Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 17-12-2016
Executado por Nando (19-12-2016 18:54:37)
Executando a partir de C:\Users\Nando\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-12-08 01:32:43)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2510586213-2601899634-1993461919-500 - Administrator - Disabled)
Convidado (S-1-5-21-2510586213-2601899634-1993461919-501 - Limited - Disabled)
Lourival (S-1-5-21-2510586213-2601899634-1993461919-1002 - Limited - Enabled)
Nando (S-1-5-21-2510586213-2601899634-1993461919-1000 - Administrator - Enabled) => C:\Users\Nando
Thamiris (S-1-5-21-2510586213-2601899634-1993461919-1001 - Administrator - Enabled) => C:\Users\Thamiris.Nando-PC

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2510586213-2601899634-1993461919-1000\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
Desinstalar Impressora EPSON XP-211 214 216 Series (HKLM\...\EPSON XP-211 214 216 Series) (Version: - SEIKO EPSON Corporation)
Driver Easy 5.1.4 (HKLM\...\DriverEasy_is1) (Version: 5.1.4 - Easeware)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.0.6.909 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Microsoft .NET Framework 4.6.1 (PTB) (HKLM\...\{A4CA54C9-68EE-393F-B10F-9C44884312B0}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Hotfix Rollup (KB3146716) (HKLM\...\{E026AF51-E2EB-33CF-AC15-09308053FAA7}) (Version: 4.6.01078 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProplusRetail - pt-br) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2510586213-2601899634-1993461919-1000\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Project Professional 2016 - pt-br (HKLM\...\ProjectProRetail - pt-br) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Visio Professional 2016 - pt-br (HKLM\...\VisioProRetail - pt-br) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - )
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Pacote de Driver do Windows - Philips (SPC530) Image (05/21/2008 1.01.3.6650) (HKLM\...\F83654168F2669A249A823C6255ACB1405E1E04E) (Version: 05/21/2008 1.01.3.6650 - Philips)
Pacote de Driver do Windows - Philips CL (phaudlwr) MEDIA (05/07/2008 1.0.5.12) (HKLM\...\B31F51CEC37CADDD795736ABBB212C18FD2969A3) (Version: 05/07/2008 1.0.5.12 - Philips CL)
Pacote de Driver do Windows - Philips USB (05/21/2008 1.01.3.6650) (HKLM\...\FA64675F2B582DB559A1BE34C9F1F0208D44A7FE) (Version: 05/21/2008 1.01.3.6650 - Philips)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Painel de controle da NVIDIA 376.09 (Version: 376.09 - NVIDIA Corporation) Hidden
Philips SPC530NC Webcam (HKLM-x32\...\{C0F89603-69E7-4408-8D9C-35256481D785}) (Version: 1.00.000 - Philips)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warsaw 1.13.0.525 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.13.0.525 - GAS Tecnologia)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2510586213-2601899634-1993461919-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Nando\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileCoAuthLib64.dll (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {00DFBDAC-EF07-4E9E-B133-AACDEF9E9375} - System32\Tasks\{42A15B90-1D09-479E-903A-02FE26CFC169} => pcalua.exe -a C:\Users\Thamiris.Nando-PC\Downloads\GBPCEF.exe -d C:\Users\Thamiris.Nando-PC\Downloads -c admin_service
Task: {0D4A0FCD-8BA5-43B3-B489-0BFD8F51067C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {218938A9-9134-4A0C-90D6-99AB7F7AFA49} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-16] (Microsoft Corporation)
Task: {34DC0723-7805-42AC-B44B-AA1F5F5E52B0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-12-09] (AVAST Software)
Task: {4264C573-5828-4CCA-BB9A-3EB9AB0BAA25} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-08] (Google Inc.)
Task: {46F8519E-1865-4FEA-86D1-8A3C96FD1081} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-12-09] (AVAST Software)
Task: {47D5CB7A-F8DD-465E-998C-CF64586DE4BD} - System32\Tasks\SafeZone scheduled Autoupdate 1481322091 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {5FA77EB6-E0BF-45FB-AEAE-2710BC040992} - System32\Tasks\EPSON XP-211 214 216 Series Update {B8B04DAE-A516-4655-AF1C-EECE86BD42D5} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {6BEE0948-FF3F-4FD1-9B40-2E994985F5C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-16] (Microsoft Corporation)
Task: {B8E73F1B-8F41-4C0D-82D6-83C662D9EAA2} - System32\Tasks\AdobeAAMUpdater-1.0-Nando-PC-Nando => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {BC29CF3C-A045-401D-A7F3-5F5DA1C2A968} - System32\Tasks\EPSON XP-211 214 216 Series Invitation {B8B04DAE-A516-4655-AF1C-EECE86BD42D5} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {D63FFAA4-F711-4CC7-88EF-ABFF94608A10} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {EEA2B551-D0F0-44FC-9EB3-048FA9102383} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-08] (Google Inc.)
Task: {F8D7E769-8409-4770-B0B4-1EC9BE7D2EBC} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-11-16] (Easeware)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {B8B04DAE-A516-4655-AF1C-EECE86BD42D5}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE
Task: C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {B8B04DAE-A516-4655-AF1C-EECE86BD42D5}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE:/EXE:{B8B04DAE-A516-4655-AF1C-EECE86BD42D5} /F:UpdateSISTEMAĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2016-12-15 05:33 - 2016-12-15 05:33 - 01678560 _____ () C:\Users\Nando\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-12-14 19:15 - 2016-12-08 06:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 19:15 - 2016-12-08 06:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-09 20:13 - 2016-12-09 20:13 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-12-19 18:00 - 2016-12-19 18:00 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\16121901\algo.dll
2016-12-09 20:13 - 2016-12-09 20:13 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-12-19 18:44 - 2016-12-19 18:44 - 00098816 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32api.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00110080 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\pywintypes27.dll
2016-12-19 18:44 - 2016-12-19 18:44 - 00364544 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\pythoncom27.dll
2016-12-19 18:44 - 2016-12-19 18:44 - 00320512 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32com.shell.shell.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00914432 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\_hashlib.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 01176576 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\wx._core_.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00806400 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\wx._gdi_.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00816128 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\wx._windows_.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 01067008 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\wx._controls_.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00733184 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\wx._misc_.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00682496 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\pysqlite2._sqlite.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00088064 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\_ctypes.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00686080 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\unicodedata.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00119808 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32file.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00108544 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32security.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00007168 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\hashobjs_ext.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00017920 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\thumbnails_ext.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00088064 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\usb_ext.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00012800 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\common.time34.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00018432 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32event.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00167936 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32gui.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00046080 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\_socket.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 01303552 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\_ssl.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00128512 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\_elementtree.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00127488 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\pyexpat.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00038912 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32inet.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00036864 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\_psutil_windows.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00524248 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\windows._lib_cacheinvalidation.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00011264 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32crypt.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00123392 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\wx._wizard.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00077312 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\wx._html2.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00027648 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\_multiprocessing.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00020480 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\_yappi.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00035840 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32process.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00078848 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\wx._animate.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00024064 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32pipe.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00010240 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\select.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00025600 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32pdh.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00017408 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32profile.pyd
2016-12-19 18:44 - 2016-12-19 18:44 - 00022528 ____R () C:\Users\Nando\AppData\Local\Temp\_MEI31882\win32ts.pyd
2016-12-15 05:33 - 2016-12-15 05:33 - 01244376 _____ () C:\Users\Nando\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-12-09 20:13 - 2016-12-09 20:13 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\System32:FD3B4A5E_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:FD3B4A5E_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2166]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-2510586213-2601899634-1993461919-1000\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2510586213-2601899634-1993461919-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-2510586213-2601899634-1993461919-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:34 - 2009-06-10 19:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2510586213-2601899634-1993461919-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nando\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{9ADD2A3F-E183-41BF-9C01-4581C588A9F7}] => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FirewallRules: [{1B236A6C-AB88-4C9F-9A5B-3BFC9B31B6DA}] => c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{55819DC9-E99B-4898-9EC3-944F21F7A30F}] => c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{A70CB073-6CEE-41BC-A693-E13D43159564}] => C:\Users\Nando\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0F75908D-ADE9-43E8-92D9-563678B0AD68}] => C:\Users\Nando\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{88AFBF95-3840-4CDF-B4D4-48B55E77113C}] => C:\Users\Nando\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1181FA3E-CCAA-4DB4-9C22-B8D1D7C0E85C}] => C:\Users\Nando\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7ADAA663-6876-43C1-9C67-B9E980D059E6}] => C:\Users\Nando\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{58B7A0AC-3F63-4464-B254-584466394028}] => C:\Users\Nando\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{96D513A3-0385-4C1C-99AF-5F156A58F93C}] => C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{8F912221-AB1B-40AA-B7E7-3F1CD8720660}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{11916EE5-2452-438E-8090-EA996854BF9C}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{245E0FDE-DA12-44EF-967A-0ECFE1301F6A}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1C8FFB60-3947-4C6B-A8E3-3283BBB3E80C}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{13F61450-B1B1-4098-A666-E93CB713A53B}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9FC87F1D-CA22-4687-A69F-A8C6E616B5CC}] => C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{509B63DC-B468-451E-8BDF-A014A516B66B}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

13-12-2016 19:21:23 Instalação de Pacote de Driver de Dispositivo: Diebold Network Monitor Serviço de Rede

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Adaptador de Plataforma de Conectividade da Microsoft
Description: Adaptador de Plataforma de Conectividade da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel(R) PRO/Wireless 3945ABG Network Connection
Description: Intel(R) PRO/Wireless 3945ABG Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: netw5v64
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (12/19/2016 06:54:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SearchProtocolHost.exe, versão: 7.0.7601.17610, carimbo de hora: 0x4dc0d006
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb3625
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000025a9f
Identificação do processo com falha: 0x994
Hora de início do aplicativo com falha: 0x01d25a3a243286f3
Caminho do aplicativo com falha: C:\Windows\system32\SearchProtocolHost.exe
FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação do Relatório: 61f038bc-c62d-11e6-a79c-60a44c3c4e19

Error: (12/19/2016 06:54:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SearchProtocolHost.exe, versão: 7.0.7601.17610, carimbo de hora: 0x4dc0d006
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb3625
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000025a9f
Identificação do processo com falha: 0x1728
Hora de início do aplicativo com falha: 0x01d25a3a24147732
Caminho do aplicativo com falha: C:\Windows\system32\SearchProtocolHost.exe
FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação do Relatório: 61d165a9-c62d-11e6-a79c-60a44c3c4e19

Error: (12/19/2016 06:54:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SearchProtocolHost.exe, versão: 7.0.7601.17610, carimbo de hora: 0x4dc0d006
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb3625
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000025a9f
Identificação do processo com falha: 0xf3c
Hora de início do aplicativo com falha: 0x01d25a3a23eddbd2
Caminho do aplicativo com falha: C:\Windows\system32\SearchProtocolHost.exe
FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação do Relatório: 61ac9f0f-c62d-11e6-a79c-60a44c3c4e19

Error: (12/19/2016 06:54:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SearchProtocolHost.exe, versão: 7.0.7601.17610, carimbo de hora: 0x4dc0d006
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb3625
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000025a9f
Identificação do processo com falha: 0x9c0
Hora de início do aplicativo com falha: 0x01d25a3a23cd8218
Caminho do aplicativo com falha: C:\Windows\system32\SearchProtocolHost.exe
FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação do Relatório: 618a497e-c62d-11e6-a79c-60a44c3c4e19

Error: (12/19/2016 06:54:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SearchProtocolHost.exe, versão: 7.0.7601.17610, carimbo de hora: 0x4dc0d006
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb3625
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000025a9f
Identificação do processo com falha: 0x4a0
Hora de início do aplicativo com falha: 0x01d25a3a23b0d1ed
Caminho do aplicativo com falha: C:\Windows\system32\SearchProtocolHost.exe
FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação do Relatório: 616de774-c62d-11e6-a79c-60a44c3c4e19

Error: (12/19/2016 06:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SearchProtocolHost.exe, versão: 7.0.7601.17610, carimbo de hora: 0x4dc0d006
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb3625
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000025a9f
Identificação do processo com falha: 0x530
Hora de início do aplicativo com falha: 0x01d25a3a23924cfa
Caminho do aplicativo com falha: C:\Windows\system32\SearchProtocolHost.exe
FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação do Relatório: 614ffec4-c62d-11e6-a79c-60a44c3c4e19

Error: (12/19/2016 06:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SearchProtocolHost.exe, versão: 7.0.7601.17610, carimbo de hora: 0x4dc0d006
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb3625
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000025a9f
Identificação do processo com falha: 0x142c
Hora de início do aplicativo com falha: 0x01d25a3a23726873
Caminho do aplicativo com falha: C:\Windows\system32\SearchProtocolHost.exe
FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação do Relatório: 612fcc1b-c62d-11e6-a79c-60a44c3c4e19

Error: (12/19/2016 06:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SearchProtocolHost.exe, versão: 7.0.7601.17610, carimbo de hora: 0x4dc0d006
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb3625
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000025a9f
Identificação do processo com falha: 0x1750
Hora de início do aplicativo com falha: 0x01d25a3a2356a2ab
Caminho do aplicativo com falha: C:\Windows\system32\SearchProtocolHost.exe
FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação do Relatório: 61147b85-c62d-11e6-a79c-60a44c3c4e19

Error: (12/19/2016 06:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SearchProtocolHost.exe, versão: 7.0.7601.17610, carimbo de hora: 0x4dc0d006
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb3625
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000025a9f
Identificação do processo com falha: 0x1100
Hora de início do aplicativo com falha: 0x01d25a3a233ba036
Caminho do aplicativo com falha: C:\Windows\system32\SearchProtocolHost.exe
FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação do Relatório: 60f8b5bd-c62d-11e6-a79c-60a44c3c4e19

Error: (12/19/2016 06:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SearchProtocolHost.exe, versão: 7.0.7601.17610, carimbo de hora: 0x4dc0d006
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb3625
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000025a9f
Identificação do processo com falha: 0x634
Hora de início do aplicativo com falha: 0x01d25a3a2310e615
Caminho do aplicativo com falha: C:\Windows\system32\SearchProtocolHost.exe
FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação do Relatório: 60ce70ce-c62d-11e6-a79c-60a44c3c4e19


Erros de Sistema:
=============
Error: (12/19/2016 06:46:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (12/19/2016 06:46:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (12/19/2016 06:46:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (12/19/2016 06:46:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (12/19/2016 06:46:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (12/19/2016 06:46:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (12/19/2016 06:45:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (12/19/2016 06:45:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (12/19/2016 06:44:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (12/19/2016 06:44:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
gbpddfac
gbpddreg


CodeIntegrity:
===================================
Date: 2016-12-19 18:54:16.391
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-19 18:54:16.391
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-19 18:52:58.603
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-19 18:52:57.442
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-19 18:52:28.558
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-19 18:52:28.083
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-19 18:52:28.081
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-19 18:52:15.797
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-19 18:52:15.795
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-19 18:51:45.384
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Percentagem de memória em uso: 37%
RAM física total: 8128.17 MB
RAM física disponível: 5112.55 MB
Virtual Total: 16254.52 MB
Virtual disponível: 12678.37 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:780.81 GB) (Free:598.41 GB) NTFS
Drive d: (GAVETA) (Fixed) (Total:150.16 GB) (Free:122.62 GB) NTFS

==================== MBR & Tabela de Partições ==================

==================== Fim de Addition.txt ============================