Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 12-11-2017 03
Executado por SECRETARIA (14-11-2017 09:12:19)
Executando a partir de C:\Users\SECRETARIA\Downloads
Windows 7 Professional Service Pack 1 (X64) (2017-01-02 12:39:36)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1169395475-793697430-2200396022-500 - Administrator - Disabled)
Convidado (S-1-5-21-1169395475-793697430-2200396022-501 - Limited - Enabled)
SECRETARIA (S-1-5-21-1169395475-793697430-2200396022-1000 - Administrator - Enabled) => C:\Users\SECRETARIA

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: McAfee VirusScan Enterprise (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan Enterprise Antispyware Module (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assistente Pimaco (HKU\S-1-5-21-1169395475-793697430-2200396022-1000\...\f13530c4a56b1c86) (Version: 3.0.0.35 - Bic Amazonia SA)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Carsybde v. 1.1 (HKLM-x32\...\Carsybde_is1) (Version: - Carsy Sistemas)
Cobrança CAIXA (HKLM-x32\...\Cobrança CAIXA) (Version: - )
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
Firebird 1.5.0.4306 (HKLM-x32\...\FBDBServer_1_5_is1) (Version: - Firebird Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.2973 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
McAfee Agent (HKLM-x32\...\{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.00000 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
MuAwaY (HKLM-x32\...\{BF0A17B1-4001-4B4B-8C7F-BD851C2DFE8A}) (Version: 2.15.4 - MuAwaY)
NetSurveillance (HKLM-x32\...\NetSurveillance) (Version: - )
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.2 - Notepad++ Team)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Warsaw 2.0.3.2 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.0.3.2 - GAS Tecnologia)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-02-12] ()
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-11-17] (Apple Inc.)
ContextMenuHandlers1: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2011-01-12] (McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-11] (Alexander Roshal)
ContextMenuHandlers4: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2011-01-12] (McAfee, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-01-23] (Intel Corporation)
ContextMenuHandlers6: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2011-01-12] (McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-11] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {50FB509F-F309-4C11-BF42-98492B09040A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated)
Task: {58A9337F-84D3-4BC7-A2B6-3A0DE10EC92E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6B6B64E2-F66F-4E4A-9E87-BCC2998DDC18} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-02] (Google Inc.)
Task: {8066AFE0-695B-4C56-AE14-8AD0499A9806} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-02] (Google Inc.)
Task: {A80C55D5-4FA0-4F5F-9E16-4B78700E4E63} - System32\Tasks\{E85D0D27-8116-40F3-89F4-C4D2A3CE806D} => C:\Windows\system32\pcalua.exe -a C:\Users\SECRETARIA\Downloads\GBPCEF.exe -d C:\Users\SECRETARIA\Downloads -c admin_service
Task: {BDCC64CE-442C-42A4-8F93-9F1D713D0631} - System32\Tasks\SYSSECRETARIAPC51 => C:\Windows\SysWOW64\Java\vqqovppc.0rg.vbs [2017-05-03] ()
Task: {DEC430B9-4701-466D-84A2-5EE06685E463} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1169395475-793697430-2200396022-1000

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


Shortcut: C:\Users\SECRETARIA\Desktop\ApusWeb.bat.lnk -> C:\CAIXA\Cobranca\ApusWeb.bat ()
Shortcut: C:\Users\SECRETARIA\Desktop\Backup - Aclon.lnk -> C:\Aclon\bkp.bat ()

ShortcutWithArgument: C:\Users\SECRETARIA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\SECRETARIA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\SECRETARIA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\SECRETARIA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"

==================== Módulos Carregados (Whitelisted) ==============

2017-01-02 12:14 - 2012-09-29 13:25 - 000409088 _____ () C:\Windows\System32\HPM1210LM.DLL
2017-01-02 12:15 - 2012-09-29 13:25 - 000074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-02-28 03:08 - 2010-02-28 03:08 - 001549152 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2017-01-02 12:14 - 2012-09-29 13:26 - 003120128 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2017-01-02 12:14 - 2012-09-29 13:53 - 001038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2017-01-02 12:14 - 2012-09-29 13:25 - 000363008 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hpm1210sd.dll
2017-09-26 18:07 - 2017-09-21 05:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-26 18:07 - 2017-09-21 05:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2007-04-18 19:30 - 2007-04-18 19:30 - 000393216 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
2007-04-18 19:30 - 2007-04-18 19:30 - 000471040 _____ () C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
2011-01-12 16:05 - 2011-01-12 16:05 - 000065536 _____ () C:\Program Files (x86)\McAfee\Common Framework\boost_thread-vc80-mt-1_32.dll
2011-01-12 20:46 - 2011-01-12 20:46 - 000150032 _____ () C:\Program Files (x86)\McAfee\VirusScan Enterprise\WscAv.dll
2016-11-17 01:29 - 2016-11-17 01:29 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-17 01:29 - 2016-11-17 01:29 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 004254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-01-02 14:54 - 1999-11-12 05:11 - 000589312 _____ () C:\Pacto\BDE\IDAPI32.DLL
2017-01-02 14:54 - 1999-11-12 05:11 - 000116736 _____ () C:\Pacto\BDE\IDR20009.DLL
2017-01-02 14:54 - 1999-11-12 05:11 - 000101376 _____ () C:\Pacto\BDE\BANTAM.DLL
2017-01-02 11:07 - 2013-02-15 18:37 - 000390144 _____ () C:\Aclon\SQLINT32.DLL
2017-01-02 14:54 - 1999-11-12 05:11 - 000255488 _____ () C:\Pacto\BDE\IDPDX32.DLL

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\Users\SECRETARIA\Desktop\laura.jpeg:3or4kl4x13tuuug3Byamue2s4b [105]
AlternateDataStreams: C:\Users\SECRETARIA\Desktop\laura.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\SECRETARIA\Desktop\MANSTELA.jpeg:3or4kl4x13tuuug3Byamue2s4b [105]
AlternateDataStreams: C:\Users\SECRETARIA\Desktop\MANSTELA.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-1169395475-793697430-2200396022-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:34 - 2009-06-10 19:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1169395475-793697430-2200396022-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SECRETARIA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.25.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{709E82A2-951A-4A53-B97C-96088BE91870}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{17064CC4-3FA4-43B7-890E-24AAE4C7DB7A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{89C59A7F-7216-4810-AF1A-522201F24B98}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{E61AC1D2-920D-4467-949E-DF1CEE3EA2F1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F789F1E4-19F1-4B56-9D74-E7E75495E0BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{71300644-BE3F-4744-A2E4-6523DC3D770B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D592D2E6-B50E-41AE-B58E-4716093B4676}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B252A9EB-7D53-4646-91CC-7688D4595985}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{3EB61556-8C1B-460F-9596-AC95BB453470}\\192.168.25.150\pacto\aclon\executaveis\nkhm.exe] => (Allow) \\192.168.25.150\pacto\aclon\executaveis\nkhm.exe
FirewallRules: [UDP Query User{A3DEE2B6-87CF-4098-B7F1-86D59300B9D0}\\192.168.25.150\pacto\aclon\executaveis\nkhm.exe] => (Allow) \\192.168.25.150\pacto\aclon\executaveis\nkhm.exe
FirewallRules: [TCP Query User{F9B92121-413F-4FAD-9C28-85CC7F36C69F}C:\windows\syswow64\java\syssecretariapc51.exe] => (Allow) C:\windows\syswow64\java\syssecretariapc51.exe
FirewallRules: [UDP Query User{F61025D5-9320-4B1F-A594-C38563D4E70B}C:\windows\syswow64\java\syssecretariapc51.exe] => (Allow) C:\windows\syswow64\java\syssecretariapc51.exe
FirewallRules: [{00B2CEA7-C9F9-48D4-81C1-E3AE69D8E557}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{B9E5D7D0-506A-4744-8350-B0024A9E9C9A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{70E85BF5-EA7A-45D2-80C2-DBD567BF6E18}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{8EE79943-296C-4287-8143-EF2DD606A94E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{3BF1E1E4-BC6F-4680-A76F-26562956057B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{72A89D6E-29AC-444E-9E58-4F0D03E59660}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{80DB79A3-166F-4D5B-8B8D-6AA1A43AB284}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{E9C7E96C-CEF5-4DE9-986F-0113D4DC80D5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{FD575AED-B371-42CC-A526-9CCD7157A44A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C44B5B0A-C556-4AFE-8488-EA7AFC8EC3A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CD54DB32-AEA9-49E8-A11F-75A42B8C98CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4E5D1F2F-BF9D-4F9C-82C0-EBA8D9881154}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{919D2B16-E401-41B2-8CD1-51F9ED6B0828}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F64EC705-D8B6-427E-8882-DF87B8966137}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{4EC25E4A-A3A7-4D0A-BDE0-07A38ECAFDD1}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{030D673C-DA9B-4D15-A6DE-D6BAB7A75B30}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{F0312003-2460-40E9-B1E3-9995E08268DC}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{0DE9710A-2744-409E-ADD0-E583E069F5AF}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{BA60E8BB-1348-4D71-B45C-B3AB64C43392}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe

==================== Pontos de Restauração =========================

20-02-2017 13:30:20 Removed Java 8 Update 111
07-06-2017 10:06:47 DirectX instalado
09-11-2017 12:41:02 McAfee VirusScan Enterprise instalado.

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Controlador de comunicação PCI simples
Description: Controlador de comunicação PCI simples
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controlador de barramento SM
Description: Controlador de barramento SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Warsaw - Driver (PP)
Description: Warsaw - Driver (PP)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wsddpp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Warsaw - Driver (PRM)
Description: Warsaw - Driver (PRM)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wsddprm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Controlador USB (Universal Serial Bus)
Description: Controlador USB (Universal Serial Bus)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (11/14/2017 09:05:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.1.7601.17514 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: c7c

Hora de Início: 01d35d3237ec9fe2

Hora de Término: 6

Caminho do Aplicativo: C:\Windows\Explorer.EXE

Id do Relatório: aac5bea2-c92b-11e7-b38f-305a3a9f9d8f

Error: (11/14/2017 08:14:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/14/2017 07:59:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/14/2017 07:54:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/14/2017 07:43:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/13/2017 07:17:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/12/2017 07:44:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/11/2017 07:59:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/10/2017 07:06:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/09/2017 12:51:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


Erros de Sistema:
=============
Error: (11/09/2017 12:26:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Avira Service Host.

Error: (11/09/2017 12:25:07 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 70.

Error: (11/09/2017 12:25:07 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 70.

Error: (11/09/2017 12:25:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Proteção de Software foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.

Error: (11/09/2017 12:25:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Instalador de Módulos do Windows foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.

Error: (11/09/2017 12:25:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Firebird Guardian - DefaultInstance foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (11/09/2017 12:25:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço iPod Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (11/09/2017 12:25:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Office Software Protection Platform foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (11/09/2017 12:25:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Firebird Server - DefaultInstance foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (11/09/2017 12:25:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz
Percentagem de memória em uso: 60%
RAM física total: 8063.84 MB
RAM física disponível: 3200.46 MB
Virtual Total: 16125.89 MB
Virtual disponível: 11531.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:390.53 GB) (Free:310.41 GB) NTFS
Drive d: () (Fixed) (Total:540.89 GB) (Free:493.33 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2F9A9FBE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================