Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:09-01-2015 Executado por Áleson (2016-01-10 13:46:34) Executando a partir de C:\Users\Áleson\Desktop Windows 8 Pro (X64) (2013-12-03 23:04:09) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-3432586907-597726681-3595710473-500 - Administrator - Disabled) Convidado (S-1-5-21-3432586907-597726681-3595710473-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3432586907-597726681-3595710473-1043 - Limited - Enabled) Áleson (S-1-5-21-3432586907-597726681-3595710473-1001 - Administrator - Enabled) => C:\Users\Áleson ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\uTorrent) (Version: 3.4.6.41634 - BitTorrent Inc.) 7-Zip 4.42 (HKLM-x32\...\7-Zip) (Version: - ) 8GadgetPack (HKLM-x32\...\{32A7C3B0-E5C3-4913-B1F2-49FE860FAA5E}) (Version: 11.0.0 - Helmut Buhler) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - ) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Reader XI - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam) Animated Northern Lights (HKLM-x32\...\Animated Northern Lights) (Version: - ) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Biblia Eletrônica 3.7.0 (HKLM-x32\...\Biblia Eletrônica_is1) (Version: - RkSoft Softwares Ltda) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cabri 3D 2.1.2 (HKLM-x32\...\cabrilog_cabri3d_21x_is1) (Version: - Cabrilog S.A.S.) Cabri 3D Plug-in 2.1.2 (HKLM-x32\...\cabrilog_cabri3d_plugin_21x_is1) (Version: - Cabrilog S.A.S.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.) Canon MG3500 series On-screen Manual (HKLM-x32\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform) CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden CloneDVD 3.6 (HKLM-x32\...\CloneDVD.exe_is1) (Version: - Copyright (C) 2003-2005 DVD X Studios.) CodeBlocks (HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation) Dicionário de Sinônimos -completo- (HKLM-x32\...\ST6UNST #1) (Version: - ) dihav PNG to Icon Converter (HKLM-x32\...\dihav PNG to Icon Converter) (Version: 1.1 - dihav) DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.44.0.738 - Innovative Solutions) DVD Architect Pro 6.0 (HKLM-x32\...\{E0E531A2-17C1-11E2-984D-1040F3E7010F}) (Version: 6.0.237 - Sony) DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink) DVDFab 9.1.8.8 (13/02/2015) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.) DVDFab Media Player 2 (HKLM-x32\...\DVDFab Media Player 2_is1) (Version: 2.4.4.1 - Fengtao Software Inc.) FastStone Image Viewer 5.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.5 - FastStone Soft) focus booster (HKLM-x32\...\com.focusboosterapp.focusbooster.air) (Version: 1.3.2 - UNKNOWN) focus booster (x32 Version: 1.3.2 - UNKNOWN) Hidden FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time) GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.7.1.1 - ) GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.82.0 - International GeoGebra Institute) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music) Icaros 2.2.6 (HKLM\...\Icaros_is1) (Version: 2.2.6.0 - Tabibito Technology) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Imagenomic Noiseware 4.2 Professional Plug-in (build 4205) (HKLM\...\ImagenomicNoisewareProPlugin) (Version: - ) Imagenomic Noiseware 5.0 Plug-in (build 5006) (HKLM\...\ImagenomicNoisewarePlugin) (Version: - ) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) iTools 3 version 3.2.0.1 (HKLM-x32\...\{06D9DD3D-5035-4E59-A505-88D54CFC2CD3}_is1) (Version: 3.2.0.1 - Thinksky, Inc.) iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.) Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation) JetBrains CLion 1.0 (HKLM-x32\...\CLion 1.0) (Version: 141.353.18 - JetBrains s.r.o.) Jumpstart Installation Program (HKLM-x32\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version: - Atheros) KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - ) MediaInfo 0.7.78 (HKLM\...\MediaInfo) (Version: 0.7.78 - MediaArea.net) MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.) MegaDownloader 1.5 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.5 - AppsForMega.info) MEGAsync 1.0.13 (HKLM-x32\...\MEGAsync) (Version: 1.0.13 - Mega Limited) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Mozilla Firefox 38.0.5 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 pt-BR)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla) Mozilla Thunderbird 31.5.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 pt-BR)) (Version: 31.5.0 - Mozilla) MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Neat Video v2.6 Pro plug-in for Sony Vegas (64-bit) (HKLM\...\Neat Video for Sony Vegas_is1) (Version: - Neat Video team, ABSoft) Nexus 12.2 (HKLM-x32\...\Winstep Xtreme_is1) (Version: - ) Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony) Novo Dicionário Aurélio (HKLM-x32\...\{498B4BF1-AD73-4AA8-99EB-18D400E42482}) (Version: 5.11 - Positivo Informática.) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden PC Metronome 1.0 (remove only) (HKLM-x32\...\PC Metronome) (Version: - ) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version: - ) PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH) PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PDF To JPG 2.0 (HKLM-x32\...\PDF To JPG_is1) (Version: - PDF To JPG) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.01.11250 - Sony Corporation) Poly Pro 1.12 (current user) (HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\PSi Poly Pro 1.12) (Version: 1.12 - Pedagoguery Software Inc.) Positivo WebCam (HKLM-x32\...\{E11C7438-7550-4676-92CE-846CC5DA3548}_is1) (Version: 1.4.1.1 - Positivo Informática S.A.) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.46 - Piriform) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.) Sound Forge Pro 11.0 (HKLM-x32\...\{437C8730-3505-11E3-9509-F04DA23A5C58}) (Version: 11.0.272 - Sony) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer) UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version: - ) Ultralingua 7.1 (HKLM-x32\...\{CFEF2383-D0AE-4284-AEFA-AFA63FD81A0A}_is1) (Version: - Ultralingua, inc.) Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony) Vitamin D Video 1.4.2 (HKLM-x32\...\Vitamin D Video_is1) (Version: - Vitamin D Video, LLC) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.45 - VSO-Software SARL) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows 8 - 8.1 KMS Activator Ultimate 2014 v1.5.1 (HKLM-x32\...\Windows 8 - 8.1 KMS Activator Ultimate 2014 v1.5.1_is1) (Version: v1.5.1 - ) WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-3432586907-597726681-3595710473-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-3432586907-597726681-3595710473-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-3432586907-597726681-3595710473-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Áleson\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) CustomCLSID: HKU\S-1-5-21-3432586907-597726681-3595710473-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Áleson\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0E83486D-3759-41BC-8E13-F79BC986296D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {36E195AF-B348-4F73-A1EB-39426CB5B6E2} - System32\Tasks\{2AA96F17-FD57-44F9-AE7D-BA5724D9D905} => pcalua.exe -a "C:\Users\Áleson\Desktop\Vencedores\KIT\CD 03\CONTEUDOS DA PRAL\tabela.exe" -d "C:\Users\Áleson\Desktop\Vencedores\KIT\CD 03\CONTEUDOS DA PRAL" Task: {391A0B10-D2F6-492B-A352-F7E0CBB31A26} - System32\Tasks\{CADDC090-8F46-4E84-A8B7-B88DEDC0E8DB} => pcalua.exe -a "C:\Program Files (x86)\ITools\iTools.exe" -d "C:\Program Files (x86)\ITools" Task: {560AA8E2-5F1A-4211-A7DD-74894103832C} - System32\Tasks\iToolsDaemon => C:\program files (x86)\thinksky\itools 3\iToolsDaemon.exe [2015-11-21] () Task: {57BA03E4-294A-4CA0-B14A-4B43BBA11240} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {6BC2F8BA-BE5D-4261-B674-EC7A9091148E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] () Task: {6DEAA354-ADEC-47C0-A081-1997A6630F1C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd) Task: {762F1F4C-7611-4739-BEF9-B21479321333} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {8A6B03F8-DE71-49F7-B50A-D4F927B95EC4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {92EE51A4-DF1D-4033-A5D2-F1D42E0B0F5C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Aleson-Áleson Pc-Aleson => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {9F1578F2-3470-4928-BC4F-310518E1E9D8} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {ADD04121-B5D5-4634-8E8C-11202C5AB019} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {CC3AFA12-4323-4B2C-A298-144A8C6A7A19} - System32\Tasks\AdobeAAMUpdater-1.0-Pc-Aleson-Áleson => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated) Task: {DFA899DB-9FE9-467D-B7BA-022DF49FED31} - System32\Tasks\{8F442529-5EB9-45E0-9A2E-85420C25A317} => pcalua.exe -a "C:\Users\Áleson\Downloads\Decifrar WIFI\Descifrar WIIFII (By Sankrex)\Descifrar WIIFII (By Sankrex)\Commview For WiFi\setup.exe" -d "C:\Users\Áleson\Downloads\Decifrar WIFI\Descifrar WIIFII (By Sankrex)\Descifrar WIIFII (By Sankrex)\Commview For WiFi" Task: {F03E2291-195F-4824-A2F0-3977EE7CB32E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {F0A35874-4E99-41A1-B528-3496F701180D} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2014-10-30] (Innovative Solutions) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\iToolsDaemon.job => C:\program files (x86)\thinksky\itools 3\iToolsDaemon.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Áleson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 ShortcutWithArgument: C:\Users\Áleson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 ==================== Módulos Carregados (Whitelisted) ============== 2015-11-17 18:21 - 2015-11-17 18:21 - 03387320 _____ () C:\ProgramData\System32\SafeGuard64.dll 2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-09-24 10:09 - 2015-12-10 10:56 - 00193456 _____ () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe 2015-10-28 19:00 - 2015-12-08 10:24 - 07142328 _____ () C:\Users\Áleson\AppData\Roaming\XBox\XBLive.exe 2014-01-19 10:36 - 2014-07-30 00:01 - 00470016 _____ () C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX64.dll 2015-08-19 18:08 - 2015-08-19 18:08 - 00452608 _____ () C:\Users\Áleson\AppData\Roaming\Mactowebise\explorerEx64.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 00522104 _____ () C:\program files (x86)\thinksky\itools 3\iToolsDaemon.exe 2012-07-26 07:40 - 2012-07-26 07:37 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2013-11-07 00:52 - 2013-11-07 00:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-08-15 17:44 - 2015-08-10 19:14 - 02105926 _____ () C:\Program Files\MegaDownloader\MegaDownloader.exe 2015-12-18 18:10 - 2015-12-11 09:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-18 18:10 - 2015-12-11 09:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll 2015-11-17 18:21 - 2015-11-17 18:21 - 02601400 _____ () C:\ProgramData\System32\SafeGuard32.dll 2015-12-10 06:09 - 2015-12-08 11:12 - 00126896 _____ () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdate.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 02318200 _____ () C:\program files (x86)\thinksky\itools 3\iOSDevice.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 01362808 _____ () C:\program files (x86)\thinksky\itools 3\MiscCore.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 00180088 _____ () C:\program files (x86)\thinksky\itools 3\MiscMods.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 00402808 _____ () C:\program files (x86)\thinksky\itools 3\TSLib.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 00668024 _____ () C:\program files (x86)\thinksky\itools 3\UICore.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 00219000 _____ () C:\program files (x86)\thinksky\itools 3\SkinSharp.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 00044920 _____ () C:\program files (x86)\thinksky\itools 3\Common.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 00152440 _____ () C:\program files (x86)\thinksky\itools 3\Network.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 00385912 _____ () C:\program files (x86)\thinksky\itools 3\MediaUtil.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 00548728 _____ () C:\program files (x86)\thinksky\itools 3\Sqlite.dll 2015-08-23 11:32 - 2015-11-21 22:02 - 00103288 _____ () C:\program files (x86)\thinksky\itools 3\ZLib.dll 2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-01-20 03:04 - 2014-07-30 00:01 - 00463360 _____ () C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX32.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2014-04-25 19:04 - 1999-12-31 21:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt AlternateDataStreams: C:\ProgramData\Temp:6B50FDB5 AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6B50FDB5 ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\caixa.gov.br -> imagem.caixa.gov.br ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2015-02-23 18:48 - 2015-02-23 18:48 - 00001611 ____N C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 tonec.com 127.0.0.1 www.tonec.com127.0.0.1 internetdownloadmanager.com127.0.0.1 star.tonec.com 127.0.0.1 rev.dyxnet.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Áleson\AppData\Roaming\Microsoft\Windows Photo Viewer\Papel de Parede do Visualizador de Fotos do Windows.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "Connectify Hotspot" HKLM\...\StartupApproved\Run: => "Connectify Dispatch" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "BlueStacks Agent" HKLM\...\StartupApproved\Run32: => "Babylon Client" HKLM\...\StartupApproved\Run32: => "ProtectBURN Video" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "IminentMessenger" HKLM\...\StartupApproved\Run32: => "Iminent" HKLM\...\StartupApproved\Run32: => "ApnTBMon" HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager" HKLM\...\StartupApproved\Run32: => "Criar Atualização do Sistema" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Ultralingua 7 Hotkey" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "BAV mini setup" HKLM\...\StartupApproved\Run32: => "jswtrayutil" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\StartupFolder: => "Facebook Messenger.lnk" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\StartupFolder: => "Stardock ObjectDock.lnk" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\StartupFolder: => "Sidebar712.lnk" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\StartupFolder: => "Sidebar738.lnk" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "DriverMax" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "HW_OPENEYE_OUC_VIVO INTERNET" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "RocketDock" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "Facebook Update" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "AlcoholAutomount" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "ares" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "Connectify-Installer" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "IDMan" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "Simple Sticky Notes" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "DriverMax_RESTART" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "Sidebar" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "MinhaBox.br" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "Windows Defender " HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\StartupApproved\Run: => "GoogleDriveSync" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{9375CC07-CC9B-48D0-A6FC-EAD3B8F1EC23}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{D235533D-DD83-4844-BCE7-5A0B8DCBC24C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{127A950A-9FD3-4ABF-8AC3-7764129C6DA6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{8A30E4DD-00B6-48A9-ACC8-D0D4C30590B8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{F5C4EEE7-2E7D-4B5A-B526-4DA028E043CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{08C68FB1-404B-4149-BB70-AD9433885F2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D0C4A792-0BCC-46FB-B78F-01F40EA2DAEA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D42989BF-5CE2-47A1-9A4A-ACE0002CDDB7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{AEEAA422-A51E-4AE3-800B-941685FDD517}] => (Allow) A:\Documents\Programas\uTorrent.exe FirewallRules: [{BCF44CF6-5EC3-4809-894A-117FFAF6E02A}] => (Allow) A:\Documents\Programas\uTorrent.exe FirewallRules: [{A54BCF1F-6393-4B2F-B1FE-EC1EC9E943D4}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{C8DBE4BF-8803-4F70-A664-461D6414C57E}] => (Allow) LPort=3050 FirewallRules: [{6B1B2480-CEB4-46D5-AA91-1CBD0AB23F4D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{D868168F-594A-42F1-AB46-94E27C199E5E}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{2E43BE09-74EE-4440-80FE-DD47DD5BA132}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{6E262CAA-80AF-4080-85BF-3309027FA101}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{E0BCDD68-740D-48E7-BD4A-15C1B4DE6B23}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{5FC202C1-0C4B-478B-80CA-FF60E606CA2A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [TCP Query User{593A63D5-7998-491E-8D03-D32026607BBA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{F2A97D75-0734-42BC-B18B-AB2E11C64DC5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{20CA7314-A39B-47B2-896B-57819EA44152}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{1C1878ED-A6EE-4730-BA3C-FE09155656AC}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [TCP Query User{4EB5ADA8-0E03-4EB7-8915-D4CAF963731F}C:\program files\winhttrack\winhttrack.exe] => (Block) C:\program files\winhttrack\winhttrack.exe FirewallRules: [UDP Query User{6AC6C286-2050-48F1-9062-CFA35037A23B}C:\program files\winhttrack\winhttrack.exe] => (Block) C:\program files\winhttrack\winhttrack.exe FirewallRules: [TCP Query User{1292AB0C-1BBD-459F-8B13-3E87EDD23604}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{B7591DD1-A35B-4115-BB47-457D304A3F9D}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{318CA9BD-DC68-4C16-B990-C1A89105E26C}C:\program files (x86)\vitamin d video\vitamin d agent.exe] => (Block) C:\program files (x86)\vitamin d video\vitamin d agent.exe FirewallRules: [UDP Query User{46F04969-7B9A-488E-8848-F150F3E9DDC9}C:\program files (x86)\vitamin d video\vitamin d agent.exe] => (Block) C:\program files (x86)\vitamin d video\vitamin d agent.exe FirewallRules: [TCP Query User{5FA96D97-21C4-4411-8AA1-0F88DBFDA74F}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe FirewallRules: [UDP Query User{BFDC6818-E6CF-4948-AFE6-2716F75BDA3C}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe FirewallRules: [TCP Query User{B10CDF4F-813D-45AF-A3D8-026DC372A546}C:\users\áleson\documents\programas\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1\arquivos\utorrent.exe] => (Allow) C:\users\áleson\documents\programas\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1\arquivos\utorrent.exe FirewallRules: [UDP Query User{A483AEFB-0583-4E67-B185-404F157F960C}C:\users\áleson\documents\programas\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1\arquivos\utorrent.exe] => (Allow) C:\users\áleson\documents\programas\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1\arquivos\utorrent.exe FirewallRules: [TCP Query User{93AFBD2E-248F-4600-9E0D-EC29CEFDB9FF}C:\users\áleson\downloads\megadownloader_v1.1_bin\megadownloader.exe] => (Allow) C:\users\áleson\downloads\megadownloader_v1.1_bin\megadownloader.exe FirewallRules: [UDP Query User{23457724-62F0-4789-A9BE-6A2E4D405697}C:\users\áleson\downloads\megadownloader_v1.1_bin\megadownloader.exe] => (Allow) C:\users\áleson\downloads\megadownloader_v1.1_bin\megadownloader.exe FirewallRules: [TCP Query User{0760E0EC-F4F1-4D50-9D25-B4FDDDD9CA6E}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe FirewallRules: [UDP Query User{E97A94FA-1579-40E3-9E19-7517B924EEA2}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe FirewallRules: [TCP Query User{37F5FB57-CE78-4BB4-8566-E79155CCD1BD}C:\users\áleson\downloads\megadownloader_v1.1_bin\megadownloader.exe] => (Allow) C:\users\áleson\downloads\megadownloader_v1.1_bin\megadownloader.exe FirewallRules: [UDP Query User{896957D8-4C7D-4D9B-8B50-FDD9C435DBE4}C:\users\áleson\downloads\megadownloader_v1.1_bin\megadownloader.exe] => (Allow) C:\users\áleson\downloads\megadownloader_v1.1_bin\megadownloader.exe FirewallRules: [TCP Query User{5566E4DC-4096-491D-B67B-5562F9E73990}C:\users\áleson\documents\programas\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1\arquivos\utorrent.exe] => (Allow) C:\users\áleson\documents\programas\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1\arquivos\utorrent.exe FirewallRules: [UDP Query User{B225A5DC-2162-4F11-AE5F-7DBD56441877}C:\users\áleson\documents\programas\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1\arquivos\utorrent.exe] => (Allow) C:\users\áleson\documents\programas\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1 - by. teteu tutors\como acelerar os downloads do utorrent 3.3.1\arquivos\utorrent.exe FirewallRules: [{F28D0500-E0D4-470E-8CCD-C44BF99BE134}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{440BE007-69BF-4AF6-ABB3-A7D2AFEC5B56}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [TCP Query User{DF2D5266-0B73-452D-97E6-DD3010616A9E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{5CE42C2B-BC0F-44DC-B13F-153E9D5685A9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{45469C3B-090E-4DF5-812C-3AE74EDC4EE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C5F298E4-408B-45E7-945D-1E5C92223E91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{12A9F83B-408C-4C83-B7CE-B0D9A980A70F}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{B7400691-9F5B-40D0-865A-7BD2AC415865}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe FirewallRules: [UDP Query User{103B2CEE-7BF6-4D69-8CEB-D750D1BBCB3E}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe FirewallRules: [{94D4A7CA-1638-4E9E-A136-F4011F6BE158}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{86FEA00A-800C-4C9B-99A8-BE1F3BF7B2C6}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{3E5525B6-6D78-47F2-A828-33522AE2D674}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{FBC8E308-F260-4EE6-B757-305D1F090D31}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [TCP Query User{B2979BE3-813A-4A9E-A81B-F02D7DDD45E6}C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe FirewallRules: [UDP Query User{525AC802-CF77-45FD-A337-3BBE9B5257CD}C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe FirewallRules: [{E2961D3F-4AC8-432E-B647-B2FCE4267125}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [{1C54ACCE-3D90-4966-883A-FB73149DEB26}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{6C21EE86-E016-4B1C-82F7-2ACAFB2555ED}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{0984D31D-EFCB-4744-8684-1C6F6FFD5F0C}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [TCP Query User{060D9016-7893-4D3A-924B-09E8AAC41595}C:\program files (x86)\jetbrains\clion 1.0\bin\clion64.exe] => (Allow) C:\program files (x86)\jetbrains\clion 1.0\bin\clion64.exe FirewallRules: [UDP Query User{906E7CBB-5DDD-4894-865F-63555BD3D932}C:\program files (x86)\jetbrains\clion 1.0\bin\clion64.exe] => (Allow) C:\program files (x86)\jetbrains\clion 1.0\bin\clion64.exe FirewallRules: [TCP Query User{FFF017A7-D009-4EAE-84CA-6A2931109871}C:\program files\megadownloader\megadownloader.exe] => (Allow) C:\program files\megadownloader\megadownloader.exe FirewallRules: [UDP Query User{9C72E778-5BC7-48D5-BD5E-D1D09F482947}C:\program files\megadownloader\megadownloader.exe] => (Allow) C:\program files\megadownloader\megadownloader.exe FirewallRules: [{A09D2773-952A-4876-874A-741991B02C4E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C17CE31D-FBDB-4CF6-837B-0D2A548F845D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{744747D6-6540-4D40-80CC-2B96D6E9FF6E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{106FEF68-039A-42EC-9CE9-3606A4141774}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{4C990C1D-011E-4823-A0B6-96048F04D5AD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{CEE5AE37-2463-4148-B855-C928883FDF91}] => (Allow) C:\Users\Áleson\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7957DF0C-F304-4337-832F-9B1D63E01C5A}] => (Allow) C:\Users\Áleson\AppData\Roaming\uTorrent\uTorrent.exe ==================== Pontos de Restauração ========================= 22-12-2015 11:15:54 Installed Google Drive 30-12-2015 22:00:18 Ponto de Verificação Agendado 08-01-2016 11:33:55 Ponto de Verificação Agendado 08-01-2016 16:22:07 Revo Uninstaller Pro's restore point - MEGA Link Downloader version 1.9.3 08-01-2016 16:25:49 Revo Uninstaller Pro's restore point - Ashampoo Burning Studio 2012 v10.0.15 09-01-2016 01:36:48 Revo Uninstaller Pro's restore point - eXtra Buttons 09-01-2016 01:38:25 Revo Uninstaller Pro's restore point - µTorrent ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Adaptador de Túnel Teredo da Microsoft Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: pcouffin device ... Description: pcouffin device ... Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: VSO Software class ... Description: VSO Software class ... Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: VSO Software class ... Description: VSO Software class ... Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (01/10/2016 01:27:29 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8 Error: (01/10/2016 01:27:23 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8 Error: (01/10/2016 01:27:23 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: LsaC:\Windows\System32\Secur32.dll8 Error: (01/10/2016 01:27:23 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: ESENTC:\WINDOWS\system32\esentprf.dll8 Error: (01/10/2016 01:27:23 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/10/2016 01:26:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0x00000000 Deslocamento da falha: 0x000007f8d9480560 ID do processo com falha: 0x868 Hora de início do aplicativo com falha: 0xService_KMS.exe0 Caminho do aplicativo com falha: Service_KMS.exe1 Caminho do módulo com falha: Service_KMS.exe2 ID do Relatório: Service_KMS.exe3 Nome completo do pacote com falha: Service_KMS.exe4 ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5 Error: (01/10/2016 01:26:44 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Serviço não pode ser iniciado. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. em BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) em System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (01/10/2016 01:08:41 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8 Error: (01/10/2016 01:08:41 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8 Error: (01/10/2016 01:08:41 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: LsaC:\Windows\System32\Secur32.dll8 Erros de Sistema: ============= Error: (01/10/2016 01:42:55 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Áleson\AppData\Local\Temp\{EBB5A057-2AE2-429E-BCA6 Error: (01/10/2016 01:27:14 AM) (Source: sptd) (EventID: 4) (User: ) Description: O driver detectou um erro interno nas estruturas de dados para . Error: (01/10/2016 01:26:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Service KMSELDI foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/10/2016 01:26:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: %%2 Error: (01/10/2016 01:26:44 AM) (Source: sptd) (EventID: 4) (User: ) Description: O driver detectou um erro interno nas estruturas de dados para . Error: (01/10/2016 01:26:44 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço BlueStacks Android Service terminou com o erro: %%1064 Error: (01/10/2016 01:26:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Baidu Hips Service devido ao seguinte erro: %%2 Error: (01/10/2016 01:26:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Baidu AntiVirus Service devido ao seguinte erro: %%2 Error: (01/10/2016 01:26:42 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORIDADE NT) Description: Falha na inicialização do Módulo de Extensibilidade de WLAN. Caminho do Módulo: C:\WINDOWS\system32\Rtlihvs.dll Código de Erro: 126 Error: (01/10/2016 01:26:42 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Serviço Net Service Event Handler suspenso ao iniciar. CodeIntegrity: =================================== Date: 2016-01-10 01:42:55.462 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Áleson\AppData\Local\Temp\{EBB5A057-2AE2-429E-BCA6-4DA2F27A3C69}\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-09 02:44:17.187 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Áleson\AppData\Local\Temp\{F0B3CB67-DFA5-4C9C-98A9-5FC40943368A}\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-09 02:34:34.264 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Áleson\AppData\Local\Temp\{FBB21377-08CE-49D3-AC1C-BEE660F21847}\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz Percentagem de memória em uso: 46% RAM física total: 7633.65 MB RAM física disponível: 4076.77 MB Virtual Total: 8785.65 MB Virtual disponível: 4654.11 MB ==================== Drives ================================ Drive a: (Áleson) (Fixed) (Total:323.76 GB) (Free:24.48 GB) NTFS Drive c: (Windows) (Fixed) (Total:354.83 GB) (Free:43.49 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 7CEFD15F) Partition: GPT. ==================== Fim de Addition.txt ============================