Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 14-05-2017
Executado por SM-MCLI01 (16-05-2017 15:54:45)
Executando a partir de C:\Users\SM-MCLI01\Desktop\Scan
Windows 7 Professional Service Pack 1 (X64) (2015-08-22 18:27:09)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2764129781-2997685346-950478798-500 - Administrator - Disabled)
Convidado (S-1-5-21-2764129781-2997685346-950478798-501 - Limited - Disabled)
SM-MCLI01 (S-1-5-21-2764129781-2997685346-950478798-1001 - Administrator - Enabled) => C:\Users\SM-MCLI01
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Bitdefender Endpoint Security Tools Antimalware (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Endpoint Security Tools Antimalware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Endpoint Security Tools Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
150Mbps Wireless N USB Adapter Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Banco do Brasil - Módulo para Assinatura Digital (HKLM\...\{5A8249B2-5F43-48D8-BE56-41A4C845C858}) (Version: 1.0.0 - Banco do Brasil)
BB Cobranca (HKLM-x32\...\{CCE6EF6F-D3D5-4CC7-800C-CFB013431537}) (Version: - )
BBAdminTool (HKLM\...\{95A34656-CD4A-45A0-BAB8-AB950EFCBEBF}) (Version: 1.0.0 - Watchdata Technologies Pte., Ltd.)
Bitdefender Endpoint Security Tools (HKLM\...\Endpoint Security) (Version: 6.2.19.899 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
CertiInstaller 1.0.1.1 (HKLM\...\{4E637561-3FE5-4464-A2C1-8E0C44940601}_is1) (Version: 1.0.1.1 - Certisign)
Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Banco Bradesco S.A.)
CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Diagnóstico da impressora Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.17 - Samsung Electronics Co., Ltd.)
Firebird 2.5.1.26351 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.1.26351 - Firebird Project)
Google Chrome (HKLM\...\{A967B385-DA3A-32DD-B6F3-D169E888E661}) (Version: 58.0.3029.110 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hábil NFe CS (HKLM-x32\...\HabilNFe31CS_is1) (Version: - Koinonia Software)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.3.171 - IObit)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
K-Lite Codec Pack 11.3.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.6 - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 pt-BR)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
Navegador Exclusivo Bradesco versão 3.0.0 (HKLM-x32\...\{2F7717E5-BFF5-479A-B29E-A615ED278B6F}_is1) (Version: 3.0.0 - Copyright (C) 2015 Scopus Tecnologia Ltda.)
Opera Stable 45.0.2552.635 (HKLM-x32\...\Opera 45.0.2552.635) (Version: 45.0.2552.635 - Opera Software)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
SafeSign 64-bits (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.87 - A.E.T. Europe B.V.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.05.07 (20/07/2012) - Samsung Electronics Co., Ltd.)
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.27 (10/04/2015) - Samsung Electronics Co., Ltd.)
Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.101 - Skype Technologies S.A.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Upgrade do Hábil Empresarial (HKLM-x32\...\HabilCS2012_is1) (Version: - Koinonia Software)
Warsaw 1.16.1.45 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.16.1.45 - GAS Tecnologia)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {575936F0-85FF-4212-8BCB-F20CEE125E89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {889961C9-9EB6-41D7-9897-F45E22359AC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {CD314E16-B4F9-4BE9-8F24-E4D1EE03E43C} - System32\Tasks\Opera scheduled Autoupdate 1494537484 => C:\Program Files\Opera\launcher.exe [2017-05-08] (Opera Software)
Task: {D7485085-9F5D-4634-86D9-E2F3BEC547E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-02] (Google Inc.)
Task: {FA8F7D1D-5A4C-4C18-832C-D950A99EA869} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-02] (Google Inc.)
Task: {FD27A2B2-76D1-455A-B2E4-C0CE1F8F0F5B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-09-17] ()
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-01-10 11:42 - 2007-07-12 22:37 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2015-08-24 18:51 - 2011-05-02 01:40 - 00034304 _____ () C:\Windows\System32\ssm1mlm.dll
2012-12-19 12:07 - 2012-09-29 13:26 - 03120128 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2012-12-19 12:08 - 2012-09-29 13:53 - 01038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2016-04-26 16:15 - 2013-04-15 11:49 - 04003328 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1006SU.DLL
2016-04-26 16:15 - 2013-04-15 11:49 - 01236992 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1006GC.dll
2016-06-02 16:48 - 2016-08-02 10:03 - 00279608 _____ () C:\Program Files\Bitdefender\Endpoint Security\zlib.dll
2016-06-02 16:48 - 2016-09-27 09:47 - 00280576 _____ () C:\Program Files\Bitdefender\Endpoint Security\txmlutil.dll
2016-06-02 16:48 - 2017-01-30 09:07 - 00167400 _____ () C:\Program Files\Bitdefender\Endpoint Security\bdfwcore.dll
2017-02-07 09:50 - 2017-02-07 09:50 - 01008448 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\WFEngines\wfengines_01725_003\ashttpbr.mdl
2017-02-07 09:50 - 2017-02-07 09:50 - 00541952 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\WFEngines\wfengines_01725_003\ashttpdsp.mdl
2017-02-07 09:50 - 2017-02-07 09:50 - 03654344 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\WFEngines\wfengines_01725_003\ashttpf.mdl
2017-02-07 09:50 - 2017-02-07 09:50 - 01544568 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\WFEngines\wfengines_01725_003\ashttprbl.mdl
2017-02-07 09:49 - 2017-02-07 09:50 - 01008448 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\OTEngines\otengines_02439_006\ashttpbr.mdl
2017-02-07 09:49 - 2017-02-07 09:50 - 00541952 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\OTEngines\otengines_02439_006\ashttpdsp.mdl
2017-02-07 09:50 - 2017-02-07 09:50 - 03243920 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\OTEngines\otengines_02439_006\ashttpph.mdl
2017-02-07 09:50 - 2017-02-07 09:50 - 01544568 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\OTEngines\otengines_02439_006\ashttprbl.mdl
2016-09-01 11:31 - 2016-07-22 08:21 - 00018936 _____ () C:\Program Files (x86)\AppBrad\NetExpressUpdater.exe
2016-09-01 11:31 - 2016-07-22 08:21 - 00038904 _____ () C:\Program Files (x86)\AppBrad\NetExpressUpdaterServerMessage.dll
2016-09-01 11:31 - 2016-07-22 08:21 - 00083960 _____ () C:\Program Files (x86)\AppBrad\NetExpressUpdaterUtil.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2017-05-11 09:03 - 2017-05-11 09:05 - 08640512 _____ () C:\Users\SM-MCLI01\AppData\Roaming\Microsoft\Windows\sCBwI\UCgWELz.pdf
2015-09-09 09:18 - 2013-02-22 01:29 - 00365568 _____ () C:\Windows\system32\SaMinDrv.dll
2015-09-09 09:18 - 2014-04-09 10:14 - 00091136 ____N () C:\Windows\system32\ssdevm64.dll
2015-08-24 18:51 - 2012-10-08 09:02 - 01212928 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssm1mdu.dll
2015-08-25 09:27 - 2011-03-24 05:16 - 00040960 _____ () C:\WINDOWS\SysWOW64\Watchdata\Watchdata Brazil CSP v1.0\UIResB3.DLL
2017-03-31 15:12 - 2017-03-31 15:12 - 01984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-08-25 09:27 - 2011-07-24 21:53 - 00053248 _____ () C:\Windows\SysWOW64\Watchdata\Watchdata Brazil CSP v1.0\WDEvent.dll
2015-08-25 09:27 - 2011-03-24 05:16 - 00028672 _____ () C:\Windows\SysWOW64\Watchdata\Watchdata Brazil CSP v1.0\hodll.dll
2015-08-25 09:09 - 2015-08-24 14:10 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-08-25 09:09 - 2015-08-24 14:10 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-08-25 09:09 - 2015-08-24 14:10 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:41850628_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:41850628_Bnb.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2982]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\SM-MCLI01\Desktop\Supremo.exe:BDU [0]
AlternateDataStreams: C:\Users\SM-MCLI01\Downloads\adwcleaner_6.046.exe:BDU [0]
AlternateDataStreams: C:\Users\SM-MCLI01\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\SM-MCLI01\Downloads\JRT.exe:BDU [0]
AlternateDataStreams: C:\Users\SM-MCLI01\Downloads\OperaSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\.DEFAULT\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\.DEFAULT\...\bnb.gov.br -> hxxps://nel.bnb.gov.br
IE trusted site: HKU\S-1-5-21-2764129781-2997685346-950478798-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2764129781-2997685346-950478798-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-2764129781-2997685346-950478798-1001\...\bnb.gov.br -> hxxps://nel.bnb.gov.br
IE trusted site: HKU\S-1-5-21-2764129781-2997685346-950478798-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2017-03-03 09:22 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2764129781-2997685346-950478798-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SM-MCLI01\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.20.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Habil_Tray => C:\Program Files (x86)\Koinonia Software\Habil Empresarial\Habil_Tray.exe
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{C7C9614D-F83B-453D-B945-8DC7CB59A0F1}C:\program files (x86)\koinonia software\habil empresarial\habil_emissor.exe] => (Allow) C:\program files (x86)\koinonia software\habil empresarial\habil_emissor.exe
FirewallRules: [UDP Query User{6CD6D034-4B44-4D56-9610-FE87293D0189}C:\program files (x86)\koinonia software\habil empresarial\habil_emissor.exe] => (Allow) C:\program files (x86)\koinonia software\habil empresarial\habil_emissor.exe
FirewallRules: [TCP Query User{1B9ACC93-13AB-47C0-BA79-6FBBC6C9773C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{B608A015-2C95-4A50-A66E-D07B25FEE28E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{05CA797D-D129-4517-BAE8-E60D2D1EDA00}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{BED2A447-6B5D-410C-A58E-37975696F221}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{9241A1C4-3485-41D8-AE99-B8A3FC294F4B}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{E0D166B3-A73C-43A0-8C47-EE5BE6712C23}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{5BB93F84-8769-4D32-8D2A-DDCCF71C7136}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{0A45AB70-C945-4D3A-9A49-3873E455EED4}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{8CCD1A08-28FC-4A14-AD94-1457B5FF2737}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1B1F639E-F28A-4DFC-BA77-49D34F84D36D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E3EFA0B3-2D70-42E2-A082-D63740D4E7CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9B124853-84B6-415F-BA6F-7F43A66EBE6A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5526468D-F6F5-4948-9F46-809A4815FD74}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{7F77B445-B0D5-4933-94FD-FC290F755932}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4ADAB7FC-539F-48BD-8637-9292CA8FEFA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B9B9EFB5-053B-4841-BF33-28C940E2AC1D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{403892F3-F5B4-498A-9163-AD7C5A577364}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{27228FCE-89F4-4BC1-AE09-EE2D8B092293}] => (Allow) C:\Program Files\Opera\45.0.2552.635\opera.exe
FirewallRules: [{D5E41D4F-C66C-4709-A66B-92BA7006B6CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
26-04-2017 12:54:29 Ponto de Verificação Agendado
27-04-2017 11:50:50 Removed Java 8 Update 121
27-04-2017 11:51:35 Removed Java 8 Update 121 (64-bit)
27-04-2017 11:58:29 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
27-04-2017 11:59:15 Windows Update
02-05-2017 10:47:48 Removed PC-CCID
02-05-2017 10:48:37 Removed Google Chrome
02-05-2017 11:25:32 Instalado Banco do Brasil - Módulo para Assinatura Digital
02-05-2017 11:37:51 Instalado Banco do Brasil - Módulo para Assinatura Digital
11-05-2017 12:57:35 Ponto de Verificação Agendado
11-05-2017 16:26:44 JRT Pre-Junkware Removal
11-05-2017 18:25:14 JRT Pre-Junkware Removal
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (05/13/2017 09:13:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/12/2017 09:06:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/11/2017 01:43:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: launcher.exe_Opera Internet Browser, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Nome do módulo de falhas: launcher.exe, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Código de exceção: 0x80000003
Deslocamento com falha: 0x00018839
Identificação do processo com falha: 0xc5c
Hora de início do aplicativo com falha: 0x01d2ca75abfb6bfa
Caminho do aplicativo com falha: C:\Program Files (x86)\Opera\launcher.exe
FCaminho do módulo de falhas: C:\Program Files (x86)\Opera\launcher.exe
Identificação do Relatório: ebde7e5b-3668-11e7-8c69-90f652030e14
Error: (05/11/2017 01:39:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/11/2017 09:15:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: launcher.exe_Opera Internet Browser, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Nome do módulo de falhas: launcher.exe, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Código de exceção: 0x80000003
Deslocamento com falha: 0x00018839
Identificação do processo com falha: 0x12e0
Hora de início do aplicativo com falha: 0x01d2ca50402a2dbc
Caminho do aplicativo com falha: C:\Program Files (x86)\Opera\launcher.exe
FCaminho do módulo de falhas: C:\Program Files (x86)\Opera\launcher.exe
Identificação do Relatório: 86c0e3da-3643-11e7-b28e-90f652030e14
Error: (05/11/2017 09:11:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/11/2017 08:39:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: launcher.exe_Opera Internet Browser, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Nome do módulo de falhas: launcher.exe, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Código de exceção: 0x80000003
Deslocamento com falha: 0x00018839
Identificação do processo com falha: 0x1048
Hora de início do aplicativo com falha: 0x01d2ca4b4563b485
Caminho do aplicativo com falha: C:\Program Files (x86)\Opera\launcher.exe
FCaminho do módulo de falhas: C:\Program Files (x86)\Opera\launcher.exe
Identificação do Relatório: 8baafbbf-363e-11e7-bdd1-90f652030e14
Error: (05/11/2017 08:36:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/10/2017 05:42:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: launcher.exe_Opera Internet Browser, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Nome do módulo de falhas: launcher.exe, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Código de exceção: 0x80000003
Deslocamento com falha: 0x00018839
Identificação do processo com falha: 0x1da0
Hora de início do aplicativo com falha: 0x01d2c9cde6d38beb
Caminho do aplicativo com falha: C:\Program Files (x86)\Opera\launcher.exe
FCaminho do módulo de falhas: C:\Program Files (x86)\Opera\launcher.exe
Identificação do Relatório: 26b49ae7-35c1-11e7-abed-90f652030e14
Error: (05/10/2017 09:32:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: Habil_Cliente.exe, versão: 7.5.1.12, carimbo de hora: 0x58de414c
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.18247, carimbo de hora: 0x521ea8e7
Código de exceção: 0xc0000374
Deslocamento com falha: 0x000ce753
Identificação do processo com falha: 0xee0
Hora de início do aplicativo com falha: 0x01d2c98511ebe5ee
Caminho do aplicativo com falha: C:\Program Files (x86)\Koinonia Software\Habil Empresarial\Habil_Cliente.exe
FCaminho do módulo de falhas: C:\Windows\SysWOW64\ntdll.dll
Identificação do Relatório: bd861608-357c-11e7-abed-90f652030e14
Erros de Sistema:
=============
Error: (05/15/2017 03:39:54 PM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi gerado: 40. O estado do erro interno é 252.
Error: (05/13/2017 09:12:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (05/13/2017 09:12:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (05/13/2017 09:12:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (05/13/2017 09:12:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (05/13/2017 09:12:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
gbpddreg
Error: (05/13/2017 09:11:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 18:34:37 às 12/05/2017 não era esperado.
Error: (05/12/2017 02:59:32 PM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi gerado: 40. O estado do erro interno é 252.
Error: (05/12/2017 02:59:30 PM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi gerado: 40. O estado do erro interno é 252.
Error: (05/12/2017 09:05:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
==================== Informações da Memória ===========================
Processador: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz
Percentagem de memória em uso: 58%
RAM física total: 3317.18 MB
RAM física disponível: 1387.69 MB
Virtual Total: 6632.54 MB
Virtual disponível: 4220.17 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.75 GB) (Free:221.03 GB) NTFS
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================
Executado por SM-MCLI01 (16-05-2017 15:54:45)
Executando a partir de C:\Users\SM-MCLI01\Desktop\Scan
Windows 7 Professional Service Pack 1 (X64) (2015-08-22 18:27:09)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2764129781-2997685346-950478798-500 - Administrator - Disabled)
Convidado (S-1-5-21-2764129781-2997685346-950478798-501 - Limited - Disabled)
SM-MCLI01 (S-1-5-21-2764129781-2997685346-950478798-1001 - Administrator - Enabled) => C:\Users\SM-MCLI01
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Bitdefender Endpoint Security Tools Antimalware (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Endpoint Security Tools Antimalware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Endpoint Security Tools Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
150Mbps Wireless N USB Adapter Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Banco do Brasil - Módulo para Assinatura Digital (HKLM\...\{5A8249B2-5F43-48D8-BE56-41A4C845C858}) (Version: 1.0.0 - Banco do Brasil)
BB Cobranca (HKLM-x32\...\{CCE6EF6F-D3D5-4CC7-800C-CFB013431537}) (Version: - )
BBAdminTool (HKLM\...\{95A34656-CD4A-45A0-BAB8-AB950EFCBEBF}) (Version: 1.0.0 - Watchdata Technologies Pte., Ltd.)
Bitdefender Endpoint Security Tools (HKLM\...\Endpoint Security) (Version: 6.2.19.899 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
CertiInstaller 1.0.1.1 (HKLM\...\{4E637561-3FE5-4464-A2C1-8E0C44940601}_is1) (Version: 1.0.1.1 - Certisign)
Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Banco Bradesco S.A.)
CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Diagnóstico da impressora Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.17 - Samsung Electronics Co., Ltd.)
Firebird 2.5.1.26351 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.1.26351 - Firebird Project)
Google Chrome (HKLM\...\{A967B385-DA3A-32DD-B6F3-D169E888E661}) (Version: 58.0.3029.110 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hábil NFe CS (HKLM-x32\...\HabilNFe31CS_is1) (Version: - Koinonia Software)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.3.171 - IObit)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
K-Lite Codec Pack 11.3.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.6 - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 pt-BR)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
Navegador Exclusivo Bradesco versão 3.0.0 (HKLM-x32\...\{2F7717E5-BFF5-479A-B29E-A615ED278B6F}_is1) (Version: 3.0.0 - Copyright (C) 2015 Scopus Tecnologia Ltda.)
Opera Stable 45.0.2552.635 (HKLM-x32\...\Opera 45.0.2552.635) (Version: 45.0.2552.635 - Opera Software)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
SafeSign 64-bits (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.87 - A.E.T. Europe B.V.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.05.07 (20/07/2012) - Samsung Electronics Co., Ltd.)
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.27 (10/04/2015) - Samsung Electronics Co., Ltd.)
Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.101 - Skype Technologies S.A.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Upgrade do Hábil Empresarial (HKLM-x32\...\HabilCS2012_is1) (Version: - Koinonia Software)
Warsaw 1.16.1.45 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.16.1.45 - GAS Tecnologia)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {575936F0-85FF-4212-8BCB-F20CEE125E89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {889961C9-9EB6-41D7-9897-F45E22359AC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {CD314E16-B4F9-4BE9-8F24-E4D1EE03E43C} - System32\Tasks\Opera scheduled Autoupdate 1494537484 => C:\Program Files\Opera\launcher.exe [2017-05-08] (Opera Software)
Task: {D7485085-9F5D-4634-86D9-E2F3BEC547E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-02] (Google Inc.)
Task: {FA8F7D1D-5A4C-4C18-832C-D950A99EA869} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-02] (Google Inc.)
Task: {FD27A2B2-76D1-455A-B2E4-C0CE1F8F0F5B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-09-17] ()
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-01-10 11:42 - 2007-07-12 22:37 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2015-08-24 18:51 - 2011-05-02 01:40 - 00034304 _____ () C:\Windows\System32\ssm1mlm.dll
2012-12-19 12:07 - 2012-09-29 13:26 - 03120128 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2012-12-19 12:08 - 2012-09-29 13:53 - 01038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2016-04-26 16:15 - 2013-04-15 11:49 - 04003328 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1006SU.DLL
2016-04-26 16:15 - 2013-04-15 11:49 - 01236992 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1006GC.dll
2016-06-02 16:48 - 2016-08-02 10:03 - 00279608 _____ () C:\Program Files\Bitdefender\Endpoint Security\zlib.dll
2016-06-02 16:48 - 2016-09-27 09:47 - 00280576 _____ () C:\Program Files\Bitdefender\Endpoint Security\txmlutil.dll
2016-06-02 16:48 - 2017-01-30 09:07 - 00167400 _____ () C:\Program Files\Bitdefender\Endpoint Security\bdfwcore.dll
2017-02-07 09:50 - 2017-02-07 09:50 - 01008448 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\WFEngines\wfengines_01725_003\ashttpbr.mdl
2017-02-07 09:50 - 2017-02-07 09:50 - 00541952 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\WFEngines\wfengines_01725_003\ashttpdsp.mdl
2017-02-07 09:50 - 2017-02-07 09:50 - 03654344 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\WFEngines\wfengines_01725_003\ashttpf.mdl
2017-02-07 09:50 - 2017-02-07 09:50 - 01544568 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\WFEngines\wfengines_01725_003\ashttprbl.mdl
2017-02-07 09:49 - 2017-02-07 09:50 - 01008448 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\OTEngines\otengines_02439_006\ashttpbr.mdl
2017-02-07 09:49 - 2017-02-07 09:50 - 00541952 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\OTEngines\otengines_02439_006\ashttpdsp.mdl
2017-02-07 09:50 - 2017-02-07 09:50 - 03243920 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\OTEngines\otengines_02439_006\ashttpph.mdl
2017-02-07 09:50 - 2017-02-07 09:50 - 01544568 _____ () C:\Program Files\Bitdefender\Endpoint Security\Signatures\OTEngines\otengines_02439_006\ashttprbl.mdl
2016-09-01 11:31 - 2016-07-22 08:21 - 00018936 _____ () C:\Program Files (x86)\AppBrad\NetExpressUpdater.exe
2016-09-01 11:31 - 2016-07-22 08:21 - 00038904 _____ () C:\Program Files (x86)\AppBrad\NetExpressUpdaterServerMessage.dll
2016-09-01 11:31 - 2016-07-22 08:21 - 00083960 _____ () C:\Program Files (x86)\AppBrad\NetExpressUpdaterUtil.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2017-05-11 09:03 - 2017-05-11 09:05 - 08640512 _____ () C:\Users\SM-MCLI01\AppData\Roaming\Microsoft\Windows\sCBwI\UCgWELz.pdf
2015-09-09 09:18 - 2013-02-22 01:29 - 00365568 _____ () C:\Windows\system32\SaMinDrv.dll
2015-09-09 09:18 - 2014-04-09 10:14 - 00091136 ____N () C:\Windows\system32\ssdevm64.dll
2015-08-24 18:51 - 2012-10-08 09:02 - 01212928 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssm1mdu.dll
2015-08-25 09:27 - 2011-03-24 05:16 - 00040960 _____ () C:\WINDOWS\SysWOW64\Watchdata\Watchdata Brazil CSP v1.0\UIResB3.DLL
2017-03-31 15:12 - 2017-03-31 15:12 - 01984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-08-25 09:27 - 2011-07-24 21:53 - 00053248 _____ () C:\Windows\SysWOW64\Watchdata\Watchdata Brazil CSP v1.0\WDEvent.dll
2015-08-25 09:27 - 2011-03-24 05:16 - 00028672 _____ () C:\Windows\SysWOW64\Watchdata\Watchdata Brazil CSP v1.0\hodll.dll
2015-08-25 09:09 - 2015-08-24 14:10 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-08-25 09:09 - 2015-08-24 14:10 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-08-25 09:09 - 2015-08-24 14:10 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:41850628_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:41850628_Bnb.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2982]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\SM-MCLI01\Desktop\Supremo.exe:BDU [0]
AlternateDataStreams: C:\Users\SM-MCLI01\Downloads\adwcleaner_6.046.exe:BDU [0]
AlternateDataStreams: C:\Users\SM-MCLI01\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\SM-MCLI01\Downloads\JRT.exe:BDU [0]
AlternateDataStreams: C:\Users\SM-MCLI01\Downloads\OperaSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\.DEFAULT\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\.DEFAULT\...\bnb.gov.br -> hxxps://nel.bnb.gov.br
IE trusted site: HKU\S-1-5-21-2764129781-2997685346-950478798-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2764129781-2997685346-950478798-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-2764129781-2997685346-950478798-1001\...\bnb.gov.br -> hxxps://nel.bnb.gov.br
IE trusted site: HKU\S-1-5-21-2764129781-2997685346-950478798-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2017-03-03 09:22 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2764129781-2997685346-950478798-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SM-MCLI01\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.20.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Habil_Tray => C:\Program Files (x86)\Koinonia Software\Habil Empresarial\Habil_Tray.exe
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{C7C9614D-F83B-453D-B945-8DC7CB59A0F1}C:\program files (x86)\koinonia software\habil empresarial\habil_emissor.exe] => (Allow) C:\program files (x86)\koinonia software\habil empresarial\habil_emissor.exe
FirewallRules: [UDP Query User{6CD6D034-4B44-4D56-9610-FE87293D0189}C:\program files (x86)\koinonia software\habil empresarial\habil_emissor.exe] => (Allow) C:\program files (x86)\koinonia software\habil empresarial\habil_emissor.exe
FirewallRules: [TCP Query User{1B9ACC93-13AB-47C0-BA79-6FBBC6C9773C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{B608A015-2C95-4A50-A66E-D07B25FEE28E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{05CA797D-D129-4517-BAE8-E60D2D1EDA00}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{BED2A447-6B5D-410C-A58E-37975696F221}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{9241A1C4-3485-41D8-AE99-B8A3FC294F4B}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{E0D166B3-A73C-43A0-8C47-EE5BE6712C23}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{5BB93F84-8769-4D32-8D2A-DDCCF71C7136}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{0A45AB70-C945-4D3A-9A49-3873E455EED4}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{8CCD1A08-28FC-4A14-AD94-1457B5FF2737}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1B1F639E-F28A-4DFC-BA77-49D34F84D36D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E3EFA0B3-2D70-42E2-A082-D63740D4E7CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9B124853-84B6-415F-BA6F-7F43A66EBE6A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5526468D-F6F5-4948-9F46-809A4815FD74}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{7F77B445-B0D5-4933-94FD-FC290F755932}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4ADAB7FC-539F-48BD-8637-9292CA8FEFA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B9B9EFB5-053B-4841-BF33-28C940E2AC1D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{403892F3-F5B4-498A-9163-AD7C5A577364}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{27228FCE-89F4-4BC1-AE09-EE2D8B092293}] => (Allow) C:\Program Files\Opera\45.0.2552.635\opera.exe
FirewallRules: [{D5E41D4F-C66C-4709-A66B-92BA7006B6CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
26-04-2017 12:54:29 Ponto de Verificação Agendado
27-04-2017 11:50:50 Removed Java 8 Update 121
27-04-2017 11:51:35 Removed Java 8 Update 121 (64-bit)
27-04-2017 11:58:29 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
27-04-2017 11:59:15 Windows Update
02-05-2017 10:47:48 Removed PC-CCID
02-05-2017 10:48:37 Removed Google Chrome
02-05-2017 11:25:32 Instalado Banco do Brasil - Módulo para Assinatura Digital
02-05-2017 11:37:51 Instalado Banco do Brasil - Módulo para Assinatura Digital
11-05-2017 12:57:35 Ponto de Verificação Agendado
11-05-2017 16:26:44 JRT Pre-Junkware Removal
11-05-2017 18:25:14 JRT Pre-Junkware Removal
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (05/13/2017 09:13:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/12/2017 09:06:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/11/2017 01:43:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: launcher.exe_Opera Internet Browser, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Nome do módulo de falhas: launcher.exe, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Código de exceção: 0x80000003
Deslocamento com falha: 0x00018839
Identificação do processo com falha: 0xc5c
Hora de início do aplicativo com falha: 0x01d2ca75abfb6bfa
Caminho do aplicativo com falha: C:\Program Files (x86)\Opera\launcher.exe
FCaminho do módulo de falhas: C:\Program Files (x86)\Opera\launcher.exe
Identificação do Relatório: ebde7e5b-3668-11e7-8c69-90f652030e14
Error: (05/11/2017 01:39:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/11/2017 09:15:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: launcher.exe_Opera Internet Browser, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Nome do módulo de falhas: launcher.exe, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Código de exceção: 0x80000003
Deslocamento com falha: 0x00018839
Identificação do processo com falha: 0x12e0
Hora de início do aplicativo com falha: 0x01d2ca50402a2dbc
Caminho do aplicativo com falha: C:\Program Files (x86)\Opera\launcher.exe
FCaminho do módulo de falhas: C:\Program Files (x86)\Opera\launcher.exe
Identificação do Relatório: 86c0e3da-3643-11e7-b28e-90f652030e14
Error: (05/11/2017 09:11:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/11/2017 08:39:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: launcher.exe_Opera Internet Browser, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Nome do módulo de falhas: launcher.exe, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Código de exceção: 0x80000003
Deslocamento com falha: 0x00018839
Identificação do processo com falha: 0x1048
Hora de início do aplicativo com falha: 0x01d2ca4b4563b485
Caminho do aplicativo com falha: C:\Program Files (x86)\Opera\launcher.exe
FCaminho do módulo de falhas: C:\Program Files (x86)\Opera\launcher.exe
Identificação do Relatório: 8baafbbf-363e-11e7-bdd1-90f652030e14
Error: (05/11/2017 08:36:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/10/2017 05:42:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: launcher.exe_Opera Internet Browser, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Nome do módulo de falhas: launcher.exe, versão: 28.0.1750.51, carimbo de hora: 0x551f238b
Código de exceção: 0x80000003
Deslocamento com falha: 0x00018839
Identificação do processo com falha: 0x1da0
Hora de início do aplicativo com falha: 0x01d2c9cde6d38beb
Caminho do aplicativo com falha: C:\Program Files (x86)\Opera\launcher.exe
FCaminho do módulo de falhas: C:\Program Files (x86)\Opera\launcher.exe
Identificação do Relatório: 26b49ae7-35c1-11e7-abed-90f652030e14
Error: (05/10/2017 09:32:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: Habil_Cliente.exe, versão: 7.5.1.12, carimbo de hora: 0x58de414c
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.18247, carimbo de hora: 0x521ea8e7
Código de exceção: 0xc0000374
Deslocamento com falha: 0x000ce753
Identificação do processo com falha: 0xee0
Hora de início do aplicativo com falha: 0x01d2c98511ebe5ee
Caminho do aplicativo com falha: C:\Program Files (x86)\Koinonia Software\Habil Empresarial\Habil_Cliente.exe
FCaminho do módulo de falhas: C:\Windows\SysWOW64\ntdll.dll
Identificação do Relatório: bd861608-357c-11e7-abed-90f652030e14
Erros de Sistema:
=============
Error: (05/15/2017 03:39:54 PM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi gerado: 40. O estado do erro interno é 252.
Error: (05/13/2017 09:12:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (05/13/2017 09:12:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (05/13/2017 09:12:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (05/13/2017 09:12:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (05/13/2017 09:12:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
gbpddreg
Error: (05/13/2017 09:11:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 18:34:37 às 12/05/2017 não era esperado.
Error: (05/12/2017 02:59:32 PM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi gerado: 40. O estado do erro interno é 252.
Error: (05/12/2017 02:59:30 PM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi gerado: 40. O estado do erro interno é 252.
Error: (05/12/2017 09:05:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
==================== Informações da Memória ===========================
Processador: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz
Percentagem de memória em uso: 58%
RAM física total: 3317.18 MB
RAM física disponível: 1387.69 MB
Virtual Total: 6632.54 MB
Virtual disponível: 4220.17 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.75 GB) (Free:221.03 GB) NTFS
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================