Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 01-03-2017 01
Executado por Tiago (03-03-2017 07:49:59)
Executando a partir de C:\Users\Tiago\Desktop
Microsoft Windows 7 Ultimate (X86) (2013-01-26 13:25:52)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3089339955-3706307662-206936842-500 - Administrator - Disabled)
Convidado (S-1-5-21-3089339955-3706307662-206936842-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3089339955-3706307662-206936842-1002 - Limited - Enabled)
postgres (S-1-5-21-3089339955-3706307662-206936842-1004 - Limited - Enabled) => C:\Users\postgres
Tiago (S-1-5-21-3089339955-3706307662-206936842-1000 - Administrator - Enabled) => C:\Users\Tiago
Tiago02 (S-1-5-21-3089339955-3706307662-206936842-1003 - Administrator - Enabled) => C:\Users\Tiago02
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Symantec Endpoint Protection (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Disabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
ACI (HKLM\...\EBB7DDC5-F8A7-4C1A-8BDB-C64456D342A5) (Version: 1.51 - Dataprev)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Agente de Comunicação 2.2 (HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\Agente de Comunicação_is1) (Version: 2.2 - Domínio Sistemas Ltda.)
AnyDesk (HKLM\...\AnyDesk) (Version: ad 2.1.2 - philandro Software GmbH)
Aplicativo Bradesco versão 1.0 (HKLM\...\{2F7717E5-BFF5-479A-B29E-A615ED278B6F}_is1) (Version: 1.0 - Copyright (C) 2015 Scopus Tecnologia Ltda.)
Arquivo do WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATENÇÃO
Atualização - Contabilidade (HKLM\...\Atualização - Contabilidade_is1) (Version: - )
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
atualizador Ask Toolbar Updater (HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.36191 - Ask.com) <==== ATENÇÃO
Busca - NF-e (HKLM\...\Busca - NF-e_is1) (Version: - Domínio Sistemas Ltda.)
Carnê-Leão 2013 (HKLM\...\LEAO2013) (Version: 1.1 - Receita Federal do Brasil)
CCleaner (HKLM\...\CCleaner) (Version: 2.30 - Piriform)
Changer Drive ID versão 1.0.0.0 (HKLM\...\{5F265C9C-562B-4E43-8AA8-E7BA1189CC4B}_is1) (Version: 1.0.0.0 - )
Cliente de Certificação (HKLM\...\Cliente de Certificação) (Version: - )
CNPJ (PGD) - versão 3.8 (HKLM\...\PGD-CNPJ) (Version: - )
Conectividade Social (HKLM\...\Conectividade Social) (Version: - )
CoolSMS 2.06 beta (HKLM\...\{BCF2CEFB-E23D-42EF-A5FA-F9ED2A085821}_is1) (Version: - cool.com.br)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DANFE View (HKLM\...\DANFE View) (Version: - )
Dicionário eletrônico Houaiss 3.0 (HKLM\...\Dicionário eletrônico Houaiss da língua portuguesa_is1) (Version: - Editora Objetiva)
Dirf 2013 (HKLM\...\Dirf 2013) (Version: - )
DMA_2012 (HKLM\...\{9402AECA-46FB-4561-9629-9235228F23E8}) (Version: - )
Domínio Contábil (HKLM\...\Domínio Contábil_is1) (Version: - Domínio Sistemas Ltda.)
Domínio Utilitários (HKLM\...\Domínio Utilitários_is1) (Version: - Domínio Sistemas Ltda.)
Doro 1.77 (HKLM\...\Doro_is1) (Version: - CompSoft)
EFD Contribuições (HKLM\...\EFD Contribuições) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.10 (HKLM\...\EFD Contribuições 2.0.10) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.11 (HKLM\...\EFD Contribuições 2.0.11) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.12 (HKLM\...\EFD Contribuições 2.0.12) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.13 (HKLM\...\EFD Contribuições 2.0.13) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.4.a (HKLM\...\EFD Contribuições 2.0.4.a) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.6 (HKLM\...\EFD Contribuições 2.0.6) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.7 (HKLM\...\EFD Contribuições 2.0.7) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.9 (HKLM\...\EFD Contribuições 2.0.9) (Version: 1.0.0.0 - SERPRO)
EFD ICMS IPI (HKLM\...\EFD ICMS IPI) (Version: 2.3.3.0 - SpedFiscal_PVA)
Facebook Messenger 2.1.4814.0 (HKLM\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Free DVD to AVI MP4 WMV MPEG 3GP FLV Converter 2.8.9 (HKLM\...\Free DVD to AVI MP4 WMV MPEG 3GP FLV Converter_is1) (Version: - FreeAudioVideoSoft Co., Ltd.)
FreeOnlineRadioPlayerRecorder V1 Toolbar (HKLM\...\FreeOnlineRadioPlayerRecorder_V1 Toolbar) (Version: 6.12.0.11 - FreeOnlineRadioPlayerRecorder V1)
Galeria de Fotos (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GRRF Eletrônica (HKLM\...\GRRF Eletrônica) (Version: - )
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2013) (Version: 1.3 - Receita Federal do Brasil)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2014) (Version: 1.5 - Receita Federal do Brasil)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2015) (Version: 1.2 - Receita Federal do Brasil)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2016) (Version: 1.1 - Receita Federal do Brasil)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 5.2.0 (HKLM\...\KLiteCodecPack_is1) (Version: 5.2.0 - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 51.0.1 (x86 pt-BR)) (Version: 51.0.1 - Mozilla)
Nero 8 Micro 8.2.8.0 (HKLM\...\Nero8Lite_is1) (Version: 8.2.8.0 - Updatepack.nl)
Nero Kwik Media (HKLM\...\{283E9B9D-F1B3-45BA-B942-6B10A3948533}) (Version: 12.5.00300 - Nero AG)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PC-CCID (HKLM\...\{BD3068DE-D53B-4CE8-B2BC-32E1323441CD}) (Version: 2.0.0 - Gemalto)
Photo Notifier and Animation Creator (HKLM\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
Prerequisite installer (Version: 12.0.0003 - Nero AG) Hidden
Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Requerimento de Empresário 1.29 (HKLM\...\Requerimento de Empresário) (Version: - )
SafeSign (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.87 - A.E.T. Europe B.V.)
SEFIP 8.40 (HKLM\...\SEFIP 8.40) (Version: - )
Sicalc Auto Atendimento (HKLM\...\Sicalc Auto Atendimento) (Version: 4.0.51 - Receita Federal do Brasil)
Skype chat helper (HKLM\...\{EB951722-70F4-4EF1-902C-CD665AA17A19}) (Version: 1.1.1 - Pril)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
Sped ECF 0.05.003_Beta (HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\Sped ECF 0.05.003_Beta) (Version: 0.0.1.0 - SERPRO)
Spyware Terminator (HKLM\...\Spyware Terminator_is1) (Version: 2.8.2.192 - Crawler Inc.)
SQL Anywhere (HKLM\...\SQL Anywhere_is1) (Version: 16.0.0 - Domínio Sistemas Ltda.)
Symantec Endpoint Protection (HKLM\...\{F0338870-CED5-4154-B19D-CBD62C1934D4}) (Version: 12.1.2015.2015 - Symantec Corporation)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TED versão 4.3.7 (HKLM\...\{D9589AD9-1908-45AF-ACEE-40E056C22DDA}_is1) (Version: - Secretaria da Fazenda do Estado do Rio Grande do Sul)
Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 2.9.7 - CrystalIdea Software, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Validador Sintegra 5.3.0 (HKLM\...\{169CEB91-BD47-46C1-A0EA-7943B0E667DA}_is1) (Version: - Secretaria da Fazenda do Estado do Rio Grande do Sul)
VDownloader 4.0.1163 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VMware Workstation (HKLM\...\VMware_Workstation) (Version: 10.0.0 - VMware, Inc)
VMware Workstation (Version: 10.0.0 - VMware, Inc.) Hidden
VNC Free Edition 4.1.2 (HKLM\...\RealVNC_is1) (Version: 4.1.2 - RealVNC Ltd.)
Warsaw 1.13.0.525 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.13.0.525 - GAS Tecnologia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3089339955-3706307662-206936842-1000_Classes\CLSID\{04FE3112-DB93-424D-B958-5E709395693F}\InprocServer32 -> C:\Users\Tiago\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CustomCLSID: HKU\S-1-5-21-3089339955-3706307662-206936842-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Tiago\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuthLib.dll ()
CustomCLSID: HKU\S-1-5-21-3089339955-3706307662-206936842-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Tiago\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3089339955-3706307662-206936842-1000_Classes\CLSID\{33370786-2876-5ab2-8da1-2c63f8dadfc1}\InprocServer32 -> C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo Limited)
CustomCLSID: HKU\S-1-5-21-3089339955-3706307662-206936842-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Tiago\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {00EAB7EB-9908-42D6-8511-EFF164971837} - System32\Tasks\{884BF896-8DA0-47B0-8D7D-D5FDC8C00D57} => pcalua.exe -a "C:\Program Files\Validador Sintegra 2012\ValidadorSintegra2014.exe" -d "C:\Program Files\Validador Sintegra 2012"
Task: {1FC5504B-5601-48BE-BDB7-91A4706EF5A7} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e40a5358a41f => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2372D42B-07AC-461D-8459-AE9D8D852EA2} - System32\Tasks\GoogleUpdateTaskMachineCore1cfed222de470f7 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {26ACBFB6-1BFB-4CA0-8115-23ACC2EE2EAA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-23] ()
Task: {2801830E-0673-4DB9-9DDB-AB0CE7BABF7E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2B1DC11F-5DA4-4329-B349-9245840C66EC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3089339955-3706307662-206936842-1000Core => C:\Users\Tiago\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-15] (Facebook Inc.)
Task: {3461E875-8277-464F-8CE8-FD3F756228B1} - System32\Tasks\GoogleUpdateTaskMachineCore1d12cf5caec91e0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {41241E21-0322-4E32-AF63-2086593FB547} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ab7910bd9a27 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {41E75CEB-092C-4E18-8066-556D19DD1647} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dad7f0e5312 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {4B6C4938-EDCE-429D-BE0C-58F6EAEA648F} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f07346d52e5d => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {4CA0017C-9856-4C33-AB25-3CF530A99201} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2013-04-25] () <==== ATENÇÃO
Task: {5C370726-E0DE-460A-865B-2BB69A880503} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e98c6b281fa9 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {62984E98-D76F-42D1-866E-2CDDDB9CCC54} - System32\Tasks\0814tbUpdateInfo => C:\ProgramData\Avg_Update_0814tb\0814tb_{FFBEC273-C746-47B7-881E-4059CAFF49D3}.exe [2014-08-26] ()
Task: {7319DCB1-5542-4BA4-BBD6-B45018FAF04E} - System32\Tasks\{6D95C30F-5CE0-43B3-BDC8-38FD6F323315} => pcalua.exe -a C:\AuxilioNFe\AuxilioNFe.exe -d C:\AuxilioNFe
Task: {75E684FD-ECB5-43D3-9D1E-8F924156A98F} - System32\Tasks\4681 => Wscript.exe C:\Users\Tiago\AppData\Local\Temp\launchie.vbs //B <==== ATENÇÃO
Task: {7A02EF3E-92B9-429A-B23A-DDFA49EB84C0} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f026e38df79 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {85313F51-2CDA-45D8-954F-501DA395E8C2} - System32\Tasks\DSite => C:\Users\Tiago\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {8565437E-84EC-4D36-8915-0EAE376ACD4E} - System32\Tasks\GoogleUpdateTaskMachineCore1d0c2df4895720b => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {96418EAC-BD41-4BB6-B0BA-70FE0EAAE60B} - System32\Tasks\DealPly => C:\Users\Tiago\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {9A8E10F6-4491-4980-8E23-7A8325661FC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AA7CDE15-D0DD-4919-A052-E441C4998B14} - System32\Tasks\{EF6C12CD-FE1B-44EB-A5D7-EBA38CA235F9} => pcalua.exe -a "C:\Instalador Sped\TeamViewer 8 Corporate + Crack [New 2013!!]\new_teamviewer_8_corporatecrack_new_2013.exe" -d "C:\Instalador Sped\TeamViewer 8 Corporate + Crack [New 2013!!]"
Task: {ADAC782D-9C1A-4699-A851-629296F8A7EE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3089339955-3706307662-206936842-1000UA => C:\Users\Tiago\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-15] (Facebook Inc.)
Task: {C56B767E-18EB-4D0D-AC5C-1F41004F6E23} - System32\Tasks\0 => Iexplore.exe <==== ATENÇÃO
Task: {D6F2E132-C041-45B6-9A58-7324F5C742C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {EA223A4D-F983-4131-8E16-642B03CA5311} - System32\Tasks\GoogleUpdateTaskMachineCore1d0002822695715 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F1930FC6-8AFA-48B1-9AD6-3B057B23F42A} - System32\Tasks\GoogleUpdateTaskMachineCore1d0422a455955cf => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\0814tbUpdateInfo.job => C:\ProgramData\Avg_Update_0814tb\0814tb_{FFBEC273-C746-47B7-881E-4059CAFF49D3}.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Tiago\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3089339955-3706307662-206936842-1000Core.job => C:\Users\Tiago\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3089339955-3706307662-206936842-1000UA.job => C:\Users\Tiago\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfed222de470f7.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0002822695715.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0422a455955cf.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08f026e38df79.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0c2df4895720b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e40a5358a41f.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f07346d52e5d.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12cf5caec91e0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d15dad7f0e5312.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab7910bd9a27.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Tiago\Desktop\GDRais 2013.lnk -> C:\GDRais2013\gdrais.bat ()
Shortcut: C:\Users\Tiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GdRaisJava\GDRais 2013.lnk -> C:\GDRais2013\gdrais.bat ()
==================== Módulos Carregados (Whitelisted) ==============
2016-01-14 09:45 - 2016-01-14 08:33 - 01428640 _____ () C:\Program Files\AnyDesk\AnyDesk.exe
2016-10-20 11:48 - 2015-08-21 15:50 - 00020568 _____ () C:\Program Files\AppBrad\NetExpressUpdater.exe
2013-08-27 12:42 - 2013-08-27 12:42 - 01260624 _____ () C:\Program Files\VMware\VMware Workstation\libxml2.dll
2013-08-27 12:09 - 2013-08-27 12:09 - 14401104 _____ () C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
2016-05-31 08:20 - 2016-05-31 08:20 - 00679624 _____ () C:\Users\Tiago\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2014-04-11 14:38 - 2008-08-02 13:56 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2013-01-26 11:54 - 2011-10-21 13:49 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2017-02-07 07:56 - 2017-02-01 06:01 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 07:56 - 2017-02-01 06:01 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8]
AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:D7F97185_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:D7F97185_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [569]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1930]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\caixa.gov.br -> hxxps://certificadodigital.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\fazenda.gov.br -> hxxps://www8.receita.fazenda.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2016-12-29 09:47 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3089339955-3706307662-206936842-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tiago\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 177.38.244.69 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{4FC234F7-2DA7-4998-8DBF-4FE7182ABE96}] => (Allow) C:\Users\Tiago\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{45916404-E315-4943-BD8C-E06AB735D8DE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A1D688B7-1CF8-4B85-A1EF-2E297342D07A}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{08E551FF-4804-43D4-8E54-039D224A9AFF}] => (Allow) LPort=2869
FirewallRules: [{5EB1CC1A-8161-49D2-9809-AE39656D11D3}] => (Allow) LPort=1900
FirewallRules: [{F0C1D990-32F6-4E0B-9178-A9F9F67D6961}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{BD201439-1E10-4499-8486-F5ADA9143543}C:\users\tiago\desktop\aa_v3.exe] => (Allow) C:\users\tiago\desktop\aa_v3.exe
FirewallRules: [UDP Query User{9C20AFE6-C22B-465B-9923-ED876331830F}C:\users\tiago\desktop\aa_v3.exe] => (Allow) C:\users\tiago\desktop\aa_v3.exe
FirewallRules: [{A3A70378-ECD7-4D0E-B606-6BC494B13E7C}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{7F3C6656-4E0D-426F-A7D9-ECB90C96A96A}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{5917042C-69B4-48F2-A54E-226508425F4D}] => (Allow) C:\Program Files\PSafe\PSRsync.exe
FirewallRules: [{1EA717F5-5BC9-4A9D-9FD7-1601DFB6E0DF}] => (Allow) C:\Program Files\PSafe\PSRsync.exe
FirewallRules: [{DB8C5364-E993-4931-A7E4-8FD6C0FC438E}] => (Allow) C:\Program Files\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{9239A248-0E42-41DA-8A99-F83832BD95A8}] => (Allow) C:\Program Files\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{AE33A249-858B-4FEE-8FA5-65E3C536CD07}] => (Allow) LPort=3306
FirewallRules: [{817AB6BE-A65C-4A69-B56D-FA71C800F1BB}] => (Allow) C:\AuxilioNFe\AuxilioNFe.exe
FirewallRules: [{3206CDEE-1BD5-4E78-BC84-EEF35CE3A603}] => (Allow) C:\AuxilioNFe\AuxilioNFe.exe
FirewallRules: [{9892D06C-F7D9-4FC2-9BE5-C909B7037C37}] => (Allow) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{CFB4DBD5-93E9-4B5F-9A14-96AC1965798B}] => (Allow) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{FF0490BC-B8E5-45FB-9C48-4FC938778B31}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{D40923EA-03D2-4BAF-8784-9742CAF447C3}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{5764DAF8-2806-4BF3-8955-8D11EE2AF93A}] => (Allow) C:\Program Files\Nero\KM\KwikMedia.exe
FirewallRules: [{D62BD0C8-BB1E-4D7E-9289-67CF22AD83CE}] => (Allow) C:\Program Files\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{6CF6570C-E107-464E-8B4C-F7FC2B2E093B}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{51629CDD-E487-42AC-9C35-59CEFC213013}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{B1BE4331-0A9C-47AA-A53B-49BD1BBF1003}\\server\sistemas\econtab\lf.exe] => (Allow) \\server\sistemas\econtab\lf.exe
FirewallRules: [UDP Query User{8B780539-22B6-4732-88A8-9EA228342C94}\\server\sistemas\econtab\lf.exe] => (Allow) \\server\sistemas\econtab\lf.exe
FirewallRules: [TCP Query User{E2510F40-25C1-4655-A3CE-FD3AADF93B9D}\\server\econtab\lf.exe] => (Allow) \\server\econtab\lf.exe
FirewallRules: [UDP Query User{61D99BA8-1809-4AC4-9B0B-FA4248D0B217}\\server\econtab\lf.exe] => (Allow) \\server\econtab\lf.exe
FirewallRules: [TCP Query User{42F085D9-6D31-456C-81A5-EFF6C5611758}\\server\sistemas\econtab\cb.exe] => (Allow) \\server\sistemas\econtab\cb.exe
FirewallRules: [UDP Query User{5BDE332C-82FD-4685-9E8A-0DE9570F99BD}\\server\sistemas\econtab\cb.exe] => (Allow) \\server\sistemas\econtab\cb.exe
FirewallRules: [TCP Query User{2D96AAB8-4A1C-44AC-B771-9F6A0A6EAD4E}C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe
FirewallRules: [UDP Query User{698D90F6-4044-404E-B627-AD84CEE88588}C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe
FirewallRules: [{96A143DF-6C34-4876-9C70-AD4DE9678903}] => (Allow) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\Smc.exe
FirewallRules: [{36CCD0C8-AB80-4224-85E6-566268C60F10}] => (Allow) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\Smc.exe
FirewallRules: [{148E7059-CB9D-481C-87DA-E5264E435C2D}] => (Allow) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\snac.exe
FirewallRules: [{E9BE0BF9-0A20-433E-9FE5-59DD9D9588C3}] => (Allow) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\snac.exe
FirewallRules: [{4EF813CC-17B3-44E2-952A-0C87CED94E99}] => (Allow) C:\Program Files\baidu\Spark\Spark.exe
FirewallRules: [{93E4B372-79F6-4CFA-8257-797715DC2747}] => (Allow) C:\Program Files\baidu\Spark\Spark.exe
FirewallRules: [{4F633558-17E2-4449-84D4-D2745238C62A}] => (Allow) C:\Program Files\baidu\Spark\bdtray.exe
FirewallRules: [{19CB7C25-E7E0-4DE4-94D3-6DA81CCA8B1B}] => (Allow) C:\Program Files\baidu\Spark\bdtray.exe
FirewallRules: [{B9E06D36-C4D6-42B9-A9F5-907FFB3B80F0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F9AC15B8-B4CB-4C51-A985-8FE029D11AE3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BD891C78-8DC6-44D5-9CBD-E8216C18F954}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C6AC719A-A7BD-4124-B269-2D6FF54EF2B5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8A98DE8D-3442-48C2-BA63-77ABB1F79726}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{652CF59C-2099-43B8-B106-BADFAA7DA3B5}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{A07D593C-1255-428D-B01C-0936F2A15855}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{1E108717-4874-4069-B67D-F93DAEEF1927}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{13AF09DC-528C-4B3F-B26B-0A2AC4045CEB}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{12D57218-2088-450E-BB87-38A64EAA5D37}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{7EF730A2-2CC1-4746-AF2D-D85E1A00E3B5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{18C879E8-4F93-4C49-AB70-E2B051A5AE24}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{CBD0B45F-BD0D-48CE-B2BC-EEAE5686AEB9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B5189AFD-9894-4D43-BC23-56F6B1C1E94D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5910B784-56A9-4E73-AE5B-FA8645754390}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{36104D8E-41A4-4CF5-834C-2B3EA94627CA}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{3173E86C-17BF-400C-AB90-996B164798A2}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{72B21E4C-174E-4A21-9B41-96093DF5243E}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{2A41838C-6F63-4F43-9A53-1ABEB5685334}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{5894278B-4B4E-4912-9A03-F2463F7E65EB}] => (Allow) C:\Program Files\IncrediMail\Bin\IncMail.exe
FirewallRules: [{ABFEE55B-653B-42A2-AE19-153DB18773AA}] => (Allow) C:\Program Files\IncrediMail\Bin\IncMail.exe
FirewallRules: [{191D5BF3-D12A-43EB-AD8F-AE51A531B28B}] => (Allow) C:\Program Files\IncrediMail\Bin\ImApp.exe
FirewallRules: [{19FF302F-AC9B-411B-9A5D-8625BAD3AB8A}] => (Allow) C:\Program Files\IncrediMail\Bin\ImApp.exe
FirewallRules: [{AA8C22F2-54A2-4F04-94A4-2C378640AAF1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{A1A88C67-E8E7-496B-B525-C7D15AD61437}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{7EFA8B38-690E-44B3-902A-909B3F84A795}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{F91E12F5-3961-4A13-A129-E387D8B83B86}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{4C2225DB-2A31-47EB-B0CD-CB6D3027D0C3}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{73A4780A-EC67-42D7-BB5E-F46378EB6E28}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{C57BEAA1-FCBB-4CFE-BAC6-730B65DBD482}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{AF81A2BF-8738-4F29-9F9A-3AAD22A23696}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
==================== Pontos de Restauração =========================
02-02-2017 16:12:03 Ponto de Verificação Agendado
09-02-2017 16:49:40 Ponto de Verificação Agendado
17-02-2017 15:54:40 Ponto de Verificação Agendado
03-03-2017 07:34:54 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
03-03-2017 07:40:22 Removed Skype™ 7.33
03-03-2017 07:41:21 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: IDSVix86
Description: IDSVix86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IDSVix86
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: BHDrvx86
Description: BHDrvx86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx86
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: pa_sys_config
Description: pa_sys_config
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pa_sys_config
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/03/2017 07:44:10 AM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Encontrado risco à segurança!Tracking Cookies no arquivo: Cookie:tiago@advertising.com/ por: Verificação Inicialização. Ação: Excluir bem-sucedida. Descrição da ação: O arquivo foi excluído com sucesso.
Error: (03/03/2017 07:34:24 AM) (Source: Symantec AntiVirus) (EventID: 73) (User: )
Description: O SONAR gerou um erro: código 1: descrição: Falha na verificação heurística ou no carregamento
Error: (03/03/2017 07:29:21 AM) (Source: Symantec Network Protection) (EventID: 400) (User: )
Description: A prevenção contra intrusões na rede não está protegendo o computador porque seu driver foi descarregado
Error: (03/03/2017 07:28:25 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: pg_ctl: não pôde encontrar o programa executável do postgres
Error: (03/03/2017 07:27:28 AM) (Source: Symantec AntiVirus) (EventID: 73) (User: )
Description: O SONAR gerou um erro: código 1: descrição: Falha na verificação heurística ou no carregamento
Error: (03/03/2017 07:24:59 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\Users\Tiago\AppData\Local\Temp\vc_redist.x86.exe /install /quiet /norestart; Descrição = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215; Erro = 0x80070514).
Error: (03/03/2017 07:22:24 AM) (Source: Symantec Network Protection) (EventID: 400) (User: )
Description: A prevenção contra intrusões na rede não está protegendo o computador porque seu driver foi descarregado
Error: (03/03/2017 07:21:28 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: pg_ctl: não pôde encontrar o programa executável do postgres
Error: (03/02/2017 05:11:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HP1006MC.EXE, versão: 4.0.0.47, carimbo de hora: 0x46c2fc48
Nome do módulo de falhas: HP1006MC.EXE, versão: 4.0.0.47, carimbo de hora: 0x46c2fc48
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00005b15
Identificação do processo com falha: 0x924
Hora de início do aplicativo com falha: 0x01d293912469bfc5
Caminho do aplicativo com falha: C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
FCaminho do módulo de falhas: C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
Identificação do Relatório: 62ba3dd5-ff84-11e6-9bf1-005056c00008
Error: (03/02/2017 05:06:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HP1006MC.EXE, versão: 4.0.0.47, carimbo de hora: 0x46c2fc48
Nome do módulo de falhas: HP1006MC.EXE, versão: 4.0.0.47, carimbo de hora: 0x46c2fc48
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00005b15
Identificação do processo com falha: 0x1fcc
Hora de início do aplicativo com falha: 0x01d293907c8effc4
Caminho do aplicativo com falha: C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
FCaminho do módulo de falhas: C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
Identificação do Relatório: ba6f2e2e-ff83-11e6-9bf1-005056c00008
Erros de Sistema:
=============
Error: (03/03/2017 07:40:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/03/2017 07:29:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/03/2017 07:28:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BHDrvx86 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/03/2017 07:28:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
BHDrvx86
gbpddreg
IDSvix86
pa_sys_config
pa_sys_config"register
pa_sys_config"unregister
Error: (03/03/2017 07:28:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço postgresql-9.0 - PostgreSQL Server 9.0 foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (03/03/2017 07:22:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/03/2017 07:21:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BHDrvx86 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/03/2017 07:21:59 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
BHDrvx86
gbpddreg
IDSvix86
pa_sys_config
pa_sys_config"register
pa_sys_config"unregister
Error: (03/03/2017 07:21:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço postgresql-9.0 - PostgreSQL Server 9.0 foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (03/02/2017 10:01:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço IDSvix86 devido ao seguinte erro:
Um dispositivo conectado ao sistema não está funcionando.
CodeIntegrity:
===================================
Date: 2015-02-12 15:47:42.271
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:47:42.240
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:47:42.209
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:18:14.649
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:18:14.624
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:18:14.601
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:09:26.567
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:09:26.544
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:09:26.499
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-10 15:13:58.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentagem de memória em uso: 69%
RAM física total: 3489.28 MB
RAM física disponível: 1062.25 MB
Virtual Total: 6976.83 MB
Virtual disponível: 4293.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:333.66 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0005FD2A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Tiago (03-03-2017 07:49:59)
Executando a partir de C:\Users\Tiago\Desktop
Microsoft Windows 7 Ultimate (X86) (2013-01-26 13:25:52)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3089339955-3706307662-206936842-500 - Administrator - Disabled)
Convidado (S-1-5-21-3089339955-3706307662-206936842-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3089339955-3706307662-206936842-1002 - Limited - Enabled)
postgres (S-1-5-21-3089339955-3706307662-206936842-1004 - Limited - Enabled) => C:\Users\postgres
Tiago (S-1-5-21-3089339955-3706307662-206936842-1000 - Administrator - Enabled) => C:\Users\Tiago
Tiago02 (S-1-5-21-3089339955-3706307662-206936842-1003 - Administrator - Enabled) => C:\Users\Tiago02
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Symantec Endpoint Protection (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Disabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
ACI (HKLM\...\EBB7DDC5-F8A7-4C1A-8BDB-C64456D342A5) (Version: 1.51 - Dataprev)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Agente de Comunicação 2.2 (HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\Agente de Comunicação_is1) (Version: 2.2 - Domínio Sistemas Ltda.)
AnyDesk (HKLM\...\AnyDesk) (Version: ad 2.1.2 - philandro Software GmbH)
Aplicativo Bradesco versão 1.0 (HKLM\...\{2F7717E5-BFF5-479A-B29E-A615ED278B6F}_is1) (Version: 1.0 - Copyright (C) 2015 Scopus Tecnologia Ltda.)
Arquivo do WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATENÇÃO
Atualização - Contabilidade (HKLM\...\Atualização - Contabilidade_is1) (Version: - )
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
atualizador Ask Toolbar Updater (HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.36191 - Ask.com) <==== ATENÇÃO
Busca - NF-e (HKLM\...\Busca - NF-e_is1) (Version: - Domínio Sistemas Ltda.)
Carnê-Leão 2013 (HKLM\...\LEAO2013) (Version: 1.1 - Receita Federal do Brasil)
CCleaner (HKLM\...\CCleaner) (Version: 2.30 - Piriform)
Changer Drive ID versão 1.0.0.0 (HKLM\...\{5F265C9C-562B-4E43-8AA8-E7BA1189CC4B}_is1) (Version: 1.0.0.0 - )
Cliente de Certificação (HKLM\...\Cliente de Certificação) (Version: - )
CNPJ (PGD) - versão 3.8 (HKLM\...\PGD-CNPJ) (Version: - )
Conectividade Social (HKLM\...\Conectividade Social) (Version: - )
CoolSMS 2.06 beta (HKLM\...\{BCF2CEFB-E23D-42EF-A5FA-F9ED2A085821}_is1) (Version: - cool.com.br)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DANFE View (HKLM\...\DANFE View) (Version: - )
Dicionário eletrônico Houaiss 3.0 (HKLM\...\Dicionário eletrônico Houaiss da língua portuguesa_is1) (Version: - Editora Objetiva)
Dirf 2013 (HKLM\...\Dirf 2013) (Version: - )
DMA_2012 (HKLM\...\{9402AECA-46FB-4561-9629-9235228F23E8}) (Version: - )
Domínio Contábil (HKLM\...\Domínio Contábil_is1) (Version: - Domínio Sistemas Ltda.)
Domínio Utilitários (HKLM\...\Domínio Utilitários_is1) (Version: - Domínio Sistemas Ltda.)
Doro 1.77 (HKLM\...\Doro_is1) (Version: - CompSoft)
EFD Contribuições (HKLM\...\EFD Contribuições) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.10 (HKLM\...\EFD Contribuições 2.0.10) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.11 (HKLM\...\EFD Contribuições 2.0.11) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.12 (HKLM\...\EFD Contribuições 2.0.12) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.13 (HKLM\...\EFD Contribuições 2.0.13) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.4.a (HKLM\...\EFD Contribuições 2.0.4.a) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.6 (HKLM\...\EFD Contribuições 2.0.6) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.7 (HKLM\...\EFD Contribuições 2.0.7) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.9 (HKLM\...\EFD Contribuições 2.0.9) (Version: 1.0.0.0 - SERPRO)
EFD ICMS IPI (HKLM\...\EFD ICMS IPI) (Version: 2.3.3.0 - SpedFiscal_PVA)
Facebook Messenger 2.1.4814.0 (HKLM\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Free DVD to AVI MP4 WMV MPEG 3GP FLV Converter 2.8.9 (HKLM\...\Free DVD to AVI MP4 WMV MPEG 3GP FLV Converter_is1) (Version: - FreeAudioVideoSoft Co., Ltd.)
FreeOnlineRadioPlayerRecorder V1 Toolbar (HKLM\...\FreeOnlineRadioPlayerRecorder_V1 Toolbar) (Version: 6.12.0.11 - FreeOnlineRadioPlayerRecorder V1)
Galeria de Fotos (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GRRF Eletrônica (HKLM\...\GRRF Eletrônica) (Version: - )
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2013) (Version: 1.3 - Receita Federal do Brasil)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2014) (Version: 1.5 - Receita Federal do Brasil)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2015) (Version: 1.2 - Receita Federal do Brasil)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2016) (Version: 1.1 - Receita Federal do Brasil)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 5.2.0 (HKLM\...\KLiteCodecPack_is1) (Version: 5.2.0 - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 51.0.1 (x86 pt-BR)) (Version: 51.0.1 - Mozilla)
Nero 8 Micro 8.2.8.0 (HKLM\...\Nero8Lite_is1) (Version: 8.2.8.0 - Updatepack.nl)
Nero Kwik Media (HKLM\...\{283E9B9D-F1B3-45BA-B942-6B10A3948533}) (Version: 12.5.00300 - Nero AG)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PC-CCID (HKLM\...\{BD3068DE-D53B-4CE8-B2BC-32E1323441CD}) (Version: 2.0.0 - Gemalto)
Photo Notifier and Animation Creator (HKLM\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
Prerequisite installer (Version: 12.0.0003 - Nero AG) Hidden
Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Requerimento de Empresário 1.29 (HKLM\...\Requerimento de Empresário) (Version: - )
SafeSign (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.87 - A.E.T. Europe B.V.)
SEFIP 8.40 (HKLM\...\SEFIP 8.40) (Version: - )
Sicalc Auto Atendimento (HKLM\...\Sicalc Auto Atendimento) (Version: 4.0.51 - Receita Federal do Brasil)
Skype chat helper (HKLM\...\{EB951722-70F4-4EF1-902C-CD665AA17A19}) (Version: 1.1.1 - Pril)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
Sped ECF 0.05.003_Beta (HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\Sped ECF 0.05.003_Beta) (Version: 0.0.1.0 - SERPRO)
Spyware Terminator (HKLM\...\Spyware Terminator_is1) (Version: 2.8.2.192 - Crawler Inc.)
SQL Anywhere (HKLM\...\SQL Anywhere_is1) (Version: 16.0.0 - Domínio Sistemas Ltda.)
Symantec Endpoint Protection (HKLM\...\{F0338870-CED5-4154-B19D-CBD62C1934D4}) (Version: 12.1.2015.2015 - Symantec Corporation)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TED versão 4.3.7 (HKLM\...\{D9589AD9-1908-45AF-ACEE-40E056C22DDA}_is1) (Version: - Secretaria da Fazenda do Estado do Rio Grande do Sul)
Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 2.9.7 - CrystalIdea Software, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Validador Sintegra 5.3.0 (HKLM\...\{169CEB91-BD47-46C1-A0EA-7943B0E667DA}_is1) (Version: - Secretaria da Fazenda do Estado do Rio Grande do Sul)
VDownloader 4.0.1163 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VMware Workstation (HKLM\...\VMware_Workstation) (Version: 10.0.0 - VMware, Inc)
VMware Workstation (Version: 10.0.0 - VMware, Inc.) Hidden
VNC Free Edition 4.1.2 (HKLM\...\RealVNC_is1) (Version: 4.1.2 - RealVNC Ltd.)
Warsaw 1.13.0.525 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.13.0.525 - GAS Tecnologia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3089339955-3706307662-206936842-1000_Classes\CLSID\{04FE3112-DB93-424D-B958-5E709395693F}\InprocServer32 -> C:\Users\Tiago\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CustomCLSID: HKU\S-1-5-21-3089339955-3706307662-206936842-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Tiago\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuthLib.dll ()
CustomCLSID: HKU\S-1-5-21-3089339955-3706307662-206936842-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Tiago\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3089339955-3706307662-206936842-1000_Classes\CLSID\{33370786-2876-5ab2-8da1-2c63f8dadfc1}\InprocServer32 -> C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo Limited)
CustomCLSID: HKU\S-1-5-21-3089339955-3706307662-206936842-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Tiago\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {00EAB7EB-9908-42D6-8511-EFF164971837} - System32\Tasks\{884BF896-8DA0-47B0-8D7D-D5FDC8C00D57} => pcalua.exe -a "C:\Program Files\Validador Sintegra 2012\ValidadorSintegra2014.exe" -d "C:\Program Files\Validador Sintegra 2012"
Task: {1FC5504B-5601-48BE-BDB7-91A4706EF5A7} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e40a5358a41f => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2372D42B-07AC-461D-8459-AE9D8D852EA2} - System32\Tasks\GoogleUpdateTaskMachineCore1cfed222de470f7 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {26ACBFB6-1BFB-4CA0-8115-23ACC2EE2EAA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-23] ()
Task: {2801830E-0673-4DB9-9DDB-AB0CE7BABF7E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2B1DC11F-5DA4-4329-B349-9245840C66EC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3089339955-3706307662-206936842-1000Core => C:\Users\Tiago\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-15] (Facebook Inc.)
Task: {3461E875-8277-464F-8CE8-FD3F756228B1} - System32\Tasks\GoogleUpdateTaskMachineCore1d12cf5caec91e0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {41241E21-0322-4E32-AF63-2086593FB547} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ab7910bd9a27 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {41E75CEB-092C-4E18-8066-556D19DD1647} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dad7f0e5312 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {4B6C4938-EDCE-429D-BE0C-58F6EAEA648F} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f07346d52e5d => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {4CA0017C-9856-4C33-AB25-3CF530A99201} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2013-04-25] () <==== ATENÇÃO
Task: {5C370726-E0DE-460A-865B-2BB69A880503} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e98c6b281fa9 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {62984E98-D76F-42D1-866E-2CDDDB9CCC54} - System32\Tasks\0814tbUpdateInfo => C:\ProgramData\Avg_Update_0814tb\0814tb_{FFBEC273-C746-47B7-881E-4059CAFF49D3}.exe [2014-08-26] ()
Task: {7319DCB1-5542-4BA4-BBD6-B45018FAF04E} - System32\Tasks\{6D95C30F-5CE0-43B3-BDC8-38FD6F323315} => pcalua.exe -a C:\AuxilioNFe\AuxilioNFe.exe -d C:\AuxilioNFe
Task: {75E684FD-ECB5-43D3-9D1E-8F924156A98F} - System32\Tasks\4681 => Wscript.exe C:\Users\Tiago\AppData\Local\Temp\launchie.vbs //B <==== ATENÇÃO
Task: {7A02EF3E-92B9-429A-B23A-DDFA49EB84C0} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f026e38df79 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {85313F51-2CDA-45D8-954F-501DA395E8C2} - System32\Tasks\DSite => C:\Users\Tiago\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {8565437E-84EC-4D36-8915-0EAE376ACD4E} - System32\Tasks\GoogleUpdateTaskMachineCore1d0c2df4895720b => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {96418EAC-BD41-4BB6-B0BA-70FE0EAAE60B} - System32\Tasks\DealPly => C:\Users\Tiago\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {9A8E10F6-4491-4980-8E23-7A8325661FC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AA7CDE15-D0DD-4919-A052-E441C4998B14} - System32\Tasks\{EF6C12CD-FE1B-44EB-A5D7-EBA38CA235F9} => pcalua.exe -a "C:\Instalador Sped\TeamViewer 8 Corporate + Crack [New 2013!!]\new_teamviewer_8_corporatecrack_new_2013.exe" -d "C:\Instalador Sped\TeamViewer 8 Corporate + Crack [New 2013!!]"
Task: {ADAC782D-9C1A-4699-A851-629296F8A7EE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3089339955-3706307662-206936842-1000UA => C:\Users\Tiago\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-15] (Facebook Inc.)
Task: {C56B767E-18EB-4D0D-AC5C-1F41004F6E23} - System32\Tasks\0 => Iexplore.exe <==== ATENÇÃO
Task: {D6F2E132-C041-45B6-9A58-7324F5C742C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {EA223A4D-F983-4131-8E16-642B03CA5311} - System32\Tasks\GoogleUpdateTaskMachineCore1d0002822695715 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F1930FC6-8AFA-48B1-9AD6-3B057B23F42A} - System32\Tasks\GoogleUpdateTaskMachineCore1d0422a455955cf => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\0814tbUpdateInfo.job => C:\ProgramData\Avg_Update_0814tb\0814tb_{FFBEC273-C746-47B7-881E-4059CAFF49D3}.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Tiago\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3089339955-3706307662-206936842-1000Core.job => C:\Users\Tiago\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3089339955-3706307662-206936842-1000UA.job => C:\Users\Tiago\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfed222de470f7.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0002822695715.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0422a455955cf.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08f026e38df79.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0c2df4895720b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e40a5358a41f.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f07346d52e5d.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12cf5caec91e0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d15dad7f0e5312.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab7910bd9a27.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Tiago\Desktop\GDRais 2013.lnk -> C:\GDRais2013\gdrais.bat ()
Shortcut: C:\Users\Tiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GdRaisJava\GDRais 2013.lnk -> C:\GDRais2013\gdrais.bat ()
==================== Módulos Carregados (Whitelisted) ==============
2016-01-14 09:45 - 2016-01-14 08:33 - 01428640 _____ () C:\Program Files\AnyDesk\AnyDesk.exe
2016-10-20 11:48 - 2015-08-21 15:50 - 00020568 _____ () C:\Program Files\AppBrad\NetExpressUpdater.exe
2013-08-27 12:42 - 2013-08-27 12:42 - 01260624 _____ () C:\Program Files\VMware\VMware Workstation\libxml2.dll
2013-08-27 12:09 - 2013-08-27 12:09 - 14401104 _____ () C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
2016-05-31 08:20 - 2016-05-31 08:20 - 00679624 _____ () C:\Users\Tiago\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2014-04-11 14:38 - 2008-08-02 13:56 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2013-01-26 11:54 - 2011-10-21 13:49 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2017-02-07 07:56 - 2017-02-01 06:01 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 07:56 - 2017-02-01 06:01 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8]
AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:D7F97185_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:D7F97185_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [569]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1930]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\caixa.gov.br -> hxxps://certificadodigital.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3089339955-3706307662-206936842-1000\...\fazenda.gov.br -> hxxps://www8.receita.fazenda.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2016-12-29 09:47 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3089339955-3706307662-206936842-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tiago\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 177.38.244.69 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{4FC234F7-2DA7-4998-8DBF-4FE7182ABE96}] => (Allow) C:\Users\Tiago\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{45916404-E315-4943-BD8C-E06AB735D8DE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A1D688B7-1CF8-4B85-A1EF-2E297342D07A}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{08E551FF-4804-43D4-8E54-039D224A9AFF}] => (Allow) LPort=2869
FirewallRules: [{5EB1CC1A-8161-49D2-9809-AE39656D11D3}] => (Allow) LPort=1900
FirewallRules: [{F0C1D990-32F6-4E0B-9178-A9F9F67D6961}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{BD201439-1E10-4499-8486-F5ADA9143543}C:\users\tiago\desktop\aa_v3.exe] => (Allow) C:\users\tiago\desktop\aa_v3.exe
FirewallRules: [UDP Query User{9C20AFE6-C22B-465B-9923-ED876331830F}C:\users\tiago\desktop\aa_v3.exe] => (Allow) C:\users\tiago\desktop\aa_v3.exe
FirewallRules: [{A3A70378-ECD7-4D0E-B606-6BC494B13E7C}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{7F3C6656-4E0D-426F-A7D9-ECB90C96A96A}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{5917042C-69B4-48F2-A54E-226508425F4D}] => (Allow) C:\Program Files\PSafe\PSRsync.exe
FirewallRules: [{1EA717F5-5BC9-4A9D-9FD7-1601DFB6E0DF}] => (Allow) C:\Program Files\PSafe\PSRsync.exe
FirewallRules: [{DB8C5364-E993-4931-A7E4-8FD6C0FC438E}] => (Allow) C:\Program Files\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{9239A248-0E42-41DA-8A99-F83832BD95A8}] => (Allow) C:\Program Files\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{AE33A249-858B-4FEE-8FA5-65E3C536CD07}] => (Allow) LPort=3306
FirewallRules: [{817AB6BE-A65C-4A69-B56D-FA71C800F1BB}] => (Allow) C:\AuxilioNFe\AuxilioNFe.exe
FirewallRules: [{3206CDEE-1BD5-4E78-BC84-EEF35CE3A603}] => (Allow) C:\AuxilioNFe\AuxilioNFe.exe
FirewallRules: [{9892D06C-F7D9-4FC2-9BE5-C909B7037C37}] => (Allow) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{CFB4DBD5-93E9-4B5F-9A14-96AC1965798B}] => (Allow) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{FF0490BC-B8E5-45FB-9C48-4FC938778B31}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{D40923EA-03D2-4BAF-8784-9742CAF447C3}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{5764DAF8-2806-4BF3-8955-8D11EE2AF93A}] => (Allow) C:\Program Files\Nero\KM\KwikMedia.exe
FirewallRules: [{D62BD0C8-BB1E-4D7E-9289-67CF22AD83CE}] => (Allow) C:\Program Files\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{6CF6570C-E107-464E-8B4C-F7FC2B2E093B}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{51629CDD-E487-42AC-9C35-59CEFC213013}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{B1BE4331-0A9C-47AA-A53B-49BD1BBF1003}\\server\sistemas\econtab\lf.exe] => (Allow) \\server\sistemas\econtab\lf.exe
FirewallRules: [UDP Query User{8B780539-22B6-4732-88A8-9EA228342C94}\\server\sistemas\econtab\lf.exe] => (Allow) \\server\sistemas\econtab\lf.exe
FirewallRules: [TCP Query User{E2510F40-25C1-4655-A3CE-FD3AADF93B9D}\\server\econtab\lf.exe] => (Allow) \\server\econtab\lf.exe
FirewallRules: [UDP Query User{61D99BA8-1809-4AC4-9B0B-FA4248D0B217}\\server\econtab\lf.exe] => (Allow) \\server\econtab\lf.exe
FirewallRules: [TCP Query User{42F085D9-6D31-456C-81A5-EFF6C5611758}\\server\sistemas\econtab\cb.exe] => (Allow) \\server\sistemas\econtab\cb.exe
FirewallRules: [UDP Query User{5BDE332C-82FD-4685-9E8A-0DE9570F99BD}\\server\sistemas\econtab\cb.exe] => (Allow) \\server\sistemas\econtab\cb.exe
FirewallRules: [TCP Query User{2D96AAB8-4A1C-44AC-B771-9F6A0A6EAD4E}C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe
FirewallRules: [UDP Query User{698D90F6-4044-404E-B627-AD84CEE88588}C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe
FirewallRules: [{96A143DF-6C34-4876-9C70-AD4DE9678903}] => (Allow) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\Smc.exe
FirewallRules: [{36CCD0C8-AB80-4224-85E6-566268C60F10}] => (Allow) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\Smc.exe
FirewallRules: [{148E7059-CB9D-481C-87DA-E5264E435C2D}] => (Allow) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\snac.exe
FirewallRules: [{E9BE0BF9-0A20-433E-9FE5-59DD9D9588C3}] => (Allow) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\snac.exe
FirewallRules: [{4EF813CC-17B3-44E2-952A-0C87CED94E99}] => (Allow) C:\Program Files\baidu\Spark\Spark.exe
FirewallRules: [{93E4B372-79F6-4CFA-8257-797715DC2747}] => (Allow) C:\Program Files\baidu\Spark\Spark.exe
FirewallRules: [{4F633558-17E2-4449-84D4-D2745238C62A}] => (Allow) C:\Program Files\baidu\Spark\bdtray.exe
FirewallRules: [{19CB7C25-E7E0-4DE4-94D3-6DA81CCA8B1B}] => (Allow) C:\Program Files\baidu\Spark\bdtray.exe
FirewallRules: [{B9E06D36-C4D6-42B9-A9F5-907FFB3B80F0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F9AC15B8-B4CB-4C51-A985-8FE029D11AE3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BD891C78-8DC6-44D5-9CBD-E8216C18F954}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C6AC719A-A7BD-4124-B269-2D6FF54EF2B5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8A98DE8D-3442-48C2-BA63-77ABB1F79726}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{652CF59C-2099-43B8-B106-BADFAA7DA3B5}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{A07D593C-1255-428D-B01C-0936F2A15855}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{1E108717-4874-4069-B67D-F93DAEEF1927}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{13AF09DC-528C-4B3F-B26B-0A2AC4045CEB}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{12D57218-2088-450E-BB87-38A64EAA5D37}] => (Allow) C:\Instalador Sped\AnyDesk.exe
FirewallRules: [{7EF730A2-2CC1-4746-AF2D-D85E1A00E3B5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{18C879E8-4F93-4C49-AB70-E2B051A5AE24}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{CBD0B45F-BD0D-48CE-B2BC-EEAE5686AEB9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B5189AFD-9894-4D43-BC23-56F6B1C1E94D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5910B784-56A9-4E73-AE5B-FA8645754390}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{36104D8E-41A4-4CF5-834C-2B3EA94627CA}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{3173E86C-17BF-400C-AB90-996B164798A2}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{72B21E4C-174E-4A21-9B41-96093DF5243E}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{2A41838C-6F63-4F43-9A53-1ABEB5685334}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{5894278B-4B4E-4912-9A03-F2463F7E65EB}] => (Allow) C:\Program Files\IncrediMail\Bin\IncMail.exe
FirewallRules: [{ABFEE55B-653B-42A2-AE19-153DB18773AA}] => (Allow) C:\Program Files\IncrediMail\Bin\IncMail.exe
FirewallRules: [{191D5BF3-D12A-43EB-AD8F-AE51A531B28B}] => (Allow) C:\Program Files\IncrediMail\Bin\ImApp.exe
FirewallRules: [{19FF302F-AC9B-411B-9A5D-8625BAD3AB8A}] => (Allow) C:\Program Files\IncrediMail\Bin\ImApp.exe
FirewallRules: [{AA8C22F2-54A2-4F04-94A4-2C378640AAF1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{A1A88C67-E8E7-496B-B525-C7D15AD61437}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{7EFA8B38-690E-44B3-902A-909B3F84A795}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{F91E12F5-3961-4A13-A129-E387D8B83B86}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{4C2225DB-2A31-47EB-B0CD-CB6D3027D0C3}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{73A4780A-EC67-42D7-BB5E-F46378EB6E28}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{C57BEAA1-FCBB-4CFE-BAC6-730B65DBD482}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe
FirewallRules: [{AF81A2BF-8738-4F29-9F9A-3AAD22A23696}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
==================== Pontos de Restauração =========================
02-02-2017 16:12:03 Ponto de Verificação Agendado
09-02-2017 16:49:40 Ponto de Verificação Agendado
17-02-2017 15:54:40 Ponto de Verificação Agendado
03-03-2017 07:34:54 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
03-03-2017 07:40:22 Removed Skype™ 7.33
03-03-2017 07:41:21 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: IDSVix86
Description: IDSVix86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IDSVix86
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: BHDrvx86
Description: BHDrvx86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx86
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: pa_sys_config
Description: pa_sys_config
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pa_sys_config
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/03/2017 07:44:10 AM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Encontrado risco à segurança!Tracking Cookies no arquivo: Cookie:tiago@advertising.com/ por: Verificação Inicialização. Ação: Excluir bem-sucedida. Descrição da ação: O arquivo foi excluído com sucesso.
Error: (03/03/2017 07:34:24 AM) (Source: Symantec AntiVirus) (EventID: 73) (User: )
Description: O SONAR gerou um erro: código 1: descrição: Falha na verificação heurística ou no carregamento
Error: (03/03/2017 07:29:21 AM) (Source: Symantec Network Protection) (EventID: 400) (User: )
Description: A prevenção contra intrusões na rede não está protegendo o computador porque seu driver foi descarregado
Error: (03/03/2017 07:28:25 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: pg_ctl: não pôde encontrar o programa executável do postgres
Error: (03/03/2017 07:27:28 AM) (Source: Symantec AntiVirus) (EventID: 73) (User: )
Description: O SONAR gerou um erro: código 1: descrição: Falha na verificação heurística ou no carregamento
Error: (03/03/2017 07:24:59 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\Users\Tiago\AppData\Local\Temp\vc_redist.x86.exe /install /quiet /norestart; Descrição = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215; Erro = 0x80070514).
Error: (03/03/2017 07:22:24 AM) (Source: Symantec Network Protection) (EventID: 400) (User: )
Description: A prevenção contra intrusões na rede não está protegendo o computador porque seu driver foi descarregado
Error: (03/03/2017 07:21:28 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: pg_ctl: não pôde encontrar o programa executável do postgres
Error: (03/02/2017 05:11:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HP1006MC.EXE, versão: 4.0.0.47, carimbo de hora: 0x46c2fc48
Nome do módulo de falhas: HP1006MC.EXE, versão: 4.0.0.47, carimbo de hora: 0x46c2fc48
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00005b15
Identificação do processo com falha: 0x924
Hora de início do aplicativo com falha: 0x01d293912469bfc5
Caminho do aplicativo com falha: C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
FCaminho do módulo de falhas: C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
Identificação do Relatório: 62ba3dd5-ff84-11e6-9bf1-005056c00008
Error: (03/02/2017 05:06:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HP1006MC.EXE, versão: 4.0.0.47, carimbo de hora: 0x46c2fc48
Nome do módulo de falhas: HP1006MC.EXE, versão: 4.0.0.47, carimbo de hora: 0x46c2fc48
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00005b15
Identificação do processo com falha: 0x1fcc
Hora de início do aplicativo com falha: 0x01d293907c8effc4
Caminho do aplicativo com falha: C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
FCaminho do módulo de falhas: C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
Identificação do Relatório: ba6f2e2e-ff83-11e6-9bf1-005056c00008
Erros de Sistema:
=============
Error: (03/03/2017 07:40:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/03/2017 07:29:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/03/2017 07:28:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BHDrvx86 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/03/2017 07:28:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
BHDrvx86
gbpddreg
IDSvix86
pa_sys_config
pa_sys_config"register
pa_sys_config"unregister
Error: (03/03/2017 07:28:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço postgresql-9.0 - PostgreSQL Server 9.0 foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (03/03/2017 07:22:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/03/2017 07:21:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BHDrvx86 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/03/2017 07:21:59 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
BHDrvx86
gbpddreg
IDSvix86
pa_sys_config
pa_sys_config"register
pa_sys_config"unregister
Error: (03/03/2017 07:21:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço postgresql-9.0 - PostgreSQL Server 9.0 foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (03/02/2017 10:01:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço IDSvix86 devido ao seguinte erro:
Um dispositivo conectado ao sistema não está funcionando.
CodeIntegrity:
===================================
Date: 2015-02-12 15:47:42.271
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:47:42.240
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:47:42.209
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:18:14.649
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:18:14.624
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:18:14.601
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:09:26.567
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:09:26.544
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-12 15:09:26.499
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-02-10 15:13:58.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentagem de memória em uso: 69%
RAM física total: 3489.28 MB
RAM física disponível: 1062.25 MB
Virtual Total: 6976.83 MB
Virtual disponível: 4293.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:333.66 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0005FD2A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================