Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:07-02-2016 Executado por Victor (2016-02-11 17:32:31) Executando a partir de C:\Users\Victor\Desktop Microsoft Windows 8.1 Pro (X86) (2013-11-21 15:12:12) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-4261171341-52529390-1025842320-500 - Administrator - Disabled) Convidado (S-1-5-21-4261171341-52529390-1025842320-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-4261171341-52529390-1025842320-1038 - Limited - Enabled) Victor (S-1-5-21-4261171341-52529390-1025842320-1001 - Administrator - Enabled) => C:\Users\Victor ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden 7-Zip 9.21beta (HKLM\...\7-Zip) (Version: - ) ACBrMonitor-0.8.2b (HKLM\...\ACBrMonitor_is1) (Version: - Projeto ACBr) ACBrNFeMonitor2-CAPICOM-0.8.12.3 (HKLM\...\ACBrNFeMonitor_is1) (Version: - Projeto ACBr) Adobe Photoshop CS3 (HKLM\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated) Aplicativo Itaú (HKLM\...\{F88F4F33-A3C7-4B34-AFEA-944E29A95F62}) (Version: 1.0.58 - Banco Itaú) Ares 2.2.2 (HKLM\...\Ares) (Version: 2.2.2-Build#3046 - Ares Development Group) AsuOnline 1.3 (HKLM\...\{E3DACD3C-E527-4AC1-99A3-B82D8D4C24D1}_is1) (Version: - ASU - Associação dos Servidores da Unesp) Bematech WinMFD2 2.4 (HKLM\...\Bematech WinMFD2_is1) (Version: - Bematech S.A) BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden C4500 (Version: 140.0.425.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP) Classic Shell (HKLM\...\{ED436519-8A0E-4CD0-987C-174D134513C2}) (Version: 4.0.2 - IvoSoft) ClientASU 3.0 (HKLM\...\ClientASU_is1) (Version: - ConsCiência Soluções e Tecnologia) CMS (HKLM\...\CMS) (Version: - ) Comunix - Terminal v06.08 (HKLM\...\Terminal_is1) (Version: - ) Copy (Version: 140.0.298.000 - Hewlett-Packard) Hidden Destinations (Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 140.0.298.000 - Hewlett-Packard) Hidden Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 5.4.5.124 - Foxit Corporation) GBBD Caixa Economica Federal (HKLM\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - ) GemPcCCID (HKLM\...\{8BD3AFAF-636E-4516-A7E8-D57CCDBE28B8}) (Version: 2.0.1 - Gemalto) Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden GPBaseService2 (Version: 140.0.297.000 - Hewlett-Packard) Hidden Guardião - Itaú 30 horas (HKLM\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.10.0.1 - ) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart C4500 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{0EC01D72-4906-42DD-BCC0-AF89EDA7493D}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (Version: 140.0.297.000 - Hewlett-Packard) Hidden Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation) Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle) Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 43.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 43.0.1 (x86 pt-BR)) (Version: 43.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla) MySQL Administrator 1.1 (HKLM\...\{77F4E1C1-C8DF-40C9-AF2A-D3C77C3D59ED}) (Version: 1.1.3 - MySQL AB) MySQL Query Browser 1.1 (HKLM\...\{1444B16A-766B-4AD1-8AE8-F0C04C782E2F}) (Version: 1.1.20 - MySQL AB) MySQL Server 5.0 (HKLM\...\{46F441C8-4193-4D54-9F93-751D27EFB8F4}) (Version: 5.0.24a - MySQL AB) Network (Version: 140.0.306.000 - Hewlett-Packard) Hidden OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org) Orçamento Pessoal 2013 (HKLM\...\ST6UNST #1) (Version: - ) Orgcard Terminal 2.1.63 (HKLM\...\Orgcard Terminal_is1) (Version: - Orgsystem Software) PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge) Project System (HKLM\...\Project SystemUSB) (Version: USB - Project) PS_AIO_04_C4500_Software_Min (Version: 140.0.425.000 - Hewlett-Packard) Hidden SafeSign (HKLM\...\{6347401C-C260-4B30-9816-8F5A1419CC49}) (Version: 3.0.39 - A.E.T. Europe B.V.) Scan (Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SolutionCenter (Version: 140.0.299.000 - Hewlett-Packard) Hidden Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Status (Version: 140.0.342.000 - Hewlett-Packard) Hidden SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1116 - SUPERAntiSpyware.com) TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.44109 - TeamViewer) Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (Version: 140.0.297.000 - Hewlett-Packard) Hidden Uninstall Project System DVR (HKLM\...\TibetSystem - Uninstall Project System DVR) (Version: Versão 5.3.1.0 - ) Validador Sintegra 5.2.16 (HKLM\...\{169CEB91-BD47-46C1-A0EA-7943B0E667DA}_is1) (Version: - Secretaria da Fazenda do Estado do Rio Grande do Sul) WebCam (HKLM\...\{2567B22D-4CAC-44ED-8B31-FB92636E2E0F}) (Version: - ) WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinRAR Packages (HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\WinRAR Packages) (Version: - ) <==== ATENÇÃO Yahoo Search Set (HKLM\...\Yahoo! SearchSet) (Version: - Yahoo Inc.) Zebra Font Downloader (HKLM\...\Zebra Font Downloader_is1) (Version: - Zebra Technologies Corporation) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-4261171341-52529390-1025842320-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Victor\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-4261171341-52529390-1025842320-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Victor\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-4261171341-52529390-1025842320-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Victor\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-4261171341-52529390-1025842320-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Victor\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-4261171341-52529390-1025842320-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0169F879-659E-47D3-BC15-1EB14BD6838B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {8F909CAA-3FC4-4FBF-B798-3456497A9EC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {A1CC31EA-0882-49C9-B210-95FB308140E9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {B2F747BF-E408-450F-A70A-5DB06DFB0D87} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd) Task: {DC190AB9-1B1A-4BE9-A881-A21251C48288} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {E3774842-4A5D-4DF0-AC65-8F028D9F9DEB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {F346E861-AC0F-4096-9194-AA7C7A263C22} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) Shortcut: C:\Users\Victor\Desktop\BACKUP DIARIO.lnk -> C:\Sistema\bkpwil.bat () Shortcut: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sub.bat - Atalho.lnk -> C:\Sistema\sub.bat.bat () ShortcutWithArgument: C:\Users\Victor\Desktop\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk -> C:\Program Files\Java\jre1.8.0_73\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://downloadnfe.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\Victor\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\585cbec4-20c6174e" ShortcutWithArgument: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk -> C:\Program Files\Java\jre1.8.0_73\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://downloadnfe.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\Victor\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\585cbec4-20c6174e" ==================== Módulos Carregados (Whitelisted) ============== 2014-08-17 11:26 - 2013-07-04 04:32 - 00936728 _____ () C:\Program Files\ASUS\AXSP\1.01.02\atkexComSvc.exe 2014-08-17 11:26 - 2016-02-05 08:07 - 00026112 _____ () C:\Program Files\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2014-08-17 11:26 - 2013-07-04 04:32 - 00104448 _____ () C:\Program Files\ASUS\AXSP\1.01.02\ATKEX.dll 2006-08-26 02:14 - 2006-08-26 02:14 - 04435968 _____ () C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe 2015-06-20 11:23 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-06-20 11:23 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-06-20 11:23 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl 2015-06-20 11:23 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll 2015-06-20 11:23 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2013-05-08 10:42 - 2012-09-25 16:32 - 05996544 _____ () C:\ClientASU\ClientASU.exe 2013-04-11 12:01 - 2008-01-29 12:56 - 02169856 _____ () C:\ACBrMonitor\ACBrMonitor.exe 2013-04-11 12:28 - 2014-12-28 22:40 - 05958656 _____ () C:\ACBrNFeMonitor\ACBrNFeMonitor.exe 2016-01-18 10:16 - 2016-01-18 10:16 - 02259456 _____ () C:\Sistema\CAIXA6\CAIXA.EXE 2015-05-05 13:18 - 2006-08-26 01:14 - 01519616 _____ () C:\Sistema\CAIXA6\LIBMYSQL.DLL 2016-01-15 18:45 - 2016-01-15 18:45 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll 2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-02-11 08:19 - 2016-02-09 09:58 - 01632584 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.109\libglesv2.dll 2016-02-11 08:19 - 2016-02-09 09:58 - 00087880 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.109\libegl.dll 2016-02-11 08:19 - 2016-02-09 09:58 - 16810824 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll 2016-01-18 09:46 - 2016-01-18 09:47 - 02894848 _____ () C:\Sistema\ESTOQUE6\ESTOQUE.EXE 2015-05-05 13:19 - 2006-08-26 01:14 - 01519616 _____ () C:\Sistema\ESTOQUE6\LIBMYSQL.DLL ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""="" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\google.com -> www.google.com IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\google.com.br -> www.google.com.br IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\itau.b.br -> www.itau.b.br IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 04:13 - 2015-11-06 14:00 - 00000822 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-4261171341-52529390-1025842320-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 201.94.160.48 - 201.94.160.46 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\Run: => "HP Software Update" HKLM\...\StartupApproved\Run: => "SDTray" HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\StartupFolder: => "Project Vision USB.lnk" HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\StartupFolder: => "Project System DVR.lnk" HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.3.lnk" HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\StartupFolder: => "sub.bat - Atalho.lnk" HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-4261171341-52529390-1025842320-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{281CA402-7957-4CF2-85DE-01C5F561B875}] => (Allow) C:\Users\Victor\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2446EE39-161E-4BDF-A7A0-84F53C1E7AE1}] => (Allow) C:\Users\Victor\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9A1E38AE-F49E-4357-9170-1E0ADECF1B44}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe FirewallRules: [{6721AFC8-ED2F-4065-AAF2-208F552FC598}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{91C615A5-1C38-4F64-830A-2FB130ABFF63}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{E3513678-3BC4-4835-AC31-6E2BCBBDA065}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{267C662D-B75C-4789-B46A-05E47FD238EA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{96A2262E-0C59-44DD-99DD-C36FE0803800}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{40803E53-8DA5-4E7B-B9EC-F6EE2F99A78E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{767A9EA6-9926-4CD3-B8FD-9E554BC1CD58}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{DB406947-8B0C-450F-82CF-379D03E55864}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{9C651BEF-BBC7-4524-A5DC-57480E506492}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{C1AA308A-B1E3-42E6-A2ED-908D2E40D322}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{7D9F731B-97C2-42CE-BBEB-48235E616276}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{EFACCAE2-85AB-4EFB-B103-F50A73EF1B4A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{153B1DAB-4480-4E09-A0F3-3B993E6FDAEF}] => (Allow) LPort=3306 FirewallRules: [UDP Query User{457B1CF5-1D74-4A5C-AFF9-3B144EF4FC9A}C:\program files\ares\chatserver.exe] => (Block) C:\program files\ares\chatserver.exe FirewallRules: [TCP Query User{3EC7AD67-313B-406C-BA84-33ADE6DACED1}C:\program files\ares\chatserver.exe] => (Block) C:\program files\ares\chatserver.exe FirewallRules: [UDP Query User{14AA037B-8C0C-4329-B399-3E3276AC93E9}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe FirewallRules: [TCP Query User{9248143B-AF26-45B8-BEEA-75C5AF48CA9D}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe FirewallRules: [TCP Query User{7239FB04-F617-4E5B-BEFB-B0C4A6BB53C9}C:\program files\cms\cms.exe] => (Allow) C:\program files\cms\cms.exe FirewallRules: [UDP Query User{5F4B72CF-6A86-4295-9CD5-F81B92CA7032}C:\program files\cms\cms.exe] => (Allow) C:\program files\cms\cms.exe FirewallRules: [{E606B623-6BC2-4AAE-B704-BED8C5CEF48A}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe FirewallRules: [{BE273636-C17E-4963-82D9-38EC8A4F9093}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe FirewallRules: [{2B0B2F71-5C83-4DF1-BB64-968EB194AC68}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe FirewallRules: [{8BD9F2FD-E815-4936-8767-03CA048D722B}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe FirewallRules: [{36CA3E61-ABDD-48FD-B599-54CE22D8CC1D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{E743FFEE-F908-4F50-8F94-A9F5A676DFC7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6D228451-3ED0-4F3A-8940-01862E4E29B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{D72189D7-4327-4B91-9ED0-CC10110A22FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{36F28CE2-89E6-4F77-A29F-2189E2486E6C}C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe] => (Block) C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe FirewallRules: [UDP Query User{51A91F1D-7540-4BFB-9A29-03A7F6C638D7}C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe] => (Block) C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe FirewallRules: [{CAB5A6AE-F70D-44DA-807A-849427178E83}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Pontos de Restauração ========================= 26-01-2016 10:15:31 Instalado Aplicativo Itaú 02-02-2016 10:44:16 Ponto de Verificação Agendado 10-02-2016 10:03:44 Ponto de Verificação Agendado ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Controlador de comunicação PCI simples Description: Controlador de comunicação PCI simples Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Controlador de barramento SM Description: Controlador de barramento SM Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (02/11/2016 05:28:34 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 1584 Hora de Início: 01d16501afa3ab1e Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe ID do Relatório: a3212fc0-d0f5-11e5-b0e7-e03f49830a11 Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1 Error: (02/11/2016 04:59:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: d60 Hora de Início: 01d164fd9e31c33a Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe ID do Relatório: 91b3cd8a-d0f1-11e5-b0e7-e03f49830a11 Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1 Error: (02/11/2016 04:29:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 1e40 Hora de Início: 01d164f96d4f982f Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe ID do Relatório: 60cb8436-d0ed-11e5-b0e7-e03f49830a11 Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1 Error: (02/11/2016 03:59:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 9bc Hora de Início: 01d164f53c6cb1f7 Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe ID do Relatório: 2fe956e4-d0e9-11e5-b0e7-e03f49830a11 Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1 Error: (02/11/2016 03:29:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 894 Hora de Início: 01d164f10b853479 Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe ID do Relatório: ff084abc-d0e4-11e5-b0e7-e03f49830a11 Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1 Error: (02/11/2016 02:59:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 1520 Hora de Início: 01d164ecdaa0328d Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe ID do Relatório: ce207def-d0e0-11e5-b0e7-e03f49830a11 Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1 Error: (02/11/2016 02:29:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: ea8 Hora de Início: 01d164e8a9c05f76 Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe ID do Relatório: 9d3d6433-d0dc-11e5-b0e7-e03f49830a11 Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1 Error: (02/11/2016 02:02:15 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (02/11/2016 01:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 1bcc Hora de Início: 01d164e469e979ff Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe ID do Relatório: 5d69c0ba-d0d8-11e5-b0e7-e03f49830a11 Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1 Error: (02/11/2016 01:53:59 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Erros de Sistema: ============= Error: (02/11/2016 02:06:12 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (02/11/2016 02:04:12 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/11/2016 01:57:56 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (02/11/2016 01:55:56 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/11/2016 01:43:59 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/11/2016 01:41:59 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (02/11/2016 01:41:23 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR) Description: {9AA46009-3CE0-458A-A354-715610A075E6} Error: (02/11/2016 01:40:53 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR) Description: {9AA46009-3CE0-458A-A354-715610A075E6} Error: (02/11/2016 01:39:59 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/11/2016 01:22:00 PM) (Source: DCOM) (EventID: 10010) (User: CASA_VITOR) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} CodeIntegrity: =================================== Date: 2016-02-11 14:10:58.792 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-11 14:10:58.792 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-11 14:10:58.792 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-11 14:10:52.833 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-11 14:10:52.833 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-11 14:10:52.833 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-11 14:10:52.833 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-11 14:10:52.818 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-11 14:10:52.818 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-11 14:10:52.802 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz Percentagem de memória em uso: 66% RAM física total: 3457.82 MB RAM física disponível: 1141.33 MB Virtual Total: 5634.07 MB Virtual disponível: 1888.61 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.32 GB) (Free:415.06 GB) NTFS Drive d: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 245A032C) Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================