Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 20-04-2017
Executado por gilvando 123 (21-04-2017 12:13:19)
Executando a partir de C:\Users\gilvando 123\Desktop
Windows 8 Single Language (X64) (2014-08-13 13:40:42)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3069889820-3373727436-1154643513-500 - Administrator - Disabled)
Convidado (S-1-5-21-3069889820-3373727436-1154643513-501 - Limited - Disabled)
gilvando 123 (S-1-5-21-3069889820-3373727436-1154643513-1001 - Administrator - Enabled) => C:\Users\gilvando 123
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Reader XI (11.0.20) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Aplicativos da Autodesk em destaque 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
AutoCAD 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 - Português - Brasil (Brazilian Portuguese) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - Brazilian Portuguese (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD 2017 Language Pack - Português - Brasil (Brazilian Portuguese) (HKLM\...\AutoCAD 2017 - Português - Brasil (Brazilian Portuguese)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.0.45.5 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software)
Bejeweled(R) 3 (remove only) (HKLM-x32\...\Bejeweled(R) 3) (Version: - )
Big City Adventure(TM) - Vancouver (remove only) (HKLM-x32\...\Big City Adventure(TM) - Vancouver) (Version: - )
Bing Search Engine (HKLM-x32\...\bingeng) (Version: - )
Canal Positivo (HKLM-x32\...\Canal Positivo_is1) (Version: 1.0.0.80 - Positivo Informática)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Chromium (HKLM-x32\...\{91877947-C107-A8C7-7087-D847A0070BC7}) (Version: - )
Chronicles of Albian - The Magic Convention (remove only) (HKLM-x32\...\Chronicles of Albian - The Magic Convention) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.1.661 - Corel Corporation) Hidden
Corel Update Manager (Version: 2.3.157 - Corel corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (Version: 18.1 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Delicious - Emily's Childhood Memories Premium Edition (remove only) (HKLM-x32\...\Delicious - Emily's Childhood Memories Premium Edition) (Version: - )
Driver 1.3.1 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.3.1 - OEM)
Farmscapes(TM) Premium Edition (remove only) (HKLM-x32\...\Farmscapes(TM) Premium Edition) (Version: - )
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Haunted Past - Realm of Ghosts Deluxe (remove only) (HKLM-x32\...\Haunted Past - Realm of Ghosts Deluxe) (Version: - )
iBrightness 1.0.1 (HKLM-x32\...\{B351A468-173F-43D8-B6E6-5A6E9A0125A8}) (Version: 1.0.1 - OEM)
Importação do SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3114 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPM 1.9.7 (HKLM-x32\...\{AADF4228-0772-4D43-92EB-B245E3A17B00}) (Version: 1.9.7 - OEM)
Luxor (remove only) (HKLM-x32\...\Luxor) (Version: - )
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mozilla Firefox 53.0 (x64 pt-BR) (HKLM\...\Mozilla Firefox 53.0 (x64 pt-BR)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mundo Positivo Alerta de Recuperação (HKLM-x32\...\{E56A8499-5539-45E8-AAAC-783F0B9F0146}_is1) (Version: 1.0.0.1 - Positivo Informática S.A.)
Mundo Positivo Backup Mídia (HKLM-x32\...\{387B3DFA-BB12-45E6-B431-4A7BF2EBD985}_is1) (Version: 1.5.4.0 - Positivo Informática S.A.)
Mundo Positivo Gerenciador de Inicialização (HKLM\...\{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1) (Version: 1.1.5.0 - Positivo Informática S.A.)
Mundo Positivo Monitora (HKLM-x32\...\{8aaef6d0-68e7-4f99-b98d-e5ae19edbc99}_is1) (Version: 1.0.7.2 - Positivo Informática S.A.)
Mundo Positivo Roteador (HKLM-x32\...\{f1cb797f-bf34-495c-bda9-efe098837651}_is1) (Version: 1.1.2.0 - Positivo Informática S.A.)
Mundo Positivo Webcam (HKLM-x32\...\{E11C7438-7550-4676-92CE-846CC5DA3548}_is1) (Version: 1.5.7.0 - Positivo Informática S.A.)
Mystery Legends - Beauty and the Beast (remove only) (HKLM-x32\...\Mystery Legends - Beauty and the Beast) (Version: - )
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Plantas vs Zumbis(TM) (remove only) (HKLM-x32\...\Plantas vs Zumbis(TM)) (Version: - )
Positivo Aplicativos (HKLM\...\{AAB13E97-449B-4D5B-BDE2-AB47B938B722}_is1) (Version: 1.3.10.6 - Positivo Informática S.A.)
Positivo Bateria (HKLM\...\{FD6F6859-2863-4ABB-87D0-A263F3E9FF45}_is1) (Version: 2.1.1.1 - Positivo Informática S.A.)
Positivo Games (HKLM-x32\...\Positivo Games) (Version: 1.0.0.0 - Alawar Entertainment)
Promoção Vivo (HKLM\...\{674e54ef-d593-4d80-8be2-35d0d8192a23}}_is1) (Version: 2.1.0.2 - Positivo Informática S.A.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
Sally's Studio(TM) (remove only) (HKLM-x32\...\Sally's Studio(TM)) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.0 - Synaptics Incorporated)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zuma's Revenge!(TM) (remove only) (HKLM-x32\...\Zuma's Revenge!(TM)) (Version: - )
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3069889820-3373727436-1154643513-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3069889820-3373727436-1154643513-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3069889820-3373727436-1154643513-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\pt-BR\acadficn.dll (Autodesk, Inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {04240EB1-2783-4E77-A480-2A29A8EC08D9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {20F3EC69-0715-488E-8BA2-C03367195BD9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {2967D298-A2CF-4FD5-A2CE-1D3721FFF9C1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-04-21] (Microsoft Corporation)
Task: {379A44B0-2093-460A-B5C4-82C3C9CCD154} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic
Task: {67D36A3F-CB29-4C94-A921-F8C159047037} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {73E0A849-0288-4828-AC1B-5A5A8EF1C954} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-09] (Microsoft Corporation)
Task: {74A54BEC-362D-4336-A81A-FE4BD788079E} - \Bing Search Engine midar -> Nenhum Arquivo <==== ATENÇÃO
Task: {7C690E68-9DBA-425E-B09B-4C088DD98826} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-20] (AVAST Software)
Task: {82AACA7A-91E8-421E-B54F-0BDD68058A99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-01] (Google Inc.)
Task: {9B366535-7FFC-48DD-AC72-F815778C962E} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-04-04] (Corel Corporation)
Task: {B2FC3329-70C9-4D7F-81B8-AE1EC027306F} - System32\Tasks\R@1n-KMS\Windows62CoreSingleLanguage => wmic
Task: {B721FE67-BBE6-4020-925B-616388F4C52C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-04-21] (Microsoft Corporation)
Task: {B969CA0B-2F8F-452E-AB37-8CB9BCFB7A0E} - System32\Tasks\SafeZone scheduled Autoupdate 1492731167 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {BEB08BDC-250B-430C-A1F1-2CB6FDE93565} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {C3BA87B0-73EB-4450-94F1-1659C7946266} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-09] (Microsoft Corporation)
Task: {D0055DDA-E716-41D9-BB14-C67B4E2EF59A} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-04-04] (Corel Corporation)
Task: {D62BB6DC-C4F4-483A-B7F0-535742E10EE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-01] (Google Inc.)
Task: {D8382ACE-520B-45B8-998D-5C3B85F95726} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2017-04-21] (Microsoft Corporation)
Task: {F467A8AA-66D0-4531-B224-622C38D9B313} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-20] (AVAST Software)
Task: {F7E0D507-B619-452C-94E3-B15A6E5D042F} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {FA280B98-BF97-4EF5-939F-7F72B851AEBB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-10] (Piriform Ltd)
Task: {FBD22CB5-EC4A-4F9D-A6AD-D9D39E63F3BC} - System32\Tasks\{28FCC88A-7956-A95B-0AC9-138ECE70F77F} => C:\Users\GILVAN~1\AppData\Roaming\UPDATE~1\sync.exe <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\{28FCC88A-7956-A95B-0AC9-138ECE70F77F}.job => C:\Users\GILVAN~1\AppData\Roaming\UPDATE~1\sync.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\gilvando 123\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Módulos Carregados (Whitelisted) ==============
2017-04-20 18:58 - 2017-04-20 18:58 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2017-04-20 20:17 - 2017-04-20 20:17 - 00162024 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-04-20 20:18 - 2017-04-20 20:18 - 00790544 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-04-20 20:18 - 2017-04-20 20:18 - 00275776 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2017-04-20 20:17 - 2017-04-20 20:17 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-04-20 20:18 - 2017-04-20 20:18 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-20 20:25 - 2017-04-20 20:25 - 05917184 _____ () C:\Program Files\AVAST Software\Avast\defs\17042010\algo.dll
2017-04-20 20:18 - 2017-04-20 20:18 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-04-20 20:17 - 2017-04-20 20:17 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-04-21 09:43 - 2016-01-19 02:15 - 00055304 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2017-04-21 09:43 - 2016-01-19 02:15 - 00103944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2017-04-20 20:18 - 2017-04-20 20:18 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-20 20:16 - 2017-04-20 20:16 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2014-02-12 08:06 - 2012-10-22 13:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\94192485.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\94192485.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2012-07-26 02:26 - 2012-07-26 02:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\WEB\WALLPAPER\WALLPAPER.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\StartupFolder: => "iBrightness.lnk"
HKLM\...\StartupApproved\StartupFolder: => "IPM.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Positivo Bateria.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "Deskmedia"
HKLM\...\StartupApproved\Run: => "Posibar"
HKLM\...\StartupApproved\Run: => "StartUpManagerPositivo"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\...\StartupApproved\Run: => "SmartProtect"
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{79790B8C-5822-45D6-9263-79E855C73414}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{71364292-0DD5-4988-836B-CA4C0DB7B5D0}] => (Allow) LPort=2869
FirewallRules: [{D1DB8A89-C2B2-4B85-9CE0-862E70ED2829}] => (Allow) LPort=1900
FirewallRules: [{21DE5976-C83C-48B0-A9BF-B5FFA7DFC58F}] => (Allow) C:\Users\gilvando 123\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{C6A07498-9610-4C39-9342-B187D9426EDF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E1B9F1B3-8D03-41EF-8907-69EF07DE7C10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5F92FAE6-D313-492C-8E89-0AD7455F9C85}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8D4CA702-F595-4118-B99B-3BBE45EC3FD6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4610D175-7D3F-45AF-80A2-24878E5224C3}] => (Allow) C:\Users\gilvando 123\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{16C8B274-441C-400C-AC60-B7B8B5CC3D25}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{08C3D39F-253A-4B90-B980-2819E763A001}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{542AFFB8-1FD1-4F6E-AAE8-8E7DFF77D859}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D34EFDED-3C77-4277-BCCC-0C8B7AADC1CD}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
FirewallRules: [{375F2DF3-8861-49CD-90E8-A840B8E01EB5}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
FirewallRules: [{C8105177-35DA-4A12-A416-3F1042311A65}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [{B6387FF9-7B97-4FF0-ADFC-5BFE03DF0151}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6EA8E5F3-7E70-4CF2-AF6A-69E25FD7CFFC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2574BCDF-0721-4B39-B0F1-CD559F4E136C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
==================== Pontos de Restauração =========================
20-04-2017 20:55:02 Fim da desinfecção
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/21/2017 12:06:32 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (608) Uma tentativa de abrir o arquivo "C:\Users\gilvando 123\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acesso somente leitura falhou com o erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação para abrir o arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (04/21/2017 12:04:56 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status.
Error: (04/21/2017 11:56:33 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (4792) Uma tentativa de abrir o arquivo "C:\Users\gilvando 123\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acesso somente leitura falhou com o erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação para abrir o arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (04/21/2017 11:54:45 AM) (Source: DeskmediaService Log) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/21/2017 11:52:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: MRT.exe, versão: 5.47.13703.0, carimbo de data/hora: 0x58dec9f9
Nome do módulo com falha: combase.dll, versão: 6.2.9200.16420, carimbo de data/hora: 0x505a9af2
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000368f4
ID do processo com falha: 0x80c
Hora de início do aplicativo com falha: 0x01d2baadc3b8be3e
Caminho do aplicativo com falha: C:\Windows\system32\MRT.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\combase.dll
ID do Relatório: 1d3edf6a-26a2-11e7-be9e-80ee7370e933
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (04/21/2017 11:23:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa SystemSettings.exe versão 6.2.9200.16420 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 550
Hora de Início: 01d2baaab566eeed
Hora de Término: 61
Caminho do Aplicativo: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID do Relatório: 08dd9fb5-269e-11e7-be9e-80ee7370e933
Nome completo do pacote com falha: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
ID do aplicativo relativo ao pacote com falha: microsoft.windows.immersivecontrolpanel
Error: (04/21/2017 10:20:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files\Autodesk\Autodesk ReCap 360\ReCap.exe".
Assembly dependente FARO.LS,processorArchitecture="amd64",publicKeyToken="1d23f5635ba800ab",type="Win32",version="1.1.504.2" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/21/2017 10:19:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files\Autodesk\Autodesk ReCap 360\ReCap.exe".
Assembly dependente FARO.LS,processorArchitecture="amd64",publicKeyToken="1d23f5635ba800ab",type="Win32",version="1.1.504.2" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/21/2017 09:55:01 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files\Autodesk\Autodesk ReCap 360\ReCap.exe".
Assembly dependente FARO.LS,processorArchitecture="amd64",publicKeyToken="1d23f5635ba800ab",type="Win32",version="1.1.504.2" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/21/2017 09:54:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files\Autodesk\Autodesk ReCap 360\ReCap.exe".
Assembly dependente FARO.LS,processorArchitecture="amd64",publicKeyToken="1d23f5635ba800ab",type="Win32",version="1.1.504.2" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Erros de Sistema:
=============
Error: (04/21/2017 12:11:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço do Google Update (gupdate) devido ao seguinte erro:
%%1053 = O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (04/21/2017 12:11:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço do Google Update (gupdate).
Error: (04/21/2017 12:05:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Battery Manager Service suspenso ao iniciar.
Error: (04/21/2017 12:03:08 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: AUTORIDADE NT)
Description: 0xc000014d0
Error: (04/21/2017 12:02:50 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/21/2017 12:02:40 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/21/2017 12:02:17 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/21/2017 12:02:10 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/21/2017 12:01:59 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço WSearch com argumentos "Não Disponível" para executar o servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/21/2017 12:01:59 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentagem de memória em uso: 88%
RAM física total: 3542.12 MB
RAM física disponível: 400.58 MB
Virtual Total: 6102.12 MB
Virtual disponível: 2698.73 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:450.6 GB) (Free:399.39 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: BBA43A2F)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por gilvando 123 (21-04-2017 12:13:19)
Executando a partir de C:\Users\gilvando 123\Desktop
Windows 8 Single Language (X64) (2014-08-13 13:40:42)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3069889820-3373727436-1154643513-500 - Administrator - Disabled)
Convidado (S-1-5-21-3069889820-3373727436-1154643513-501 - Limited - Disabled)
gilvando 123 (S-1-5-21-3069889820-3373727436-1154643513-1001 - Administrator - Enabled) => C:\Users\gilvando 123
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Reader XI (11.0.20) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Aplicativos da Autodesk em destaque 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
AutoCAD 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 - Português - Brasil (Brazilian Portuguese) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - Brazilian Portuguese (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD 2017 Language Pack - Português - Brasil (Brazilian Portuguese) (HKLM\...\AutoCAD 2017 - Português - Brasil (Brazilian Portuguese)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.0.45.5 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software)
Bejeweled(R) 3 (remove only) (HKLM-x32\...\Bejeweled(R) 3) (Version: - )
Big City Adventure(TM) - Vancouver (remove only) (HKLM-x32\...\Big City Adventure(TM) - Vancouver) (Version: - )
Bing Search Engine (HKLM-x32\...\bingeng) (Version: - )
Canal Positivo (HKLM-x32\...\Canal Positivo_is1) (Version: 1.0.0.80 - Positivo Informática)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Chromium (HKLM-x32\...\{91877947-C107-A8C7-7087-D847A0070BC7}) (Version: - )
Chronicles of Albian - The Magic Convention (remove only) (HKLM-x32\...\Chronicles of Albian - The Magic Convention) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.1.661 - Corel Corporation) Hidden
Corel Update Manager (Version: 2.3.157 - Corel corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (Version: 18.1 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Delicious - Emily's Childhood Memories Premium Edition (remove only) (HKLM-x32\...\Delicious - Emily's Childhood Memories Premium Edition) (Version: - )
Driver 1.3.1 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.3.1 - OEM)
Farmscapes(TM) Premium Edition (remove only) (HKLM-x32\...\Farmscapes(TM) Premium Edition) (Version: - )
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Haunted Past - Realm of Ghosts Deluxe (remove only) (HKLM-x32\...\Haunted Past - Realm of Ghosts Deluxe) (Version: - )
iBrightness 1.0.1 (HKLM-x32\...\{B351A468-173F-43D8-B6E6-5A6E9A0125A8}) (Version: 1.0.1 - OEM)
Importação do SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3114 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPM 1.9.7 (HKLM-x32\...\{AADF4228-0772-4D43-92EB-B245E3A17B00}) (Version: 1.9.7 - OEM)
Luxor (remove only) (HKLM-x32\...\Luxor) (Version: - )
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mozilla Firefox 53.0 (x64 pt-BR) (HKLM\...\Mozilla Firefox 53.0 (x64 pt-BR)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mundo Positivo Alerta de Recuperação (HKLM-x32\...\{E56A8499-5539-45E8-AAAC-783F0B9F0146}_is1) (Version: 1.0.0.1 - Positivo Informática S.A.)
Mundo Positivo Backup Mídia (HKLM-x32\...\{387B3DFA-BB12-45E6-B431-4A7BF2EBD985}_is1) (Version: 1.5.4.0 - Positivo Informática S.A.)
Mundo Positivo Gerenciador de Inicialização (HKLM\...\{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1) (Version: 1.1.5.0 - Positivo Informática S.A.)
Mundo Positivo Monitora (HKLM-x32\...\{8aaef6d0-68e7-4f99-b98d-e5ae19edbc99}_is1) (Version: 1.0.7.2 - Positivo Informática S.A.)
Mundo Positivo Roteador (HKLM-x32\...\{f1cb797f-bf34-495c-bda9-efe098837651}_is1) (Version: 1.1.2.0 - Positivo Informática S.A.)
Mundo Positivo Webcam (HKLM-x32\...\{E11C7438-7550-4676-92CE-846CC5DA3548}_is1) (Version: 1.5.7.0 - Positivo Informática S.A.)
Mystery Legends - Beauty and the Beast (remove only) (HKLM-x32\...\Mystery Legends - Beauty and the Beast) (Version: - )
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Plantas vs Zumbis(TM) (remove only) (HKLM-x32\...\Plantas vs Zumbis(TM)) (Version: - )
Positivo Aplicativos (HKLM\...\{AAB13E97-449B-4D5B-BDE2-AB47B938B722}_is1) (Version: 1.3.10.6 - Positivo Informática S.A.)
Positivo Bateria (HKLM\...\{FD6F6859-2863-4ABB-87D0-A263F3E9FF45}_is1) (Version: 2.1.1.1 - Positivo Informática S.A.)
Positivo Games (HKLM-x32\...\Positivo Games) (Version: 1.0.0.0 - Alawar Entertainment)
Promoção Vivo (HKLM\...\{674e54ef-d593-4d80-8be2-35d0d8192a23}}_is1) (Version: 2.1.0.2 - Positivo Informática S.A.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
Sally's Studio(TM) (remove only) (HKLM-x32\...\Sally's Studio(TM)) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.0 - Synaptics Incorporated)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zuma's Revenge!(TM) (remove only) (HKLM-x32\...\Zuma's Revenge!(TM)) (Version: - )
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3069889820-3373727436-1154643513-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3069889820-3373727436-1154643513-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3069889820-3373727436-1154643513-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\pt-BR\acadficn.dll (Autodesk, Inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {04240EB1-2783-4E77-A480-2A29A8EC08D9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {20F3EC69-0715-488E-8BA2-C03367195BD9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {2967D298-A2CF-4FD5-A2CE-1D3721FFF9C1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-04-21] (Microsoft Corporation)
Task: {379A44B0-2093-460A-B5C4-82C3C9CCD154} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic
Task: {67D36A3F-CB29-4C94-A921-F8C159047037} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {73E0A849-0288-4828-AC1B-5A5A8EF1C954} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-09] (Microsoft Corporation)
Task: {74A54BEC-362D-4336-A81A-FE4BD788079E} - \Bing Search Engine midar -> Nenhum Arquivo <==== ATENÇÃO
Task: {7C690E68-9DBA-425E-B09B-4C088DD98826} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-20] (AVAST Software)
Task: {82AACA7A-91E8-421E-B54F-0BDD68058A99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-01] (Google Inc.)
Task: {9B366535-7FFC-48DD-AC72-F815778C962E} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-04-04] (Corel Corporation)
Task: {B2FC3329-70C9-4D7F-81B8-AE1EC027306F} - System32\Tasks\R@1n-KMS\Windows62CoreSingleLanguage => wmic
Task: {B721FE67-BBE6-4020-925B-616388F4C52C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-04-21] (Microsoft Corporation)
Task: {B969CA0B-2F8F-452E-AB37-8CB9BCFB7A0E} - System32\Tasks\SafeZone scheduled Autoupdate 1492731167 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {BEB08BDC-250B-430C-A1F1-2CB6FDE93565} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {C3BA87B0-73EB-4450-94F1-1659C7946266} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-09] (Microsoft Corporation)
Task: {D0055DDA-E716-41D9-BB14-C67B4E2EF59A} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-04-04] (Corel Corporation)
Task: {D62BB6DC-C4F4-483A-B7F0-535742E10EE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-01] (Google Inc.)
Task: {D8382ACE-520B-45B8-998D-5C3B85F95726} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2017-04-21] (Microsoft Corporation)
Task: {F467A8AA-66D0-4531-B224-622C38D9B313} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-20] (AVAST Software)
Task: {F7E0D507-B619-452C-94E3-B15A6E5D042F} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {FA280B98-BF97-4EF5-939F-7F72B851AEBB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-10] (Piriform Ltd)
Task: {FBD22CB5-EC4A-4F9D-A6AD-D9D39E63F3BC} - System32\Tasks\{28FCC88A-7956-A95B-0AC9-138ECE70F77F} => C:\Users\GILVAN~1\AppData\Roaming\UPDATE~1\sync.exe <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\{28FCC88A-7956-A95B-0AC9-138ECE70F77F}.job => C:\Users\GILVAN~1\AppData\Roaming\UPDATE~1\sync.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\gilvando 123\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Módulos Carregados (Whitelisted) ==============
2017-04-20 18:58 - 2017-04-20 18:58 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2017-04-20 20:17 - 2017-04-20 20:17 - 00162024 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-04-20 20:18 - 2017-04-20 20:18 - 00790544 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-04-20 20:18 - 2017-04-20 20:18 - 00275776 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2017-04-20 20:17 - 2017-04-20 20:17 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-04-20 20:18 - 2017-04-20 20:18 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-20 20:25 - 2017-04-20 20:25 - 05917184 _____ () C:\Program Files\AVAST Software\Avast\defs\17042010\algo.dll
2017-04-20 20:18 - 2017-04-20 20:18 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-04-20 20:17 - 2017-04-20 20:17 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-04-21 09:43 - 2016-01-19 02:15 - 00055304 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2017-04-21 09:43 - 2016-01-19 02:15 - 00103944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2017-04-20 20:18 - 2017-04-20 20:18 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-20 20:16 - 2017-04-20 20:16 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2014-02-12 08:06 - 2012-10-22 13:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\94192485.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\94192485.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2012-07-26 02:26 - 2012-07-26 02:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\WEB\WALLPAPER\WALLPAPER.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\StartupFolder: => "iBrightness.lnk"
HKLM\...\StartupApproved\StartupFolder: => "IPM.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Positivo Bateria.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "Deskmedia"
HKLM\...\StartupApproved\Run: => "Posibar"
HKLM\...\StartupApproved\Run: => "StartUpManagerPositivo"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\...\StartupApproved\Run: => "SmartProtect"
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3069889820-3373727436-1154643513-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{79790B8C-5822-45D6-9263-79E855C73414}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{71364292-0DD5-4988-836B-CA4C0DB7B5D0}] => (Allow) LPort=2869
FirewallRules: [{D1DB8A89-C2B2-4B85-9CE0-862E70ED2829}] => (Allow) LPort=1900
FirewallRules: [{21DE5976-C83C-48B0-A9BF-B5FFA7DFC58F}] => (Allow) C:\Users\gilvando 123\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{C6A07498-9610-4C39-9342-B187D9426EDF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E1B9F1B3-8D03-41EF-8907-69EF07DE7C10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5F92FAE6-D313-492C-8E89-0AD7455F9C85}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8D4CA702-F595-4118-B99B-3BBE45EC3FD6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4610D175-7D3F-45AF-80A2-24878E5224C3}] => (Allow) C:\Users\gilvando 123\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{16C8B274-441C-400C-AC60-B7B8B5CC3D25}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{08C3D39F-253A-4B90-B980-2819E763A001}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{542AFFB8-1FD1-4F6E-AAE8-8E7DFF77D859}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D34EFDED-3C77-4277-BCCC-0C8B7AADC1CD}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
FirewallRules: [{375F2DF3-8861-49CD-90E8-A840B8E01EB5}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
FirewallRules: [{C8105177-35DA-4A12-A416-3F1042311A65}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [{B6387FF9-7B97-4FF0-ADFC-5BFE03DF0151}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6EA8E5F3-7E70-4CF2-AF6A-69E25FD7CFFC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2574BCDF-0721-4B39-B0F1-CD559F4E136C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
==================== Pontos de Restauração =========================
20-04-2017 20:55:02 Fim da desinfecção
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/21/2017 12:06:32 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (608) Uma tentativa de abrir o arquivo "C:\Users\gilvando 123\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acesso somente leitura falhou com o erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação para abrir o arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (04/21/2017 12:04:56 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status.
Error: (04/21/2017 11:56:33 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (4792) Uma tentativa de abrir o arquivo "C:\Users\gilvando 123\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acesso somente leitura falhou com o erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação para abrir o arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (04/21/2017 11:54:45 AM) (Source: DeskmediaService Log) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/21/2017 11:52:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: MRT.exe, versão: 5.47.13703.0, carimbo de data/hora: 0x58dec9f9
Nome do módulo com falha: combase.dll, versão: 6.2.9200.16420, carimbo de data/hora: 0x505a9af2
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000368f4
ID do processo com falha: 0x80c
Hora de início do aplicativo com falha: 0x01d2baadc3b8be3e
Caminho do aplicativo com falha: C:\Windows\system32\MRT.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\combase.dll
ID do Relatório: 1d3edf6a-26a2-11e7-be9e-80ee7370e933
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (04/21/2017 11:23:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa SystemSettings.exe versão 6.2.9200.16420 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID do Processo: 550
Hora de Início: 01d2baaab566eeed
Hora de Término: 61
Caminho do Aplicativo: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID do Relatório: 08dd9fb5-269e-11e7-be9e-80ee7370e933
Nome completo do pacote com falha: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
ID do aplicativo relativo ao pacote com falha: microsoft.windows.immersivecontrolpanel
Error: (04/21/2017 10:20:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files\Autodesk\Autodesk ReCap 360\ReCap.exe".
Assembly dependente FARO.LS,processorArchitecture="amd64",publicKeyToken="1d23f5635ba800ab",type="Win32",version="1.1.504.2" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/21/2017 10:19:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files\Autodesk\Autodesk ReCap 360\ReCap.exe".
Assembly dependente FARO.LS,processorArchitecture="amd64",publicKeyToken="1d23f5635ba800ab",type="Win32",version="1.1.504.2" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/21/2017 09:55:01 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files\Autodesk\Autodesk ReCap 360\ReCap.exe".
Assembly dependente FARO.LS,processorArchitecture="amd64",publicKeyToken="1d23f5635ba800ab",type="Win32",version="1.1.504.2" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/21/2017 09:54:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files\Autodesk\Autodesk ReCap 360\ReCap.exe".
Assembly dependente FARO.LS,processorArchitecture="amd64",publicKeyToken="1d23f5635ba800ab",type="Win32",version="1.1.504.2" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Erros de Sistema:
=============
Error: (04/21/2017 12:11:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço do Google Update (gupdate) devido ao seguinte erro:
%%1053 = O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (04/21/2017 12:11:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço do Google Update (gupdate).
Error: (04/21/2017 12:05:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Battery Manager Service suspenso ao iniciar.
Error: (04/21/2017 12:03:08 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: AUTORIDADE NT)
Description: 0xc000014d0
Error: (04/21/2017 12:02:50 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/21/2017 12:02:40 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/21/2017 12:02:17 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/21/2017 12:02:10 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/21/2017 12:01:59 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço WSearch com argumentos "Não Disponível" para executar o servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/21/2017 12:01:59 PM) (Source: DCOM) (EventID: 10005) (User: neiva)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentagem de memória em uso: 88%
RAM física total: 3542.12 MB
RAM física disponível: 400.58 MB
Virtual Total: 6102.12 MB
Virtual disponível: 2698.73 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:450.6 GB) (Free:399.39 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: BBA43A2F)
Partition: GPT.
==================== Fim de Addition.txt ============================