Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:25-05-2016 02 Executado por casal (2016-05-26 22:05:20) Executando a partir de C:\Users\casal\Downloads Microsoft Windows 10 Home Versão 1511 (X86) (2015-11-27 18:47:27) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2364669226-1398954891-4146519358-500 - Administrator - Disabled) casal (S-1-5-21-2364669226-1398954891-4146519358-1000 - Administrator - Enabled) => C:\Users\casal Convidado (S-1-5-21-2364669226-1398954891-4146519358-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2364669226-1398954891-4146519358-503 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371} AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 32 Bit HP CIO Components Installer (Version: 8.1.4 - Hewlett-Packard) Hidden Adblock Plus para o IE (32 bits) (HKLM\...\{C6067663-6A12-4229-B369-DEE32B320C0D}) (Version: 1.4.798 - Eyeo GmbH) Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft) Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft) Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft) Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft) aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp) aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender) CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.7.1878 - CDBurnerXP) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Driver 1.2 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.2 - OEM) Dropbox (HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) eXe -- eLearning XHTML editor (HKLM\...\exe) (Version: - eXe Project) Galeria de Fotos (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Gerenciador de Inicialização Positivo (HKLM\...\{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1) (Version: 1.0.16.1 - Positivo Informática S.A.) Google Chrome (HKLM\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.) Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google) Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard) IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT) Intel Driver Update Utility (HKLM\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel) Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2230 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) IPM 1.5 (HKLM\...\{AADF4228-0772-4D43-92EB-B245E3A17B00}) (Version: 1.5 - OEM) IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil) Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) JMicron Ethernet Adapter NDIS Driver (HKLM\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.) JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.45.0 - JMicron Technology Corp.) Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MCShield ::Anti-Malware Tool:: (HKLM\...\MCShield) (Version: 3.0.5.28 - MyCity) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office com Clique para Executar 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 46.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 46.0.1 (x86 pt-BR)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) Mundo Positivo (HKLM\...\{AAB13E97-449B-4D5B-BDE2-AB47B938B722}_is1) (Version: 1.3.8.0 - Positivo Informática S.A.) OSD 1.7 (HKLM\...\{5A9C96FE-1376-45E1-8556-C81255F0B5A7}) (Version: 1.7 - OEM) Positivo Ajudante (HKLM\...\{4F44FDC9-6B66-4549-882A-7D5C4E3A79A2}_is1) (Version: 1.4.0.2 - Positivo Informática S.A) Positivo Áudio (HKLM\...\{D00FA097-5115-400D-84AD-4ADEF3EBDB5E}_is1) (Version: 1.4.1.0 - Positivo Informática S.A.) Positivo Backup (HKLM\...\{387B3DFA-BB12-45E6-B431-4A7BF2EBD985}_is1) (Version: 1.5.2.2 - Positivo Informática S.A.) Positivo Bateria (HKLM\...\{FD6F6859-2863-4ABB-87D0-A263F3E9FF45}_is1) (Version: 1.4.4.0 - Positivo Informática S.A.) Positivo Conversor 3D (HKLM\...\{D0582368-2DFF-48EA-AC8D-1FA8E31CA38C}_is1) (Version: 1.0.0.7 - Positivo Informática S.A.) Positivo NIS 2011 License Activator (HKLM\...\{5400FA29-4A55-4EB9-AD27-AF20DBD334E1}_is1) (Version: 1.1.0.0 - Positivo Informática S.A.) Positivo Sincronize (HKLM\...\{6DA3261A-DCEB-401A-ABE0-A367C252B86C}_is1) (Version: 1.5.3.0 - Positivo Informática S.A.) Positivo WebCam (HKLM\...\{E11C7438-7550-4676-92CE-846CC5DA3548}_is1) (Version: 1.5.1.0 - Positivo Informática S.A.) Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.4.0 - Ralink) REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0174 - REALTEK Semiconductor Corp.) Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.1.0.9134 - Microsoft Corporation) Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Software de Cadastro Positivo 6.0 (HKLM\...\{4A33ECF3-6AC6-4A9B-932C-4E81625423C7}_is1) (Version: 6.0.0.0 - Positivo Informática) SpywareBlaster 5.2 (HKLM\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC) TP-LINK Wireless Client Utility (HKLM\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK) Tutorial 1.0 (HKLM\...\{1C86726E-4A85-4322-8A1C-56EDE170FAB5}_is1) (Version: 1.0.0.0 - Positivo Informática) Unchecky v0.4.3 (HKLM\...\Unchecky) (Version: 0.4.3 - RaMMicHaeL) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Webcam 1.5 (HKLM\...\{39B78651-6FD2-4752-BE68-C3BDB6F2D9EE}) (Version: 1.5 - OEM) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) WordPress (HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\wordpress-31007ec6fe23480d7b5eadfb17445965) (Version: 2.2 - Mozilla Apps) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.30.3\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.29.5\psuser.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.30.3\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {00C39C86-E733-41F9-8913-3DB7FE4EF13A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated) Task: {05C88CBA-376A-4587-9BED-37D5E21E8A84} - System32\Tasks\{77C3D12E-6621-4F9F-92A0-E420B3B88C4F} => pcalua.exe -a C:\PROGRA~1\NETRAT~1\NetSight\NSSetup.exe -c /uninstall Task: {0E24767B-4193-4C64-9441-B542AAFE81E3} - System32\Tasks\{0DD0F863-9D52-4870-A560-2380B9CC6A63} => Chrome.exe Task: {1075A74F-EF14-4700-AB47-E27897F4D11A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000UA => C:\Users\casal\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.) Task: {1079D203-51E0-4299-A17B-03577D43FE3A} - System32\Tasks\{6A51DC2C-9DCA-48BB-9E99-F721479AF6E7} => Chrome.exe Task: {11319DDE-0260-49F2-918D-68C913E2A7EB} - System32\Tasks\{9F466F0D-28B8-49A8-BA81-29492BEEF9BB} => Chrome.exe Task: {13936F53-4C60-4064-8020-F7B0300C758C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {1D7AF179-48AC-4287-8248-3181044F000F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000UA => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {2052721E-B17D-4340-B609-3F41854C6251} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {216BC908-4B16-4518-8FDD-8F9FC2AFEC5D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000UA1d15dcef6a236b => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {22D477EC-DA79-4CC6-A19F-4FDB94351864} - System32\Tasks\{6C0FDFCA-0081-464D-8B36-CDE9C7AC4E93} => Chrome.exe Task: {24697A66-AAE5-4A2C-9368-5CC71EB22989} - System32\Tasks\{410C36AD-4055-4872-81C0-E9EEF31A781A} => C:\Program Files\Norton Internet Security\Engine\19.9.0.9\uistub.exe Task: {268534DA-449B-4E48-A24C-6048C2F06A72} - System32\Tasks\{1BA8F945-04BA-4AED-AB36-5A4A452EEB01} => Chrome.exe Task: {2A15E683-1BE4-4862-82EC-33794EE9D260} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000Core => C:\Users\casal\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.) Task: {2AF0DB67-B87F-4369-BC79-A90F93193544} - System32\Tasks\{54046C9D-0C94-4FBA-AAB9-F47D07EC2927} => Chrome.exe Task: {2BBD0B62-9F67-4765-B8C7-F696BCEE9891} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {2E254A0E-6820-44DC-8A6A-E19A2FB6CC0A} - System32\Tasks\{532103EA-8BB4-4606-ACDC-0EF38D17B960} => pcalua.exe -a "E:\Sharp c260m -PCL5C-0706a-XPVistax64\setup.exe" -d "E:\Sharp c260m -PCL5C-0706a-XPVistax64" Task: {34AE7C9B-6B76-4D8A-B813-57D0DAA364DC} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation) Task: {355B03C3-AF4E-4AE7-A6E6-29309EA50BD2} - System32\Tasks\{248790DF-D5AF-4840-ABD4-BA8566CF0511} => Chrome.exe Task: {3BBD99A3-C749-4DC0-9B9C-1D3BB51928BB} - System32\Tasks\{A12685BF-9102-4465-8B2B-05FC2B80E3AF} => Chrome.exe Task: {3E9F52B8-77FD-49B2-B532-9267C48F6169} - System32\Tasks\{7161C7D9-CE1A-4527-A4DE-D8A549EDD3DB} => pcalua.exe -a C:\Users\casal\Downloads\jre-8u45-windows-i586-iftw.exe -d C:\Users\casal\Downloads Task: {44AB0D1D-F5C4-45BF-8F70-CB8C9CEA866A} - System32\Tasks\{4D2C01EF-450D-4959-8491-3A2744483442} => Chrome.exe Task: {47824B28-00D4-4049-8922-19553196C545} - System32\Tasks\{890FDB3C-DA4B-47DB-B70E-27E8FFC63ACE} => C:\Program Files\Norton Internet Security\Engine\19.9.0.9\uistub.exe Task: {543356C5-557A-4A4E-A481-86C814FB8AE7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-10] (Microsoft Corporation) Task: {5435E959-87FF-43A8-A683-D058020961D3} - System32\Tasks\{77A27842-D072-419D-8D89-2634AD44BF5A} => pcalua.exe -a C:\Users\casal\Downloads\Receitanet-1.04.exe -d C:\Users\casal\Downloads Task: {5D3A4231-A4BF-4BA6-9A85-978A4F256C1D} - System32\Tasks\{A59BEC52-E4B8-49C9-89CE-EE1F377E4138} => Chrome.exe Task: {648E27EA-AD4B-4362-8A79-6AB6EA154237} - System32\Tasks\{AA22BC3B-9A4F-4522-8D56-3E0ADF29F1AF} => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe Task: {66154A41-99B0-45C1-951C-173A0C267217} - System32\Tasks\{8F99B308-F8FF-4076-ACD0-03F7CBF3E68E} => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe Task: {6ABF6F92-6763-4963-9E20-D2C212BCEC5C} - System32\Tasks\{56021F95-488E-4FC3-9553-621D91512186} => Chrome.exe Task: {789CF3E5-2457-42A2-892F-9D15D66E1AD4} - System32\Tasks\{12121ECC-8DBE-4945-9C9F-E7F73208044E} => pcalua.exe -a "C:\Program Files\ZHPDiag\ZHPhep.exe" -d "C:\Program Files\ZHPDiag" Task: {7CA6BC86-8857-43C1-8C38-62D646714DDA} - System32\Tasks\{530E5E59-6E8A-46B0-8D48-1E6A07649722} => pcalua.exe -a C:\Users\casal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSetup.exe -c /uninstall Task: {7CD0F49B-0F8C-41B6-BFC7-58DF619EFDA8} - System32\Tasks\{181D28A9-04FE-4E02-B0FD-4232ABE545BA} => Chrome.exe Task: {8A2F105C-5661-43BD-99EF-B9A38A5C38E6} - System32\Tasks\{C3722DD0-F602-4681-A9D1-4CDE6D60A9BB} => Firefox.exe Task: {8A4799B9-E549-4555-9819-FC956DC45A7C} - System32\Tasks\{0FDF2D55-ED79-4D7D-8C6B-F578BEE678D7} => Chrome.exe Task: {95757E7B-7A54-428A-9ECA-CB19A3496D63} - System32\Tasks\{AD3948B1-181B-49ED-8CCD-0A7D7837FD33} => pcalua.exe -a C:\Users\casal\Downloads\zoek(1)\zoek.com -d C:\Users\casal\Downloads\zoek(1) Task: {96522C20-FA13-48C5-8DB4-0959DF5436D7} - System32\Tasks\{E5A98349-A26B-40D2-B8FC-D4A8E9782B05} => pcalua.exe -a C:\Users\casal\Downloads\Receitanet-1.04.exe -d C:\Users\casal\Downloads Task: {96D94BB0-2B22-4AD7-B719-D689F27F9000} - System32\Tasks\{67836FBF-4698-4D94-8745-8B76F1409E39} => Chrome.exe Task: {984D34B0-8236-4508-A129-950A7144A179} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd) Task: {9A71A48E-2187-4B64-A219-E102FB7041A6} - System32\Tasks\{CCC8D53D-E644-4AD0-A9A1-79C93D92227D} => Chrome.exe Task: {9E8EC137-5C99-4746-A43B-01FC7FBEDE98} - System32\Tasks\{8747697A-E202-4D89-AA43-7EDC94BC45F6} => Firefox.exe Task: {A2A7AC4F-B21D-4C3E-B915-B5C6E0A346AB} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => E:\\WR_Tray_Icon.exe Task: {A8C0B4AC-F06A-48D5-9918-6C94D31D11B2} - System32\Tasks\{6E9F8F02-109B-4A92-8189-40699BF83CA0} => pcalua.exe -a C:\Users\casal\Downloads\DIPJ2012v1.0.exe -d "C:\Program Files\Mozilla Firefox" Task: {AE1AA37B-3ABA-4934-A4D7-44E27B990054} - System32\Tasks\{CB52A441-DC21-4E3B-966E-318F7A0A10C5} => Chrome.exe Task: {B5A57D37-767C-4E15-A894-A3052EFDA6A2} - System32\Tasks\{FA958BE3-360D-4295-87E4-55675F8CCE7A} => Chrome.exe Task: {B783435D-689F-431F-AE6C-0E3FC3BE9F68} - System32\Tasks\{42004203-8A39-495E-9B5F-07A654D0CFB5} => Firefox.exe Task: {C21DB8B8-6BEC-4062-9B34-C617E12862C8} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {D1442472-3D38-4386-8EC0-7D97CD26FFA9} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK Task: {D1789D0F-BEF2-4731-A149-07ABF2E6B4B5} - System32\Tasks\{A36EB03E-89ED-4868-9E4E-BFD864034877} => Firefox.exe Task: {E0EAE09D-87AA-4F66-A951-FC1447BB2756} - System32\Tasks\{1608256D-2B8C-4045-84BC-DD96A4E64097} => Firefox.exe Task: {E5E1B4A3-9EB9-40F6-B955-5315F2E3923A} - System32\Tasks\{1E138634-A780-489E-9800-FCD8993BF5AB} => pcalua.exe -a C:\Users\casal\Downloads\Flash_Disinfector.exe -d C:\Users\casal\Downloads Task: {EFE2B202-6C97-431F-AB3C-97A7A7C92D11} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000Core1d15dcef1cc59b => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {F0934E4D-3DFA-4057-8947-D465E48B37B1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000Core => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {F45F07BA-B8E9-4750-9367-AE105D613750} - System32\Tasks\{77C82021-44ED-4861-AF8E-6959E0AD2409} => Chrome.exe Task: {F587F037-A624-45BE-BE31-0F5A9711AA5E} - System32\Tasks\Programa de atualização online da HP => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard) Task: {F71A061D-BE28-4B9F-AC11-409763A77056} - System32\Tasks\{CECDA389-DCF5-497E-B512-04A5A8A154DE} => Chrome.exe Task: {FD85FE9A-AD79-4F3F-ADF1-593F36366F71} - System32\Tasks\{D0B87182-5868-4D5E-9DD6-54796D2355EA} => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000Core.job => C:\Users\casal\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000UA.job => C:\Users\casal\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000Core.job => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000Core1d15dcef1cc59b.job => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000UA.job => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000UA1d15dcef6a236b.job => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2016-05-22 19:21 - 2016-05-22 19:21 - 00522136 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll 2016-05-22 19:22 - 2016-05-22 19:22 - 00105448 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll 2012-01-31 17:16 - 2009-11-12 12:48 - 00071096 _____ () C:\Program Files\CDBurnerXP\NMSAccessU.exe 2011-11-21 06:39 - 2010-03-03 19:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-10-30 02:44 - 2015-10-30 02:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-12 16:22 - 2016-03-29 06:37 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-12 16:22 - 2016-03-29 06:37 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-04-19 14:15 - 2016-04-19 14:17 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-04-19 14:15 - 2016-04-19 14:17 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 14:15 - 2016-04-19 14:17 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-12-18 16:00 - 2015-12-07 01:11 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-10 22:36 - 2016-04-23 01:20 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-05-10 22:36 - 2016-04-23 01:05 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-05-10 22:36 - 2016-04-23 00:58 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-05-10 22:38 - 2016-04-23 00:58 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-05-10 22:39 - 2016-04-23 01:01 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-04-15 15:07 - 2016-04-15 15:07 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll 2016-05-14 00:56 - 2016-04-19 16:47 - 00034768 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2016-05-14 00:56 - 2016-04-19 16:48 - 00019408 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2016-05-14 00:56 - 2016-04-19 16:47 - 00116688 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2016-05-14 00:56 - 2016-04-19 16:47 - 00093640 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2016-05-14 00:56 - 2016-04-19 16:47 - 00018376 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\select.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00019760 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00105928 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-05-14 00:56 - 2016-04-19 16:47 - 00392144 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2016-05-14 00:56 - 2016-05-06 19:35 - 00381752 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2016-05-14 00:56 - 2016-04-19 16:47 - 00692688 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 00020816 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2016-05-14 00:56 - 2016-04-19 16:48 - 00121296 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 01682760 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 00020808 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00021840 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 00038696 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\fastpath.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00020936 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00024528 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32event.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00114640 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32security.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00124880 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00021832 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00024016 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00175560 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32gui.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00030160 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00043472 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32process.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00028616 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32ts.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00048592 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32service.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 00026456 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00057808 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00024016 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32profile.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 00117056 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 00052024 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2016-05-14 00:56 - 2016-04-19 16:47 - 00134608 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2016-05-14 00:56 - 2016-04-19 16:47 - 00134088 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2016-05-14 00:56 - 2016-04-19 16:48 - 00240584 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00020800 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00021824 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00019776 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00020800 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 00024392 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2016-05-14 00:56 - 2016-04-19 16:50 - 00036296 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\librsync.dll 2016-05-14 00:56 - 2016-05-06 19:34 - 00020280 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00023376 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00350152 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00022352 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 00031568 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd 2016-05-14 00:56 - 2016-03-11 21:46 - 00293392 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll 2016-05-14 00:56 - 2016-05-06 19:34 - 00084280 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2016-05-14 00:56 - 2016-05-06 19:34 - 01826096 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2016-05-14 00:56 - 2016-04-19 16:48 - 00083912 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\sip.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 03928880 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 01971504 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 00531248 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00132912 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00223544 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2016-05-14 00:56 - 2016-05-06 19:34 - 00207672 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2016-05-14 00:56 - 2016-04-19 16:49 - 00060880 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\win32print.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00025928 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00024904 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00546096 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2016-05-14 00:56 - 2016-05-06 19:35 - 00357680 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\100sexlinks.com -> 100sexlinks.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\101hotteens.com -> 101hotteens.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\101lottery.com -> 101lottery.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\110hobart.com -> 110hobart.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\114anhui.com -> 114anhui.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\123expressview.com -> 123expressview.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\123found.com -> 123found.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\123keno.com -> 123keno.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\12don.info -> 12don.info IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\1331675235.com -> 1331675235.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\143fuck.com -> 143fuck.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\17gamo.com -> 17gamo.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\17webplace.com -> 17webplace.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\180solutions.com -> 180solutions.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\1autocity.com -> 1autocity.com IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\1gb.ru -> people.1gb.ru IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\1ive.net -> 1ive.net IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\1se.ru -> 1se.ru Existem ainda 6071 sites a mais. ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2014-03-03 13:43 - 2016-05-23 20:40 - 00001952 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com 0.0.0.0 cdn.bispd.com Existem ainda 4 mais linhas. ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\casal\Pictures\20151221_120601.jpg DNS Servers: 172.30.200.4 - 200.195.159.100 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Assistente para criação de disco de recuperação.lnk => C:\Windows\pss\Assistente para criação de disco de recuperação.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IPM.lnk => C:\Windows\pss\IPM.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OSD.lnk => C:\Windows\pss\OSD.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk => C:\Windows\pss\Ralink Wireless Utility.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^casal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupfolder: C:^Users^casal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de tela e Iniciador do OneNote 2007.lnk => C:\Windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Google Update => "C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: StartUpManagerPositivo => C:\Program Files\Positivo Informática\Gerenciador de Inicialização Positivo\ManagerWindows.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808 FirewallRules: [{18CA3E46-8712-4438-A170-FC2402C23A1D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{1F04D757-B7FF-4A21-9BE8-18A989CD93BD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{51146E31-A03B-45AA-90ED-5485A350348C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{48E27CB3-76A8-4644-A815-8E4E0D8246EA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{75E955F9-5B9C-41AA-B6F2-657F9ECAEFF6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= 23-05-2016 21:29:47 Fim da desinfecção ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (05/26/2016 09:21:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: sttray.exe, versão: 1.0.6289.0, carimbo de data/hora: 0x4c1ad9b0 Nome do módulo com falha: sttray.exe, versão: 1.0.6289.0, carimbo de data/hora: 0x4c1ad9b0 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000077eb ID do processo com falha: 0x1744 Hora de início do aplicativo com falha: 0xsttray.exe0 Caminho do aplicativo com falha: sttray.exe1 Caminho do módulo com falha: sttray.exe2 ID do Relatório: sttray.exe3 Nome completo do pacote com falha: sttray.exe4 ID do aplicativo relativo ao pacote com falha: sttray.exe5 Error: (05/26/2016 04:58:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: sttray.exe, versão: 1.0.6289.0, carimbo de data/hora: 0x4c1ad9b0 Nome do módulo com falha: sttray.exe, versão: 1.0.6289.0, carimbo de data/hora: 0x4c1ad9b0 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000077eb ID do processo com falha: 0x924 Hora de início do aplicativo com falha: 0xsttray.exe0 Caminho do aplicativo com falha: sttray.exe1 Caminho do módulo com falha: sttray.exe2 ID do Relatório: sttray.exe3 Nome completo do pacote com falha: sttray.exe4 ID do aplicativo relativo ao pacote com falha: sttray.exe5 Error: (05/25/2016 04:27:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CompatTelRunner.exe, versão: 10.0.14275.1000, carimbo de data/hora: 0x56f0ef43 Nome do módulo com falha: invagent.dll, versão: 10.0.14275.1000, carimbo de data/hora: 0x56f0e905 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000303f1 ID do processo com falha: 0x10cc Hora de início do aplicativo com falha: 0xCompatTelRunner.exe0 Caminho do aplicativo com falha: CompatTelRunner.exe1 Caminho do módulo com falha: CompatTelRunner.exe2 ID do Relatório: CompatTelRunner.exe3 Nome completo do pacote com falha: CompatTelRunner.exe4 ID do aplicativo relativo ao pacote com falha: CompatTelRunner.exe5 Error: (05/25/2016 02:39:31 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (05/25/2016 02:21:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: sttray.exe, versão: 1.0.6289.0, carimbo de data/hora: 0x4c1ad9b0 Nome do módulo com falha: sttray.exe, versão: 1.0.6289.0, carimbo de data/hora: 0x4c1ad9b0 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000077eb ID do processo com falha: 0xb3c Hora de início do aplicativo com falha: 0xsttray.exe0 Caminho do aplicativo com falha: sttray.exe1 Caminho do módulo com falha: sttray.exe2 ID do Relatório: sttray.exe3 Nome completo do pacote com falha: sttray.exe4 ID do aplicativo relativo ao pacote com falha: sttray.exe5 Error: (05/24/2016 04:35:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CompatTelRunner.exe, versão: 10.0.14275.1000, carimbo de data/hora: 0x56f0ef43 Nome do módulo com falha: invagent.dll, versão: 10.0.14275.1000, carimbo de data/hora: 0x56f0e905 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000303f1 ID do processo com falha: 0x14a0 Hora de início do aplicativo com falha: 0xCompatTelRunner.exe0 Caminho do aplicativo com falha: CompatTelRunner.exe1 Caminho do módulo com falha: CompatTelRunner.exe2 ID do Relatório: CompatTelRunner.exe3 Nome completo do pacote com falha: CompatTelRunner.exe4 ID do aplicativo relativo ao pacote com falha: CompatTelRunner.exe5 Error: (05/24/2016 03:19:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: sttray.exe, versão: 1.0.6289.0, carimbo de data/hora: 0x4c1ad9b0 Nome do módulo com falha: sttray.exe, versão: 1.0.6289.0, carimbo de data/hora: 0x4c1ad9b0 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000077eb ID do processo com falha: 0x18cc Hora de início do aplicativo com falha: 0xsttray.exe0 Caminho do aplicativo com falha: sttray.exe1 Caminho do módulo com falha: sttray.exe2 ID do Relatório: sttray.exe3 Nome completo do pacote com falha: sttray.exe4 ID do aplicativo relativo ao pacote com falha: sttray.exe5 Error: (05/23/2016 09:30:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (05/23/2016 09:29:45 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {823de474-4208-47fd-83f6-b45e02664ffb} Error: (05/23/2016 07:58:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: sttray.exe, versão: 1.0.6289.0, carimbo de data/hora: 0x4c1ad9b0 Nome do módulo com falha: sttray.exe, versão: 1.0.6289.0, carimbo de data/hora: 0x4c1ad9b0 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000077eb ID do processo com falha: 0x17f0 Hora de início do aplicativo com falha: 0xsttray.exe0 Caminho do aplicativo com falha: sttray.exe1 Caminho do módulo com falha: sttray.exe2 ID do Relatório: sttray.exe3 Nome completo do pacote com falha: sttray.exe4 ID do aplicativo relativo ao pacote com falha: sttray.exe5 Erros de Sistema: ============= Error: (05/26/2016 09:57:51 PM) (Source: DCOM) (EventID: 10016) (User: Amore) Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AmorecasalS-1-5-21-2364669226-1398954891-4146519358-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/26/2016 09:42:52 PM) (Source: DCOM) (EventID: 10016) (User: Amore) Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AmorecasalS-1-5-21-2364669226-1398954891-4146519358-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/26/2016 09:42:52 PM) (Source: DCOM) (EventID: 10016) (User: Amore) Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AmorecasalS-1-5-21-2364669226-1398954891-4146519358-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/26/2016 06:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_2b3c8e9 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (05/26/2016 12:38:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_1346642. Error: (05/26/2016 12:38:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_1346642 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (05/26/2016 12:26:37 AM) (Source: DCOM) (EventID: 10016) (User: Amore) Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AmorecasalS-1-5-21-2364669226-1398954891-4146519358-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/25/2016 11:56:38 PM) (Source: DCOM) (EventID: 10016) (User: Amore) Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AmorecasalS-1-5-21-2364669226-1398954891-4146519358-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/25/2016 11:26:41 PM) (Source: DCOM) (EventID: 10016) (User: Amore) Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AmorecasalS-1-5-21-2364669226-1398954891-4146519358-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/24/2016 05:39:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_9151ef foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. CodeIntegrity: =================================== Date: 2016-05-14 19:00:06.556 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 07:09:25.993 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 04:24:19.064 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-14 14:05:56.083 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 14:44:52.803 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-29 15:01:43.743 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-11 22:20:05.460 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-09 22:16:43.995 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-02 09:26:54.698 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-14 09:53:27.528 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Atom(TM) CPU D525 @ 1.80GHz Percentagem de memória em uso: 80% RAM física total: 2038.3 MB RAM física disponível: 392.64 MB Virtual Total: 4086.3 MB Virtual disponível: 1891.09 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:287.88 GB) (Free:253.29 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 96E1CA8E) Partition 1: (Active) - (Size=9.8 GB) - (Type=27) Partition 2: (Not Active) - (Size=287.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Fim de Addition.txt ============================