Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 11-03-2017
Executado por Leandro (11-03-2017 07:30:07)
Executando a partir de C:\Users\Leandro\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2012-08-29 01:08:12)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3644643762-1090977706-553488109-500 - Administrator - Disabled)
Convidado (S-1-5-21-3644643762-1090977706-553488109-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3644643762-1090977706-553488109-1365 - Limited - Enabled)
Leandro (S-1-5-21-3644643762-1090977706-553488109-1000 - Administrator - Enabled) => C:\Users\Leandro
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Attribute Changer 8.20 (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 8.20 - Romain Petges)
AV121 (HKLM-x32\...\AV121) (Version: - )
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 12.1.2272 - AVAST Software)
Brother MFL-Pro Suite DCP-8157DN (HKLM-x32\...\{37372D85-4945-4B6B-AC87-7BC5D1AB9F5C}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-8890DW (HKLM-x32\...\{004B8D14-7E3A-490A-ABB3-753535E169E3}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CAT VERSÃO 4.0 (HKLM-x32\...\CAT 4.0_mp1) (Version: - DATAPREV)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Combat Arms (HKLM-x32\...\Combat Arms) (Version: - )
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
CrazyTalk Cam Suite PRO (HKLM-x32\...\{D1504C77-1B19-4AF0-8DEC-946666123B55}) (Version: 3.0 - Reallusion)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DriverPack Solution Updater (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\DRPSu Updater) (Version: 0.0.25 - DriverPack Solution)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FWC Connection 1.0.5.0 (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\FWC Connection 1.0.5.0) (Version: - )
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Gerenciador de Downloads (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\0dd67a782103f089) (Version: 0.9.3.40 - Level Up! Gerenciador)
GO-Global Client (HKLM-x32\...\{4EE4B3B1-39EC-42DB-9693-14EA20C0C48F}) (Version: 4.8.0.18673 - GraphOn Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
hppLaserJetService (x32 Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (x32 Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (x32 Version: 1.0.0.2 - Hewlett-Packard) Hidden
HxD Hex Editor versão 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.0 - Receita Federal do Brasil)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.4 - Receita Federal do Brasil)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2017) (Version: 1.0 - Receita Federal do Brasil)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 9.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.5 - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MeganaNuvem-Castellar versão v3-New DC (HKLM-x32\...\{D0227E75-F4AF-4BCB-BE5E-E7E2B349E87A}_is1) (Version: v3-New DC - FWC-CLOUD)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Motorola Bluetooth (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.12.285 - Motorola, Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - )
OpenVPN Client (HKLM-x32\...\{072A5217-8165-4AB7-8366-36CB3245DB60}) (Version: 1.5.6 - OpenVPN Technologies)
PDF24 Creator 7.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Sistema de Controle de qualidade (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\Sistema de Controle de qualidade) (Version: - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
Software básico do dispositivo HP Deskjet 2050 J510 series (HKLM\...\{9C957F82-7EE0-423D-A386-587C9A4A83FB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Software básico do dispositivo HP Deskjet 3050 J610 series (HKLM\...\{477347C0-64CF-4E41-8D51-4EB47EEE6460}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
Video Downloader version 2.0 (HKLM-x32\...\Video Downloader_is1) (Version: 2.0 - )
Warsaw 1.14.2.35 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.14.2.35 - GAS Tecnologia)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Connection Plugin version 9.80.0.44 (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\{51321E9A-0DEB-4ED3-B8D7-ABED7D2C4757}_is1) (Version: 9.80.0.44 - JWTS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3644643762-1090977706-553488109-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Leandro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3644643762-1090977706-553488109-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Leandro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3644643762-1090977706-553488109-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Leandro\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {127736E2-6E20-466E-AB52-BB40E514096F} - System32\Tasks\{F518AA19-C077-466E-A2F8-9658C18F464F} => pcalua.exe -a C:\Users\Leandro\Downloads\iGBPCEFsf.exe -d C:\Users\Leandro\Downloads
Task: {1F6A00A6-5167-41B1-A289-D3B11DF8843E} - System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 => C:\Users\Leandro\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATENÇÃO
Task: {286FA8E4-D958-4DDE-AFB5-2A1C22EEB038} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask => "%Systemdrive%\Office Activation Technologies\Install.cmd"
Task: {39FF379A-46ED-4E56-9425-CBCB58D8FDCF} - System32\Tasks\{B5EC668B-46F0-4CBE-A2BB-4B0CC8050EED} => pcalua.exe -a "C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe"
Task: {3C8BA6E9-60DE-4228-939F-83AFF9B7719C} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
Task: {428D6DB9-BF63-48AE-9998-EE925501C2BD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {46E9DFEB-B1C4-48DD-A711-7DD81A8CAF53} - System32\Tasks\{4EEAEE10-E56C-484A-9DA6-83B661324462} => pcalua.exe -a C:\Users\Leandro\Downloads\Receitanet-1.04.exe -d C:\Users\Leandro\Downloads
Task: {4EC01077-7183-4CE0-B2C4-0D16F4862284} - System32\Tasks\{C84498B0-1170-4413-8E43-FB9E631BB92A} => pcalua.exe -a "C:\Users\Leandro\Downloads\iGBPCEFsf (1).exe" -d C:\Users\Leandro\Desktop
Task: {4EF46B6E-5F71-4FB7-9C86-60D92ECD4AA8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-11] (AVAST Software)
Task: {69B72098-4659-411C-B4CD-22547A168455} - System32\Tasks\{1CD4C13D-293E-427E-8D5D-86F1809A9D1F} => Chrome.exe hxxps://ui.skype.com/ui/0/7.32.0.104/pt/abandoninstall?page=tsProgressBar
Task: {6E492CCA-BE2E-49A9-8B18-1370867372FB} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
Task: {73D4B572-4EE8-47CC-9443-B313B05E0CF7} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2014-01-27] ()
Task: {76E47E36-68A8-403D-8FF5-F85735ED5F79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {870AA6DB-340E-408D-BCBC-D0095BE7DD5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {8D9FB103-C7C6-4C6D-89D6-3B5EB2D58472} - System32\Tasks\{8462E510-5026-492B-8426-F41EC6DF876C} => pcalua.exe -a "G:\VIVO INTERNET\Setup.exe" -d "G:\VIVO INTERNET"
Task: {8E18A407-8D8C-4D77-82F3-FE371675C410} - System32\Tasks\{F3F9F90F-7431-425C-9512-B41270816006} => pcalua.exe -a C:\Users\Leandro\Downloads\Receitanet-1.05.exe -d C:\Users\Leandro\Downloads
Task: {93F46729-DB7D-4607-9AB8-448BFAD118FB} - System32\Tasks\Run_Bobby_Browser => C:\Users\Leandro\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATENÇÃO
Task: {9ECF214B-7F30-4B6E-9B38-D6CC801D8842} - System32\Tasks\crash_service => C:\Users\Leandro\AppData\Local\BoBrowser\Application\crash_service.exe <==== ATENÇÃO
Task: {B23FCE2E-BF3E-49B0-A26F-9AE451214129} - System32\Tasks\{CEC161D8-A70E-45F8-8152-CF8E556576DE} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.73.106.456/pt/abandoninstall?page=tsWLM
Task: {C056FC8B-809D-4E8B-9E92-CCE1E72661A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CBB54974-B227-4F44-AF1E-8899658829C2} - System32\Tasks\SafeZone scheduled Autoupdate 1468264871 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {D1B7BEC1-5678-4E2C-AE99-EC16C9A74C5A} - System32\Tasks\{D3508B0F-A8D2-4C42-A830-D2C33E76AD55} => Chrome.exe hxxp://ui.skype.com/ui/0/7.5.64.102/pt/abandoninstall?page=tsProgressBar
Task: {E593E7B7-E0C9-42C3-8913-8DEEE53954E0} - System32\Tasks\{994A8097-6B42-48A6-8F56-7A51706A4ED9} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/pt/abandoninstall?page=tsProgressBar
Task: {F1028E55-6970-43DB-B47C-269EF0B0DBFE} - System32\Tasks\{08F3C4AE-20FA-452A-A758-6CF2F846A742} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.59.103/pt/abandoninstall?page=tsMain
Task: {FDFFFFD0-0A81-45CA-A34D-0E16725DADE4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Leandro\Desktop\Acesso Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Leandro\AppData\Local\Google\Chrome\User Data" --profile-directory="Profile 1" --app-id=jekaallldjdjoloogjoidclbnpckjifm
ShortcutWithArgument: C:\Users\Leandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Acesso Web (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Leandro\AppData\Local\Google\Chrome\User Data" --profile-directory="Profile 1" --app-id=jekaallldjdjoloogjoidclbnpckjifm
ShortcutWithArgument: C:\Users\Leandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Acesso Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Leandro\AppData\Local\Google\Chrome\User Data" --profile-directory="Profile 1" --app-id=jekaallldjdjoloogjoidclbnpckjifm
ShortcutWithArgument: C:\Users\Leandro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Módulos Carregados (Whitelisted) ==============
2012-08-30 17:56 - 2012-07-31 11:31 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2014-04-16 01:22 - 2014-04-16 05:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll
2014-04-25 06:28 - 2010-03-31 10:51 - 00074240 ____N () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2014-03-19 08:37 - 2014-03-19 08:36 - 00277504 _____ () C:\ProgramData\KMSAuto\KMSES.exe
2010-08-12 17:45 - 2010-08-12 17:45 - 00024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
2013-01-21 14:10 - 2005-04-22 12:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2012-08-29 15:33 - 2011-10-21 12:49 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-17 07:59 - 2015-07-09 13:58 - 00076800 _____ () C:\Windows\system32\CompatTel\CosQuery.dll
2016-07-11 13:31 - 2016-07-11 13:31 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-10 14:57 - 2017-03-10 14:57 - 05883392 _____ () C:\Program Files\AVAST Software\Avast\defs\17031001\algo.dll
2016-07-11 13:31 - 2016-07-11 13:31 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2009-07-05 06:35 - 2009-07-05 06:35 - 00028160 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\servicemanager.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00110592 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pywintypes26.dll
2009-07-05 06:35 - 2009-07-05 06:35 - 00041472 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32service.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00096256 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32api.pyd
2009-10-26 09:27 - 2009-10-26 09:27 - 00153088 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyexpat.pyd
2009-10-26 09:25 - 2009-10-26 09:25 - 00040448 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_socket.pyd
2009-10-26 09:25 - 2009-10-26 09:25 - 00645120 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ssl.pyd
2010-03-16 13:05 - 2010-03-16 13:05 - 00020480 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\zope.interface._zope_interface_coptimizations.pyd
2009-10-26 09:27 - 2009-10-26 09:27 - 00311808 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_hashlib.pyd
2009-10-26 09:25 - 2009-10-26 09:25 - 00073728 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ctypes.pyd
2009-10-26 09:27 - 2009-10-26 09:27 - 00011776 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\select.pyd
2010-05-05 13:44 - 2010-05-05 13:44 - 00010752 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.rand.pyd
2010-05-05 13:44 - 2010-05-05 13:44 - 00051200 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.crypto.pyd
2010-05-05 13:44 - 2010-05-05 13:44 - 00039936 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.SSL.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00036352 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32process.pyd
2010-05-05 13:43 - 2010-05-05 13:43 - 00008192 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\twisted.protocols._c_urlarg.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00110592 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32security.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00017920 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32event.pyd
2009-07-06 04:16 - 2009-07-06 04:16 - 00111104 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32file.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32pipe.pyd
2016-07-11 13:31 - 2016-07-11 13:31 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-07 11:20 - 2017-02-01 05:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 11:20 - 2017-02-01 05:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:1DE39065_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:1DE39065_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 22:34 - 2015-02-12 06:11 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3644643762-1090977706-553488109-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Leandro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MonitorCloud.lnk => C:\Windows\pss\MonitorCloud.lnk.CommonStartup
MSCONFIG\startupreg: FWC Connection => "C:\Users\Leandro\FWC Connection\FWCConnection.exe" -Start
MSCONFIG\startupreg: OneDrive => "C:\Users\Leandro\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{84F5C155-A233-4975-93FB-1D09B89A6A60}] => (Allow) svchost.exe
FirewallRules: [{BE82B473-5FC1-4115-9508-E2AFA8FCB7B9}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9B3AA208-A5C2-4A80-9B07-945B22B71421}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8FF2107E-6D76-489C-BB83-FA31DEBB5E6C}] => (Allow) LPort=2869
FirewallRules: [{3EBADD57-8518-4F64-8112-D01506EA7274}] => (Allow) LPort=1900
FirewallRules: [{1DF22629-B649-4492-A340-649644DC5EC2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6CEC5158-A637-481D-B793-1B0E3F19DBC6}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{68516D0C-67F2-48A0-ACC2-5E37F30F72A7}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{F31880FE-8C20-4E05-BDE9-962A02342EC1}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8098885C-1892-4E92-9DB9-49438413A316}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{58F5244D-7A4A-4A56-86DB-38A562C15575}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{B568C77E-EE59-4F1F-98A7-191EA16DC389}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{15C6C82A-2642-416E-87AD-768A6C0E975C}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08i\FAXRX.exe
FirewallRules: [{A3902360-3D0A-48D2-BC83-91187362C8BF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08i\FAXRX.exe
FirewallRules: [{94739CAC-F920-49CE-A277-7A8933DE4258}] => (Allow) LPort=54925
FirewallRules: [{9FF9CDB0-DB58-4C5B-A888-34CF9C2ADBA3}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{85A2EC63-1ECB-4150-8980-38AC0573A1E6}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{A2DDC051-FE37-4C14-902F-3F3511BBD3E2}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{6C8D47BE-8E3E-4A58-814C-C92810E6687A}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [GO-Global Client Launcher-Out-UDP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe
FirewallRules: [GO-Global Client Launcher-In-TCP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe
FirewallRules: [GO-Global Client Launcher-Out-TCP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe
FirewallRules: [GO-Global Client Launcher-In-UDP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe
FirewallRules: [TCP Query User{054FFF73-5DD0-4CC1-9A76-6861085F8FF1}C:\level up! games\combat arms\engine.exe] => (Allow) C:\level up! games\combat arms\engine.exe
FirewallRules: [UDP Query User{4C45F2EE-2DC0-4E60-A77D-9E18AFE0932C}C:\level up! games\combat arms\engine.exe] => (Allow) C:\level up! games\combat arms\engine.exe
FirewallRules: [{34077BAB-49BF-437F-A026-F7E8BFB9DCE5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1F6582E0-100C-4F52-A1B3-09760383C272}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{42A467AC-4829-4233-845E-7FCCBC852C30}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{728A2646-4556-4A9D-B618-C236572E806E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{43520B69-0D5E-4067-8B98-459B0C1D453F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2A35DE1F-B887-44E9-92E7-771B033254D9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{05143421-8922-411F-B7D6-DCDEBD8807F0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{065FE0FD-4F8E-4A38-8A70-404B86650865}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{29EB3FF6-BF52-4534-9AFF-B98DB04066EE}] => (Allow) C:\Users\Leandro\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{7478CE02-9ED8-406F-9DF6-A61ACE750E56}] => (Allow) C:\Users\Leandro\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{01060B6E-CB5B-4B53-A3AB-5A36F5F31C21}] => (Allow) LPort=1688
FirewallRules: [{653946AA-7E4C-4BFA-8643-5A5A5CC14585}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{7569709C-B582-4397-8F74-9FCC911974B1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{3B15EFFA-2031-466C-B6CE-14306CA7E48E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{94355CBB-0859-42A2-BFDC-44D839EAB17E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{EE25D611-8F3E-4557-B1DB-E113AD095769}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{DAC13AE9-422F-4CDC-99D3-9355DA49714D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{FF177318-2042-4954-9DD1-24601FEA9A03}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{4448EFC2-41B4-4CF3-B9CE-32C384681822}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{C1247EA4-90F6-450F-87F6-B938AEAA6ADE}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{D2F9193B-1EA0-4C0D-92C9-8DC3A784983C}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{3AC84A79-C9FF-4D96-AC0B-0886405F41F6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
DomainProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe] => Enabled:GO-Global Client Launcher
StandardProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe] => Enabled:GO-Global Client Launcher
==================== Pontos de Restauração =========================
18-02-2017 07:02:57 Ponto de Verificação Agendado
25-02-2017 07:31:43 Windows Update
06-03-2017 09:01:35 Ponto de Verificação Agendado
07-03-2017 15:05:02 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
08-03-2017 10:05:48 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
08-03-2017 11:28:58 Removed Skype™ 7.33
08-03-2017 11:30:01 Removed Skype Web Plugin
08-03-2017 11:33:32 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
09-03-2017 06:17:44 Removed Skype™ 7.33
09-03-2017 09:49:28 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8169
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Controlador de barramento SM
Description: Controlador de barramento SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controlador de aquisição de dados e processamento de sinal PCI
Description: Controlador de aquisição de dados e processamento de sinal PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Adaptador de Miniporta WiFi Virtual da Microsoft
Description: Adaptador de Miniporta WiFi Virtual da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Adaptador de Túnel Teredo da Microsoft
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/11/2017 07:12:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.
Error: (03/11/2017 07:12:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/11/2017 07:12:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/10/2017 02:33:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.
Error: (03/10/2017 02:33:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/10/2017 02:33:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/10/2017 09:31:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.
Error: (03/10/2017 09:31:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/10/2017 09:31:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/10/2017 09:29:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.
Erros de Sistema:
=============
Error: (03/11/2017 07:14:59 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:07:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
CodeIntegrity:
===================================
Date: 2017-03-11 07:08:15.122
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddprm.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-11 07:07:50.116
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\GbPlugin\wsftprp64.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-11 07:07:49.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbprcm64.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-11 07:06:09.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-11 07:05:32.549
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-11 07:05:32.424
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-10 06:54:26.570
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddprm.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-10 06:54:06.680
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\GbPlugin\wsftprp64.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-10 06:54:06.399
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbprcm64.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-10 06:52:46.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentagem de memória em uso: 58%
RAM física total: 8038.5 MB
RAM física disponível: 3354.71 MB
Virtual Total: 16075.21 MB
Virtual disponível: 11630.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:273.53 GB) NTFS
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================
Executado por Leandro (11-03-2017 07:30:07)
Executando a partir de C:\Users\Leandro\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2012-08-29 01:08:12)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3644643762-1090977706-553488109-500 - Administrator - Disabled)
Convidado (S-1-5-21-3644643762-1090977706-553488109-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3644643762-1090977706-553488109-1365 - Limited - Enabled)
Leandro (S-1-5-21-3644643762-1090977706-553488109-1000 - Administrator - Enabled) => C:\Users\Leandro
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Attribute Changer 8.20 (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 8.20 - Romain Petges)
AV121 (HKLM-x32\...\AV121) (Version: - )
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 12.1.2272 - AVAST Software)
Brother MFL-Pro Suite DCP-8157DN (HKLM-x32\...\{37372D85-4945-4B6B-AC87-7BC5D1AB9F5C}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-8890DW (HKLM-x32\...\{004B8D14-7E3A-490A-ABB3-753535E169E3}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CAT VERSÃO 4.0 (HKLM-x32\...\CAT 4.0_mp1) (Version: - DATAPREV)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Combat Arms (HKLM-x32\...\Combat Arms) (Version: - )
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
CrazyTalk Cam Suite PRO (HKLM-x32\...\{D1504C77-1B19-4AF0-8DEC-946666123B55}) (Version: 3.0 - Reallusion)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DriverPack Solution Updater (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\DRPSu Updater) (Version: 0.0.25 - DriverPack Solution)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FWC Connection 1.0.5.0 (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\FWC Connection 1.0.5.0) (Version: - )
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Gerenciador de Downloads (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\0dd67a782103f089) (Version: 0.9.3.40 - Level Up! Gerenciador)
GO-Global Client (HKLM-x32\...\{4EE4B3B1-39EC-42DB-9693-14EA20C0C48F}) (Version: 4.8.0.18673 - GraphOn Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
hppLaserJetService (x32 Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (x32 Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (x32 Version: 1.0.0.2 - Hewlett-Packard) Hidden
HxD Hex Editor versão 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.0 - Receita Federal do Brasil)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.4 - Receita Federal do Brasil)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2017) (Version: 1.0 - Receita Federal do Brasil)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 9.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.5 - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MeganaNuvem-Castellar versão v3-New DC (HKLM-x32\...\{D0227E75-F4AF-4BCB-BE5E-E7E2B349E87A}_is1) (Version: v3-New DC - FWC-CLOUD)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Motorola Bluetooth (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.12.285 - Motorola, Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - )
OpenVPN Client (HKLM-x32\...\{072A5217-8165-4AB7-8366-36CB3245DB60}) (Version: 1.5.6 - OpenVPN Technologies)
PDF24 Creator 7.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Sistema de Controle de qualidade (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\Sistema de Controle de qualidade) (Version: - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
Software básico do dispositivo HP Deskjet 2050 J510 series (HKLM\...\{9C957F82-7EE0-423D-A386-587C9A4A83FB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Software básico do dispositivo HP Deskjet 3050 J610 series (HKLM\...\{477347C0-64CF-4E41-8D51-4EB47EEE6460}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
Video Downloader version 2.0 (HKLM-x32\...\Video Downloader_is1) (Version: 2.0 - )
Warsaw 1.14.2.35 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.14.2.35 - GAS Tecnologia)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Connection Plugin version 9.80.0.44 (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\{51321E9A-0DEB-4ED3-B8D7-ABED7D2C4757}_is1) (Version: 9.80.0.44 - JWTS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3644643762-1090977706-553488109-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Leandro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3644643762-1090977706-553488109-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Leandro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3644643762-1090977706-553488109-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Leandro\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {127736E2-6E20-466E-AB52-BB40E514096F} - System32\Tasks\{F518AA19-C077-466E-A2F8-9658C18F464F} => pcalua.exe -a C:\Users\Leandro\Downloads\iGBPCEFsf.exe -d C:\Users\Leandro\Downloads
Task: {1F6A00A6-5167-41B1-A289-D3B11DF8843E} - System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 => C:\Users\Leandro\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATENÇÃO
Task: {286FA8E4-D958-4DDE-AFB5-2A1C22EEB038} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask => "%Systemdrive%\Office Activation Technologies\Install.cmd"
Task: {39FF379A-46ED-4E56-9425-CBCB58D8FDCF} - System32\Tasks\{B5EC668B-46F0-4CBE-A2BB-4B0CC8050EED} => pcalua.exe -a "C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe"
Task: {3C8BA6E9-60DE-4228-939F-83AFF9B7719C} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
Task: {428D6DB9-BF63-48AE-9998-EE925501C2BD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {46E9DFEB-B1C4-48DD-A711-7DD81A8CAF53} - System32\Tasks\{4EEAEE10-E56C-484A-9DA6-83B661324462} => pcalua.exe -a C:\Users\Leandro\Downloads\Receitanet-1.04.exe -d C:\Users\Leandro\Downloads
Task: {4EC01077-7183-4CE0-B2C4-0D16F4862284} - System32\Tasks\{C84498B0-1170-4413-8E43-FB9E631BB92A} => pcalua.exe -a "C:\Users\Leandro\Downloads\iGBPCEFsf (1).exe" -d C:\Users\Leandro\Desktop
Task: {4EF46B6E-5F71-4FB7-9C86-60D92ECD4AA8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-11] (AVAST Software)
Task: {69B72098-4659-411C-B4CD-22547A168455} - System32\Tasks\{1CD4C13D-293E-427E-8D5D-86F1809A9D1F} => Chrome.exe hxxps://ui.skype.com/ui/0/7.32.0.104/pt/abandoninstall?page=tsProgressBar
Task: {6E492CCA-BE2E-49A9-8B18-1370867372FB} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
Task: {73D4B572-4EE8-47CC-9443-B313B05E0CF7} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2014-01-27] ()
Task: {76E47E36-68A8-403D-8FF5-F85735ED5F79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {870AA6DB-340E-408D-BCBC-D0095BE7DD5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {8D9FB103-C7C6-4C6D-89D6-3B5EB2D58472} - System32\Tasks\{8462E510-5026-492B-8426-F41EC6DF876C} => pcalua.exe -a "G:\VIVO INTERNET\Setup.exe" -d "G:\VIVO INTERNET"
Task: {8E18A407-8D8C-4D77-82F3-FE371675C410} - System32\Tasks\{F3F9F90F-7431-425C-9512-B41270816006} => pcalua.exe -a C:\Users\Leandro\Downloads\Receitanet-1.05.exe -d C:\Users\Leandro\Downloads
Task: {93F46729-DB7D-4607-9AB8-448BFAD118FB} - System32\Tasks\Run_Bobby_Browser => C:\Users\Leandro\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATENÇÃO
Task: {9ECF214B-7F30-4B6E-9B38-D6CC801D8842} - System32\Tasks\crash_service => C:\Users\Leandro\AppData\Local\BoBrowser\Application\crash_service.exe <==== ATENÇÃO
Task: {B23FCE2E-BF3E-49B0-A26F-9AE451214129} - System32\Tasks\{CEC161D8-A70E-45F8-8152-CF8E556576DE} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.73.106.456/pt/abandoninstall?page=tsWLM
Task: {C056FC8B-809D-4E8B-9E92-CCE1E72661A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CBB54974-B227-4F44-AF1E-8899658829C2} - System32\Tasks\SafeZone scheduled Autoupdate 1468264871 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {D1B7BEC1-5678-4E2C-AE99-EC16C9A74C5A} - System32\Tasks\{D3508B0F-A8D2-4C42-A830-D2C33E76AD55} => Chrome.exe hxxp://ui.skype.com/ui/0/7.5.64.102/pt/abandoninstall?page=tsProgressBar
Task: {E593E7B7-E0C9-42C3-8913-8DEEE53954E0} - System32\Tasks\{994A8097-6B42-48A6-8F56-7A51706A4ED9} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/pt/abandoninstall?page=tsProgressBar
Task: {F1028E55-6970-43DB-B47C-269EF0B0DBFE} - System32\Tasks\{08F3C4AE-20FA-452A-A758-6CF2F846A742} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.59.103/pt/abandoninstall?page=tsMain
Task: {FDFFFFD0-0A81-45CA-A34D-0E16725DADE4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Leandro\Desktop\Acesso Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Leandro\AppData\Local\Google\Chrome\User Data" --profile-directory="Profile 1" --app-id=jekaallldjdjoloogjoidclbnpckjifm
ShortcutWithArgument: C:\Users\Leandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Acesso Web (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Leandro\AppData\Local\Google\Chrome\User Data" --profile-directory="Profile 1" --app-id=jekaallldjdjoloogjoidclbnpckjifm
ShortcutWithArgument: C:\Users\Leandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Acesso Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Leandro\AppData\Local\Google\Chrome\User Data" --profile-directory="Profile 1" --app-id=jekaallldjdjoloogjoidclbnpckjifm
ShortcutWithArgument: C:\Users\Leandro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Módulos Carregados (Whitelisted) ==============
2012-08-30 17:56 - 2012-07-31 11:31 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2014-04-16 01:22 - 2014-04-16 05:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll
2014-04-25 06:28 - 2010-03-31 10:51 - 00074240 ____N () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2014-03-19 08:37 - 2014-03-19 08:36 - 00277504 _____ () C:\ProgramData\KMSAuto\KMSES.exe
2010-08-12 17:45 - 2010-08-12 17:45 - 00024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
2013-01-21 14:10 - 2005-04-22 12:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2012-08-29 15:33 - 2011-10-21 12:49 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-17 07:59 - 2015-07-09 13:58 - 00076800 _____ () C:\Windows\system32\CompatTel\CosQuery.dll
2016-07-11 13:31 - 2016-07-11 13:31 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-10 14:57 - 2017-03-10 14:57 - 05883392 _____ () C:\Program Files\AVAST Software\Avast\defs\17031001\algo.dll
2016-07-11 13:31 - 2016-07-11 13:31 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2009-07-05 06:35 - 2009-07-05 06:35 - 00028160 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\servicemanager.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00110592 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pywintypes26.dll
2009-07-05 06:35 - 2009-07-05 06:35 - 00041472 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32service.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00096256 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32api.pyd
2009-10-26 09:27 - 2009-10-26 09:27 - 00153088 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyexpat.pyd
2009-10-26 09:25 - 2009-10-26 09:25 - 00040448 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_socket.pyd
2009-10-26 09:25 - 2009-10-26 09:25 - 00645120 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ssl.pyd
2010-03-16 13:05 - 2010-03-16 13:05 - 00020480 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\zope.interface._zope_interface_coptimizations.pyd
2009-10-26 09:27 - 2009-10-26 09:27 - 00311808 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_hashlib.pyd
2009-10-26 09:25 - 2009-10-26 09:25 - 00073728 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ctypes.pyd
2009-10-26 09:27 - 2009-10-26 09:27 - 00011776 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\select.pyd
2010-05-05 13:44 - 2010-05-05 13:44 - 00010752 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.rand.pyd
2010-05-05 13:44 - 2010-05-05 13:44 - 00051200 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.crypto.pyd
2010-05-05 13:44 - 2010-05-05 13:44 - 00039936 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.SSL.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00036352 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32process.pyd
2010-05-05 13:43 - 2010-05-05 13:43 - 00008192 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\twisted.protocols._c_urlarg.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00110592 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32security.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00017920 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32event.pyd
2009-07-06 04:16 - 2009-07-06 04:16 - 00111104 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32file.pyd
2009-07-05 06:35 - 2009-07-05 06:35 - 00024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32pipe.pyd
2016-07-11 13:31 - 2016-07-11 13:31 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-07 11:20 - 2017-02-01 05:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 11:20 - 2017-02-01 05:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:1DE39065_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:1DE39065_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 22:34 - 2015-02-12 06:11 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3644643762-1090977706-553488109-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Leandro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MonitorCloud.lnk => C:\Windows\pss\MonitorCloud.lnk.CommonStartup
MSCONFIG\startupreg: FWC Connection => "C:\Users\Leandro\FWC Connection\FWCConnection.exe" -Start
MSCONFIG\startupreg: OneDrive => "C:\Users\Leandro\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{84F5C155-A233-4975-93FB-1D09B89A6A60}] => (Allow) svchost.exe
FirewallRules: [{BE82B473-5FC1-4115-9508-E2AFA8FCB7B9}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9B3AA208-A5C2-4A80-9B07-945B22B71421}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8FF2107E-6D76-489C-BB83-FA31DEBB5E6C}] => (Allow) LPort=2869
FirewallRules: [{3EBADD57-8518-4F64-8112-D01506EA7274}] => (Allow) LPort=1900
FirewallRules: [{1DF22629-B649-4492-A340-649644DC5EC2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6CEC5158-A637-481D-B793-1B0E3F19DBC6}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{68516D0C-67F2-48A0-ACC2-5E37F30F72A7}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{F31880FE-8C20-4E05-BDE9-962A02342EC1}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8098885C-1892-4E92-9DB9-49438413A316}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{58F5244D-7A4A-4A56-86DB-38A562C15575}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{B568C77E-EE59-4F1F-98A7-191EA16DC389}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{15C6C82A-2642-416E-87AD-768A6C0E975C}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08i\FAXRX.exe
FirewallRules: [{A3902360-3D0A-48D2-BC83-91187362C8BF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08i\FAXRX.exe
FirewallRules: [{94739CAC-F920-49CE-A277-7A8933DE4258}] => (Allow) LPort=54925
FirewallRules: [{9FF9CDB0-DB58-4C5B-A888-34CF9C2ADBA3}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{85A2EC63-1ECB-4150-8980-38AC0573A1E6}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{A2DDC051-FE37-4C14-902F-3F3511BBD3E2}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{6C8D47BE-8E3E-4A58-814C-C92810E6687A}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [GO-Global Client Launcher-Out-UDP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe
FirewallRules: [GO-Global Client Launcher-In-TCP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe
FirewallRules: [GO-Global Client Launcher-Out-TCP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe
FirewallRules: [GO-Global Client Launcher-In-UDP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe
FirewallRules: [TCP Query User{054FFF73-5DD0-4CC1-9A76-6861085F8FF1}C:\level up! games\combat arms\engine.exe] => (Allow) C:\level up! games\combat arms\engine.exe
FirewallRules: [UDP Query User{4C45F2EE-2DC0-4E60-A77D-9E18AFE0932C}C:\level up! games\combat arms\engine.exe] => (Allow) C:\level up! games\combat arms\engine.exe
FirewallRules: [{34077BAB-49BF-437F-A026-F7E8BFB9DCE5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1F6582E0-100C-4F52-A1B3-09760383C272}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{42A467AC-4829-4233-845E-7FCCBC852C30}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{728A2646-4556-4A9D-B618-C236572E806E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{43520B69-0D5E-4067-8B98-459B0C1D453F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2A35DE1F-B887-44E9-92E7-771B033254D9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{05143421-8922-411F-B7D6-DCDEBD8807F0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{065FE0FD-4F8E-4A38-8A70-404B86650865}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{29EB3FF6-BF52-4534-9AFF-B98DB04066EE}] => (Allow) C:\Users\Leandro\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{7478CE02-9ED8-406F-9DF6-A61ACE750E56}] => (Allow) C:\Users\Leandro\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{01060B6E-CB5B-4B53-A3AB-5A36F5F31C21}] => (Allow) LPort=1688
FirewallRules: [{653946AA-7E4C-4BFA-8643-5A5A5CC14585}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{7569709C-B582-4397-8F74-9FCC911974B1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{3B15EFFA-2031-466C-B6CE-14306CA7E48E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{94355CBB-0859-42A2-BFDC-44D839EAB17E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{EE25D611-8F3E-4557-B1DB-E113AD095769}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{DAC13AE9-422F-4CDC-99D3-9355DA49714D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{FF177318-2042-4954-9DD1-24601FEA9A03}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{4448EFC2-41B4-4CF3-B9CE-32C384681822}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{C1247EA4-90F6-450F-87F6-B938AEAA6ADE}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{D2F9193B-1EA0-4C0D-92C9-8DC3A784983C}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{3AC84A79-C9FF-4D96-AC0B-0886405F41F6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
DomainProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe] => Enabled:GO-Global Client Launcher
StandardProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe] => Enabled:GO-Global Client Launcher
==================== Pontos de Restauração =========================
18-02-2017 07:02:57 Ponto de Verificação Agendado
25-02-2017 07:31:43 Windows Update
06-03-2017 09:01:35 Ponto de Verificação Agendado
07-03-2017 15:05:02 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
08-03-2017 10:05:48 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
08-03-2017 11:28:58 Removed Skype™ 7.33
08-03-2017 11:30:01 Removed Skype Web Plugin
08-03-2017 11:33:32 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
09-03-2017 06:17:44 Removed Skype™ 7.33
09-03-2017 09:49:28 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8169
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Controlador de barramento SM
Description: Controlador de barramento SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controlador de aquisição de dados e processamento de sinal PCI
Description: Controlador de aquisição de dados e processamento de sinal PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Adaptador de Miniporta WiFi Virtual da Microsoft
Description: Adaptador de Miniporta WiFi Virtual da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Adaptador de Túnel Teredo da Microsoft
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/11/2017 07:12:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.
Error: (03/11/2017 07:12:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/11/2017 07:12:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/10/2017 02:33:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.
Error: (03/10/2017 02:33:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/10/2017 02:33:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/10/2017 09:31:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.
Error: (03/10/2017 09:31:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/10/2017 09:31:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (03/10/2017 09:29:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.
Erros de Sistema:
=============
Error: (03/11/2017 07:14:59 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:08:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2017 07:07:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
CodeIntegrity:
===================================
Date: 2017-03-11 07:08:15.122
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddprm.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-11 07:07:50.116
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\GbPlugin\wsftprp64.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-11 07:07:49.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbprcm64.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-11 07:06:09.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-11 07:05:32.549
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-11 07:05:32.424
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-10 06:54:26.570
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddprm.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-10 06:54:06.680
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\GbPlugin\wsftprp64.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-10 06:54:06.399
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbprcm64.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-03-10 06:52:46.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentagem de memória em uso: 58%
RAM física total: 8038.5 MB
RAM física disponível: 3354.71 MB
Virtual Total: 16075.21 MB
Virtual disponível: 11630.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:273.53 GB) NTFS
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================