Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 31-08-2016 Executado por IURD VILA SÃO PEDRO (03-09-2016 20:12:10) Executando a partir de C:\Users\IURD VILA SÃO PEDRO\Desktop Windows 7 Ultimate (X64) (2015-03-18 03:32:42) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-1289909612-2110396360-3352851573-500 - Administrator - Disabled) Convidado (S-1-5-21-1289909612-2110396360-3352851573-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1289909612-2110396360-3352851573-1002 - Limited - Enabled) IURD VILA SÃO PEDRO (S-1-5-21-1289909612-2110396360-3352851573-1000 - Administrator - Enabled) => C:\Users\IURD VILA SÃO PEDRO ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 7-Zip 9.21beta (HKLM-x32\...\7-Zip) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated) Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.2.152.14 - Adobe Systems Incorporated) Adobe Reader X - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.) Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Assistente Pimaco (HKLM-x32\...\{1E040F6A-6DC9-4DCF-819C-FCFE720B6097}) (Version: 1.0.0 - Pimaco) Assistente Pimaco + (HKLM-x32\...\Assistente Pimaco +) (Version: 2.2.0.0 - Pimaco Autoadesivos Ltda) AssistentePimacoV2_0_1 (HKLM-x32\...\AssistentePimacoV2_0_1) (Version: 2.0.0.0 - Druid Internet Systems) aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 12.3.2280 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 3.07 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 15.3.5.0 - Synaptics Incorporated) Desinstalar Impressora EPSON XP-211 214 216 Series (HKLM\...\EPSON XP-211 214 216 Series) (Version: - SEIKO EPSON Corporation) Driver 1.3.1 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.3.1 - OEM) DVD Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation) EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation) Estudo de aprimoramento de produto para HP Officejet Pro X451dw Printer (HKLM\...\{DD827EB4-FA14-442D-8737-7BCF6EEAFB97}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: 4.3.1.323 - Foxit Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden HP Officejet Pro 8100 Ajuda (HKLM-x32\...\{6263341F-8C72-4136-8D3F-7862311121E7}) (Version: 28.0.0 - Hewlett Packard) HP Officejet Pro 8100 Estudo de aprimoramento de produtos (HKLM\...\{D1D71E88-9954-43AC-8675-0D3E53597312}) (Version: 28.0.1321.0 - Hewlett-Packard Co.) HP Officejet Pro 8100 Software básico do dispositivo (HKLM\...\{20287162-CA4E-4C73-BBE3-99C49B9A441A}) (Version: 28.0.1321.0 - Hewlett-Packard Co.) HP Officejet Pro X451dw Printer Ajuda (HKLM-x32\...\{A1459D3D-A70A-4C82-B305-E7711BD1BBD4}) (Version: 29.0.1 - Hewlett Packard) HP Officejet Pro X451dw Printer Software básico do dispositivo (HKLM\...\{953DC698-45EC-43A1-9247-1FFCCE9B80FE}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Support Solutions Framework (HKLM-x32\...\{89A620D5-6D9C-4C31-994D-9FAEE2987E2A}) (Version: 12.5.32.37 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) Microsoft Office Professional 2016 - pt-br (HKLM\...\ProfessionalRetail - pt-br) (Version: 16.0.7167.2055 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Nero 7 Essentials (HKLM-x32\...\{27C0CED3-E9FA-4EA0-96AA-FAECE5F81046}) (Version: 7.03.0824 - Nero AG) Office 16 Click-to-Run Extensibility Component (Version: 16.0.7167.2055 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2055 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.7167.2055 - Microsoft Corporation) Hidden PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation) PowerProducer (HKLM-x32\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: - ) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.90.826.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.) SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WindowsTM (HKLM-x32\...\WindowsTM) (Version: 1,2,60122,1018 - ) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-1289909612-2110396360-3352851573-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-1289909612-2110396360-3352851573-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1289909612-2110396360-3352851573-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {2514FC54-CD70-47D4-AED2-854EC0EC7D66} - System32\Tasks\HPCustParticipation HP Officejet Pro 8100 => C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPCustPartic.exe [2012-11-01] (Hewlett-Packard Co.) Task: {3D5C6193-593A-437F-9ED2-E70D296B92F9} - System32\Tasks\EPSON XP-211 214 216 Series Invitation {F7ED5377-D9ED-41F9-A177-14E132A797FD} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {49F55EFF-E97F-4530-B763-A954BBB6E775} - System32\Tasks\HPCustParticipation HP Officejet Pro X451dw Printer => C:\Program Files\HP\HP Officejet Pro X451dw Printer\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {528D0A03-FAE4-42C8-8D50-4818B713C411} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software) Task: {651E4AB2-D7BF-4604-A94E-396540927AF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-01] (Microsoft Corporation) Task: {678914D8-8CB2-43EE-A33B-5BC82B8AD022} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation) Task: {9D03389F-D2F1-4D52-BA6F-817954A42001} - System32\Tasks\SafeZone scheduled Autoupdate 1472920937 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software) Task: {A2667778-1AB6-4285-94CF-B4C6BBCC52B1} - System32\Tasks\{304728B9-56D5-40A6-83A1-2C36420783EC} => pcalua.exe -a "C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Temp\7zS2FE5\Setup.exe" -d C:\Users\IURDVI~1\AppData\Local\Temp\7zS2FE5 <==== ATENÇÃO Task: {AA058186-7A46-46AA-A428-8E2173D45CF1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.) Task: {CA3B10F5-B767-410F-B010-E001F646A19C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {CE8AC622-1E4F-4CE1-9122-F73D5A2FE11C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-03] (Microsoft Corporation) Task: {D2153561-BBC1-4A21-84C1-C1572E717CD6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-03] (AVAST Software) Task: {E734F544-4239-495B-B5B8-E5F6699BCAA7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.) Task: {E86DF1B5-3E8F-45D1-9167-33CC664B4F03} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation) Task: {FCC1BC66-5463-4D5D-B040-C4631D851C6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.) Task: {FF43A5B3-BDDA-4671-ACD2-93EC19E21FF7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-01] (Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {F7ED5377-D9ED-41F9-A177-14E132A797FD}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE Task: C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {F7ED5377-D9ED-41F9-A177-14E132A797FD}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE:/EXE:{F7ED5377-D9ED-41F9-A177-14E132A797FD} /F:UpdateSISTEMAĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartsurf.com/?type=sc&ts=1442950460&z=48de1189d906c2fddbb2065g9z6zdoat2wde5o6b5g&from=cor&uid=TOSHIBAXMQ01ABD050_54ITTP8ATXX54ITTP8AT ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartsurf.com/?type=sc&ts=1442950460&z=48de1189d906c2fddbb2065g9z6zdoat2wde5o6b5g&from=cor&uid=TOSHIBAXMQ01ABD050_54ITTP8ATXX54ITTP8AT ==================== Módulos Carregados (Whitelisted) ============== 2016-01-23 04:14 - 2016-09-03 19:58 - 00807528 _____ () C:\Windows\vonetframeHelp.dll 2015-03-18 01:50 - 2007-05-13 23:54 - 00272024 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe 2016-09-03 17:01 - 2016-09-03 17:01 - 01864384 _____ () C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2015-03-18 00:44 - 2010-03-15 11:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2016-09-03 13:50 - 2016-09-03 13:50 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-09-03 17:49 - 2016-09-03 17:49 - 03080312 _____ () C:\Program Files\AVAST Software\Avast\defs\16090301\algo.dll 2016-09-03 13:50 - 2016-09-03 13:50 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-09-03 13:32 - 2016-09-03 13:32 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-03-18 00:54 - 2012-10-22 02:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-09-03 17:00 - 2016-09-03 17:00 - 01383616 _____ () C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-08-08 17:16 - 2016-08-02 21:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll 2016-08-08 17:16 - 2016-08-02 21:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2016-09-03 13:55 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IPM.lnk => C:\Windows\pss\IPM.lnk.CommonStartup MSCONFIG\startupreg: 20150107 => C:\Program Files\AVAST Software\Avast\setup\emupdate\c87d0544-730f-4e81-b2eb-f8c6b30df3a8.exe /check MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: EPLTarget => MSCONFIG\startupreg: GoogleChromeAutoLaunch_DFC2A344A7EC8407A8662F39B3BE9466 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{4CC9017F-0DD0-421A-A4D9-84CBD51862DD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.EXE FirewallRules: [{D040786C-FDF8-4CCD-B960-934176B722C6}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe FirewallRules: [{38117BF9-2C39-4ADC-9590-EA925F505E13}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe FirewallRules: [{6CE53705-EBD5-43EA-8759-2A3ACA8C2993}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{ECB148DE-68D9-463F-8C7D-609B5E644CBC}] => (Allow) LPort=2869 FirewallRules: [{9B1909F1-54D9-40E9-B25C-8099C4A6A5ED}] => (Allow) LPort=1900 FirewallRules: [{6AD45CB2-BC4F-407E-80F1-5B7EC4109668}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\DeviceSetup.exe FirewallRules: [{DE09B21D-C13E-468A-A60A-72F6BC711427}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicator.exe FirewallRules: [{90507C7A-11A3-4D6B-8361-AA83789A638A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{C9E41BE6-EBC1-4BE1-97B3-356B6C99ABE2}] => (Allow) C:\Program Files\HP\HP Officejet Pro X451dw Printer\Bin\DeviceSetup.exe FirewallRules: [{E9F6172C-D929-4858-B0FE-7F0C1DA5DE22}] => (Allow) LPort=5357 FirewallRules: [{C47F7C71-CC1C-476C-B0E2-5D81B199A592}] => (Allow) C:\Program Files\HP\HP Officejet Pro X451dw Printer\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{40EBCA69-A965-4305-A4D7-D50FEAAB455D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{85EBD6CB-F3A4-44B3-B337-B7CFA5D1261F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{0D6994B1-60FB-4D87-9248-4B73AFE9CF1D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{94DCF2BD-8101-49F0-BDA3-54B6D28F785B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{F31D8F0F-BE97-49BE-B2C5-4F2A1FF46650}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{AE945C56-C584-4920-8C7A-29C200ADEA2D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{80DDB2CB-DFB3-40B6-9CE7-7C667971FE6A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{42FCF195-E073-46D1-98EB-321FFFE29E29}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{59594DE7-D3F8-499D-84AB-9BC0223BAFED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{93E0A709-5B77-499B-8345-0D7D9390699C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{1301290E-E05C-4ABA-AE40-D1C36DBAC7B2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{E4F8853B-1334-48EF-95EE-91F8CEDA0CC6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{BF1407D8-191E-410C-91F7-7D2CB4487953}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{48A115C4-C571-43B5-AD35-8AD1DD2EADE0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{27D0E339-1ECC-413D-AC24-6A10FFC61333}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe ==================== Pontos de Restauração ========================= 28-08-2016 17:30:45 Ponto de Verificação Agendado 03-09-2016 13:15:14 Removed IPM 1.9.4 03-09-2016 15:48:40 Removed Microsoft Office Professional Plus 2010 03-09-2016 17:21:05 Installed Microsoft Office Professional Plus 2010 03-09-2016 19:00:27 DLL-Files.com Fixer sáb, set 03, 16 19:00 03-09-2016 19:19:13 Installed Microsoft Office Professional Plus 2010 ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (09/03/2016 08:03:14 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (392) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546. Error: (09/03/2016 08:03:14 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (392) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546. Error: (09/03/2016 08:03:14 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (392) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546. Error: (09/03/2016 08:03:14 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (392) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546. Error: (09/03/2016 08:03:14 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (392) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546. Error: (09/03/2016 08:03:14 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (392) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546. Error: (09/03/2016 08:03:13 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (392) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546. Error: (09/03/2016 08:03:13 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (392) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546. Error: (09/03/2016 08:03:13 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (392) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546. Error: (09/03/2016 08:03:13 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (392) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546. Erros de Sistema: ============= Error: (09/03/2016 07:59:19 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 19:58:03 às ‎03/‎09/‎2016 não era esperado. Error: (09/03/2016 05:48:21 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: O serviço 'WMPNetworkSvc' não foi iniciado corretamente porque CoCreateInstance(CLSID_UPnPDeviceFinder) encontrou o erro '0x80004005'. Verifique se o serviço UPnPHost está sendo executado e se o componente UPnPHost do Windows foi instalado adequadamente. Error: (09/03/2016 04:41:25 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Windows Search, mas essa ação falhou com o seguinte erro: Uma cópia deste serviço já está sendo executada. Error: (09/03/2016 04:40:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Error: (09/03/2016 04:40:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: O serviço Windows Search terminou com o erro específico de serviço %%-1073473535. Error: (09/03/2016 01:30:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Avast Antivirus terminou com o erro: Não foi possível encontrar o procedimento especificado. Error: (09/03/2016 01:30:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Avast Antivirus terminou com o erro: Não foi possível encontrar o procedimento especificado. Error: (09/03/2016 01:29:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Baidu Hips Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (09/03/2016 01:25:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Avast Antivirus terminou com o erro: Não foi possível encontrar o procedimento especificado. Error: (09/03/2016 01:24:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Avast Antivirus terminou com o erro: Não foi possível encontrar o procedimento especificado. CodeIntegrity: =================================== Date: 2016-09-03 13:42:00.365 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\TMKernel.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-03 13:41:56.403 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\winsvsech.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-03 13:41:35.190 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vonetframe.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-03 13:41:33.038 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-03 13:41:32.835 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-03 00:24:16.747 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\TMKernel.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-03 00:24:10.353 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\winsvsech.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-03 00:23:58.003 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vonetframe.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-03 00:23:57.910 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-03 00:23:57.894 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Bprotect.sys because the set of per-page image hashes could not be found on the system. ==================== Informaes da Memria =========================== Processador: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz Percentagem de memria em uso: 81% RAM fsica total: 1942.16 MB RAM fsica disponvel: 357.69 MB Virtual Total: 3884.31 MB Virtual disponvel: 2097.61 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:431.43 GB) NTFS Drive e: (pr jardel HD) (Fixed) (Total:298.09 GB) (Free:75.24 GB) NTFS ==================== MBR & Tabela de Parties ================== ======================================================== Disk: 2 (Size: 298.1 GB) (Disk ID: 45078279) Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================