Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-10-2015 02 Ran by REUSER (2015-10-26 11:08:05) Running from C:\Users\REUSER\Desktop Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2014-08-18 13:47:21) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-4239907203-2040608953-2034321256-500 - Administrator - Disabled) Convidado (S-1-5-21-4239907203-2040608953-2034321256-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4239907203-2040608953-2034321256-1003 - Limited - Enabled) REUSER (S-1-5-21-4239907203-2040608953-2034321256-1000 - Administrator - Enabled) => C:\Users\REUSER ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated) Adobe Reader XI - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated) Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft) Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft) Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft) Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft) Avast Free Antivirus (HKLM\...\avast) (Version: 10.4.2233 - AVAST Software) CorelDRAW Graphics Suite X7 - BR (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (Version: 17.5 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (HKLM\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.5.0.907 - Corel Corporation) CorelDRAW Graphics Suite X7 (Version: 17.5 - Corel Corporation) Hidden Free YouTube Download version 3.2.56.324 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.56.324 - DVDVideoSoft Ltd.) GBBD Caixa Economica Federal (HKLM\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.11.0.1 - ) Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2015) (Version: 1.2 - Receita Federal do Brasil) Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Módulo de Segurança - Banco do Brasil (HKLM\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.11.0.1 - ) Mozilla Firefox 40.0.3 (x86 pt-BR) (HKLM\...\Mozilla Firefox 40.0.3 (x86 pt-BR)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 7 Essentials (HKLM\...\{27C0CED3-E9FA-4EA0-96AA-FAECE5F81046}) (Version: 7.03.0824 - Nero AG) Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.73.618.2013 - Realtek) Realtek PCIE Card Reader (HKLM\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.27038 - Realtek Semiconductor Corp.) Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados) TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.45471 - TeamViewer) Uniko Desktop (HKLM\...\{3E221813-72F4-498B-BC2A-B7A0B1653ECF}) (Version: 2.0.5269 - UNIPROD Tecnologia em Sistemas) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Warsaw 1.7.0.10188 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.7.0.10188 - GAS Tecnologia) Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4239907203-2040608953-2034321256-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\REUSER\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-4239907203-2040608953-2034321256-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\REUSER\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-4239907203-2040608953-2034321256-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\REUSER\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-4239907203-2040608953-2034321256-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\REUSER\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia) ==================== Restore Points ========================= 15-04-2015 21:33:05 Windows Update 16-04-2015 13:50:21 Windows Update 17-04-2015 11:36:25 Windows Update 21-04-2015 20:25:43 Windows Update 22-04-2015 15:52:41 avast! antivirus system restore point 22-04-2015 16:17:23 Instalação de Pacote de Driver de Dispositivo: Avast Serviço de Rede 28-04-2015 18:04:59 Windows Update 05-05-2015 16:36:11 Windows Update 06-05-2015 15:33:18 avast! antivirus system restore point 09-05-2015 21:48:54 Windows Update 13-05-2015 13:36:15 Windows Update 15-05-2015 19:59:47 Windows Update 16-05-2015 19:50:07 Windows Update 16-05-2015 20:56:50 Windows Update 19-05-2015 21:38:38 Windows Update 20-05-2015 00:13:01 Windows Update 26-05-2015 12:53:44 Windows Update 30-05-2015 16:14:41 zoek.exe restore point 01-06-2015 23:21:25 Windows Update 06-06-2015 13:05:48 Windows Update 10-06-2015 17:24:05 Windows Update 15-06-2015 13:08:04 Windows Update 20-06-2015 11:42:32 Windows Update 24-06-2015 15:48:34 Windows Update 30-06-2015 14:10:42 Windows Update 05-07-2015 14:56:51 Windows Update 10-07-2015 13:05:59 Windows Update 14-07-2015 23:56:55 Windows Update 15-07-2015 23:52:00 Windows Update 21-07-2015 12:03:50 Windows Update 21-07-2015 14:26:52 Windows Update 24-07-2015 14:47:14 Windows Update 27-07-2015 08:28:28 Windows Update 29-07-2015 11:56:18 Windows Update 05-08-2015 08:33:18 Windows Update 11-08-2015 18:35:07 Windows Update 11-08-2015 20:07:16 Windows Update 14-08-2015 22:02:28 Windows Update 18-08-2015 18:54:47 Windows Update 20-08-2015 21:10:23 Windows Update 28-08-2015 00:08:53 Ponto de Verificação Agendado 28-08-2015 08:04:07 Windows Update 01-09-2015 23:33:08 Windows Update 08-09-2015 19:56:47 Windows Update 09-09-2015 18:18:05 Windows Update 15-09-2015 19:55:52 Windows Update 22-09-2015 08:07:27 Windows Update 28-09-2015 07:28:06 Windows Update 02-10-2015 08:15:45 Windows Update 06-10-2015 07:29:26 Windows Update 08-10-2015 00:45:00 Windows Update 12-10-2015 15:50:39 avast! antivirus system restore point 12-10-2015 19:41:14 Windows Defender Checkpoint 12-10-2015 19:44:45 zoek.exe restore point 13-10-2015 12:45:00 Windows Update 14-10-2015 21:58:05 Windows Update 20-10-2015 21:54:34 Windows Update 24-10-2015 09:48:32 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 00:04 - 2015-10-12 19:53 - 00000841 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0FD3BED1-B205-4EA3-9BF5-667A4E506715} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-12] (AVAST Software) Task: {19569533-0AF1-44FF-8E55-16E0C546F9AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {2F7891FD-4C9E-45BD-B608-BF2EAE0DCEE1} - \avastBCLRestart_chrome.exe -> No File <==== ATTENTION Task: {6BC264FD-B203-41B5-9CEE-D9830E9816D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated) Task: {87431619-A56D-44D0-8707-443F9267994B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {893EA601-DAF4-4300-BDAB-D5DC6A34A8F5} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] () Task: {DE1D5ED4-C448-4BA6-A898-DA9B5DFC6F59} - System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => C:\Users\REUSER\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job => C:\Users\REUSER\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe’-RunCheckUpdate C:\Users\REUSER\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2015-10-12 15:52 - 2015-10-12 15:52 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-10-12 15:52 - 2015-10-12 15:52 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-10-25 16:13 - 2015-10-25 16:13 - 02997616 _____ () C:\Program Files\AVAST Software\Avast\defs\15102503\algo.dll 2015-10-26 11:01 - 2015-10-26 11:01 - 02997616 _____ () C:\Program Files\AVAST Software\Avast\defs\15102601\algo.dll 2015-10-12 15:52 - 2015-10-12 15:52 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-08-18 13:08 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\REUSER\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2014-08-18 13:08 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\REUSER\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== AlternateDataStreams: C:\Windows\System32:500FC447_Bb.gbp AlternateDataStreams: C:\Windows\System32:500FC447_Cef.gbp AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4239907203-2040608953-2034321256-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-4239907203-2040608953-2034321256-1000\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-4239907203-2040608953-2034321256-1000\...\caixa.gov.br -> imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-4239907203-2040608953-2034321256-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4239907203-2040608953-2034321256-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\REUSER\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{3F4C1CAF-5BFE-43A9-B698-F16437B02AD2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{A939E879-1B2D-47E5-907C-C89D50856BD9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A3990C92-0470-4BCB-9948-9AC63E3CABFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{E9BCBA17-F15A-4C53-B88C-70468F29BE4C}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe FirewallRules: [UDP Query User{6C89DD75-9786-4953-BE89-0E3A4E24007F}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe FirewallRules: [{B624A439-4D9D-4440-84EF-8DB0DB8E5C8F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{D7CB6487-596E-4FA0-939C-7592D82191A8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [TCP Query User{A92741A0-8FD7-426B-ADBF-8E88472096A6}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe FirewallRules: [UDP Query User{BCA4A962-A579-4A9D-930E-BA2A3328E850}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe FirewallRules: [{5768E5EE-ED80-4275-A971-E76359B7F4D9}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [TCP Query User{35CB0791-7323-4600-9814-67AB0ED91BF2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{981A8CF7-8064-4236-BE7B-5EC7F44049C4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{5908829E-278E-4EFC-B640-2006953EF954}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe FirewallRules: [{E97C8DC2-6FD6-4FA1-B2CC-95CF3030B5C2}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe FirewallRules: [TCP Query User{E3CD7BE2-A131-43F2-9ADF-D6D3C746E7A0}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe FirewallRules: [UDP Query User{004B37D8-59E0-4CEF-90D9-3CD7156FE1FB}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe FirewallRules: [{45513487-8866-46F6-9782-824581460B9B}] => (Allow) C:\Users\REUSER\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{2AC590DF-68A1-42F7-BA56-EBCA4BCBC0E9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{F4D21191-8717-441D-B110-83C34E91C8AA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{4143674A-E465-4B04-91AD-D0FD686E7CBE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{B4F76859-A12C-4FD5-82C9-72CAB3BBE042}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{4DA64426-8FB4-4159-A48A-756C23C6B3C2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Controlador de barramento SM Description: Controlador de barramento SM Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Controlador de criptografia/descriptografia PCI Description: Controlador de criptografia/descriptografia PCI Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Intel(R) HD Graphics P3000 Description: Intel(R) HD Graphics P3000 Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Corporation Service: igfx Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: Controlador USB (Universal Serial Bus) Description: Controlador USB (Universal Serial Bus) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/26/2015 11:00:51 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: Netlog.exe, versão: 3.0.0.0, carimbo de hora: 0x55755e7d Nome do módulo de falhas: Netlog.exe, versão: 3.0.0.0, carimbo de hora: 0x55755e7d Código de exceção: 0x40000015 Deslocamento com falha: 0x0000e2a4 Identificação do processo com falha: 0x1150 Hora de início do aplicativo com falha: 0xNetlog.exe0 Caminho do aplicativo com falha: Netlog.exe1 FCaminho do módulo de falhas: Netlog.exe2 Identificação do Relatório: Netlog.exe3 Error: (10/26/2015 10:59:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: Netlog.exe, versão: 3.0.0.0, carimbo de hora: 0x55755e7d Nome do módulo de falhas: Netlog.exe, versão: 3.0.0.0, carimbo de hora: 0x55755e7d Código de exceção: 0x40000015 Deslocamento com falha: 0x0000e2a4 Identificação do processo com falha: 0x7bc Hora de início do aplicativo com falha: 0xNetlog.exe0 Caminho do aplicativo com falha: Netlog.exe1 FCaminho do módulo de falhas: Netlog.exe2 Identificação do Relatório: Netlog.exe3 Error: (10/26/2015 07:13:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: Netlog.exe, versão: 3.0.0.0, carimbo de hora: 0x55755e7d Nome do módulo de falhas: Netlog.exe, versão: 3.0.0.0, carimbo de hora: 0x55755e7d Código de exceção: 0x40000015 Deslocamento com falha: 0x0000e2a4 Identificação do processo com falha: 0x1578 Hora de início do aplicativo com falha: 0xNetlog.exe0 Caminho do aplicativo com falha: Netlog.exe1 FCaminho do módulo de falhas: Netlog.exe2 Identificação do Relatório: Netlog.exe3 Error: (10/26/2015 07:12:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: Netlog.exe, versão: 3.0.0.0, carimbo de hora: 0x55755e7d Nome do módulo de falhas: Netlog.exe, versão: 3.0.0.0, carimbo de hora: 0x55755e7d Código de exceção: 0x40000015 Deslocamento com falha: 0x0000e2a4 Identificação do processo com falha: 0x6e8 Hora de início do aplicativo com falha: 0xNetlog.exe0 Caminho do aplicativo com falha: Netlog.exe1 FCaminho do módulo de falhas: Netlog.exe2 Identificação do Relatório: Netlog.exe3 Error: (10/25/2015 04:18:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de hora: 0x55c116b1 Nome do módulo de falhas: jucheck.exe, versão: 2.8.60.27, carimbo de hora: 0x55c116b1 Código de exceção: 0x40000015 Deslocamento com falha: 0x00052d24 Identificação do processo com falha: 0xd7c Hora de início do aplicativo com falha: 0xjucheck.exe0 Caminho do aplicativo com falha: jucheck.exe1 FCaminho do módulo de falhas: jucheck.exe2 Identificação do Relatório: jucheck.exe3 Error: (10/22/2015 06:46:02 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: netservice.exe, versão: 3.0.0.0, carimbo de hora: 0x550bc876 Nome do módulo de falhas: netservice.exe, versão: 3.0.0.0, carimbo de hora: 0x550bc876 Código de exceção: 0x40000015 Deslocamento com falha: 0x00010dc8 Identificação do processo com falha: 0x1c0 Hora de início do aplicativo com falha: 0xnetservice.exe0 Caminho do aplicativo com falha: netservice.exe1 FCaminho do módulo de falhas: netservice.exe2 Identificação do Relatório: netservice.exe3 Error: (10/14/2015 10:05:04 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Não é possível inicializar o monitoramento de desempenho não para o objeto coletor, pois os contadores não estão carregados ou o objeto de memória compartilhado não pode ser aberto. Isso afeta somente a disponibilidade dos contadores de desempenho. Reinicie o computador. Contexto: Aplicativo , Catálogo SystemIndex Error: (10/14/2015 07:20:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de hora: 0x55c116b1 Nome do módulo de falhas: jucheck.exe, versão: 2.8.60.27, carimbo de hora: 0x55c116b1 Código de exceção: 0x40000015 Deslocamento com falha: 0x00052d24 Identificação do processo com falha: 0xc84 Hora de início do aplicativo com falha: 0xjucheck.exe0 Caminho do aplicativo com falha: jucheck.exe1 FCaminho do módulo de falhas: jucheck.exe2 Identificação do Relatório: jucheck.exe3 Error: (10/12/2015 07:46:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: DaS_21.exe, versão: 2.1.0.4, carimbo de hora: 0x540c90b2 Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.18847, carimbo de hora: 0x554d7b00 Código de exceção: 0xe0434352 Deslocamento com falha: 0x0000812f Identificação do processo com falha: 0x16e4 Hora de início do aplicativo com falha: 0xDaS_21.exe0 Caminho do aplicativo com falha: DaS_21.exe1 FCaminho do módulo de falhas: DaS_21.exe2 Identificação do Relatório: DaS_21.exe3 Error: (10/12/2015 07:46:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: DaS_21.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.Security.SecurityException Pilha: em System.ThrowHelper.ThrowSecurityException(System.ExceptionResource) em Microsoft.Win32.RegistryKey.OpenSubKey(System.String, Boolean) em Microsoft.Win32.RegistryKey.OpenSubKey(System.String) em DriverAndServicesOut.GetProcess.GetPathName(System.String) em DriverAndServicesOut.GetProcess.GetAllServices(System.String) em DriverAndServicesOut.Program.Main(System.String[]) System errors: ============= Error: (10/26/2015 11:01:01 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Executar o programa de recuperação configurado) após a finalização inesperada do serviço Internet Log Handler, mas essa ação falhou com o seguinte erro: %%2 Error: (10/26/2015 11:00:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Internet Log Handler foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Executar o programa de recuperação configurado. Error: (10/26/2015 10:59:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Internet Log Handler foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (10/26/2015 10:59:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço VBoxAsw Support Driver devido ao seguinte erro: %%3 Error: (10/26/2015 07:13:55 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Executar o programa de recuperação configurado) após a finalização inesperada do serviço Internet Log Handler, mas essa ação falhou com o seguinte erro: %%2 Error: (10/26/2015 07:13:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Internet Log Handler foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Executar o programa de recuperação configurado. Error: (10/26/2015 07:12:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Internet Log Handler foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (10/26/2015 07:04:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço VBoxAsw Support Driver devido ao seguinte erro: %%3 Error: (10/25/2015 04:12:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço VBoxAsw Support Driver devido ao seguinte erro: %%3 Error: (10/24/2015 09:41:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço VBoxAsw Support Driver devido ao seguinte erro: %%3 CodeIntegrity: =================================== Date: 2015-10-26 10:59:14.882 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-26 07:44:47.492 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-26 07:30:25.444 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-26 07:04:11.544 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-25 16:34:36.164 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-25 16:22:04.554 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-25 16:12:20.772 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-24 09:53:13.140 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-24 09:41:23.797 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-22 11:22:28.042 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU N2820 @ 2.13GHz Percentage of memory in use: 53% Total physical RAM: 1934.36 MB Available physical RAM: 895.69 MB Total Virtual: 3868.73 MB Available Virtual: 2658.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:170.87 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E3C7AA6F) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================