Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 01-01-2017
Executado por sergio (04-01-2017 20:08:20)
Executando a partir de C:\Users\sergio\Desktop
Windows 10 Home Single Language Versão 1607 (X64) (2016-09-24 07:58:33)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2518590045-3561568936-4235645554-500 - Administrator - Disabled)
Convidado (S-1-5-21-2518590045-3561568936-4235645554-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2518590045-3561568936-4235645554-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2518590045-3561568936-4235645554-1003 - Limited - Enabled)
sergio (S-1-5-21-2518590045-3561568936-4235645554-1001 - Administrator - Enabled) => C:\Users\sergio
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Aplicativo Itaú (HKLM-x32\...\{A43DE586-3B07-4DC2-B40B-5D5C89B72931}) (Version: 1.0.70 - Banco Itaú)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 2.3.0.23 - Byte Technologies LLC) <==== ATENÇÃO
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Chromium (HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\Chromium) (Version: 51.0.2683.0 - Chromium)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CMS (HKLM-x32\...\CMS) (Version: - )
ControlAP II 1.3.5 (HKLM-x32\...\{A75A2559-40B0-4C25-A7ED-19D593F2A6E9}) (Version: 1.3.5 - OEM)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver 1.4.1 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.4.1 - OEM)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
H829 USB Hybrid ISDB-Tb 10.2.64.105 (HKLM-x32\...\H829 USB Hybrid ISDB-Tb) (Version: 10.2.64.105 - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intelbras Cloud FF Control v1.0.1.8 (HKLM-x32\...\{89AAD60A-82CF-4b9d-9C56-C9AEDEA533E9}}_is1) (Version: 1.0.1.8 - Intelbras S.A.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Malwarebytes versão 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pt-BR)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mundo Positivo Gerenciador de Inicialização (HKLM\...\{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1) (Version: 1.1.5.0 - Positivo Informática S.A.)
NetSurveillance (HKLM-x32\...\NetSurveillance) (Version: - )
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Opera Stable 42.0.2393.94 (HKLM-x32\...\Opera 42.0.2393.94) (Version: 42.0.2393.94 - Opera Software)
Player (HKLM-x32\...\Player) (Version: - )
POSITIVO TV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.21 - POSITIVO)
POSITIVO TV (x32 Version: 6.0.21 - POSITIVO) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7116 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0231 - REALTEK Semiconductor Corp.)
Sim Plus (HKLM-x32\...\Sim Plus) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VCW VicMan's Photo Editor 8.1 (HKLM-x32\...\VCW VicMan's Photo Editor_is1) (Version: - VicMan Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warsaw 1.11.1.24 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.1.24 - GAS Tecnologia)
Web Photo Album 1.1 (HKLM-x32\...\Web Photo Album_is1) (Version: - )
WhatsApp (HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
Wondershare Filmora(Build 6.8.2) (HKLM-x32\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2518590045-3561568936-4235645554-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {111CC5C5-12F1-4007-9A6C-4143D12557FF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35E6400D-8C99-4F48-9A55-734DD11BA4E6} - System32\Tasks\Opera scheduled Autoupdate 1482159875 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software)
Task: {6B634621-27FB-444B-9700-CE685EFE9E50} - System32\Tasks\{9A15C8B0-C336-4BA9-A5B4-14EE398DDA5F} => pcalua.exe -a C:\Users\sergio\AppData\Local\{7A554C09-5EFD-20B1-3365-0559170DF9C1}\uninstall.exe -c /Uninstall /s /noun /DelSelfDir
Task: {7F4469D3-8B17-43B4-A062-42C7B3E0273E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {872AFC86-E1D6-4626-966A-397DBD303739} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-04] (Microsoft Corporation)
Task: {9DA91EB2-753B-4E81-B2AA-66FADB7AA46F} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2016-06-20] (Byte Technologies LLC) <==== ATENÇÃO
Task: {A898D012-8FA6-43D0-8DE5-149A5B079A12} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {AA626CFC-A170-4F8E-901C-31A0DAA09A20} - System32\Tasks\{4E4A80B2-1ED1-A00A-B1F3-5D16D1504FCF} => C:\Users\sergio\AppData\Local\{2FF11~1\UNINST~1.EXE <==== ATENÇÃO
Task: {AC0645F1-AF73-4AF6-9851-AB574DD72CD0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {B86E34A4-CF76-4968-A4E1-0F72BD9ADE78} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-19] (Google Inc.)
Task: {EA211B70-1071-488E-88FE-13704FFEB106} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-19] (Google Inc.)
Task: {ED96D244-57B6-408E-BFCD-2A15BE83C717} - System32\Tasks\{10F849FB-0DB6-DC17-9771-3D32A351E97D} => C:\Users\sergio\AppData\Roaming\{04CB3~1\Updater.exe [2013-04-10] () <==== ATENÇÃO
Task: {F2268109-7574-414B-9454-E037FBE63ABF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-24] (Adobe Systems Incorporated)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\{10F849FB-0DB6-DC17-9771-3D32A351E97D}.job =>
Task: C:\WINDOWS\Tasks\{4E4A80B2-1ED1-A00A-B1F3-5D16D1504FCF}.job =>
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-07-30 22:52 - 2009-12-06 13:13 - 00397312 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2016-12-23 19:53 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-23 19:53 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-12-23 19:53 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-16 09:42 - 2016-07-16 09:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 13:29 - 2016-12-09 08:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 13:29 - 2016-12-09 08:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 13:29 - 2016-12-09 08:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-24 06:08 - 2016-09-24 06:08 - 01864384 _____ () C:\Users\sergio\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-24 20:53 - 2016-09-07 02:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-14 13:28 - 2016-12-09 07:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-12-14 13:34 - 2016-12-14 13:35 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 13:34 - 2016-12-14 13:35 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 13:34 - 2016-12-14 13:35 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 13:34 - 2016-12-14 13:35 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-23 10:06 - 2016-11-23 10:07 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 10:06 - 2016-11-23 10:07 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-11 19:56 - 2016-06-11 19:58 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 10:06 - 2016-11-23 10:07 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 10:06 - 2016-11-23 10:07 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-11-10 23:06 - 2016-11-02 08:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-10 23:06 - 2016-11-02 08:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-10 23:06 - 2016-11-02 08:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-10 23:06 - 2016-11-02 08:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-10 23:06 - 2016-11-02 08:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-10 23:06 - 2016-11-02 08:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-15 18:26 - 2016-11-15 18:26 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2015-04-13 11:57 - 2015-04-13 11:57 - 00143296 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2015-04-13 12:00 - 2015-04-13 12:00 - 02631616 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\caixa.gov.br -> imagem.caixa.gov.br
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 11:25 - 2016-12-24 08:45 - 00002024 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Existem ainda 4 mais linhas.
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sergio\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{aafa2378-591b-44f8-87d6-f54e5d756c1c}.jpg
DNS Servers: 177.75.161.22 - 187.85.146.30
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\StartupApproved\Run: => "DelayShred"
HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\StartupApproved\Run: => "ares"
HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{24DB85B6-0678-43BE-BD36-39B67E5777DD}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{4F2F8A0B-1B63-494E-9395-77A7D1010B55}] => C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{0B868557-8542-434C-9D57-0F21A0BA62C4}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{77849442-5BED-433C-8738-9612E575DF42}] => LPort=2869
FirewallRules: [{4B5F3FB9-1B5B-462C-9387-069E95CB1022}] => LPort=1900
FirewallRules: [{E66F359F-09A1-4CFE-8515-F6753FBBE39A}] => C:\Users\sergio\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{56925827-C4D7-4F89-91FB-99D5758185F4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C71EE132-D702-4988-9D81-DA18D21E30D1}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9B85C7B1-83C8-47C1-BDD2-D6EF7B2D780E}C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe] => C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe
FirewallRules: [UDP Query User{62A6DFE8-19B6-4F0D-A1B4-3E614D5D966F}C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe] => C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe
FirewallRules: [TCP Query User{459D0100-C9E2-4941-8CFD-631B3FF313B7}C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe] => C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe
FirewallRules: [UDP Query User{818ADFB6-560E-4A94-8601-BCEE28289E6C}C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe] => C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe
FirewallRules: [TCP Query User{D4E4E25D-B3FC-4D9D-99C8-E46C382CCB80}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe
FirewallRules: [UDP Query User{55748A87-E82A-46EA-97C1-A6285AB989CF}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe
FirewallRules: [TCP Query User{FCBECB5F-0A20-4009-8AF7-5648BBB729DA}C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe] => C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe
FirewallRules: [UDP Query User{99FAC801-75A1-44FB-BF73-78CE845DC8AC}C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe] => C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe
FirewallRules: [TCP Query User{08AE1C11-CA48-4957-9793-33CC0CC8CF0A}C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe] => C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe
FirewallRules: [UDP Query User{BA933E40-5261-41A4-9DFA-EF7307995AB5}C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe] => C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe
FirewallRules: [TCP Query User{72264D86-FDFE-4428-9302-7F4AC0018377}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe
FirewallRules: [UDP Query User{8C9F5721-56D7-4524-931B-C4C32BCBFFFF}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe
FirewallRules: [{AA020F03-FF6C-499B-9F72-0CD02D06E164}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
11-12-2016 10:33:27 Windows Update
14-12-2016 17:44:32 Windows Update
24-12-2016 14:30:00 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/04/2017 07:59:37 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/03/2017 04:29:08 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/03/2017 12:19:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x133c
Hora de início do aplicativo com falha: 0x01d265cc6df32b06
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 7c85fafa-8274-4ec9-8e0b-0f551d759b28
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x2764
Hora de início do aplicativo com falha: 0x01d265cc6db906c1
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 427bab43-94da-4711-ac1c-9165a9050a20
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x10b4
Hora de início do aplicativo com falha: 0x01d265cc6dd428c6
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: a1e24e7d-4bb0-4df5-8979-b5141f8384f4
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x133c
Hora de início do aplicativo com falha: 0x01d265cc6df32b06
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 0ccbc2c9-b0c2-4fab-9fc3-104acd24bc19
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x2764
Hora de início do aplicativo com falha: 0x01d265cc6db906c1
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 9f3340de-b7a3-478c-8e99-5aec8827fbfd
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x10b4
Hora de início do aplicativo com falha: 0x01d265cc6dd428c6
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: ea238ee4-2b00-4b88-b743-0ec646084e49
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x133c
Hora de início do aplicativo com falha: 0x01d265cc6df32b06
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 687e9cb5-6b28-44b5-b81e-975b8bb73034
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x10b4
Hora de início do aplicativo com falha: 0x01d265cc6dd428c6
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 641fb2f1-7faf-41ce-bc15-449cc0cdb9aa
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Erros de Sistema:
=============
Error: (01/02/2017 09:24:19 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (01/02/2017 09:21:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (01/02/2017 09:21:20 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/24/2016 09:05:53 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Serviço de Associação de Dispositivo, mas essa ação falhou com o seguinte erro:
Uma cópia deste serviço já está sendo executada.
Error: (12/24/2016 09:04:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Agente de Conexão de Rede, mas essa ação falhou com o seguinte erro:
Uma cópia deste serviço já está sendo executada.
Error: (12/24/2016 09:04:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Driver Foundation - Estrutura do Driver de Modo de Usuário foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.
Error: (12/24/2016 09:04:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Host do Sistema de Diagnósticos foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (12/24/2016 09:04:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Cliente de rastreamento de link distribuído foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.
Error: (12/24/2016 09:04:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Superfetch foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (12/24/2016 09:04:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Serviço de Armazenamento foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-12-24 09:04:09.348
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-20 12:15:10.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-15 09:40:11.855
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-13 09:28:50.404
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-09 09:24:15.794
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-13 09:50:07.422
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-12 09:26:15.112
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-11 08:51:24.447
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 08:29:48.458
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-31 08:38:06.777
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Celeron(R) CPU N2807 @ 1.58GHz
Percentagem de memória em uso: 72%
RAM física total: 3985.11 MB
RAM física disponível: 1090.04 MB
Virtual Total: 5699.3 MB
Virtual disponível: 1854.42 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:449.96 GB) (Free:123.72 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 30525FF0)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por sergio (04-01-2017 20:08:20)
Executando a partir de C:\Users\sergio\Desktop
Windows 10 Home Single Language Versão 1607 (X64) (2016-09-24 07:58:33)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2518590045-3561568936-4235645554-500 - Administrator - Disabled)
Convidado (S-1-5-21-2518590045-3561568936-4235645554-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2518590045-3561568936-4235645554-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2518590045-3561568936-4235645554-1003 - Limited - Enabled)
sergio (S-1-5-21-2518590045-3561568936-4235645554-1001 - Administrator - Enabled) => C:\Users\sergio
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Aplicativo Itaú (HKLM-x32\...\{A43DE586-3B07-4DC2-B40B-5D5C89B72931}) (Version: 1.0.70 - Banco Itaú)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 2.3.0.23 - Byte Technologies LLC) <==== ATENÇÃO
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Chromium (HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\Chromium) (Version: 51.0.2683.0 - Chromium)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CMS (HKLM-x32\...\CMS) (Version: - )
ControlAP II 1.3.5 (HKLM-x32\...\{A75A2559-40B0-4C25-A7ED-19D593F2A6E9}) (Version: 1.3.5 - OEM)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver 1.4.1 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.4.1 - OEM)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
H829 USB Hybrid ISDB-Tb 10.2.64.105 (HKLM-x32\...\H829 USB Hybrid ISDB-Tb) (Version: 10.2.64.105 - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intelbras Cloud FF Control v1.0.1.8 (HKLM-x32\...\{89AAD60A-82CF-4b9d-9C56-C9AEDEA533E9}}_is1) (Version: 1.0.1.8 - Intelbras S.A.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Malwarebytes versão 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pt-BR)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mundo Positivo Gerenciador de Inicialização (HKLM\...\{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1) (Version: 1.1.5.0 - Positivo Informática S.A.)
NetSurveillance (HKLM-x32\...\NetSurveillance) (Version: - )
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Opera Stable 42.0.2393.94 (HKLM-x32\...\Opera 42.0.2393.94) (Version: 42.0.2393.94 - Opera Software)
Player (HKLM-x32\...\Player) (Version: - )
POSITIVO TV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.21 - POSITIVO)
POSITIVO TV (x32 Version: 6.0.21 - POSITIVO) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7116 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0231 - REALTEK Semiconductor Corp.)
Sim Plus (HKLM-x32\...\Sim Plus) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VCW VicMan's Photo Editor 8.1 (HKLM-x32\...\VCW VicMan's Photo Editor_is1) (Version: - VicMan Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warsaw 1.11.1.24 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.1.24 - GAS Tecnologia)
Web Photo Album 1.1 (HKLM-x32\...\Web Photo Album_is1) (Version: - )
WhatsApp (HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
Wondershare Filmora(Build 6.8.2) (HKLM-x32\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2518590045-3561568936-4235645554-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {111CC5C5-12F1-4007-9A6C-4143D12557FF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35E6400D-8C99-4F48-9A55-734DD11BA4E6} - System32\Tasks\Opera scheduled Autoupdate 1482159875 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software)
Task: {6B634621-27FB-444B-9700-CE685EFE9E50} - System32\Tasks\{9A15C8B0-C336-4BA9-A5B4-14EE398DDA5F} => pcalua.exe -a C:\Users\sergio\AppData\Local\{7A554C09-5EFD-20B1-3365-0559170DF9C1}\uninstall.exe -c /Uninstall /s /noun /DelSelfDir
Task: {7F4469D3-8B17-43B4-A062-42C7B3E0273E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {872AFC86-E1D6-4626-966A-397DBD303739} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-04] (Microsoft Corporation)
Task: {9DA91EB2-753B-4E81-B2AA-66FADB7AA46F} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2016-06-20] (Byte Technologies LLC) <==== ATENÇÃO
Task: {A898D012-8FA6-43D0-8DE5-149A5B079A12} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {AA626CFC-A170-4F8E-901C-31A0DAA09A20} - System32\Tasks\{4E4A80B2-1ED1-A00A-B1F3-5D16D1504FCF} => C:\Users\sergio\AppData\Local\{2FF11~1\UNINST~1.EXE <==== ATENÇÃO
Task: {AC0645F1-AF73-4AF6-9851-AB574DD72CD0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {B86E34A4-CF76-4968-A4E1-0F72BD9ADE78} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-19] (Google Inc.)
Task: {EA211B70-1071-488E-88FE-13704FFEB106} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-19] (Google Inc.)
Task: {ED96D244-57B6-408E-BFCD-2A15BE83C717} - System32\Tasks\{10F849FB-0DB6-DC17-9771-3D32A351E97D} => C:\Users\sergio\AppData\Roaming\{04CB3~1\Updater.exe [2013-04-10] () <==== ATENÇÃO
Task: {F2268109-7574-414B-9454-E037FBE63ABF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-24] (Adobe Systems Incorporated)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\{10F849FB-0DB6-DC17-9771-3D32A351E97D}.job =>
Task: C:\WINDOWS\Tasks\{4E4A80B2-1ED1-A00A-B1F3-5D16D1504FCF}.job =>
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-07-30 22:52 - 2009-12-06 13:13 - 00397312 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2016-12-23 19:53 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-23 19:53 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-12-23 19:53 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-16 09:42 - 2016-07-16 09:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 13:29 - 2016-12-09 08:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 13:29 - 2016-12-09 08:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 13:29 - 2016-12-09 08:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-24 06:08 - 2016-09-24 06:08 - 01864384 _____ () C:\Users\sergio\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-24 20:53 - 2016-09-07 02:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-14 13:28 - 2016-12-09 07:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-12-14 13:34 - 2016-12-14 13:35 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 13:34 - 2016-12-14 13:35 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 13:34 - 2016-12-14 13:35 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 13:34 - 2016-12-14 13:35 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-23 10:06 - 2016-11-23 10:07 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 10:06 - 2016-11-23 10:07 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-11 19:56 - 2016-06-11 19:58 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 10:06 - 2016-11-23 10:07 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 10:06 - 2016-11-23 10:07 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-11-10 23:06 - 2016-11-02 08:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-10 23:06 - 2016-11-02 08:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-10 23:06 - 2016-11-02 08:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-10 23:06 - 2016-11-02 08:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-10 23:06 - 2016-11-02 08:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-10 23:06 - 2016-11-02 08:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-15 18:26 - 2016-11-15 18:26 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2015-04-13 11:57 - 2015-04-13 11:57 - 00143296 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2015-04-13 12:00 - 2015-04-13 12:00 - 02631616 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\caixa.gov.br -> imagem.caixa.gov.br
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 11:25 - 2016-12-24 08:45 - 00002024 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Existem ainda 4 mais linhas.
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sergio\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{aafa2378-591b-44f8-87d6-f54e5d756c1c}.jpg
DNS Servers: 177.75.161.22 - 187.85.146.30
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\StartupApproved\Run: => "DelayShred"
HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\StartupApproved\Run: => "ares"
HKU\S-1-5-21-2518590045-3561568936-4235645554-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{24DB85B6-0678-43BE-BD36-39B67E5777DD}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{4F2F8A0B-1B63-494E-9395-77A7D1010B55}] => C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{0B868557-8542-434C-9D57-0F21A0BA62C4}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{77849442-5BED-433C-8738-9612E575DF42}] => LPort=2869
FirewallRules: [{4B5F3FB9-1B5B-462C-9387-069E95CB1022}] => LPort=1900
FirewallRules: [{E66F359F-09A1-4CFE-8515-F6753FBBE39A}] => C:\Users\sergio\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{56925827-C4D7-4F89-91FB-99D5758185F4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C71EE132-D702-4988-9D81-DA18D21E30D1}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9B85C7B1-83C8-47C1-BDD2-D6EF7B2D780E}C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe] => C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe
FirewallRules: [UDP Query User{62A6DFE8-19B6-4F0D-A1B4-3E614D5D966F}C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe] => C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe
FirewallRules: [TCP Query User{459D0100-C9E2-4941-8CFD-631B3FF313B7}C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe] => C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe
FirewallRules: [UDP Query User{818ADFB6-560E-4A94-8601-BCEE28289E6C}C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe] => C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe
FirewallRules: [TCP Query User{D4E4E25D-B3FC-4D9D-99C8-E46C382CCB80}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe
FirewallRules: [UDP Query User{55748A87-E82A-46EA-97C1-A6285AB989CF}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe
FirewallRules: [TCP Query User{FCBECB5F-0A20-4009-8AF7-5648BBB729DA}C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe] => C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe
FirewallRules: [UDP Query User{99FAC801-75A1-44FB-BF73-78CE845DC8AC}C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe] => C:\program files (x86)\intelbras\sim plus\sim plus\simplus.exe
FirewallRules: [TCP Query User{08AE1C11-CA48-4957-9793-33CC0CC8CF0A}C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe] => C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe
FirewallRules: [UDP Query User{BA933E40-5261-41A4-9DFA-EF7307995AB5}C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe] => C:\program files (x86)\intelbras\sim plus\pc-nvr\challenge.exe
FirewallRules: [TCP Query User{72264D86-FDFE-4428-9302-7F4AC0018377}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe
FirewallRules: [UDP Query User{8C9F5721-56D7-4524-931B-C4C32BCBFFFF}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe
FirewallRules: [{AA020F03-FF6C-499B-9F72-0CD02D06E164}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
11-12-2016 10:33:27 Windows Update
14-12-2016 17:44:32 Windows Update
24-12-2016 14:30:00 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/04/2017 07:59:37 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/03/2017 04:29:08 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/03/2017 12:19:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x133c
Hora de início do aplicativo com falha: 0x01d265cc6df32b06
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 7c85fafa-8274-4ec9-8e0b-0f551d759b28
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x2764
Hora de início do aplicativo com falha: 0x01d265cc6db906c1
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 427bab43-94da-4711-ac1c-9165a9050a20
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x10b4
Hora de início do aplicativo com falha: 0x01d265cc6dd428c6
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: a1e24e7d-4bb0-4df5-8979-b5141f8384f4
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x133c
Hora de início do aplicativo com falha: 0x01d265cc6df32b06
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 0ccbc2c9-b0c2-4fab-9fc3-104acd24bc19
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x2764
Hora de início do aplicativo com falha: 0x01d265cc6db906c1
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 9f3340de-b7a3-478c-8e99-5aec8827fbfd
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x10b4
Hora de início do aplicativo com falha: 0x01d265cc6dd428c6
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: ea238ee4-2b00-4b88-b743-0ec646084e49
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x133c
Hora de início do aplicativo com falha: 0x01d265cc6df32b06
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 687e9cb5-6b28-44b5-b81e-975b8bb73034
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (01/03/2017 12:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.82, carimbo de data/hora: 0x57a55786
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000604
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x10b4
Hora de início do aplicativo com falha: 0x01d265cc6dd428c6
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: unknown
ID do Relatório: 641fb2f1-7faf-41ce-bc15-449cc0cdb9aa
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Erros de Sistema:
=============
Error: (01/02/2017 09:24:19 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (01/02/2017 09:21:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (01/02/2017 09:21:20 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/24/2016 09:05:53 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Serviço de Associação de Dispositivo, mas essa ação falhou com o seguinte erro:
Uma cópia deste serviço já está sendo executada.
Error: (12/24/2016 09:04:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Agente de Conexão de Rede, mas essa ação falhou com o seguinte erro:
Uma cópia deste serviço já está sendo executada.
Error: (12/24/2016 09:04:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Driver Foundation - Estrutura do Driver de Modo de Usuário foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.
Error: (12/24/2016 09:04:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Host do Sistema de Diagnósticos foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (12/24/2016 09:04:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Cliente de rastreamento de link distribuído foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.
Error: (12/24/2016 09:04:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Superfetch foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (12/24/2016 09:04:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Serviço de Armazenamento foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-12-24 09:04:09.348
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-20 12:15:10.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-15 09:40:11.855
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-13 09:28:50.404
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-09 09:24:15.794
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-13 09:50:07.422
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-12 09:26:15.112
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-11 08:51:24.447
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 08:29:48.458
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-31 08:38:06.777
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Celeron(R) CPU N2807 @ 1.58GHz
Percentagem de memória em uso: 72%
RAM física total: 3985.11 MB
RAM física disponível: 1090.04 MB
Virtual Total: 5699.3 MB
Virtual disponível: 1854.42 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:449.96 GB) (Free:123.72 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 30525FF0)
Partition: GPT.
==================== Fim de Addition.txt ============================