Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 26-10-2016 Executado por Ximenes (27-10-2016 19:56:35) Executando a partir de C:\Users\Ximenes\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2013-12-12 11:03:34) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-1188314553-3972008558-74429398-500 - Administrator - Disabled) Cleide (S-1-5-21-1188314553-3972008558-74429398-1004 - Limited - Enabled) => C:\Users\Cleide Convidado (S-1-5-21-1188314553-3972008558-74429398-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1188314553-3972008558-74429398-1002 - Limited - Enabled) Teo (S-1-5-21-1188314553-3972008558-74429398-1003 - Limited - Enabled) => C:\Users\Teo Ximenes (S-1-5-21-1188314553-3972008558-74429398-1000 - Administrator - Enabled) => C:\Users\Ximenes ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE) Ableton Live 9 Suite (HKLM\...\{B1F5B498-3186-442A-8AA6-AA7FCBC1116C}) (Version: 9.0.0.0 - Ableton) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.12 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Arachnophilia (remove only) (HKLM-x32\...\Arachnophilia) (Version: - ) Arachnophilia version 4.0 (HKLM-x32\...\Arachnophilia version 4.0_is1) (Version: - ) Articulate Storyline (HKLM-x32\...\{CF080EA9-C318-46D7-A597-4EA95714E631}) (Version: 1.02.02 - Articulate) Articulate Storyline (x32 Version: 1.02.02 - Articulate) Hidden Articulate Studio '13 (HKLM-x32\...\{3E5131E9-1241-4E43-8036-E870C0DE2012}) (Version: 4.00.13 - Articulate) Articulate Studio '13 (x32 Version: 4.00.13 - Articulate) Hidden Articulate Studio '13 (x32 Version: 4.2.00 - Articulate) Hidden ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) Assistente Pimaco (HKLM-x32\...\{1E040F6A-6DC9-4DCF-819C-FCFE720B6097}) (Version: 1.0.0 - Pimaco) AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Balabolka (HKLM-x32\...\Balabolka) (Version: 2.10.0.577 - Ilya Morozov) bl (x32 Version: 1.0.0 - Your Company Name) Hidden BRySigner 3.1.9.0 (HKLM-x32\...\{D7AF797B-6112-4FDC-8999-D05AA14666A9}) (Version: 3.1.9.0 - BRy Tecnologia) BufferChm (x32 Version: 130.0.327.000 - Hewlett-Packard) Hidden CacheMyWork (HKLM-x32\...\{4CD3A1CB-EB91-4DC5-B636-33B66BA56162}) (Version: 1.2 - Codeplex) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon iP4700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series) (Version: - ) Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP) CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - ) Citrix Online Launcher (HKLM-x32\...\{B025BA0B-64A6-46DE-9D64-32965C83CCA9}) (Version: 1.0.179 - Citrix) CoffeeCup Free HTML Editor (HKU\S-1-5-21-1188314553-3972008558-74429398-1000\...\CoffeeCup Free HTML Editor) (Version: - ) CoffeeCup Website Insight (HKU\S-1-5-21-1188314553-3972008558-74429398-1000\...\CoffeeCup Website Insight) (Version: 1.1 - CoffeeCup Software) ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden Digital Voice Editor 3 (HKLM-x32\...\{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}) (Version: 3.3.01.11240 - Sony Corporation) DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden DPower version 1.0 (HKLM-x32\...\DPower_is1) (Version: 1.0 - WeMonetize) <==== ATENÇÃO Easy Tune 6 B12.0905.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B12.0905.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden ePageCreator (version 5.8.0.1) (HKLM-x32\...\ePageCreator_is1) (Version: - Alive Software, Inc.) FileZilla Client 3.15.0 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0 - Tim Kosse) Final Draft (HKLM-x32\...\{E8FDC52C-83F4-4A0F-AA65-D0E8C0F3302F}) (Version: 9.0.0.163 - Final Draft, Inc.) FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line) FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time) FTP Commander (HKLM-x32\...\FTP Commander) (Version: - ) Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden GPBaseService2 (x32 Version: 130.0.367.000 - Hewlett-Packard) Hidden GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.) Hi Slider (HKLM-x32\...\Hi Slider_is1) (Version: - HiSlider Solution) HotPotatoes v 6.3.0.5 (HKLM-x32\...\hotpot_is1) (Version: - HalfBaked) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Scanjet 2400 (HKLM\...\{7B604AC7-B496-473F-A17C-489398E38BEA}) (Version: 13.0 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) hpg2410 (x32 Version: 14.0.0.0 - Nome de sua empresa:) Hidden HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 130.0.367.000 - Hewlett-Packard) Hidden iCreateApp (HKLM-x32\...\{12809488-8825-49F4-8E2F-5194E23A8F67}) (Version: 1.0 - Alive Software Inc.) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.3 - Receita Federal do Brasil) IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.2 - Receita Federal do Brasil) IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) L&H TTS3000 Português (Brasil) (HKLM-x32\...\LHTTSPTB) (Version: - ) Learning Content Development System (HKLM-x32\...\{5F4C0AF9-08C4-4BC3-AA5F-42DB442296DF}) (Version: 02.06.00.0117_brz - Microsoft) Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo) Loquendo TTS 7 Felipe Multimedia High Quality (HKLM-x32\...\{A1614B8B-E966-4512-BEA9-13A4779983FF}) (Version: 7.3.0 - Loquendo) Loquendo TTS 7 Portuguese (HKLM-x32\...\{C278A74A-707D-49B5-B847-651B4B80EDED}) (Version: 7.4.0 - Loquendo) Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Media Go (HKLM-x32\...\{F66C4A41-C3A8-4523-AB6C-BAA1DB38305C}) (Version: 2.7.357 - Sony) Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony) Media Go Video Playback Engine 2.4.102.12040 (HKLM-x32\...\{7C5AEEE1-6D7C-8922-4548-7BF9096077EC}) (Version: 2.4.102.12040 - Sony) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation) Microsoft Office 2010 Primary Interop Assemblies (HKLM-x32\...\{90140000-1146-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1150 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.7369.2038 - Microsoft Corporation) Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft) Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1188314553-3972008558-74429398-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation) Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Text to Speech Voice (pt-BR, Heloisa) (HKLM-x32\...\{4812E2FC-5A25-4220-BF5A-D50238B63151}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mindjet (HKLM-x32\...\{E338B93E-BBE0-48ED-ABDC-9EE5FD93D809}) (Version: 11.1.353 - Mindjet) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 32.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 pt-BR)) (Version: 32.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla) Mozilla Thunderbird 38.2.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 pt-BR)) (Version: 38.2.0 - Mozilla) Mozilla Thunderbird 38.3.0 (x86 pt-BR) (HKU\S-1-5-21-1188314553-3972008558-74429398-1000\...\Mozilla Thunderbird 38.3.0 (x86 pt-BR)) (Version: 38.3.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) muan12 (HKLM-x32\...\muan12) (Version: 12.0.5 - VISGRAF/IMPA) MV RegClean 6.9.1 (HKLM-x32\...\MV RegClean 6.9.1_is1) (Version: - ) NextUp-ScanSoft Raquel Brazilian Portuguese Voice (HKLM-x32\...\{5FAFC823-5E8C-40FB-8238-F2C536B2FB11}) (Version: 4.0.0 - NextUp.com) Nikontrol 3k 1.4 (HKLM-x32\...\{EE07A70E-F216-431E-AA30-2513555A36C3}_is1) (Version: - Mira&Savy) Norton Security (HKLM-x32\...\NS) (Version: 22.8.0.50 - Symantec Corporation) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden Office Mix (HKLM-x32\...\{12e9dfa2-42d0-4d4e-872c-4cce140843bd}) (Version: 0.1.5120.0 - Microsoft Corporation) Office Mix 32-bit (x32 Version: 0.1.5120.0 - Microsoft) Hidden ON_OFF Charge B12.0308.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) OtherSearch (HKLM-x32\...\OtherSearch) (Version: 3.0.4.2 - Theudobald Yanko) <==== ATENÇÃO Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version: - Tracker Software) ph (x32 Version: 1.0.0 - Your Company Name) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Saba Client (HKLM-x32\...\CentraClient) (Version: - ) SafeFinder (HKLM-x32\...\{928AC057-A422-4D47-A54D-1DA83EB1380E}) (Version: 1.0.0.0 - Linkury) <==== ATENÇÃO SafeNet Authentication Client 8.0 SP2 (HKLM\...\{74EA395E-DF72-4273-8B52-7303E97E4E38}) (Version: 8.00.186.0 - SafeNet, Inc.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden SCORM 2004 4th Edition Test Suite Version 1.1.1 (HKLM-x32\...\{D3C30246-F985-423A-BD75-2AF066A476B8}) (Version: 1.0.0 - Advanced Distributed Learning (ADL)) SCORM Version 1.2 Conformance Test Suite Version 1.2.7 (Self Test) (HKLM-x32\...\{4D5C24F8-FCA6-4CBC-9A6F-F84A142ECE1B}) (Version: 1.2.7 - Advanced Distributed Learning (ADL)) Scribus 1.4.3 (64bit) (HKLM\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft) Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.) Solar Fire Gold Demo (HKLM-x32\...\{02240BDE-9E9F-4363-9A0B-3B42CAAA9C2B}) (Version: 7.0.1 - Esoteric Technologies Pty Ltd) SolutionCenter (x32 Version: 130.0.369.000 - Hewlett-Packard) Hidden Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.17.201512161456 - Sony Mobile Communications Inc.) Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony) Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) Stellarium 0.15.0 (HKLM-x32\...\Stellarium_is1) (Version: 0.15.0 - Stellarium team) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft) TextPad 8 (HKLM\...\{861AB1C1-1967-4C4A-BF86-C255E2D2B8FD}) (Version: 8.0.2 - Helios) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VirtualDJ PRO Full (HKLM-x32\...\{C515E2A3-4878-4C85-A519-52630C7AB08B}) (Version: 7.3 - Atomix Productions) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.) Warsaw 1.12.4.14 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.4.14 - GAS Tecnologia) Weather Chickn (HKLM-x32\...\WeatherChickn) (Version: - ) <==== ATENÇÃO WebReg (x32 Version: 130.0.128.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation) WinHTTrack Website Copier 3.48-19 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack) WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) XP Codec Pack (HKLM-x32\...\XP Codec Pack) (Version: 2.5.3 - XP Codec Pack team) YellowSend (HKLM-x32\...\YSPackage) (Version: - CMI Limited) <==== ATENÇÃO ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-1188314553-3972008558-74429398-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Ximenes\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-1188314553-3972008558-74429398-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Ximenes\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-1188314553-3972008558-74429398-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Ximenes\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-1188314553-3972008558-74429398-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Ximenes\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-1188314553-3972008558-74429398-1000_Classes\CLSID\{5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9}\InprocServer32 -> C:\Program Files\TextPad 8\System\ShellExt64.dll () ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {123B7633-8F8C-469B-BABB-5B7DC400597D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-10-09] (Microsoft Corporation) Task: {2D18C849-73FF-491C-9B6D-E4DA6BE91815} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask => Task: {46AE5DA4-4123-4B7D-A3E3-9F9B4CCF85E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-10-09] (Microsoft Corporation) Task: {482F3D8A-6A91-4F25-8B99-9092266B8757} - System32\Tasks\Rersipy Client => C:\Program Files (x86)\Bizityreerather\igasy.exe [2016-10-21] (VideoLAN) Task: {56D6F0B8-AE6A-449E-A6BC-8F5A0553C65C} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.8.0.50\SymErr.exe [2016-09-23] (Symantec Corporation) Task: {669DE127-4F15-46E4-9FB1-D67504ACA008} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation) Task: {88120AB8-A168-4479-BB67-DBAD638980C2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated) Task: {893D6350-264C-4496-842A-A46E78CE0EC8} - System32\Tasks\PPI Update => "hxxp://dazwindowsapps.xyz/download/index.php?mn=9995" <==== ATENÇÃO Task: {9A326A04-C4AC-4C2A-97F2-08C5E2630E79} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-09-23] (Symantec Corporation) Task: {A22C203E-1A61-4999-A360-550661AE8F0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {BC10A4F9-71FE-4507-9A25-19C0C1C6F5BA} - System32\Tasks\updengine => C:\Program Files (x86)\OtherSearch\updengine.exe <==== ATENÇÃO Task: {C4FE5E5B-72F3-4A6E-BBBA-96533629EAC3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd) Task: {D562FA98-4CAF-44C7-99B3-F6C1A70FA32D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation) Task: {DB197E4C-BD29-4AB3-BFC3-EA4F62DC20BC} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.8.0.50\SymErr.exe [2016-09-23] (Symantec Corporation) Task: {DB8D0B35-942F-4E5B-8AF7-A94F1CDACF2D} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL hxxp://go.microsoft.com/fwlink/?LinkID=103422&clcid=0x409 Task: {E6F2F92C-7A89-41FA-93B1-1BC14BDF7821} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {EADCB6FE-C9C0-4626-99E0-28CCDB25DB85} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.8.0.50\WSCStub.exe [2016-09-23] (Symantec Corporation) Task: {EBEECBE2-8F89-48FD-A54C-633A898DBA81} - System32\Tasks\Microsoft_Hardware_Launch_vVX1000_exe => C:\Windows\vVX1000.exe [2010-05-20] (Microsoft Corporation) Task: {F30219F6-4EAF-43DA-AA1A-865E72C86876} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-18] (Adobe Systems Incorporated) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) Shortcut: C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.5.3\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com/ Shortcut: C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.5.3\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/forum Shortcut: C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.5.3\Useful links\XP Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com/ Shortcut: C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/ Shortcut: C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/ Shortcut: C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com/ Shortcut: C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://diagnostic.image-line.com/ Shortcut: C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com/ Shortcut: C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk/ ShortcutWithArgument: C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP% ShortcutWithArgument: C:\Users\Ximenes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic ShortcutWithArgument: C:\Users\Ximenes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP% ShortcutWithArgument: C:\Users\Ximenes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic ShortcutWithArgument: C:\Users\Ximenes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP% ShortcutWithArgument: C:\Users\Ximenes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF% ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF% ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF% ==================== Módulos Carregados (Whitelisted) ============== 2016-10-21 15:25 - 2016-10-21 15:08 - 03786752 _____ () C:\ProgramData\Logic Handler\set.exe 2016-01-30 14:18 - 2016-01-30 14:18 - 00043472 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2013-12-12 11:14 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll 2012-01-13 14:04 - 2012-01-13 14:04 - 00219760 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe 2013-12-12 09:35 - 2012-08-23 21:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-01-06 14:41 - 2016-01-06 14:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll 2016-08-26 16:25 - 2016-08-26 16:25 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-2070.dll 2012-09-05 18:41 - 2012-09-05 18:41 - 02854983 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll 2012-09-04 19:24 - 2012-09-04 19:24 - 00639043 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll 2012-05-22 19:12 - 2012-05-22 19:12 - 01331266 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll 2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll 2012-09-03 15:44 - 2012-09-03 15:44 - 01495108 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll 2011-09-14 17:12 - 2011-09-14 17:12 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll 2012-05-08 15:01 - 2012-05-08 15:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll 2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll 2011-03-01 19:00 - 2011-03-01 19:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll 2011-10-18 09:26 - 2011-10-18 09:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll 2012-07-13 13:03 - 2012-07-13 13:03 - 00106496 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll 2012-05-07 21:45 - 2012-05-07 21:45 - 01429589 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll 2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll 2010-06-10 15:52 - 2010-06-10 15:52 - 00110592 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll 2010-03-12 05:40 - 2010-03-12 05:40 - 04449632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll 2010-03-12 05:40 - 2010-03-12 05:40 - 00423256 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll 2012-09-03 14:32 - 2012-09-03 14:32 - 00307200 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL 2012-09-23 20:44 - 2012-09-23 20:44 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\pt_br\acrotray.ptb 2012-11-12 04:29 - 2012-11-12 04:29 - 00151408 _____ () C:\Program Files (x86)\Mindjet\MindManager 11\zlib.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Windows\System32:492EFD1F_Bb.gbp [2] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198] AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10] AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10] AlternateDataStreams: C:\Users\Ximenes\Cookies:oPSstYTk1hnEc3ZqevOBo [2142] AlternateDataStreams: C:\Users\Ximenes\AppData\Local\Temporary Internet Files:Z6RVaeijLxqZsvdD351M8OMX6 [2228] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine => ""="service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-1188314553-3972008558-74429398-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-1188314553-3972008558-74429398-1000\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-1188314553-3972008558-74429398-1000\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-1188314553-3972008558-74429398-1000\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-1188314553-3972008558-74429398-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-14 00:34 - 2016-10-21 15:27 - 00000399 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-1188314553-3972008558-74429398-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ximenes\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 201.6.2.169 - 201.6.2.69 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: FlexNet Licensing Service => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: IJPLMSVC => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: SACSrv => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Sony PC Companion => 3 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: UNS => 2 MSCONFIG\Services: VideoPlugin.BrowserService => 2 MSCONFIG\Services: VideoPlugin.FilterService => 2 MSCONFIG\Services: VideoPlugin.UpdateService => 2 MSCONFIG\Services: WsAppService => 2 MSCONFIG\Services: WsDrvInst => 3 MSCONFIG\startupreg: 555.exe => C:\Users\Ximenes\AppData\Local\Temp\555.exe MSCONFIG\startupreg: DiskPower => "C:\Program Files (x86)\DPower\DiskPower.exe" MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{6227DCA4-EFA9-4E45-9280-14ECB5CD0CCE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{E5278895-DDBA-4DC3-AA0F-CCD9B298FDAE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{5FE9D6DF-7C3E-4D53-BF88-422606448C81}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{DB118224-8CC5-4A50-9CC4-AF22EF565BCF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{51CCF9B9-6AB0-4292-9550-EDF23A426489}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{EFF45F30-557B-4C2F-A6C0-EE12E3DF9215}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= 06-10-2016 12:02:47 Ponto de Verificação Agendado 18-10-2016 18:31:48 Windows Update 18-10-2016 23:05:59 Windows Update 19-10-2016 20:22:05 Windows Update 21-10-2016 16:40:35 Operação de restauração 21-10-2016 18:01:27 Removed Traffic Exchange 26-10-2016 21:30:59 Operação de restauração ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Warsaw - Driver (PP) Description: Warsaw - Driver (PP) Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wsddpp Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Video Plugin Filter Driver Description: Video Plugin Filter Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: VideoPlugin.FilterDriver Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (10/27/2016 07:33:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000010ce3b Identificação do processo com falha: 0x674 Hora de início do aplicativo com falha: 0x01d230998ceb8870 Caminho do aplicativo com falha: C:\Program Files\Diebold\Warsaw\core.exe FCaminho do módulo de falhas: C:\Program Files\Diebold\Warsaw\wsbrmu.dll Identificação do Relatório: 080012e2-9c8d-11e6-a566-902b34fad5d8 Error: (10/27/2016 07:32:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/26/2016 10:15:55 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Erro não especificado durante a Restauração do Sistema: (Ponto de Verificação Agendado). Informações adicionais: 0x80070005. Error: (10/26/2016 10:14:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/26/2016 09:53:31 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Erro não especificado durante a Restauração do Sistema: (Ponto de Verificação Agendado). Informações adicionais: 0x80070005. Error: (10/26/2016 09:52:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000010ce3b Identificação do processo com falha: 0x674 Hora de início do aplicativo com falha: 0x01d22fe3d01f5338 Caminho do aplicativo com falha: C:\Program Files\Diebold\Warsaw\core.exe FCaminho do módulo de falhas: C:\Program Files\Diebold\Warsaw\wsbrmu.dll Identificação do Relatório: 33b96b16-9bd7-11e6-9490-902b34fad5d8 Error: (10/26/2016 09:51:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/26/2016 09:31:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service Atamechterfu since QueryServiceConfig API failed System Error: O sistema não pode encontrar o arquivo especificado. . Error: (10/26/2016 09:31:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service 1506d04f447776cd422c855ff39ad949 since QueryServiceConfig API failed System Error: O sistema não pode encontrar o arquivo especificado. . Error: (10/26/2016 09:11:28 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Erros de Sistema: ============= Error: (10/27/2016 07:36:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (10/27/2016 07:36:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (10/27/2016 07:36:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (10/27/2016 07:33:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (10/27/2016 07:33:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (10/27/2016 07:32:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (10/27/2016 07:32:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: gbpddfac gbpddreg Error: (10/27/2016 07:31:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Video Plugin Filter Driver devido ao seguinte erro: O sistema não pode encontrar o caminho especificado. Error: (10/26/2016 10:17:22 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: O serviço Serviço de transferência inteligente de plano de fundo terminou com o erro específico de serviço %%-2147024846 = Não há suporte para o pedido.. Error: (10/26/2016 10:17:21 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: AUTORIDADE NT) Description: Falha ao iniciar o serviço do BITS. Erro 2147942450. ==================== Informações da Memória =========================== Processador: Intel(R) Pentium(R) CPU G2020 @ 2.90GHz Percentagem de memória em uso: 59% RAM física total: 3989.46 MB RAM física disponível: 1613.42 MB Virtual Total: 7977.11 MB Virtual disponível: 5395.41 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:165.35 GB) NTFS Drive e: () (Fixed) (Total:465.76 GB) (Free:22.48 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 535DC2E2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2E261103) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================