Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01 Executado por user (2016-03-21 11:02:41) Executando a partir de C:\Users\user\Desktop\Downloads Windows 7 Home Basic Service Pack 1 (X64) (2011-10-14 14:14:36) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2122399500-283850168-2706259410-500 - Administrator - Disabled) Convidado (S-1-5-21-2122399500-283850168-2706259410-501 - Limited - Enabled) => C:\Users\Convidado user (S-1-5-21-2122399500-283850168-2706259410-1001 - Administrator - Enabled) => C:\Users\user ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.0.0 - Adobe Systems) Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader X (10.1.7) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.) Aplicativo Itaú (HKLM-x32\...\{1E2224A0-3484-4B28-90F2-6F16BCC55578}) (Version: 1.0.59 - Banco Itaú) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ares 2.2.7 (HKLM-x32\...\Ares) (Version: 2.2.7-Build#3051 - Seekar Ltd) Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.33 - Atheros Communications Inc.) ATI AVIVO64 Codecs (Version: 11.6.0.10607 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{9BD0B4A8-0F06-0AA0-9EF2-0DD7E9E1F462}) (Version: 3.0.829.0 - ATI Technologies, Inc.) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Bullzip PDF Printer 7.1.0.1212 (HKLM\...\Bullzip PDF Printer_is1) (Version: - Bullzip) CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.50 - Conexant) Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DealPly (HKU\.DEFAULT\...\DealPly) (Version: - ) <==== ATENÇÃO Edison 5 (HKLM-x32\...\{E404200A-3830-4530-ABE5-836A4A936E95}) (Version: 5.00.000 - DesignSoft) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Energy Management (x32 Version: 6.0.2.0 - Lenovo) Hidden FormatFactory 3.2.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.2.0.1 - Free Time) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GPL Ghostscript Lite 9.04 (HKLM-x32\...\GPL Ghostscript Lite_is1) (Version: - ) GT-10 Driver (HKLM\...\RolandRDID0076) (Version: - Roland Corporation) GT-10 Librarian (HKLM-x32\...\{0C70AB22-8E53-4622-AC68-5337972BB7AD}) (Version: 1.00.0019 - BOSS Corporation) Guia de Usuário (x32 Version: 1.0.0.6 - Lenovo) Hidden Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music) HP Deskjet 3510 series Ajuda (HKLM-x32\...\{949C49A5-91B7-40D2-AF9A-15681454074A}) (Version: 28.0.0 - Hewlett Packard) HP Deskjet 3510 series Estudo de aprimoramento de produtos (HKLM\...\{34B5B8D3-4106-4713-AAE1-DAE898EEB21C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3510 series Software básico do dispositivo (HKLM\...\{B332BF47-16DD-476D-AE00-31DC6DE5B87A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.0.4.922 - IObit) IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2011) (Version: 1.1 - Receita Federal do Brasil) IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil) IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.0 - Receita Federal do Brasil) IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.0 - Receita Federal do Brasil) IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil) IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.0 - Receita Federal do Brasil) iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 5.7.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.7.0 - ) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation) Lenovo EasyCamera (HKLM-x32\...\{AD40A06A-77AB-4E2E-B2AA-FDE106A9977A}) (Version: 1.1.1.7 - Suyin Optronics Corp.) Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden Lenovo PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2811.52 - CyberLink Corp.) Lenovo PowerDVD 10 (x32 Version: 10.0.2811.52 - CyberLink Corp.) Hidden Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3623 - CyberLink Corp.) Lenovo YouCam (x32 Version: 3.1.3623 - CyberLink Corp.) Hidden Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden MetaStock Professional 11.0 (HKLM-x32\...\MetaStock Professional 11.0) (Version: - ) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version: - Microsoft) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz) Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10500 - Nero AG) Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10100.1.100 - Nero AG) Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) Pacote de Driver do Windows - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo) PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.) PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.9.4.14625 - Sony Computer Entertainment Inc.) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.) PowerXpressHybrid (x32 Version: 1.00.0000 - ATI) Hidden Proteção de Terminal Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.113 - Trusteer) Rapport (Version: 3.5.1205.11 - Trusteer) Hidden Rapport (x32 Version: 3.5.1507.113 - Trusteer) Hidden Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.) Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados) Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.) Sound Organizer (HKLM-x32\...\{53F7486D-41B5-4117-8914-A85B0DBDDC07}) (Version: 1.4.0.11260 - Sony Corporation) Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler, LLC) Suporte para Aplicativos Apple (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated) TP-LINK Wireless Client Utility (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK) TZWebChart Chrome Compat versão 1.0 (HKLM-x32\...\{11B4A1FB-2794-4E0E-B96D-8E8611FED667}_is1) (Version: 1.0 - Tradezone - IT Evolution) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes) VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.1.0.2 - VSO Software) Warsaw 1.5.2.9896 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.5.2.9896 - GAS Tecnologia) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) Wondershare Dr.Fone for iOS(Build 4.8.0.7) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 4.8.0.7 - Wondershare Software Co.,Ltd.) YouTube To MP3 Converter Free v1.0 (HKLM-x32\...\YouTube To MP3 Converter Free_is1) (Version: 1.0.0.0 - DVDAVITools) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2122399500-283850168-2706259410-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2122399500-283850168-2706259410-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2122399500-283850168-2706259410-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2122399500-283850168-2706259410-1001_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2122399500-283850168-2706259410-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2122399500-283850168-2706259410-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2122399500-283850168-2706259410-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2122399500-283850168-2706259410-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Nenhum Arquivo ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {03F3EB86-613A-432A-8FA8-BA4243E81E7F} - System32\Tasks\{BA30A1C0-DD0E-437E-8758-4E52AA9159AF} => pcalua.exe -a C:\Users\user\Downloads\Receitanet-1.03.exe -d C:\Users\user\Downloads Task: {3449857C-C25A-4EA6-8894-8162AC2BF4DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {4B937C35-7FE2-44BC-921F-0315520E3977} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-21] (Avast Software s.r.o.) Task: {4CA19C5B-4E9B-45B4-B030-9904C2181D2B} - System32\Tasks\{C606406B-18F1-4563-BB19-2ABAF66B79A2} => C:\Program Files (x86)\Equis\MetaStock\MsWin.exe [2011-10-17] (Equis International) Task: {4EF10E6C-AE7D-4985-938A-349A09DFD556} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe Task: {A8F3BDE0-72B5-4A75-9443-8AD94366F7D7} - System32\Tasks\{18826F9C-7308-4BCF-BEF7-C2A980D08E0E} => C:\Program Files (x86)\Equis\MetaStock\MsWin.exe [2011-10-17] (Equis International) Task: {BFCA9DA5-906C-4135-9F08-3A5F3F46A8D2} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {C2FF3E5B-C219-44B3-ACBC-2C8FC391B9A3} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-24] (CyberLink) Task: {D6E3773B-B9A0-41CB-85B8-B78DFFA302B1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated) Task: {DD6A85D3-4BCF-4547-905E-ADB08898D6A0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-25] () Task: {E8D12D78-DE2E-4723-92E2-B45A3CDE5B11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {F29FC77C-6833-4A1A-B4F8-797610A8A3F2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2011-06-07 19:09 - 2011-06-07 19:09 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2011-08-24 22:01 - 2011-08-24 22:01 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll 2008-12-20 00:20 - 2011-08-24 22:15 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2008-12-20 00:20 - 2011-08-24 22:15 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2015-07-03 09:54 - 2015-07-03 09:54 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-03 09:54 - 2015-07-03 09:54 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-03-10 09:51 - 2016-03-10 09:51 - 02838528 _____ () C:\Program Files\AVAST Software\Avast\defs\16031002\algo.dll 2016-03-21 09:22 - 2016-03-21 09:22 - 02856960 _____ () C:\Program Files\AVAST Software\Avast\defs\16032100\algo.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-03 09:55 - 2015-07-03 09:55 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-03-21 09:29 - 2016-03-07 23:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll 2016-03-21 09:29 - 2016-03-07 23:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Windows:AstInfo [0] AlternateDataStreams: C:\windows\System32:24B10B84_Uni.gbp [2] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-2122399500-283850168-2706259410-1001\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-2122399500-283850168-2706259410-1001\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-2122399500-283850168-2706259410-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2016-02-12 08:43 - 00000840 ____N C:\windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2122399500-283850168-2706259410-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BstHdLogRotatorSvc => 2 MSCONFIG\Services: btwdins => 2 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: NAUpdate => 2 MSCONFIG\Services: WPCSvc => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitorar alertas de tinta - HP Deskjet 3510 series (Rede).lnk => C:\windows\pss\Monitorar alertas de tinta - HP Deskjet 3510 series (Rede).lnk.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: HP Deskjet 3510 series (NET) => "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3841NHDY05Y7:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1 MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{2B930ED9-71D9-437F-8912-BD36F3FE4E1D}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{C44B9C3A-916E-4856-B8AA-D9F291E6C203}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{0FD7AE0E-7805-487B-A17C-E9E5B6F11D45}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{553BE5E1-02F5-4F6D-ABB5-29B8097627B2}] => (Allow) LPort=2869 FirewallRules: [{E99539E7-0A24-4DA3-8D2B-21932D512C5F}] => (Allow) LPort=1900 FirewallRules: [{71F55B2B-749F-4FB0-BD35-15FE80FD173A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{FC1EC53B-0E28-4140-89A0-3170D5830609}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{817F82DE-954A-4BD5-938A-ECE6FC695BBB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{57CEA5FB-5364-4800-B17F-E746FD90E70A}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{5197CC57-66F0-40F9-A0A0-E9A30ECE963F}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe FirewallRules: [{DF55446B-E3F0-4EA6-8001-97BB77DD86B8}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe FirewallRules: [{E6FB0D4A-519E-4116-B5C2-B56BFFCBAC55}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe FirewallRules: [{A99333C3-9283-4192-9F89-7DC7751FC76C}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe FirewallRules: [{CA2C9FEC-06D6-4FD0-94D4-A1350BEF173E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7E9C3079-3D2E-4F20-91E2-924F80FD7417}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{1C966431-8F3C-4281-A775-D32A55350451}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0790C2FF-B635-4FE5-9DE7-A782102822DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{3EBF1600-D401-4D89-99B9-EDF8EF0FB94A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{0DA61223-31CF-46CF-9CEA-1AE7FF2357AA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{A8CAA6D3-98CC-4844-9F7E-DDEB71875DAB}C:\users\user\appdata\local\temp\ef2e.tmp\kmservice.exe] => (Allow) C:\users\user\appdata\local\temp\ef2e.tmp\kmservice.exe FirewallRules: [UDP Query User{99FC66F3-A040-4FC1-BBA7-07C9D914CC84}C:\users\user\appdata\local\temp\ef2e.tmp\kmservice.exe] => (Allow) C:\users\user\appdata\local\temp\ef2e.tmp\kmservice.exe FirewallRules: [{01532D54-25FE-4B76-B440-E7E47E8F066F}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe FirewallRules: [{BDE4BBA3-110C-4E79-96D2-A8A499AF12B1}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{C0D57724-1BAA-4975-A7D4-6F2E77F9BD3B}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{B7999EA9-0763-4787-A2EC-8528C3D0E30B}] => (Allow) C:\Program Files (x86)\VSO\ConvertX\5\ConvertXtoDvd.exe FirewallRules: [{498412F2-091B-4EFA-ABE5-D48756FD66DC}] => (Allow) C:\Program Files (x86)\VSO\ConvertX\5\ConvertXtoDvd.exe FirewallRules: [{046F03A6-CFA2-4EB7-8F94-678A22E0A925}] => (Allow) C:\Program Files (x86)\VSO\ConvertX\5\ConvertXtoDvd.exe FirewallRules: [{B31C07BB-092B-4DE5-B700-AC994FEE2C68}] => (Allow) C:\Program Files (x86)\VSO\ConvertX\5\ConvertXtoDvd.exe FirewallRules: [{D268C804-B92E-4064-8AF9-A71CC0510640}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe FirewallRules: [{A5F5292B-DBC9-47FB-8316-0719A55F117F}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe FirewallRules: [{E7807554-7E47-4B90-8C92-F2F2962DAB56}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe FirewallRules: [{10ED03B4-BC62-460B-B3DF-7039F5B4EDF2}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe FirewallRules: [TCP Query User{5AA618F7-4C34-46BC-A6B5-D12EFA7B2E1C}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe FirewallRules: [UDP Query User{4135E4A9-AE1D-4170-936A-F5A4E5BFCA75}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe FirewallRules: [TCP Query User{73EA7F55-33E3-445D-8889-B1531EBF230E}C:\users\user\appdata\local\temp\d645.tmp\kmservice.exe] => (Allow) C:\users\user\appdata\local\temp\d645.tmp\kmservice.exe FirewallRules: [UDP Query User{A8A2B590-238F-4154-8375-7D3743DED18A}C:\users\user\appdata\local\temp\d645.tmp\kmservice.exe] => (Allow) C:\users\user\appdata\local\temp\d645.tmp\kmservice.exe FirewallRules: [TCP Query User{66EB61CD-6DFC-4A67-996F-1762927CE0EA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{002FCED4-F5C7-42DF-9260-FA87568B2589}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{F1B680D9-EC5C-42E3-B60F-AEF0007612CB}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [UDP Query User{40258B87-1B7A-4618-B339-65AC6E14FDA9}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [TCP Query User{D82BFC01-2FC3-4311-A262-B2E1506A59E1}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [UDP Query User{4245FC85-EA94-4B80-B7C0-7D2E2B3CEFD4}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [{C4F2F49C-C58F-4B9A-BB41-2B932C7BAD10}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CE6F85E2-A85D-4E7E-AFE8-386CCCC97B3E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{77770488-5982-411F-AD4C-223E03181822}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{62EE35FA-6605-417C-8686-697C8E89B2E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D7015D75-BA6A-48F1-BEB5-5C0C40449EA7}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [TCP Query User{92C9BA1C-DEC7-4CE5-A1F1-3800F036FE65}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [UDP Query User{33BB419B-9588-4015-A213-DE09FF352866}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [TCP Query User{D729D8AE-4E71-4DBE-B47E-A7640F4C2F34}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [UDP Query User{FD96CC51-778C-47AF-9C13-0807174360B6}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [{8D82A28B-075D-43B4-9830-277A0EF39DD5}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [TCP Query User{E39022B1-0C47-4A14-B63C-06395C51941A}C:\users\user\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Block) C:\users\user\appdata\roaming\utorrent\updates\3.4.3_40760.exe FirewallRules: [UDP Query User{F9109C74-2528-4E51-8ADA-214DE966F8BA}C:\users\user\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Block) C:\users\user\appdata\roaming\utorrent\updates\3.4.3_40760.exe FirewallRules: [TCP Query User{B43A73FE-FDE9-4DC5-ABC8-1694282FE205}C:\users\user\appdata\local\temp\keygen.exe] => (Allow) C:\users\user\appdata\local\temp\keygen.exe FirewallRules: [UDP Query User{1E602DCE-AD34-41D6-863D-DADD42FE53B9}C:\users\user\appdata\local\temp\keygen.exe] => (Allow) C:\users\user\appdata\local\temp\keygen.exe FirewallRules: [TCP Query User{057E281F-2888-4E36-9807-342D6108772F}C:\hsbc investimentos\hsbc trade 1.1.9.4\bin\hsbc trade.exe] => (Allow) C:\hsbc investimentos\hsbc trade 1.1.9.4\bin\hsbc trade.exe FirewallRules: [UDP Query User{EE656695-8AB3-4DA1-AC53-C7420D8F481A}C:\hsbc investimentos\hsbc trade 1.1.9.4\bin\hsbc trade.exe] => (Allow) C:\hsbc investimentos\hsbc trade 1.1.9.4\bin\hsbc trade.exe FirewallRules: [TCP Query User{6F4BD17D-F265-4541-89C8-BE017B42AED0}C:\hsbc investimentos\hsbc trade 1.1.9.4\bin\hsbc trade.exe.local\tunnelcb.exe] => (Allow) C:\hsbc investimentos\hsbc trade 1.1.9.4\bin\hsbc trade.exe.local\tunnelcb.exe FirewallRules: [UDP Query User{48B952A7-2E34-4351-A36A-D8DEB5DC29EB}C:\hsbc investimentos\hsbc trade 1.1.9.4\bin\hsbc trade.exe.local\tunnelcb.exe] => (Allow) C:\hsbc investimentos\hsbc trade 1.1.9.4\bin\hsbc trade.exe.local\tunnelcb.exe FirewallRules: [{326ED28B-3241-4E89-9309-08904192E70D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= 17-01-2016 09:05:17 Installed Rapport 05-02-2016 10:26:13 Ponto de Verificação Agendado 27-02-2016 16:01:41 Installed Rapport 06-03-2016 21:48:52 Ponto de Verificação Agendado 08-03-2016 09:07:52 Installed Rapport 21-03-2016 09:54:22 Ponto de Verificação Agendado ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/21/2016 09:17:40 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/10/2016 09:48:09 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/09/2016 07:42:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/09/2016 09:50:54 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/09/2016 09:50:31 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: 544: ERROR: read_msg errno 0 (A operação foi concluída com êxito.) Error: (03/09/2016 09:50:31 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: ERROR: mDNSPlatformReadTCP - recv: 10053 Error: (03/08/2016 09:30:28 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: core.exe, versão: 2.7.6.1364, carimbo de hora: 0x55846160 Nome do módulo de falhas: wsftpgm.dll, versão: 2.1.2.1400, carimbo de hora: 0x558b4c5f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000006c9fe Identificação do processo com falha: 0xb78 Hora de início do aplicativo com falha: 0xcore.exe0 Caminho do aplicativo com falha: core.exe1 FCaminho do módulo de falhas: core.exe2 Identificação do Relatório: core.exe3 Error: (03/08/2016 09:05:44 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/07/2016 02:49:34 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa EXCEL.EXE versão 14.0.6117.5003 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 1c94 Hora de Início: 01d1789947c56229 Hora de Término: 0 Caminho do Aplicativo: C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE Id do Relatório: Error: (03/07/2016 09:32:24 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Erros de Sistema: ============= Error: (03/21/2016 09:18:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC) Error: (03/21/2016 09:17:47 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC) Error: (03/10/2016 01:32:50 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (03/10/2016 09:53:31 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Serviço Windows Update suspenso ao iniciar. Error: (03/10/2016 09:48:50 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC) Error: (03/10/2016 09:48:26 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC) Error: (03/09/2016 08:19:07 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (03/09/2016 07:46:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Serviço Windows Update suspenso ao iniciar. Error: (03/09/2016 07:44:09 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC) Error: (03/09/2016 07:42:23 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC) CodeIntegrity: =================================== Date: 2016-03-07 17:38:23.406 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-07 17:38:23.406 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-07 14:41:00.523 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-07 14:41:00.523 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-17 10:08:40.584 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-17 10:08:40.584 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-01 17:01:14.438 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-01 17:01:14.402 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-09 00:07:38.852 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-09 00:07:38.727 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== Processador: AMD C-50 Processor Percentagem de memória em uso: 54% RAM física total: 3690.9 MB RAM física disponível: 1688.22 MB Virtual Total: 7380 MB Virtual disponível: 5346.43 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:421.81 GB) (Free:153.03 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:25.47 GB) NTFS ==================== MBR & Tabela de Partições ================== ==================== Fim de Addition.txt ============================