GF.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00092512 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\xGraphic32.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00342368 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\arkGraphic.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00045408 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\jgImage.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00158048 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\libpng.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00285024 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\libjpegturbo.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00014176 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\jgIOStub.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00194912 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\xImage.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00019440 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQFileFlt.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00163312 _____ () c:\program files\tencent\qqpcmgr\11.4.17339.217\qmhipslogpolicy.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00077296 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\MemDefrag.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00261616 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00379232 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\DlForQd.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00245232 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMWlanMacDll.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\zlib.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00137568 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libexpatw.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\tinyxml.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 02156896 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\GF.dll
2016-04-26 21:28 - 2016-04-26 21:28 - 00092512 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\xGraphic32.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00342368 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\arkGraphic.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00045408 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\jgImage.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00158048 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libpng.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00285024 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libjpegturbo.dll
2016-04-26 21:27 - 2016-04-26 21:27 - 00014176 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\jgIOStub.dll
2015-02-23 21:33 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\Marcos\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-02-23 21:33 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\Marcos\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8]
AlternateDataStreams: C:\Windows\System32:105D9771_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:105D9771_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [369]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2015-08-20 20:28 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1231958544-1669365884-389720028-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcos\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.163.143.185 - 82.163.142.185
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{17F3491F-85E2-49B6-AFE7-55105C064B48}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [UDP Query User{23881AD7-62FB-4B70-BE97-F618B2A54A35}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [TCP Query User{A8B638C2-FB4C-466D-846D-FAA3764F22BC}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Allow) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe
FirewallRules: [UDP Query User{39A06E1B-06DF-489A-9019-CAB9192343EE}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Allow) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe
FirewallRules: [TCP Query User{EE17C3F2-3E6C-4A66-9BC4-E3C6F75C2A6E}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [UDP Query User{5E1B4B93-6DA4-404C-8A03-F233E8674561}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [TCP Query User{A178B9E4-0530-4248-9357-EB0DEDC1A728}C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe] => (Block) C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe
FirewallRules: [UDP Query User{D696FDF6-2D08-425D-BA7B-4D8561624C68}C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe] => (Block) C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe
FirewallRules: [{CD1A7B6C-D4EB-4B56-876F-3118BB66B267}] => (Allow) C:\Users\Marcos\AppData\Local\Temp\12488\download\MiniThunderPlatform.exe
FirewallRules: [{67E223EB-D39F-4ACF-87A6-0A72F1358CA4}] => (Allow) C:\Users\Marcos\AppData\Local\Temp\12488\download\MiniThunderPlatform.exe
FirewallRules: [TCP Query User{05B1B79C-D6BE-401F-B41D-F85815A9201D}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Block) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe
FirewallRules: [UDP Query User{6A95B3BF-059D-4960-9DAB-CCD6487261F5}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Block) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe
FirewallRules: [{C6ACC528-A7F8-447E-9912-7A567420B018}] => (Allow) C:\Windows\TEMP\24678\download\MiniThunderPlatform.exe
FirewallRules: [{239FE33C-F7B1-478B-862F-20A1C70009BF}] => (Allow) C:\Windows\TEMP\24678\download\MiniThunderPlatform.exe
FirewallRules: [{0E5276BD-9E07-488C-A5E1-271C09CD7ED5}] => (Allow) C:\Windows\TEMP\24301\download\MiniThunderPlatform.exe
FirewallRules: [{1565D561-17AD-4440-9F0E-BC2FE5DCC82C}] => (Allow) C:\Windows\TEMP\24301\download\MiniThunderPlatform.exe
FirewallRules: [{44C8BE32-BD75-4657-8E1F-E158621B22DC}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCmgrInstallGuide.exe
FirewallRules: [{AAC12274-9A05-4076-B9A0-624BCFD62E86}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{D05CF982-BB98-4F05-9F01-9A6C77A511D4}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{F3BC230A-7A7F-4223-840E-38DB7E47BB21}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe
FirewallRules: [{8E684C30-C50B-4EEB-99F1-403F19BA5E09}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCMgr.exe
FirewallRules: [{B995202D-C221-4720-B1F8-AD69C41BD0BC}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe
FirewallRules: [{886F10A6-50AC-465D-8B8F-5D18D74A9548}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMDL.exe
FirewallRules: [{D8E65958-D105-4AEC-9D64-B037B4E11663}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\bugreport.exe
FirewallRules: [{3A65770A-0F03-4638-8A71-5D607BA1C48E}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCFileOpen.exe
FirewallRules: [{BD419893-D245-487F-BADC-9AD33AD98FB4}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCLeakScan.exe
FirewallRules: [{BC8C0EE0-6811-43D7-B83D-5EF2AD38CF0D}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPConfig.exe
FirewallRules: [{E8B41976-DD44-40D6-B28B-349B923AC410}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftMgr.exe
FirewallRules: [{05FB1913-4049-4252-8F0D-46660AF487CF}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{49D7197F-137E-4032-A740-C028477EB16A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCBTU.exe
FirewallRules: [{6AB25C56-CB14-4E1F-9EA9-EFE30E6CEFCA}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCClinic.exe
FirewallRules: [{1FEFBDB6-39A7-48A6-83AA-FCD5237CF1A2}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCLaunch.exe
FirewallRules: [{C2F20CEB-516F-403F-A23D-5CFB84AA260B}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{29BDB29B-5A78-4113-8F17-14403AA34286}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftGame.exe
FirewallRules: [{395AA3E8-E028-4DA7-81BE-12EFFACBAF60}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCSysOptimize.exe
FirewallRules: [{475D8775-046B-43AF-8175-49A266E9202A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCUpdateAVLib.exe
FirewallRules: [{A1D5C0CC-F260-40E2-B7A5-FC2A22AF9996}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQRepair.exe
FirewallRules: [{01D0E476-616A-4540-A933-D9AEE3E2FA97}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\Uninst.exe
FirewallRules: [{3C251BD3-53A2-4561-B6CE-DFE89C84548C}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCPatch.exe
FirewallRules: [{521A14AD-DE62-480E-869B-C8276FB496DD}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\TpkUpdate.exe
FirewallRules: [{B2AB8C9B-1959-4A7B-B62B-51872769CB17}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMRouterMgr.exe
FirewallRules: [{7607424C-4FAB-4C34-B1C4-53CFEC9CED61}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMAccountProtection.exe
FirewallRules: [{44445DFD-8441-44E6-A98F-57B3E43FD60A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMAdBlock.exe
==================== Pontos de Restauração =========================
04-04-2016 23:25:51 Windows Update
08-04-2016 22:32:59 Windows Update
12-04-2016 00:38:18 Windows Update
14-04-2016 03:00:43 Windows Update
16-04-2016 03:00:15 Windows Update
21-04-2016 12:07:07 Windows Update
24-04-2016 13:54:29 Windows Update
26-04-2016 00:08:31 Removed BlackBerry Device Software v7.1.0 para o smartphone BlackBerry 9860.
26-04-2016 00:11:23 Removed BlackBerry Device Software v7.1.0 para o smartphone BlackBerry 9860.
26-04-2016 00:15:49 Removed BlackBerry Device Software v7.1.0 para o smartphone BlackBerry 9860.
26-04-2016 00:24:58 Removed Bluetooth Stack for Windows by Toshiba.
26-04-2016 00:30:08 Removed Mediatek Bluetooth.
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Bnbase
Description: Bnbase
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bnbase
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Baidu NetDefense
Description: Baidu NetDefense
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bndef
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Baidu Protect
Description: Baidu Protect
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bprotect
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Adaptador de Túnel Teredo da Microsoft
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/26/2016 08:19:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: osmsg.exe, versão: 1.0.0.42, carimbo de hora: 0x57119990
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb2fd9
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00056aa4
Identificação do processo com falha: 0x1114
Hora de início do aplicativo com falha: 0xosmsg.exe0
Caminho do aplicativo com falha: osmsg.exe1
FCaminho do módulo de falhas: osmsg.exe2
Identificação do Relatório: osmsg.exe3
Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: O agente de extensão de log de eventos do SNMP não foi inicializado corretamente.
Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 1020) (User: )
Description: Erro ao processar parâmetros do Registro. O agente de extensão está sendo terminado.
Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: O agente de extensão de log de eventos do SNMP não foi inicializado corretamente.
Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 3003) (User: )
Description: Erro ao posicionar-se no final do arquivo de log -- não é possível obter o registro de log mais antigo. O identificador especificado é 4784148. O código de retorno de GetOldestEventLogRecord é 6.
Error: (04/25/2016 11:54:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/25/2016 11:54:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/25/2016 07:24:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: casrss.exe, versão: 2.0.0.30, carimbo de hora: 0x5715ce71
Nome do módulo de falhas: casrss.exe, versão: 2.0.0.30, carimbo de hora: 0x5715ce71
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000225c5
Identificação do processo com falha: 0x594
Hora de início do aplicativo com falha: 0xcasrss.exe0
Caminho do aplicativo com falha: casrss.exe1
FCaminho do módulo de falhas: casrss.exe2
Identificação do Relatório: casrss.exe3
Error: (04/24/2016 04:12:48 PM) (Source: Microsoft Office 12) (EventID: 2001) (User: )
Description: Rejected Safe Mode action : Microsoft Office PowerPoint.
Error: (04/23/2016 01:36:10 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1"1". Erro no arquivo de manifesto ou de diretiva Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1"2", na linha Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1".
A definição é Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Erros de Sistema:
=============
Error: (04/26/2016 09:44:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço WinZiper service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (04/26/2016 09:34:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2
Error: (04/26/2016 09:28:55 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço QQPCMgr RTP Service está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (04/26/2016 08:48:59 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 40.
Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas.
Nova Versão da Assinatura:
Versão da Assinatura Anterior: 115.57.0.0
Origem da Atualização: %AUTORIDADE NT51
Etapa da Atualização: 4.9.0218.00
Caminho de Origem: 4.9.0218.01
Tipo de Assinatura: %AUTORIDADE NT602
Tipo de Atualização: %AUTORIDADE NT604
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: %AUTORIDADE NT605
Versão do Mecanismo Anterior: %AUTORIDADE NT606
Código de Erro: %AUTORIDADE NT607
Descrição do erro: %AUTORIDADE NT608
Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas.
Nova Versão da Assinatura:
Versão da Assinatura Anterior: 1.217.2238.0
Origem da Atualização: %AUTORIDADE NT51
Etapa da Atualização: 4.9.0218.00
Caminho de Origem: 4.9.0218.01
Tipo de Assinatura: %AUTORIDADE NT602
Tipo de Atualização: %AUTORIDADE NT604
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: %AUTORIDADE NT605
Versão do Mecanismo Anterior: %AUTORIDADE NT606
Código de Erro: %AUTORIDADE NT607
Descrição do erro: %AUTORIDADE NT608
Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas.
Nova Versão da Assinatura:
Versão da Assinatura Anterior: 1.217.2238.0
Origem da Atualização: %AUTORIDADE NT51
Etapa da Atualização: 4.9.0218.00
Caminho de Origem: 4.9.0218.01
Tipo de Assinatura: %AUTORIDADE NT602
Tipo de Atualização: %AUTORIDADE NT604
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: %AUTORIDADE NT605
Versão do Mecanismo Anterior: %AUTORIDADE NT606
Código de Erro: %AUTORIDADE NT607
Descrição do erro: %AUTORIDADE NT608
Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas.
Nova Versão da Assinatura:
Versão da Assinatura Anterior: 1.217.2238.0
Origem da Atualização: %AUTORIDADE NT59
Etapa da Atualização: 4.9.0218.00
Caminho de Origem: 4.9.0218.01
Tipo de Assinatura: %AUTORIDADE NT602
Tipo de Atualização: %AUTORIDADE NT604
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: %AUTORIDADE NT605
Versão do Mecanismo Anterior: %AUTORIDADE NT606
Código de Erro: %AUTORIDADE NT607
Descrição do erro: %AUTORIDADE NT608
Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas.
Nova Versão da Assinatura:
Versão da Assinatura Anterior: 1.217.2238.0
Origem da Atualização: %AUTORIDADE NT59
Etapa da Atualização: 4.9.0218.00
Caminho de Origem: 4.9.0218.01
Tipo de Assinatura: %AUTORIDADE NT602
Tipo de Atualização: %AUTORIDADE NT604
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: %AUTORIDADE NT605
Versão do Mecanismo Anterior: %AUTORIDADE NT606
Código de Erro: %AUTORIDADE NT607
Descrição do erro: %AUTORIDADE NT608
Error: (04/26/2016 08:28:58 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 40.
CodeIntegrity:
===================================
Date: 2016-04-24 14:17:38.882
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:17:38.703
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:16:05.558
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:16:05.357
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:16:05.181
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:15:58.520
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:15:58.360
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:15:56.828
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:15:56.658
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 14:15:55.077
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Percentagem de memória em uso: 70%
RAM física total: 3318.44 MB
RAM física disponível: 982.65 MB
Virtual Total: 6635.21 MB
Virtual disponível: 4027.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.89 GB) (Free:130.04 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: DA721E51)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================