Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:25-04-2016 Executado por Marcos (2016-04-26 22:08:12) Executando a partir de C:\Users\Marcos\Desktop Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-10-28 15:14:13) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-1231958544-1669365884-389720028-500 - Administrator - Disabled) Convidado (S-1-5-21-1231958544-1669365884-389720028-501 - Limited - Disabled) Marcos (S-1-5-21-1231958544-1669365884-389720028-1000 - Administrator - Enabled) => C:\Users\Marcos ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95} AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) "Nero SoundTrax Help (Version: 4.0.15.0 - Nero AG) Hidden 32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden ABBYY FineReader 9.0 Sprint (HKLM\...\{F9000000-0018-0000-0000-074957833700}) (Version: - ) Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated) Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden Aplicativo Itaú (HKLM\...\{FE13BDC8-9044-4CA5-8446-819F2CB43CF7}) (Version: 1.0.61 - Banco Itaú) Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Ares 2.2.8 (HKLM\...\Ares) (Version: 2.2.8-Build#3052 - Seekar Ltd) Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft) Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft) Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft) Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft) aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) BBSAK (HKLM\...\{B23F12D4-17DE-453A-B1F4-55E501FE0EBF}) (Version: 1.9.2 - JMT Labs) Bíblia Glow Software (HKLM\...\Glo Bible Software) (Version: - Immersion Digital) BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.) BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden BlackBerry Device Software Updater (HKLM\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - ) Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden Dell SupportAssistAgent (HKLM\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell) Dell System Detect - 1 (HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\73f463568823ebbe) (Version: 6.1.0.3 - Dell) Desinstalar Impressora EPSON L355 Series (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation) DolbyFiles (Version: 2.0 - Nero AG) Hidden Driver Easy 5.0.3 (HKLM\...\DriverEasy_is1) (Version: 5.0.3 - Easeware) DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.18.44 - Dell Inc.) Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print 2 (HKLM\...\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2) Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM\...\EEPPPlugIn) (Version: - SEIKO EPSON Corporation) Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden Epson Event Manager (HKLM\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation) Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION) FormatFactory (HKLM\...\{7664204E-CD57-4ACE-927C-40DED265C611}) (Version: 1.45 - FormatFactory) Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden iCloud (HKLM\...\{C3867553-D9F8-416E-8F14-EFF234A48577}) (Version: 5.1.0.34 - Apple Inc.) ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden Iminent (Version: 6.44.21.0 - Iminent) Hidden <==== ATENÇÃO Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2016) (Version: 1.1 - Receita Federal do Brasil) iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.) Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lollipop (HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\lollipop_05300012) (Version: - Lollipop Network, S.L.) <==== ATENÇÃO Menu Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Módulo de Segurança - Banco do Brasil (HKLM\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - ) MoneyMe versão 1.063 (HKLM\...\{7B3D4AE8-61A7-4B65-B346-BF2D10A05387}_is1) (Version: 1.063 - MoneyMe) Movavi PowerPoint To Video Converter 2 (HKLM\...\Movavi PowerPoint To Video Converter 2) (Version: 2.2.0 - Movavi) Movie Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 9 (HKLM\...\{489852e3-e88e-4f6f-ae19-8246aecb3ed9}) (Version: - Nero AG) O2Micro 1394 OHCI Compliant Host Controller Driver (HKLM\...\InstallShield_{4A1D333E-557E-46A6-A4A7-5F8FBC862D49}) (Version: 1.0.00 - O2Micro International LTD.) PDFConverter Printer Driver (HKLM\...\{74669C8B-4D0A-4237-997F-3E1C92331F7D}) (Version: - ) PDFConverter Printer Driver version 2.00 (HKLM\...\PDFConverter Printer Driver_is1) (Version: 2.00 - PDF-Convert, Inc.) PPT to Image Converter 5.00 (HKLM\...\PPT to Image Converter_is1) (Version: 5.0.0.0 - PDF-Convert, Inc.) QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.) QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados) Software Updater (HKLM\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION) SoundTrax (Version: 4.0.18.0 - Nero AG) Hidden Suporte para Aplicativos Apple (32-bit) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) Warsaw 1.8.0.10356 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WindowsProtectManger20.0.0.339 (HKLM\...\WindowsProtectManger) (Version: 20.0.0.339 - Fuyu LIMITED) <==== ATENÇÃO WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-1231958544-1669365884-389720028-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Marcos\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-1231958544-1669365884-389720028-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Marcos\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0ECFAC0F-DD61-42A5-9703-1612C2A3057B} - System32\Tasks\{E2464F3D-7BDA-43AC-966A-62C61FBED88C} => pcalua.exe -a C:\Dell\Drivers\R129472\BtSwSP2.exe -d C:\Dell\Drivers\R129472 Task: {1A18AC90-DECD-425B-BED8-0D1E04A6B5EB} - System32\Tasks\Pritc => C:\Users\Marcos\AppData\Local\Temp\00027936\casrss.exe [2016-04-23] (VLOME) <==== ATENÇÃO Task: {1A2E8589-90A5-40F7-B60C-D5DD15DDA299} - System32\Tasks\ttwifi => C:\Program Files\ttwifi\tiantianwifi.exe Task: {1DEE7752-7BBE-42EE-9B73-D09DF112CD1B} - System32\Tasks\{DB4DBEB3-AA7C-4D07-9E89-8BB8E2206B95} => pcalua.exe -a C:\Users\Marcos\Downloads\software_terminal_programador_maxcom\TerminalProgramadorMaxcom110701.exe -d C:\Users\Marcos\Downloads\software_terminal_programador_maxcom Task: {2CC1D59F-AC3E-4533-833B-21B9E39832F3} - System32\Tasks\Systweak-Support-Dock => C:\Program Files\Systweak Support Dock\SystweakDock.exe Task: {2D145EAF-EA46-4CE5-80D8-706D3D542588} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files\QQBrowser\Update\90FBF83FE4382ECC2675D2CFB2FA9F29\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ATENÇÃO Task: {385644A3-2039-43BD-888A-A12C2F8008C2} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.) Task: {399D9687-8730-4555-BF21-2EC29B1D7A13} - System32\Tasks\DNSBAHAMA => dnsbahama.exe <==== ATENÇÃO Task: {431C2821-33CB-4CFC-BAE8-4A13A49B2FD4} - System32\Tasks\{5131F16B-826C-4257-983A-2734CA9B0511} => C:\Windows\twain_32\escndv\escndv.exe [2009-01-27] (SEIKO EPSON CORP.) Task: {46C8913C-E240-4FDD-A936-1F96FB3D9E17} - System32\Tasks\{7EA4F5D8-84F6-4B7E-BDF2-AD01ED644FBD} => pcalua.exe -a E:\A050000T.exe -d E:\ Task: {5049F939-8651-4FEF-ADA8-EFDE63119C0B} - System32\Tasks\{5E93EEB7-49C1-41AA-8402-9FEF11400B4F} => pcalua.exe -a c:\users\marcos\appdata\local\lollipop_05300012\lollipop_05300012.bat Task: {5BAAF363-AFD7-4493-81E0-372809E2E324} - System32\Tasks\Price Fountain => C:\Users\Marcos\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: {63BCBAAF-955B-4FC7-BA8D-EABC93D611EF} - System32\Tasks\AppCloudUpdater => C:\Users\Marcos\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: {693AEAFB-E961-4B6E-A1C5-DE0A289883ED} - System32\Tasks\{1E4A2DA8-11D8-40AF-9032-406F4B28ECFF} => pcalua.exe -a E:\R174366\Setup.exe -d E:\R174366 Task: {6A69E4ED-D9C5-4C77-993F-DBA55068BFE7} - System32\Tasks\{78E6442E-C553-4DCA-970A-3D5053F50D24} => pcalua.exe -a C:\Dell\Drivers\V91MY\2KXP\setup.exe -d C:\Dell\Drivers\V91MY\2KXP Task: {6E61BE14-1800-429D-A63E-6DF422CDE707} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {73D84735-BAEE-4C5D-BEA4-F066F559EB3D} - System32\Tasks\{8BEF4D3C-C2A0-40F0-9E7C-1B4333BFC5F4} => pcalua.exe -a C:\Dell\Drivers\R253891\Setup.EXE -d C:\Dell\Drivers\R253891 Task: {77E01A61-F6C0-4AC1-806F-2DD2AA627281} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-04-14] (Easeware) Task: {7DE574C5-F505-44F8-9697-C7F4D6BACB6D} - System32\Tasks\Microsoft\Windows\Apps\UpService => C:\ProgramData\UpService\UpService.exe [2015-12-24] () <==== ATENÇÃO Task: {7F2FB6A2-284D-4A64-B693-08AF38EF5AE0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {7FF7759A-6D46-4BE0-8F83-BC4692D43A50} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {826998B6-5D65-4A6C-83C9-E0F8740947C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated) Task: {83FDB628-6DF7-465F-88AF-51358002F79A} - System32\Tasks\{EE8335A2-3268-4F0F-AAF4-F1709526DCC2} => pcalua.exe -a "C:\Users\Marcos\Desktop\chipset INFs\chipset INFs\Ssetup.exe" -d "C:\Users\Marcos\Desktop\chipset INFs\chipset INFs" Task: {87B048A5-79AE-4FE2-A247-14A8F00D9778} - System32\Tasks\{02B7C244-C256-47D9-9125-417A631596C5} => pcalua.exe -a "C:\Users\Marcos\AppData\Roaming\Easeware\DriverEasy\drivers\agvvnbcw.n0q\chipset INFs\chipset INFs\Ssetup.exe" -d "C:\Users\Marcos\AppData\Roaming\Easeware\DriverEasy\drivers\agvvnbcw.n0q\chipset INFs\chipset INFs" Task: {8E93CC76-4831-4E39-811C-35771ADDB980} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-04-14] (Easeware) Task: {91163B9E-DED9-4EA0-BE89-8545A8767732} - System32\Tasks\Dravsynlether Core => C:\Program Files\Dravsynlether\Drvcoretsk.exe [2016-04-22] () Task: {93A0B0AE-F53E-4046-8FCF-B4906D856779} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-04-16] () Task: {A8F51158-B622-4BEE-8DCB-993D69296479} - System32\Tasks\{15C3E1B0-B987-443B-AC27-FCA33A8BFA74} => pcalua.exe -a C:\Users\Marcos\Desktop\HXFSetup.exe -d C:\Users\Marcos\Desktop Task: {B6E0DC59-2346-4B3D-B784-0A599CC8DBB4} - \Inst_Rep -> Nenhum Arquivo <==== ATENÇÃO Task: {CABFFA64-BEA6-460A-BB52-D8876619C96B} - System32\Tasks\{5497F83B-352E-4461-928F-06BDF8FA3FE7} => pcalua.exe -a C:\Drivers\HXFSetup.exe -d C:\Drivers Task: {D0D00F93-91FE-4804-8EB1-5EEE0D7AB4FC} - System32\Tasks\{C75C1525-B29E-46E3-B465-C489FCB4DFC2} => pcalua.exe -a C:\Dell\Drivers\R157674\DFUInstaller.exe -d C:\Dell\Drivers\R157674 Task: {DA79FA10-A650-482F-B6F1-4E6283A6F72D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {DDCC5E9D-31FD-431A-ABBB-E14898B52590} - System32\Tasks\{9A9E0091-41DD-4867-9C82-B7587A0A5243} => pcalua.exe -a C:\Dell\Drivers\R117967\2KXP\setup.exe -d C:\Dell\Drivers\R117967\2KXP Task: {DF3B8812-13CB-47FA-B8D4-842786369E39} - System32\Tasks\{99492E2E-3630-409F-AAD6-5C2A7CEF31D8} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe" -d "C:\Arquivos de Programas RFB\IRPF2016" Task: {E6CCFAF4-60AC-4AE4-BEEA-79ADB095DFE3} - System32\Tasks\PFExe => C:\Users\Marcos\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO Task: {FA1C7D4B-1760-465F-A047-625079D3D165} - System32\Tasks\OKABEPSHNWPJMSKM => C:\ProgramData\Service5184\Service5184.exe [2016-04-23] () <==== ATENÇÃO Task: {FC7A4E11-6311-4294-A2F3-48DB7959000D} - \svchost -> Nenhum Arquivo <==== ATENÇÃO Task: {FFD22207-27FD-4E23-98EB-B413F11CA1AA} - System32\Tasks\Update Service for Torrent Search2 => C:\Program Files\Torrent Search\emYdFg1.exe <==== ATENÇÃO (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AppCloudUpdater.job => C:\Users\Marcos\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\OKABEPSHNWPJMSKM.job => C:\ProgramData\Service5184\Service5184.exe <==== ATENÇÃO Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\Marcos\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: C:\Windows\Tasks\Update Service for Torrent Search2.job => C:\Program Files\Torrent Search\emYdFg1.exe <==== ATENÇÃO ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/ ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/ ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/ ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/ ShortcutWithArgument: C:\Users\Marcos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/ ==================== Módulos Carregados (Whitelisted) ============== 2013-10-28 14:23 - 2013-10-28 14:23 - 00026112 _____ () C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE 2016-04-24 15:39 - 2001-10-29 01:42 - 00116224 _____ () C:\Windows\System32\pdfmonnt.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-04-24 14:31 - 2016-04-21 05:54 - 01745920 _____ () C:\ProgramData\service.exe 2014-07-28 11:31 - 2014-07-28 18:25 - 00321824 _____ () C:\Program Files\trolatunt\updatetrolatunt.exe 2014-07-28 14:24 - 2014-07-28 18:24 - 00321824 _____ () C:\Program Files\trolatunt\bin\utiltrolatunt.exe 2016-04-24 13:45 - 2016-04-24 13:46 - 00605184 _____ () C:\Program Files\SpaceSoundPro\idscservice.exe 2016-04-24 13:46 - 2016-04-24 13:50 - 03935232 _____ () C:\Program Files\SpaceSoundPro\idsccom_HKK.exe 2016-04-24 17:04 - 2016-04-24 13:55 - 01907200 _____ () C:\ProgramData\msiql.exe 2016-04-25 19:15 - 2016-04-25 11:47 - 01266688 _____ () c:\programdata\conhost51495.exe 2016-04-26 20:19 - 2016-04-26 20:20 - 00599904 _____ () c:\users\marcos\appdata\local\temp\24357\setup.exe 2016-04-26 20:19 - 2016-04-24 13:17 - 02363392 _____ () C:\Windows\TEMP\24301\tim.exe 2016-04-26 21:27 - 2016-04-26 21:27 - 00110064 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMAntiInject.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\zlib.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00482800 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\sqlite.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\tinyxml.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00040944 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00065008 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll 2016-04-26 21:27 - 2016-02-27 19:55 - 00036128 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\oDayProtect.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00122352 _____ () c:\program files\tencent\qqpcmgr\11.4.17339.217\qmrtpcontroller.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00137568 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\libexpatw.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 02156896 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\GF.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00092512 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\xGraphic32.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00342368 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\arkGraphic.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00045408 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\jgImage.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00158048 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\libpng.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00285024 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\libjpegturbo.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00014176 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\jgIOStub.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00194912 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\xImage.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00019440 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQFileFlt.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00163312 _____ () c:\program files\tencent\qqpcmgr\11.4.17339.217\qmhipslogpolicy.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00077296 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\MemDefrag.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00261616 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00379232 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\DlForQd.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00245232 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMWlanMacDll.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\zlib.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00137568 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libexpatw.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\tinyxml.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 02156896 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\GF.dll 2016-04-26 21:28 - 2016-04-26 21:28 - 00092512 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\xGraphic32.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00342368 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\arkGraphic.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00045408 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\jgImage.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00158048 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libpng.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00285024 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\libjpegturbo.dll 2016-04-26 21:27 - 2016-04-26 21:27 - 00014176 _____ () C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\jgIOStub.dll 2015-02-23 21:33 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\Marcos\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2015-02-23 21:33 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\Marcos\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8] AlternateDataStreams: C:\Windows\System32:105D9771_Bb.gbp [2] AlternateDataStreams: C:\Windows\System32:105D9771_Uni.gbp [2] AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [369] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\dell.com -> dell.com IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\google.com -> www.google.com IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\google.com.br -> www.google.com.br IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itau.b.br -> www.itau.b.br IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br IE trusted site: HKU\S-1-5-21-1231958544-1669365884-389720028-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:04 - 2015-08-20 20:28 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-1231958544-1669365884-389720028-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcos\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 82.163.143.185 - 82.163.142.185 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{17F3491F-85E2-49B6-AFE7-55105C064B48}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe FirewallRules: [UDP Query User{23881AD7-62FB-4B70-BE97-F618B2A54A35}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe FirewallRules: [TCP Query User{A8B638C2-FB4C-466D-846D-FAA3764F22BC}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Allow) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe FirewallRules: [UDP Query User{39A06E1B-06DF-489A-9019-CAB9192343EE}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Allow) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe FirewallRules: [TCP Query User{EE17C3F2-3E6C-4A66-9BC4-E3C6F75C2A6E}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe FirewallRules: [UDP Query User{5E1B4B93-6DA4-404C-8A03-F233E8674561}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe FirewallRules: [TCP Query User{A178B9E4-0530-4248-9357-EB0DEDC1A728}C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe] => (Block) C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe FirewallRules: [UDP Query User{D696FDF6-2D08-425D-BA7B-4D8561624C68}C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe] => (Block) C:\users\marcos\appdata\local\temp\12488\download\minithunderplatform.exe FirewallRules: [{CD1A7B6C-D4EB-4B56-876F-3118BB66B267}] => (Allow) C:\Users\Marcos\AppData\Local\Temp\12488\download\MiniThunderPlatform.exe FirewallRules: [{67E223EB-D39F-4ACF-87A6-0A72F1358CA4}] => (Allow) C:\Users\Marcos\AppData\Local\Temp\12488\download\MiniThunderPlatform.exe FirewallRules: [TCP Query User{05B1B79C-D6BE-401F-B41D-F85815A9201D}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Block) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe FirewallRules: [UDP Query User{6A95B3BF-059D-4960-9DAB-CCD6487261F5}C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe] => (Block) C:\program files\research in motion\blackberry desktop\rim.desktophelper.exe FirewallRules: [{C6ACC528-A7F8-447E-9912-7A567420B018}] => (Allow) C:\Windows\TEMP\24678\download\MiniThunderPlatform.exe FirewallRules: [{239FE33C-F7B1-478B-862F-20A1C70009BF}] => (Allow) C:\Windows\TEMP\24678\download\MiniThunderPlatform.exe FirewallRules: [{0E5276BD-9E07-488C-A5E1-271C09CD7ED5}] => (Allow) C:\Windows\TEMP\24301\download\MiniThunderPlatform.exe FirewallRules: [{1565D561-17AD-4440-9F0E-BC2FE5DCC82C}] => (Allow) C:\Windows\TEMP\24301\download\MiniThunderPlatform.exe FirewallRules: [{44C8BE32-BD75-4657-8E1F-E158621B22DC}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCmgrInstallGuide.exe FirewallRules: [{AAC12274-9A05-4076-B9A0-624BCFD62E86}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{D05CF982-BB98-4F05-9F01-9A6C77A511D4}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{F3BC230A-7A7F-4223-840E-38DB7E47BB21}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe FirewallRules: [{8E684C30-C50B-4EEB-99F1-403F19BA5E09}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCMgr.exe FirewallRules: [{B995202D-C221-4720-B1F8-AD69C41BD0BC}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe FirewallRules: [{886F10A6-50AC-465D-8B8F-5D18D74A9548}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMDL.exe FirewallRules: [{D8E65958-D105-4AEC-9D64-B037B4E11663}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\bugreport.exe FirewallRules: [{3A65770A-0F03-4638-8A71-5D607BA1C48E}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCFileOpen.exe FirewallRules: [{BD419893-D245-487F-BADC-9AD33AD98FB4}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCLeakScan.exe FirewallRules: [{BC8C0EE0-6811-43D7-B83D-5EF2AD38CF0D}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPConfig.exe FirewallRules: [{E8B41976-DD44-40D6-B28B-349B923AC410}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftMgr.exe FirewallRules: [{05FB1913-4049-4252-8F0D-46660AF487CF}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{49D7197F-137E-4032-A740-C028477EB16A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCBTU.exe FirewallRules: [{6AB25C56-CB14-4E1F-9EA9-EFE30E6CEFCA}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCClinic.exe FirewallRules: [{1FEFBDB6-39A7-48A6-83AA-FCD5237CF1A2}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCLaunch.exe FirewallRules: [{C2F20CEB-516F-403F-A23D-5CFB84AA260B}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{29BDB29B-5A78-4113-8F17-14403AA34286}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftGame.exe FirewallRules: [{395AA3E8-E028-4DA7-81BE-12EFFACBAF60}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCSysOptimize.exe FirewallRules: [{475D8775-046B-43AF-8175-49A266E9202A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCUpdateAVLib.exe FirewallRules: [{A1D5C0CC-F260-40E2-B7A5-FC2A22AF9996}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQRepair.exe FirewallRules: [{01D0E476-616A-4540-A933-D9AEE3E2FA97}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\Uninst.exe FirewallRules: [{3C251BD3-53A2-4561-B6CE-DFE89C84548C}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCPatch.exe FirewallRules: [{521A14AD-DE62-480E-869B-C8276FB496DD}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\TpkUpdate.exe FirewallRules: [{B2AB8C9B-1959-4A7B-B62B-51872769CB17}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMRouterMgr.exe FirewallRules: [{7607424C-4FAB-4C34-B1C4-53CFEC9CED61}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMAccountProtection.exe FirewallRules: [{44445DFD-8441-44E6-A98F-57B3E43FD60A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMAdBlock.exe ==================== Pontos de Restauração ========================= 04-04-2016 23:25:51 Windows Update 08-04-2016 22:32:59 Windows Update 12-04-2016 00:38:18 Windows Update 14-04-2016 03:00:43 Windows Update 16-04-2016 03:00:15 Windows Update 21-04-2016 12:07:07 Windows Update 24-04-2016 13:54:29 Windows Update 26-04-2016 00:08:31 Removed BlackBerry Device Software v7.1.0 para o smartphone BlackBerry 9860. 26-04-2016 00:11:23 Removed BlackBerry Device Software v7.1.0 para o smartphone BlackBerry 9860. 26-04-2016 00:15:49 Removed BlackBerry Device Software v7.1.0 para o smartphone BlackBerry 9860. 26-04-2016 00:24:58 Removed Bluetooth Stack for Windows by Toshiba. 26-04-2016 00:30:08 Removed Mediatek Bluetooth. ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Bnbase Description: Bnbase Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Bnbase Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Baidu NetDefense Description: Baidu NetDefense Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Bndef Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Baidu Protect Description: Baidu Protect Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Bprotect Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Adaptador de Túnel Teredo da Microsoft Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (04/26/2016 08:19:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: osmsg.exe, versão: 1.0.0.42, carimbo de hora: 0x57119990 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23392, carimbo de hora: 0x56eb2fd9 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00056aa4 Identificação do processo com falha: 0x1114 Hora de início do aplicativo com falha: 0xosmsg.exe0 Caminho do aplicativo com falha: osmsg.exe1 FCaminho do módulo de falhas: osmsg.exe2 Identificação do Relatório: osmsg.exe3 Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 2019) (User: ) Description: O agente de extensão de log de eventos do SNMP não foi inicializado corretamente. Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 1020) (User: ) Description: Erro ao processar parâmetros do Registro. O agente de extensão está sendo terminado. Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 2019) (User: ) Description: O agente de extensão de log de eventos do SNMP não foi inicializado corretamente. Error: (04/26/2016 08:16:41 PM) (Source: EvntAgnt) (EventID: 3003) (User: ) Description: Erro ao posicionar-se no final do arquivo de log -- não é possível obter o registro de log mais antigo. O identificador especificado é 4784148. O código de retorno de GetOldestEventLogRecord é 6. Error: (04/25/2016 11:54:53 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (04/25/2016 11:54:32 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (04/25/2016 07:24:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: casrss.exe, versão: 2.0.0.30, carimbo de hora: 0x5715ce71 Nome do módulo de falhas: casrss.exe, versão: 2.0.0.30, carimbo de hora: 0x5715ce71 Código de exceção: 0xc0000005 Deslocamento com falha: 0x000225c5 Identificação do processo com falha: 0x594 Hora de início do aplicativo com falha: 0xcasrss.exe0 Caminho do aplicativo com falha: casrss.exe1 FCaminho do módulo de falhas: casrss.exe2 Identificação do Relatório: casrss.exe3 Error: (04/24/2016 04:12:48 PM) (Source: Microsoft Office 12) (EventID: 2001) (User: ) Description: Rejected Safe Mode action : Microsoft Office PowerPoint. Error: (04/23/2016 01:36:10 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Falha na geração de contexto de ativação para "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1"1". Erro no arquivo de manifesto ou de diretiva Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1"2", na linha Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1"3. Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado. A referência é Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1". A definição é Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1". Use o arquivo sxstrace.exe para obter um dignóstico detalhado. Erros de Sistema: ============= Error: (04/26/2016 09:44:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço WinZiper service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (04/26/2016 09:34:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: %%2 Error: (04/26/2016 09:28:55 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço QQPCMgr RTP Service está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (04/26/2016 08:48:59 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 40. Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas. Nova Versão da Assinatura: Versão da Assinatura Anterior: 115.57.0.0 Origem da Atualização: %AUTORIDADE NT51 Etapa da Atualização: 4.9.0218.00 Caminho de Origem: 4.9.0218.01 Tipo de Assinatura: %AUTORIDADE NT602 Tipo de Atualização: %AUTORIDADE NT604 Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão do Mecanismo Atual: %AUTORIDADE NT605 Versão do Mecanismo Anterior: %AUTORIDADE NT606 Código de Erro: %AUTORIDADE NT607 Descrição do erro: %AUTORIDADE NT608 Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas. Nova Versão da Assinatura: Versão da Assinatura Anterior: 1.217.2238.0 Origem da Atualização: %AUTORIDADE NT51 Etapa da Atualização: 4.9.0218.00 Caminho de Origem: 4.9.0218.01 Tipo de Assinatura: %AUTORIDADE NT602 Tipo de Atualização: %AUTORIDADE NT604 Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão do Mecanismo Atual: %AUTORIDADE NT605 Versão do Mecanismo Anterior: %AUTORIDADE NT606 Código de Erro: %AUTORIDADE NT607 Descrição do erro: %AUTORIDADE NT608 Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas. Nova Versão da Assinatura: Versão da Assinatura Anterior: 1.217.2238.0 Origem da Atualização: %AUTORIDADE NT51 Etapa da Atualização: 4.9.0218.00 Caminho de Origem: 4.9.0218.01 Tipo de Assinatura: %AUTORIDADE NT602 Tipo de Atualização: %AUTORIDADE NT604 Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão do Mecanismo Atual: %AUTORIDADE NT605 Versão do Mecanismo Anterior: %AUTORIDADE NT606 Código de Erro: %AUTORIDADE NT607 Descrição do erro: %AUTORIDADE NT608 Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas. Nova Versão da Assinatura: Versão da Assinatura Anterior: 1.217.2238.0 Origem da Atualização: %AUTORIDADE NT59 Etapa da Atualização: 4.9.0218.00 Caminho de Origem: 4.9.0218.01 Tipo de Assinatura: %AUTORIDADE NT602 Tipo de Atualização: %AUTORIDADE NT604 Usuário: AUTORIDADE NT\SISTEMA Versão do Mecanismo Atual: %AUTORIDADE NT605 Versão do Mecanismo Anterior: %AUTORIDADE NT606 Código de Erro: %AUTORIDADE NT607 Descrição do erro: %AUTORIDADE NT608 Error: (04/26/2016 08:41:41 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %AUTORIDADE NT60 encontrou um erro ao atualizar assinaturas. Nova Versão da Assinatura: Versão da Assinatura Anterior: 1.217.2238.0 Origem da Atualização: %AUTORIDADE NT59 Etapa da Atualização: 4.9.0218.00 Caminho de Origem: 4.9.0218.01 Tipo de Assinatura: %AUTORIDADE NT602 Tipo de Atualização: %AUTORIDADE NT604 Usuário: AUTORIDADE NT\SISTEMA Versão do Mecanismo Atual: %AUTORIDADE NT605 Versão do Mecanismo Anterior: %AUTORIDADE NT606 Código de Erro: %AUTORIDADE NT607 Descrição do erro: %AUTORIDADE NT608 Error: (04/26/2016 08:28:58 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 40. CodeIntegrity: =================================== Date: 2016-04-24 14:17:38.882 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-24 14:17:38.703 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-24 14:16:05.558 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-24 14:16:05.357 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-24 14:16:05.181 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-24 14:15:58.520 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-24 14:15:58.360 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-24 14:15:56.828 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-24 14:15:56.658 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-24 14:15:55.077 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz Percentagem de memória em uso: 70% RAM física total: 3318.44 MB RAM física disponível: 982.65 MB Virtual Total: 6635.21 MB Virtual disponível: 4027.45 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.89 GB) (Free:130.04 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: DA721E51) Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================