Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-03-2017
Executado por malu__000 (29-03-2017 13:35:12)
Executando a partir de C:\Users\malu__000\Downloads
Windows 8.1 (X64) (2014-12-22 15:45:51)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1914102242-455246035-2391317491-500 - Administrator - Enabled) => C:\Users\Administrador
Convidado (S-1-5-21-1914102242-455246035-2391317491-501 - Limited - Disabled)
malu__000 (S-1-5-21-1914102242-455246035-2391317491-1004 - Limited - Enabled) => C:\Users\malu__000
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adolix Split and Merge PDF v2.1 (HKLM-x32\...\Adolix Split and Merge PDF_is1) (Version: - Adolix Software)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Booking.com version 1.1.0.5019 (HKLM-x32\...\{958A475F-037D-401A-AC05-209725973E11}_is1) (Version: 1.1.0.5019 - Booking.com) <==== ATENÇÃO
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Classic Shell (HKLM\...\{7F34ADBE-77C0-47A0-BBC6-B3DA16CE8E68}) (Version: 3.6.7 - IvoSoft)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.3.0.4908 - DLL-Files.com Client)
Doro 1.92 (HKLM-x32\...\Doro_is1) (Version: - CompSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
K-Lite Codec Pack 10.9.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
Mozilla Firefox 50.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 pt-BR)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Popcorn-Time (HKU\S-1-5-21-1914102242-455246035-2391317491-1004\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
QuickTime Alternative 3.2.0 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.0 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
SafeSign 64-bits (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.87 - A.E.T. Europe B.V.)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
Scansoft PDF Professional (x32 Version: - ) Hidden
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.4.1102.0 - Seagate)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Spotify (HKU\S-1-5-21-1914102242-455246035-2391317491-1004\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.0.1 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsaw 1.15.1.61 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.15.1.61 - GAS Tecnologia)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\0615piUpdateInfo.job =>
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2010-01-30 01:40 - 2010-01-30 01:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-03-22 18:14 - 2017-03-22 18:14 - 00092472 _____ () C:\Program Files (x86)\zlib1.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 01354040 _____ () C:\Program Files (x86)\libxml2.dll
2017-03-28 14:18 - 2017-03-16 01:11 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\libglesv2.dll
2017-03-28 14:18 - 2017-03-16 01:11 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2022]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1914102242-455246035-2391317491-1004\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1914102242-455246035-2391317491-1004\...\bb.com.br -> hxxps://seg.bb.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2015-02-05 18:42 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1914102242-455246035-2391317491-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\malu__000\Pictures\sereia.jpg
DNS Servers: 192.168.208.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "DBAgent"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B629CC0C-DE35-4E0A-9507-028CE924E783}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{95841E2D-3EEA-4C52-8CBF-D1504D3AA784}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{2C171F52-3F2E-4EEB-B827-C8D815AEAEF1}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{11FF6F95-4BCE-4C26-B429-BC1C79FD7F88}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{04746BB1-7ED5-45D6-AB7A-3114725F3B0D}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{0DB4C620-2BA7-4BE1-9E43-94DD3C89F4B1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{538752EF-A7E3-403F-97CE-11E4851BFEE6}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{0DEF5F82-AD3E-404D-9B03-48BB8DC08AA3}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A3622EBE-80EA-478E-80ED-04C4697A233C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{16F66AC5-A5AD-48C5-82A3-443CEDBFFFFC}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{EA67E099-0F3A-4DF0-B1C3-5CC95F45E531}] => (Allow) LPort=54925
FirewallRules: [{7AA0C59C-0F02-4666-940D-EBF30C5BAA11}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{1D7F47DC-185F-4084-B586-0FB166FA2CAF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{5970445A-0733-4A2B-816E-BAECC5925D20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FDF1E841-9130-4D04-8069-4E98927E2237}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{58C4B119-23B9-4BAA-BA30-6D54BA038C20}] => (Allow) LPort=1689
FirewallRules: [TCP Query User{355A5B81-1476-4CB0-AE26-86D0A097FC2E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{57CA61AD-AFA6-49E8-8AC4-EBC7D0FDFE05}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{18F1E3D7-2521-48E5-8286-CE69AEE86757}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{C9A83ADE-CE30-4E34-BF04-585A6C078D3A}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{4071ED4F-F8A0-416B-A5D3-5D60EC9FECAD}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [TCP Query User{33450E60-AE57-46D1-A653-D232DA3EE8EA}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Block) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [UDP Query User{1B506B40-15D3-4E93-9725-CFE333C310EB}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Block) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [{1BEE2C2C-FF81-4A2B-BE74-1A19865B01F9}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{3E11A40D-9029-42EE-A9E4-48AC08E9E2F6}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{587FFF73-B8B5-47F7-BFC5-F0333A8FB093}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{682A87D3-DB07-4760-B417-1D7A9F97C094}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{725980CF-3BB4-4799-A68C-4B2CA5DCC368}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{4C95BA95-D44C-4234-A091-91B4B89628DB}] => (Allow) LPort=1689
FirewallRules: [{5FFB54B5-5CB7-4165-B788-6B11B3B70EDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{622A7B28-3965-4DCC-8786-BBACC93C9C9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A0ECC4A5-0422-4994-BA56-A773EEFFE3A4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CD7676CD-B90A-414F-B360-49E6CD47A8C4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{503EA773-8C8A-40A4-BA7C-96E7619618D6}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{34BBFC0A-B291-4282-9061-107E94C541BB}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{23821D9F-59EE-4C4A-ABCC-423993418BA5}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{24F1DFAD-5619-470B-8C44-40F4C3B85853}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{DF8E26B3-AF2D-4845-89E7-58596C39A283}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{881B9004-DBBB-4B0E-9A4C-97EB9A1874E2}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{330A8438-FD25-4FE8-A36A-B6F414C3E3B5}C:\users\user\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\user\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [UDP Query User{CB0FA569-82C4-445C-AD74-3705154FF954}C:\users\user\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\user\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [{5BC70133-6C65-4D52-96AC-9D835C9D0059}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E9EC63E5-C3F1-4E65-8C1D-9801BE9DF804}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9AC09A63-264E-4D08-B460-6A7969FF23D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7D8E3019-18A2-4C1B-A7CB-3AC1AFE6E343}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35F3B295-8C88-4E9E-86E4-7E87D87403A4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4D5ABC53-2450-46CD-A6BA-1AB19B14DC56}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561_0\SZBrowser.exe
FirewallRules: [TCP Query User{AC7B3C6C-6841-4EC0-8008-32ACABDBD77B}C:\users\malu__000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\malu__000\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{036F31E7-77B7-468E-818A-E5C08934C88C}C:\users\malu__000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\malu__000\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DED68F5F-86D1-4921-9107-3C6A10C2A48C}] => (Block) C:\users\malu__000\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9F612920-BA1F-4064-8E9F-3C25B70F8705}] => (Block) C:\users\malu__000\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7920E000-7C44-4E32-95D4-76D1C3B9CDD8}C:\users\malu__000\appdata\local\popcorn-time\popcorn-time.exe] => (Block) C:\users\malu__000\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [UDP Query User{3FC18E0F-7773-4996-951A-EF872D00774B}C:\users\malu__000\appdata\local\popcorn-time\popcorn-time.exe] => (Block) C:\users\malu__000\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [{BF6FD113-BACE-4274-AECB-68359577D27C}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590_0\SZBrowser.exe
FirewallRules: [{42221239-B4C7-4734-8F56-6EED87414199}] => (Allow) C:\Program Files (x86)\iTunes.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
Cheque o serviço "winmgmt" ou repare o WMI.
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Maria.local already in use; will try Maria-2.local instead
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Maria.local. Addr 192.168.208.47
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.167.34:5353 4 Maria.local. Addr 169.254.167.34
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Maria.local. AAAA FE80:0000:0000:0000:452D:7F9C:5E59:792F
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.167.34:5353 4 Maria.local. Addr 169.254.167.34
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Maria.local. Addr 192.168.208.47
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.167.34:5353 4 Maria.local. Addr 169.254.167.34
Error: (03/29/2017 01:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7438
Error: (03/29/2017 01:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7438
Error: (03/29/2017 01:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Erros de Sistema:
=============
Error: (03/29/2017 01:14:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/29/2017 01:10:27 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:27 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:27 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:26 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:25 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:24 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:24 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:24 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:23 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
CodeIntegrity:
===================================
Date: 2017-03-27 23:28:38.238
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:37.414
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:36.952
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:36.483
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:35.772
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:35.339
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:34.874
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:34.431
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:33.991
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:33.566
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Percentagem de memória em uso: 51%
RAM física total: 3977.88 MB
RAM física disponível: 1912.84 MB
Virtual Total: 4809.88 MB
Virtual disponível: 2366.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.29 GB) (Free:611.26 GB) NTFS
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================
Executado por malu__000 (29-03-2017 13:35:12)
Executando a partir de C:\Users\malu__000\Downloads
Windows 8.1 (X64) (2014-12-22 15:45:51)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1914102242-455246035-2391317491-500 - Administrator - Enabled) => C:\Users\Administrador
Convidado (S-1-5-21-1914102242-455246035-2391317491-501 - Limited - Disabled)
malu__000 (S-1-5-21-1914102242-455246035-2391317491-1004 - Limited - Enabled) => C:\Users\malu__000
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adolix Split and Merge PDF v2.1 (HKLM-x32\...\Adolix Split and Merge PDF_is1) (Version: - Adolix Software)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Booking.com version 1.1.0.5019 (HKLM-x32\...\{958A475F-037D-401A-AC05-209725973E11}_is1) (Version: 1.1.0.5019 - Booking.com) <==== ATENÇÃO
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Classic Shell (HKLM\...\{7F34ADBE-77C0-47A0-BBC6-B3DA16CE8E68}) (Version: 3.6.7 - IvoSoft)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.3.0.4908 - DLL-Files.com Client)
Doro 1.92 (HKLM-x32\...\Doro_is1) (Version: - CompSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
K-Lite Codec Pack 10.9.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
Mozilla Firefox 50.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 pt-BR)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Popcorn-Time (HKU\S-1-5-21-1914102242-455246035-2391317491-1004\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
QuickTime Alternative 3.2.0 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.0 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
SafeSign 64-bits (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.87 - A.E.T. Europe B.V.)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
Scansoft PDF Professional (x32 Version: - ) Hidden
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.4.1102.0 - Seagate)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Spotify (HKU\S-1-5-21-1914102242-455246035-2391317491-1004\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.0.1 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsaw 1.15.1.61 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.15.1.61 - GAS Tecnologia)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\0615piUpdateInfo.job =>
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2010-01-30 01:40 - 2010-01-30 01:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-03-22 18:14 - 2017-03-22 18:14 - 00092472 _____ () C:\Program Files (x86)\zlib1.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 01354040 _____ () C:\Program Files (x86)\libxml2.dll
2017-03-28 14:18 - 2017-03-16 01:11 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\libglesv2.dll
2017-03-28 14:18 - 2017-03-16 01:11 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2022]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1914102242-455246035-2391317491-1004\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1914102242-455246035-2391317491-1004\...\bb.com.br -> hxxps://seg.bb.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2015-02-05 18:42 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1914102242-455246035-2391317491-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\malu__000\Pictures\sereia.jpg
DNS Servers: 192.168.208.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "DBAgent"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B629CC0C-DE35-4E0A-9507-028CE924E783}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{95841E2D-3EEA-4C52-8CBF-D1504D3AA784}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{2C171F52-3F2E-4EEB-B827-C8D815AEAEF1}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{11FF6F95-4BCE-4C26-B429-BC1C79FD7F88}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{04746BB1-7ED5-45D6-AB7A-3114725F3B0D}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{0DB4C620-2BA7-4BE1-9E43-94DD3C89F4B1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{538752EF-A7E3-403F-97CE-11E4851BFEE6}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{0DEF5F82-AD3E-404D-9B03-48BB8DC08AA3}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A3622EBE-80EA-478E-80ED-04C4697A233C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{16F66AC5-A5AD-48C5-82A3-443CEDBFFFFC}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{EA67E099-0F3A-4DF0-B1C3-5CC95F45E531}] => (Allow) LPort=54925
FirewallRules: [{7AA0C59C-0F02-4666-940D-EBF30C5BAA11}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{1D7F47DC-185F-4084-B586-0FB166FA2CAF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{5970445A-0733-4A2B-816E-BAECC5925D20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FDF1E841-9130-4D04-8069-4E98927E2237}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{58C4B119-23B9-4BAA-BA30-6D54BA038C20}] => (Allow) LPort=1689
FirewallRules: [TCP Query User{355A5B81-1476-4CB0-AE26-86D0A097FC2E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{57CA61AD-AFA6-49E8-8AC4-EBC7D0FDFE05}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{18F1E3D7-2521-48E5-8286-CE69AEE86757}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{C9A83ADE-CE30-4E34-BF04-585A6C078D3A}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{4071ED4F-F8A0-416B-A5D3-5D60EC9FECAD}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [TCP Query User{33450E60-AE57-46D1-A653-D232DA3EE8EA}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Block) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [UDP Query User{1B506B40-15D3-4E93-9725-CFE333C310EB}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Block) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [{1BEE2C2C-FF81-4A2B-BE74-1A19865B01F9}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{3E11A40D-9029-42EE-A9E4-48AC08E9E2F6}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{587FFF73-B8B5-47F7-BFC5-F0333A8FB093}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{682A87D3-DB07-4760-B417-1D7A9F97C094}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{725980CF-3BB4-4799-A68C-4B2CA5DCC368}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{4C95BA95-D44C-4234-A091-91B4B89628DB}] => (Allow) LPort=1689
FirewallRules: [{5FFB54B5-5CB7-4165-B788-6B11B3B70EDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{622A7B28-3965-4DCC-8786-BBACC93C9C9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A0ECC4A5-0422-4994-BA56-A773EEFFE3A4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CD7676CD-B90A-414F-B360-49E6CD47A8C4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{503EA773-8C8A-40A4-BA7C-96E7619618D6}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{34BBFC0A-B291-4282-9061-107E94C541BB}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{23821D9F-59EE-4C4A-ABCC-423993418BA5}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{24F1DFAD-5619-470B-8C44-40F4C3B85853}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{DF8E26B3-AF2D-4845-89E7-58596C39A283}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{881B9004-DBBB-4B0E-9A4C-97EB9A1874E2}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{330A8438-FD25-4FE8-A36A-B6F414C3E3B5}C:\users\user\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\user\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [UDP Query User{CB0FA569-82C4-445C-AD74-3705154FF954}C:\users\user\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\user\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [{5BC70133-6C65-4D52-96AC-9D835C9D0059}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E9EC63E5-C3F1-4E65-8C1D-9801BE9DF804}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9AC09A63-264E-4D08-B460-6A7969FF23D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7D8E3019-18A2-4C1B-A7CB-3AC1AFE6E343}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35F3B295-8C88-4E9E-86E4-7E87D87403A4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4D5ABC53-2450-46CD-A6BA-1AB19B14DC56}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561_0\SZBrowser.exe
FirewallRules: [TCP Query User{AC7B3C6C-6841-4EC0-8008-32ACABDBD77B}C:\users\malu__000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\malu__000\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{036F31E7-77B7-468E-818A-E5C08934C88C}C:\users\malu__000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\malu__000\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DED68F5F-86D1-4921-9107-3C6A10C2A48C}] => (Block) C:\users\malu__000\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9F612920-BA1F-4064-8E9F-3C25B70F8705}] => (Block) C:\users\malu__000\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7920E000-7C44-4E32-95D4-76D1C3B9CDD8}C:\users\malu__000\appdata\local\popcorn-time\popcorn-time.exe] => (Block) C:\users\malu__000\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [UDP Query User{3FC18E0F-7773-4996-951A-EF872D00774B}C:\users\malu__000\appdata\local\popcorn-time\popcorn-time.exe] => (Block) C:\users\malu__000\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [{BF6FD113-BACE-4274-AECB-68359577D27C}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590_0\SZBrowser.exe
FirewallRules: [{42221239-B4C7-4734-8F56-6EED87414199}] => (Allow) C:\Program Files (x86)\iTunes.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
Cheque o serviço "winmgmt" ou repare o WMI.
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Maria.local already in use; will try Maria-2.local instead
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Maria.local. Addr 192.168.208.47
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.167.34:5353 4 Maria.local. Addr 169.254.167.34
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Maria.local. AAAA FE80:0000:0000:0000:452D:7F9C:5E59:792F
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.167.34:5353 4 Maria.local. Addr 169.254.167.34
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Maria.local. Addr 192.168.208.47
Error: (03/29/2017 01:19:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.167.34:5353 4 Maria.local. Addr 169.254.167.34
Error: (03/29/2017 01:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7438
Error: (03/29/2017 01:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7438
Error: (03/29/2017 01:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Erros de Sistema:
=============
Error: (03/29/2017 01:14:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/29/2017 01:10:27 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:27 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:27 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:26 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:25 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:24 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:24 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:24 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/29/2017 01:10:23 PM) (Source: DCOM) (EventID: 10010) (User: MARIA)
Description: O servidor {03E64E17-B220-4052-9B9B-155F9CB8E016} não se registrou no DCOM dentro do tempo limite necessário.
CodeIntegrity:
===================================
Date: 2017-03-27 23:28:38.238
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:37.414
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:36.952
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:36.483
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:35.772
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:35.339
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:34.874
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:34.431
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:33.991
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
Date: 2017-03-27 23:28:33.566
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Percentagem de memória em uso: 51%
RAM física total: 3977.88 MB
RAM física disponível: 1912.84 MB
Virtual Total: 4809.88 MB
Virtual disponível: 2366.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.29 GB) (Free:611.26 GB) NTFS
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================