Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 07-12-2016 Executado por moises (13-12-2016 11:38:37) Executando a partir de C:\Users\moises\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2016-04-13 23:58:24) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-1519230415-2171320532-39904038-500 - Administrator - Disabled) Convidado (S-1-5-21-1519230415-2171320532-39904038-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-1519230415-2171320532-39904038-1003 - Limited - Enabled) moises (S-1-5-21-1519230415-2171320532-39904038-1000 - Administrator - Enabled) => C:\Users\moises ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-1519230415-2171320532-39904038-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden Able2Extract 10.0 (HKLM\...\{7011D849-AAF6-4d8d-BA76-0D2625B829A4}_is1) (Version: 10.0 - Investintech.com Inc.) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems) Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated) AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden Atualizações da NVIDIA 17.12.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 17.12.8 - NVIDIA Corporation) Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.6 - Auslogics Software Pty Ltd) AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk) Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk) Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk) Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk) Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk) Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden AutoIt v3.3.14.2 (HKLM-x32\...\AutoItv3) (Version: 3.3.14.2 - AutoIt Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software) B1 Free Archiver (HKLM-x32\...\B1FreeArchiver) (Version: 0.0.0.0 - Catalina Group Ltd) Brother MFL-Pro Suite DCP-8157DN (HKLM-x32\...\{37372D85-4945-4B6B-AC87-7BC5D1AB9F5C}) (Version: 2.0.1.0 - Brother Industries, Ltd.) BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden CAR - Módulo de Cadastro - MG (HKLM-x32\...\CAR - Módulo de Cadastro - MG) (Version: - Ministério do Meio Ambiente) CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform) Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Banco Bradesco S.A.) Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1719.51 - CyberLink Corp.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd) Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden Dic Michaelis - UOL (HKLM-x32\...\WDIC) (Version: - ) DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production) Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com) GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.) Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden GPS TrackMaker (HKLM-x32\...\{FF13DD0C-954B-4C33-9D48-F354052C6B1C}) (Version: 13.9.0000 - Geo Studio Technology) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.2.8.25 - HP) HP Support Solutions Framework (HKLM-x32\...\{89A620D5-6D9C-4C31-994D-9FAEE2987E2A}) (Version: 12.4.18.7 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation) K-Lite Mega Codec Pack 10.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.5 - ) KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - ) Kodi (HKU\S-1-5-21-1519230415-2171320532-39904038-1000\...\Kodi) (Version: - XBMC-Foundation) LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics) LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics) Magellan Communicator (HKLM-x32\...\InstallShield_{0FD5FD0B-4BA6-47A1-99C3-F8A964C3CCA5}) (Version: 1.15.020 - Magellan Navigation, Inc.) Magellan Communicator (x32 Version: 1.15.020 - Magellan Navigation, Inc.) Hidden Megacubo 11 (HKLM-x32\...\Megacubo_is1) (Version: 11.1.5 - www.megacubo.net) MEmu (HKLM-x32\...\MEmu) (Version: 2.8.6 - Microvirt) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.7466.2038 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1519230415-2171320532-39904038-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.21.4.1 - RSUPPORT) Mozilla Firefox 49.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 pt-BR)) (Version: 49.0.2 - Mozilla) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden NVIDIA Driver de gráficos 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.74 - NVIDIA Corporation) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden Painel de controle da NVIDIA 341.74 (Version: 341.74 - NVIDIA Corporation) Hidden PdaNet+ for Android 4.19 (HKLM-x32\...\PdaNet_is1) (Version: - June Fabrics Technology Inc) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) QGIS Essen 2.14.3 Essen (HKLM\...\QGIS Essen) (Version: - QGIS Development Team) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) Sistema topoGRAPH 98 SE (HKLM-x32\...\Sistema topoGRAPH 98 SE) (Version: - ) SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk) SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden Unity Web Player (HKU\S-1-5-21-1519230415-2171320532-39904038-1000\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS) Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod) UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden VNC Viewer 5.3.2 (HKLM\...\{F10020E5-D194-469E-B494-DDCE5D76A3A0}) (Version: 5.3.2.19179 - RealVNC Ltd) Warsaw 1.12.3.5 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.3.5 - GAS Tecnologia) WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI) Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI) WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-1519230415-2171320532-39904038-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\moises\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-1519230415-2171320532-39904038-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\moises\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-1519230415-2171320532-39904038-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1519230415-2171320532-39904038-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1519230415-2171320532-39904038-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1519230415-2171320532-39904038-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0D0B662C-4648-48A5-B048-C7780CD52507} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {1DAF1590-9CD2-4EFD-A092-3359E2773E67} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-03] (Adobe Systems Incorporated) Task: {2D9FADE4-89FB-4D95-86F6-04ECF2125355} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {460C441B-CF1F-4FE4-A20A-D17D99FC5A64} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-14] (Google Inc.) Task: {4D1BE138-40EE-4347-8F09-BFD119A7703A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for moises-PC-moises moises-PC => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {4EA986B9-1698-480C-847B-4375814B2FD1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-12] (Microsoft Corporation) Task: {4EC52C8B-A165-4CC0-8890-EB69884A22C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-14] (Google Inc.) Task: {515E6915-68ED-4CD6-B43C-775F60B0C7FD} - System32\Tasks\SafeZone scheduled Autoupdate 1460600220 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software) Task: {58715AA3-4C98-4449-A98F-C9A8983CAEB2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software) Task: {6E824DE9-87E7-4B98-A5C2-B8961E3E5090} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {7CE36108-F561-409C-B1C2-87EB80CCE610} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {8CEC2548-5C0D-49D2-8A82-E8D00E06C3B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.) Task: {B6342DA5-24FB-40F9-9DCC-6E0EC3D7F285} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] () Task: {BE607D91-AC70-463A-AB64-2BA7FECCC63C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd) Task: {C8A169AA-F502-4158-A0A0-F0374884DE50} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {CBE89D33-1DA7-4008-B284-16A3961E1B27} - System32\Tasks\{2D2069E2-3659-4B7D-932D-FA6774C6FF5F} => pcalua.exe -a C:\Users\moises\Desktop\HPSupportSolutionsFramework-12.3.11.29.exe -d C:\Users\moises\Desktop Task: {D328242A-7181-4371-A650-C6EBCB8B4B30} - System32\Tasks\{13C19500-16CA-472B-A8AB-DFB54364CD03} => pcalua.exe -a "C:\Users\moises\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q2BTAZV4\iGBPCEFgb.exe" -d C:\Users\moises\Desktop Task: {D345EC1C-DDE0-41F5-889D-FA1B51F8A67F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation) Task: {D8264AA4-1D67-4F93-A71A-068B0B95EC4C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software) Task: {DBA8FC36-7C73-4111-9B89-BEB63164E481} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation) Task: {E44BC543-1E6F-4A7F-8611-59702C70F6A1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-12] (Microsoft Corporation) Task: {EAB5C8A2-7026-426F-B331-540CEB104571} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\moises\AppData\Local\Google\Chrome\User Data\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\moises\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\moises\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm ShortcutWithArgument: C:\Users\moises\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ==================== Módulos Carregados (Whitelisted) ============== 2016-04-13 22:21 - 2015-06-29 18:42 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-06-22 14:46 - 2015-11-16 13:18 - 00020240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll 2013-02-05 01:21 - 2013-02-05 01:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll 2013-02-05 01:21 - 2013-02-05 01:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll 2013-02-05 01:21 - 2013-02-05 01:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll 2013-02-05 01:21 - 2013-02-05 01:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll 2016-12-05 09:10 - 2016-11-29 20:17 - 01025848 _____ () C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe 2016-04-14 09:11 - 2005-04-22 02:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2014-11-07 10:06 - 2014-11-06 23:06 - 01016104 _____ () C:\Program Files (x86)\RSUPPORT\MobizenService\dat\adb.exe 2016-09-09 08:43 - 2016-09-09 08:43 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-12-12 15:46 - 2016-12-12 15:46 - 03068416 _____ () C:\Program Files\AVAST Software\Avast\defs\16121201\algo.dll 2016-09-09 08:43 - 2016-09-09 08:43 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-06-08 10:42 - 2014-09-25 15:49 - 00883496 _____ () C:\Program Files\Investintech.com Inc\Able2Extract 10.0\platforms\qwindows.dll 2016-06-08 10:42 - 2014-09-25 15:49 - 00022312 _____ () C:\Program Files\Investintech.com Inc\Able2Extract 10.0\imageformats\qsvg.dll 2016-07-01 08:07 - 2016-07-01 08:08 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2012-09-23 21:44 - 2012-09-23 21:44 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\pt_br\acrotray.ptb 2016-11-14 07:47 - 2016-11-08 18:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll 2016-11-14 07:47 - 2016-11-08 18:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll 2015-12-02 14:58 - 2015-11-16 16:32 - 00919040 _____ () C:\Windows\mod_frst.exe ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\Windows\System32:79C48AE1_Bb.gbp [2] AlternateDataStreams: C:\Windows\System32:79C48AE1_Cef.gbp [2] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198] AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10] AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) HKU\S-1-5-21-1519230415-2171320532-39904038-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\.DEFAULT\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br IE trusted site: HKU\.DEFAULT\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-1519230415-2171320532-39904038-1000\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-1519230415-2171320532-39904038-1000\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-1519230415-2171320532-39904038-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-1519230415-2171320532-39904038-1000\...\caixa.gov.br -> imagem.caixa.gov.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-14 00:34 - 2009-06-10 19:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-1519230415-2171320532-39904038-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\moises\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AeLookupSvc => 3 MSCONFIG\Services: CLHNServiceForPowerDVD => 2 MSCONFIG\Services: CyberLink PowerDVD 11.0 Monitor Service => 2 MSCONFIG\Services: CyberLink PowerDVD 11.0 Service => 2 MSCONFIG\Services: Disc Soft Lite Bus Service => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: hpqcxs08 => 3 MSCONFIG\Services: HPSLPSVC => 2 MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: vncserver => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun MSCONFIG\startupreg: Diebold - Warsaw => C:\Program Files\Diebold\Warsaw\core.exe MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: RemoteControl11 => C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{01A2EB27-F1B9-4536-9424-0BAAA8712714}] => C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{37ABA131-7906-473B-9947-F47EF1106A1E}] => C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{1E4CE6B7-72F9-434D-B5E9-B28C81EF9C51}] => C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{22F8003F-47C6-43DA-B093-1A1BC5251AFD}] => C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{6C705DBC-52B7-4A93-96FF-6BC50C05BAB6}] => C:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11.exe FirewallRules: [{4FCA0B3E-D5A5-4398-96EE-1DB9B80D6328}] => C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe FirewallRules: [{47D73E78-1DA9-4976-B7B3-40EFA3319D50}] => C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe FirewallRules: [{FF185C0C-065D-4EAE-A2FA-128F9C31D599}] => C:\Program Files (x86)\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\PowerDVDCinema11.exe FirewallRules: [{A3D69923-A743-4B6F-8DCB-57A3B09C43C2}] => C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{D6409778-A7A6-4AB7-A5AA-6A055CA103C7}] => C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{6507BC8E-69A6-4B8E-BD0D-1896AB3DD19F}] => C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{E53978D0-BDBD-4E61-8681-ECD82A9B7218}] => C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{A79B3377-A697-4B31-A52D-483164B6A59E}] => C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{D4A15176-3086-4A40-B1CF-39DC49ED02F8}] => C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{C83A9437-70CA-4D8F-844A-E19C950B41E8}] => LPort=54925 FirewallRules: [{77B3DE84-971B-425B-AEAA-5579A4861672}] => C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{4573BB51-E56E-404D-A7F1-F3D227C7C2C8}] => C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [TCP Query User{8F11EBA5-4490-4077-AD99-2A0DF0BCFC54}C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe] => C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe FirewallRules: [UDP Query User{EC328FB2-CB4B-4298-84B4-71EE50AE26EA}C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe] => C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe FirewallRules: [{EB4FF17D-D1EE-44CF-980D-ED875971A236}] => C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{AC758C96-1EFD-45B4-9EDF-EDEAF3CACED2}] => C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{CEDCB4CC-D302-472D-AE29-8AF231244507}] => LPort=50248 FirewallRules: [{B035A6FC-EB43-48BF-8E61-CDAD00C84B24}] => C:\Users\moises\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{22D3F3D5-3257-4E5C-B53A-895C80CCE942}] => C:\Users\moises\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C0600C7B-ED69-445D-8CC6-2152DA51196D}] => C:\Users\moises\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{451FAB57-D2A5-4B52-8139-C6D7197774A6}] => C:\Users\moises\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{46462DE4-3996-4C36-A31F-591EE027EE44}] => C:\Users\moises\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{01CA4147-DC49-4C8A-A8B7-CE306A43B024}] => C:\Users\moises\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5B229F9E-BE27-42A8-A729-C061E7B94A89}] => C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [TCP Query User{6468FED6-0656-4A3E-A757-34D427D46259}C:\program files (x86)\trackmaker\trackmaker.exe] => C:\program files (x86)\trackmaker\trackmaker.exe FirewallRules: [UDP Query User{31897169-15D0-4B00-85EA-23FC1ED6FBD7}C:\program files (x86)\trackmaker\trackmaker.exe] => C:\program files (x86)\trackmaker\trackmaker.exe FirewallRules: [{6AA66FF2-6B18-4834-A850-ECE49650C33E}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{E41B6D5D-73D5-43D3-A4A2-AE0E5B764CA3}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{E441752F-348D-4AF9-B5EE-9F6D34B85865}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{28B7BF01-7670-47BA-8898-C8CDCCE2A2A3}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6D2F604C-14F3-4AC9-A0FC-894242276CFC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{402AECE5-A8A5-40E2-8DDC-75298A0F497D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{551D06B2-02A6-4513-981F-D3188B75E305}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{E6F10DC5-882F-47E5-8E93-DC281FBFB6DC}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{3AB3B771-135A-462F-8DE1-8354169E9083}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{4522D0E2-6760-4A70-98D0-65899C6D666C}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{946AED1C-52EF-4587-B5E4-7C5818AF43E4}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{C23478C9-D510-4D57-9BA6-31A7AEA5DC5A}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{93D09748-C9BA-4959-8AB4-91C53FEE775C}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{1C8B7088-AC5D-4734-ADAA-E73F36214ED4}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{1C87F5ED-ED05-4D07-97C3-E79A7468850F}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{4770CCBF-B0AB-46B1-AF15-9E904E7E4F88}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{3514CE54-8F78-4AB5-BC09-710376D49DF7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{F139C0D9-D198-4513-9388-C6446C746032}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{494D18E0-43FC-4F7C-82FC-F078DBEECD37}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{94B0236D-4DE3-4FF8-A4A9-042A10630854}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{E6C1CF5A-528F-4ACF-B174-3B9EDAD087B8}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{F6A91CE7-6EA4-4A4B-B92D-83A48431D73C}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{062F99AA-4130-48C5-ACA9-38629547A91B}] => C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [TCP Query User{C858D60D-8C4C-45E8-8E71-B92CDCD6A85F}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{5F77681C-BD2F-4098-B8F6-216CCE1B8EEF}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe FirewallRules: [{1E3E28DC-1F6D-4167-9B02-0DA9BA8A3057}] => LPort=1688 FirewallRules: [{C892D19F-3800-4B3C-BD70-93DA856BEC51}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{440C0EB2-9B39-4A53-8AE3-561C20F94B13}] => C:\Program Files\MEmu\MEmu.exe FirewallRules: [{E7F9C80D-853C-450E-B30A-76BC18E9F593}] => C:\Program Files\MEmu\MEmu.exe FirewallRules: [{979FC82E-9FFB-4EC2-8FE8-D65CDCFC2B96}] => C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{A49D0B2D-DA9C-4ED8-8746-FB95ADCECAB5}] => C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{C52B9EA2-D62B-4C15-A3DE-261B50CA794F}] => C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{FD77669F-1F26-4706-B9C2-E6BA7F5B0328}] => C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{0B0D974F-CC45-4261-B4E6-E360230C1973}C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe] => C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe FirewallRules: [UDP Query User{41B683A1-81F0-4B92-BBEC-E444EEDC7DEB}C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe] => C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe FirewallRules: [{3A0653F3-FCC9-4E6D-AFED-C336C82606AB}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{32FB5B92-273B-4A0C-9948-EE678F55C706}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{1FF708FF-CA26-4581-8551-5D28B89F704F}] => C:\Users\moises\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{292DD0EE-FB62-420A-BA82-94ABAB7593AD}] => LPort=1688 FirewallRules: [{263F190D-06D9-4A27-861A-8679378E850F}] => LPort=1688 FirewallRules: [{337FB554-397D-4B63-802F-E66588D107B1}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{DFA5E25F-C86F-4CBD-862F-AB3B3D2758A6}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{B64A122F-9903-4353-9F48-028980C5AB62}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\RSUPPORT\Mobizen\rsautoup_.exe] => Enabled:RSupport AutoUpdate ==================== Pontos de Restauração ========================= 30-11-2016 13:44:19 Configured Microsoft Office Professional Plus 2013 30-11-2016 13:48:00 Configured Microsoft Office Professional Plus 2013 30-11-2016 13:50:49 Configured Microsoft Office Professional Plus 2013 30-11-2016 13:57:35 Configured Microsoft Office Professional Plus 2013 30-11-2016 14:01:37 Configured Microsoft Office Professional Plus 2013 30-11-2016 14:01:51 PROPLUSR 30-11-2016 14:06:40 Configured Microsoft Office Professional Plus 2013 30-11-2016 14:10:13 Configured Microsoft Office Professional Plus 2013 30-11-2016 14:10:30 PROPLUSR 30-11-2016 14:17:26 Configured Microsoft Office Professional Plus 2013 30-11-2016 14:31:35 Configured Microsoft Office Professional Plus 2013 30-11-2016 14:31:55 PROPLUSR 30-11-2016 14:35:37 Configured Microsoft Office Professional Plus 2013 01-12-2016 14:13:27 Configured Microsoft Office Professional Plus 2013 01-12-2016 14:13:42 PROPLUSR 05-12-2016 09:00:18 Instalação de Pacote de Driver de Dispositivo: Google USB 05-12-2016 09:01:41 Instalação de Pacote de Driver de Dispositivo: June Fabrics Technology Inc. Adaptadores de rede 05-12-2016 09:22:12 Instalação de Pacote de Driver de Dispositivo: June Fabrics Technology Inc. Modems 12-12-2016 12:49:38 Ponto de Verificação Agendado 12-12-2016 15:37:57 Installed Windows 7 USB/DVD Download Tool ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Teclado Padrão PS/2 Description: Teclado Padrão PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (teclados padrões) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Microsoft PS/2 Mouse Description: Microsoft PS/2 Mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (12/13/2016 07:48:00 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de diretiva C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1. Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado. A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Use o arquivo sxstrace.exe para obter um dignóstico detalhado. Error: (12/13/2016 07:48:00 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de diretiva C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1. Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado. A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Use o arquivo sxstrace.exe para obter um dignóstico detalhado. Error: (12/13/2016 07:38:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.10739, carimbo de hora: 0x5733a0e3 Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.0.10740, carimbo de hora: 0x5733aaf4 Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000010cdeb Identificação do processo com falha: 0x3b4 Hora de início do aplicativo com falha: 0x01d255246126744e Caminho do aplicativo com falha: C:\Program Files\Diebold\Warsaw\core.exe FCaminho do módulo de falhas: C:\Program Files\Diebold\Warsaw\wsbrmu.dll Identificação do Relatório: e970eaaa-c117-11e6-b11d-485b39bb9405 Error: (12/13/2016 07:38:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de hora: 0x52a8d15d Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000 Código de exceção: 0x00000000 Deslocamento com falha: 0x000007fe8eff0668 Identificação do processo com falha: 0xb08 Hora de início do aplicativo com falha: 0x01d2552452de32a9 Caminho do aplicativo com falha: C:\Program Files\KMSpico\Service_KMS.exe FCaminho do módulo de falhas: unknown Identificação do Relatório: e970c39a-c117-11e6-b11d-485b39bb9405 Error: (12/13/2016 07:37:13 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/12/2016 04:35:21 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de diretiva C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1. Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado. A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Use o arquivo sxstrace.exe para obter um dignóstico detalhado. Error: (12/12/2016 04:35:21 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de diretiva C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1. Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado. A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Use o arquivo sxstrace.exe para obter um dignóstico detalhado. Error: (12/12/2016 04:25:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: PowerISO6-x64.exe, versão: 6.7.0.0, carimbo de hora: 0x4f47e2df Nome do módulo de falhas: USER32.dll, versão: 6.1.7601.17514, carimbo de hora: 0x4ce7ba59 Código de exceção: 0xc00000fd Deslocamento com falha: 0x0002121a Identificação do processo com falha: 0x534 Hora de início do aplicativo com falha: 0x01d254a51cd54354 Caminho do aplicativo com falha: C:\Users\moises\Desktop\PowerISO6-x64.exe FCaminho do módulo de falhas: C:\Windows\syswow64\USER32.dll Identificação do Relatório: 62fc73dd-c098-11e6-b354-485b39bb9405 Error: (12/12/2016 03:45:24 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de diretiva C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1. Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado. A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Use o arquivo sxstrace.exe para obter um dignóstico detalhado. Error: (12/12/2016 03:45:24 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de diretiva C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1. Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado. A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Use o arquivo sxstrace.exe para obter um dignóstico detalhado. Erros de Sistema: ============= Error: (12/13/2016 07:42:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (12/13/2016 07:42:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (12/13/2016 07:42:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (12/13/2016 07:42:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (12/13/2016 07:42:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (12/13/2016 07:42:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (12/13/2016 07:40:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Service KMSELDI foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/13/2016 07:39:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (12/13/2016 07:38:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (12/13/2016 07:38:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. CodeIntegrity: =================================== Date: 2016-12-13 07:33:47.991 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pneteth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-13 07:33:47.976 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pneteth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-12 10:30:36.443 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pneteth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-12 10:30:36.428 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pneteth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-12 08:29:08.069 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pneteth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-12 08:29:08.053 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pneteth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-12 08:22:11.028 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pneteth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-12 08:22:10.997 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pneteth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-12 07:46:12.173 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pneteth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-12 07:46:12.142 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pneteth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz Percentagem de memória em uso: 55% RAM física total: 4095.18 MB RAM física disponível: 1830.17 MB Virtual Total: 8188.54 MB Virtual disponível: 5592.6 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:398.12 GB) NTFS Drive f: (acad2014) (CDROM) (Total:3.04 GB) (Free:0 GB) CDFS Drive y: () (Network) (Total:931.41 GB) (Free:291.41 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 061E6701) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================