Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 01-03-2017 Executado por SOLEMAR (03-03-2017 10:39:44) Executando a partir de C:\Users\SOLEMAR\Downloads Windows 7 Ultimate (X64) (2016-06-30 18:17:33) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= $BarTender_Security$ (S-1-5-21-1560549375-122267454-3844034720-1002 - Limited - Enabled) $Printer_Maestro$ (S-1-5-21-1560549375-122267454-3844034720-1003 - Limited - Enabled) Administrador (S-1-5-21-1560549375-122267454-3844034720-500 - Administrator - Disabled) Convidado (S-1-5-21-1560549375-122267454-3844034720-501 - Limited - Enabled) SOLEMAR (S-1-5-21-1560549375-122267454-3844034720-1000 - Administrator - Enabled) => C:\Users\SOLEMAR ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\{A2116AF9-FA9D-41EA-9874-1E40B227D4DE}) (Version: 12.2.5.195 - Adobe Systems, Inc) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation) aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) BarTender 10.1 (HKLM\...\BarTender Suite) (Version: 10.1.2945 - Seagull Scientific) BarTender 10.1 (x32 Version: 10.1.2945 - Seagull Scientific) Hidden Bematech Printer MP4000 TH User software (HKLM-x32\...\Bematech MP-4000 TH User software_is1) (Version: - Bematech User) Bematech Spooler Drivers v4.2.3 (HKLM-x32\...\Bematech Spooler Drivers v4.2.3_is1) (Version: - Bematech) Bematech Spooler Drivers v4.4.0.3 (HKLM-x32\...\Bematech Spooler Drivers x86 v4.4.0.3_is1) (Version: - Bematech) Bematech Spooler Drivers x64 v4.2.0 (HKLM-x32\...\Bematech Spooler Drivers x64 v4.2.0_is1) (Version: - Bematech) Bematech Spooler Drivers x64 v4.4.0.3 (HKLM-x32\...\Bematech Spooler Drivers x64 v4.4.0.3_is1) (Version: - Bematech) Bematech USB Printer Device (Driver Removal) (HKLM-x32\...\BEMAUSB&0B1B&0001) (Version: - ) Bematech User Software (HKLM-x32\...\Bematech User Software_is1) (Version: Bematech User Software v2.8.3 for 64 bits - Bematech) Bematech Virtual Serial Port 3.0.2.0 (HKLM-x32\...\Bematech Virtual Serial Port) (Version: 3.0.2.0 - Bematech S/A) Bematech Virtual Serial Port 64 bits 3.0.2.0 (HKLM-x32\...\Bematech Virtual Serial Port 64 bits) (Version: 3.0.2.0 - Bematech S/A) Bematech WinMFD2 3.0.0.13 (HKLM-x32\...\Bematech WinMFD2_is1) (Version: - Bematech S.A) Bematool 3.0.5 Pro (HKLM-x32\...\{72D8693C-2D14-4760-8C3F-C8CD27444A6A}) (Version: 3.0.5 - Newtech) Bematool 4 Pro (HKLM-x32\...\{374DE68B-9948-451B-ADE8-521472E97DA8}) (Version: 4.0.5 - Newtech) CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation) Droid4X (HKLM-x32\...\Droid4X) (Version: 0.10.5 - Haiyu Dongxiang Co.,Ltd.) eGalaxTouch (HKLM-x32\...\{C6A750AE-6029-4435-9A8D-06507AA46798}) (Version: 5.11.0.9126 - eGalaxTouch) Elo Universal Driver (HKLM\...\EloTouchscreen) (Version: 4.8.1.0 - Elo TouchSystems) eM Client (HKLM-x32\...\{2A4CAF55-4B18-4B61-BE9E-94A54209F547}) (Version: 7.0.27943.0 - eM Client Inc.) EPSON Advanced Printer Driver 4 (HKLM-x32\...\{11FF6AF6-0141-4EF8-829A-989459A1E5D8}) (Version: 4.10.0017 - EPSON) EPSON APD4 Point and Print Support (x32 Version: 4.10.0013 - EPSON) Hidden EPSON M205 Series Printer Uninstall (HKLM\...\EPSON M205 Series) (Version: - SEIKO EPSON Corporation) FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Honeywell InterDriver (HKLM-x32\...\InstallShield_{D4826EB7-4EDB-41C4-84F7-92644EE9CB59}) (Version: 7.4.2.0 - Intermec) Honeywell InterDriver (x32 Version: 7.4.2.0 - Intermec) Hidden Honeywell PrintSet 5 (HKLM-x32\...\InstallShield_{DEE16F18-F206-4778-9CE1-1DC327AA1EA7}) (Version: 5.6.0.5 - Honeywell) Honeywell PrintSet 5 (x32 Version: 5.6.0.5 - Honeywell) Hidden Interven for Windows (HKLM-x32\...\{5AC8C43A-76EF-427F-82B7-B71FDB4E8C74}) (Version: 1.0.0 - Epson) Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) LibreOffice 5.2.3.3 (HKLM-x32\...\{30605C95-A3A0-4A08-AD58-9AE7ABA47B70}) (Version: 5.2.3.3 - The Document Foundation) Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.) Microsoft .NET Framework 4.6.2 (HKLM\...\{63DF5C4B-E3BF-3346-A033-C57B22F44C9E}) (Version: 4.6.01590 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24406 (HKLM-x32\...\{7c8a1675-0fe9-41fd-a2ed-aa4871816197}) (Version: 14.0.24406.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24406 (HKLM-x32\...\{b5e24db9-876e-4af2-ac7f-00d0e8bc162c}) (Version: 14.0.24406.0 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Mozilla Firefox 51.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 pt-BR)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0 - Mozilla) Mozilla Thunderbird 45.7.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 pt-BR)) (Version: 45.7.1 - Mozilla) Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation) OutlookPasswordDecryptor v6.5 (HKLM-x32\...\OutlookPasswordDecryptor) (Version: 6.5 - SecurityXploded) Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.1 - pdfforge GmbH) SAPEwin (HKLM-x32\...\SAPEwin 4.xx [S.istema de A.pontamento de P.onto~54376E28_is1) (Version: - ) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.) Sweda printer V1.001 build 150408 (HKLM-x32\...\Sweda printer_x86_x64_is1) (Version: - ) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer) TED_ECF.Instalacao (HKLM-x32\...\{C8D866AF-B3AD-4092-8A36-AF31CD4953FC}) (Version: 1.0.0 - Default Company Name) TED-Transmissão Eletrônica de Documentos (HKLM-x32\...\TED-Transmissão Eletrônica de Documentos) (Version: - ) WinITFI 1.1.13 (HKLM-x32\...\WinITFI_is1) (Version: - Bematech) WinITFI2 RAT (HKLM-x32\...\{C9926A12-1900-471D-A28D-2C90115F132B}_is1) (Version: - BEMATECH S.A.) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-1560549375-122267454-3844034720-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1560549375-122267454-3844034720-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1560549375-122267454-3844034720-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1560549375-122267454-3844034720-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1560549375-122267454-3844034720-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1560549375-122267454-3844034720-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {13AE4EBD-6A49-4DA9-A5D8-23C6D0FF8410} - System32\Tasks\update-S-1-5-21-1560549375-122267454-3844034720-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] () Task: {24B1C03D-3088-49D7-896B-6DFE5372841F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-30] (Google Inc.) Task: {2CB74E77-5F2F-4410-A83B-22ED5DB6EB03} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] () Task: {4049403D-6779-4AE4-9719-93CBE55CE5C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-24] (Adobe Systems Incorporated) Task: {582C8422-0E18-49C6-8544-0741F326D657} - System32\Tasks\{0F057D47-7E08-0A78-7A11-797D790F117D} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAIAAgADsAIAAgACAAIAAgACAAOwA7ADsAIAA7ACAAIAAgADsAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4A (a entrada de dados tem 9760 mais caracteres). <==== ATENÇÃO Task: {653D8B42-E708-4FA7-89EA-5782A93B4FD7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {661DC648-2B76-406F-A80F-987EA05F7559} - System32\Tasks\{985961D1-EC73-4204-9124-602A0077D54C} => pcalua.exe -a C:\Users\SOLEMAR\AppData\Local\Temp\Temp1_OFFICE2007BR.zip\OFFICE2007BR\setup.exe <==== ATENÇÃO Task: {CB6286B7-87B8-40C8-8A72-1D18E8F492BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-30] (Google Inc.) Task: {FDEA9E90-ACAB-4512-8389-6816527F0547} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\update-S-1-5-21-1560549375-122267454-3844034720-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\SOLEMAR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\SOLEMAR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData ==================== Módulos Carregados (Whitelisted) ============== 2016-07-07 11:18 - 2012-12-07 10:42 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1120PP.DLL 2016-07-07 11:18 - 2012-12-07 11:42 - 03695616 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1120SU.DLL 2016-07-07 11:18 - 2012-12-07 11:42 - 01236992 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1120GC.dll 2016-06-30 14:17 - 2016-06-30 14:17 - 00100864 ____T () C:\ProgramData\Seagull\Drivers\Temp\ss#DC69.tmp 2016-06-30 14:17 - 2016-06-30 14:17 - 00100864 ____T () C:\ProgramData\Seagull\Drivers\Temp\ss#DD06.tmp 2016-06-30 15:27 - 2015-01-30 10:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2017-01-20 09:39 - 2011-05-23 00:35 - 00307200 ____R () C:\Program Files (x86)\eGalaxTouch\xTouchMon.exe 2013-11-19 16:35 - 2013-11-19 16:35 - 01272912 _____ () C:\Program Files (x86)\Seagull\BarTender Suite\CmdrSrv.exe 2016-08-26 06:55 - 2016-08-26 06:55 - 11803104 _____ () C:\Program Files (x86)\Droid4X\Droid4X.exe 2014-05-16 14:02 - 2014-05-16 14:02 - 00376096 _____ () C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll 2014-05-16 14:02 - 2014-05-16 14:02 - 04478752 _____ () C:\Program Files\Oracle\VirtualBox\VBoxRT.dll 2016-06-13 04:19 - 2016-06-13 04:19 - 00279552 _____ () C:\Program Files (x86)\Droid4X\Droid4XService.exe 2014-05-16 14:03 - 2014-05-16 14:03 - 00164640 _____ () C:\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 2014-05-16 14:04 - 2014-05-16 14:04 - 02469664 _____ () C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL 2014-05-16 14:04 - 2014-05-16 14:04 - 00671520 _____ () C:\Program Files\Oracle\VirtualBox\VBoxREM.dll 2014-05-16 14:04 - 2014-05-16 14:04 - 00030496 _____ () C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL 2014-05-16 14:04 - 2014-05-16 14:04 - 00047392 _____ () C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL 2014-05-16 14:04 - 2014-05-16 14:04 - 00048928 _____ () C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL 2014-05-16 14:04 - 2014-05-16 14:04 - 00046368 _____ () C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL 2014-05-16 14:04 - 2014-05-16 14:04 - 02412832 _____ () C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL 2014-05-16 14:04 - 2014-05-16 14:04 - 00201504 _____ () C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll 2016-06-30 15:37 - 2016-03-10 01:08 - 00031704 _____ () C:\Program Files\Droid4Xext\VTx6443s.dll 2014-05-16 14:04 - 2014-05-16 14:04 - 00041248 _____ () C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL 2016-07-01 11:00 - 2016-07-21 10:23 - 00070656 _____ () C:\Databelli\PacWin32\PacWin32.exe 2016-06-13 04:19 - 2016-06-13 04:19 - 00822696 _____ () C:\Program Files (x86)\Droid4X\adb.exe 2017-02-07 07:16 - 2017-02-01 06:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-07 07:16 - 2017-02-01 06:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll 2016-10-29 00:53 - 2016-10-29 00:53 - 01034856 _____ () C:\Program Files (x86)\LibreOffice 5\program\libxml2.dll 2016-10-29 00:53 - 2016-10-29 00:53 - 00404072 _____ () C:\Program Files (x86)\LibreOffice 5\program\glew32.dll 2016-10-29 00:53 - 2016-10-29 00:53 - 00182888 _____ () C:\Program Files (x86)\LibreOffice 5\program\libxslt.dll 2017-01-20 09:39 - 2011-05-26 01:20 - 05464064 ____R () C:\Program Files (x86)\eGalaxTouch\xtkutility.dll 2013-11-19 16:35 - 2013-11-19 16:35 - 00335440 _____ () C:\Program Files (x86)\Seagull\BarTender Suite\CmdrEnu.dll 2013-11-19 16:30 - 2013-11-19 16:30 - 01747456 _____ () C:\Program Files (x86)\Seagull\BarTender Suite\CmdrJobServer.dll 2013-11-19 16:11 - 2013-11-19 16:11 - 01483776 _____ () C:\Program Files (x86)\Seagull\BarTender Suite\CcsBt.dll 2013-11-19 16:36 - 2013-11-19 16:36 - 00031824 _____ () C:\Program Files (x86)\Seagull\BarTender Suite\CmdrJobServerBasePs.dll 2016-06-13 04:19 - 2016-06-13 04:19 - 00397312 _____ () C:\Program Files (x86)\Droid4X\libOpenglRender.dll 2016-06-13 03:56 - 2016-06-13 03:56 - 00117262 _____ () C:\Program Files (x86)\Droid4X\libgcc_s_dw2-1.dll 2016-06-13 04:19 - 2016-06-13 04:19 - 00989805 _____ () C:\Program Files (x86)\Droid4X\libstdc++-6.dll 2016-06-13 03:30 - 2016-06-13 03:30 - 00733096 _____ () C:\Program Files (x86)\Droid4X\libGLESv2.dll 2016-06-13 04:04 - 2016-06-13 04:04 - 00050088 _____ () C:\Program Files (x86)\Droid4X\libEGL.dll 2016-06-13 04:04 - 2016-06-13 04:04 - 00008192 _____ () C:\Program Files (x86)\Droid4X\FireWall.dll 2016-06-13 03:30 - 2016-06-13 03:30 - 00022528 _____ () C:\Program Files (x86)\Droid4X\CommonLFun.dll 2016-06-13 03:30 - 2016-06-13 03:30 - 00019456 _____ () C:\Program Files (x86)\Droid4X\HInfo.dll 2016-06-13 02:34 - 2016-06-13 02:34 - 00880016 _____ () C:\Program Files (x86)\Droid4X\plugins\platforms\qwindows.dll 2016-06-13 03:47 - 2016-06-13 03:47 - 00033280 _____ () C:\Program Files (x86)\Droid4X\VBoxApi.dll 2016-06-13 04:05 - 2016-06-13 04:05 - 00031120 _____ () C:\Program Files (x86)\Droid4X\plugins\imageformats\qgif.dll 2016-06-13 02:34 - 2016-06-13 02:34 - 00031120 _____ () C:\Program Files (x86)\Droid4X\plugins\imageformats\qico.dll 2016-06-13 03:30 - 2016-06-13 03:30 - 00241152 _____ () C:\Program Files (x86)\Droid4X\plugins\imageformats\qjpeg.dll 2016-06-13 03:30 - 2016-06-13 03:30 - 00286208 _____ () C:\Program Files (x86)\Droid4X\libEGL_translator.DLL 2016-06-13 03:47 - 2016-06-13 03:47 - 00308224 _____ () C:\Program Files (x86)\Droid4X\libGLES_CM_translator.DLL 2016-06-13 02:34 - 2016-06-13 02:34 - 00296448 _____ () C:\Program Files (x86)\Droid4X\libGLES_V2_translator.DLL 2014-05-16 14:02 - 2014-05-16 14:02 - 03582240 _____ () C:\Program Files\Oracle\VirtualBox\x86\VBoxRT-x86.dll 2016-06-13 03:48 - 2016-06-13 03:48 - 00027136 _____ () C:\Program Files (x86)\Droid4X\Videotape.dll 2016-07-01 11:00 - 2014-08-13 09:15 - 06388224 _____ () C:\Databelli\PacWin32\RxCtl190.bpl 2016-07-01 10:59 - 2017-03-02 11:29 - 02348032 _____ () C:\Databelli\PacWin32\frx19.bpl 2016-07-01 10:59 - 2017-03-02 11:29 - 00484864 _____ () C:\Databelli\PacWin32\fs19.bpl 2016-07-01 11:08 - 2017-03-02 11:29 - 00540160 _____ () C:\Databelli\PacWin32\ACBr_Synapse.bpl 2016-07-01 11:08 - 2017-03-02 11:29 - 00248320 _____ () C:\Databelli\PacWin32\ACBr_Comum.bpl 2016-07-01 11:08 - 2017-03-02 11:29 - 00282624 _____ () C:\Databelli\PacWin32\ACBr_TCP.bpl 2016-07-01 11:08 - 2017-03-02 11:29 - 00317952 _____ () C:\Databelli\PacWin32\ACBr_Diversos.bpl 2016-07-01 10:59 - 2017-03-02 11:29 - 01132544 _____ () C:\Databelli\PacWin32\frxe19.bpl 2016-07-01 10:59 - 2016-04-26 10:37 - 00207360 _____ () C:\Databelli\PacWin32\EstSearchDialogD19.bpl 2016-07-01 10:59 - 2016-04-26 10:37 - 00035840 _____ () C:\Databelli\PacWin32\EstSearchDialogDbxD19.bpl 2016-07-01 10:59 - 2017-03-02 11:29 - 00128512 _____ () C:\Databelli\PacWin32\frxDB19.bpl 2016-07-01 10:59 - 2017-03-02 11:29 - 00061952 _____ () C:\Databelli\PacWin32\fsDB19.bpl 2016-07-01 11:08 - 2017-03-02 11:29 - 00256512 _____ () C:\Databelli\PacWin32\ACBr_OpenSSL.bpl 2016-07-01 10:59 - 2016-09-29 10:16 - 04201472 _____ () C:\Databelli\PacWin32\LicPacWin32.DLL 2016-07-01 11:00 - 2014-08-13 09:21 - 03490410 _____ () C:\Databelli\PacWin32\RxDB190.bpl 2016-07-01 10:59 - 2014-08-12 16:49 - 00083456 _____ () C:\Databelli\PacWin32\Ehs_DXE5.bpl ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_10C4 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_1334 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_1524 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_17A4 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_1A74 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_1BA4 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_4FC => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_584 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_828 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_944 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin_B80 => ""="Service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2017-02-02 08:34 - 00000863 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-1560549375-122267454-3844034720-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SOLEMAR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 82.163.143.176 - 82.163.142.178 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{1C218A6F-36BB-4748-9EF7-FA33590A3AB8}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe FirewallRules: [{D76EDBF6-1EB6-48E6-A561-A17FC9BC0050}] => (Allow) LPort=6160 FirewallRules: [TCP Query User{74190AC4-BFEF-4568-80C9-E112B67E795B}C:\users\solemar\appdata\local\temp\rar$exa0.141\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.141\mt7xx_teste_11.exe FirewallRules: [UDP Query User{40B3DC8B-DBE4-43C4-B5B0-775CEAB72767}C:\users\solemar\appdata\local\temp\rar$exa0.141\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.141\mt7xx_teste_11.exe FirewallRules: [TCP Query User{A9E10700-3A75-41A4-BC6F-88EA491BFCAC}\\server\real tecnologia\orçamentos\solemar\aa_v3.exe] => (Allow) \\server\real tecnologia\orçamentos\solemar\aa_v3.exe FirewallRules: [UDP Query User{0A053DB2-22C5-494C-903C-61C5F592752C}\\server\real tecnologia\orçamentos\solemar\aa_v3.exe] => (Allow) \\server\real tecnologia\orçamentos\solemar\aa_v3.exe FirewallRules: [TCP Query User{4BF149D0-ADF2-4CA0-A330-39722E05813B}C:\users\solemar\appdata\local\temp\rar$exa0.379\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.379\mt7xx_teste_11.exe FirewallRules: [UDP Query User{12F0CA64-4C0E-46E3-8BEA-4E95E99190A0}C:\users\solemar\appdata\local\temp\rar$exa0.379\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.379\mt7xx_teste_11.exe FirewallRules: [TCP Query User{7A50E093-5F6E-46D1-B1BC-7CFEB1CC4D3B}C:\users\solemar\appdata\local\temp\rar$exa0.108\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.108\mt7xx_teste_11.exe FirewallRules: [UDP Query User{13D345D7-B154-4A57-BF9B-B1E443370B56}C:\users\solemar\appdata\local\temp\rar$exa0.108\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.108\mt7xx_teste_11.exe FirewallRules: [TCP Query User{4C674607-9679-477D-90FA-51AA712854C7}C:\users\solemar\appdata\local\temp\rar$exa0.360\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.360\mt7xx_teste_11.exe FirewallRules: [UDP Query User{F501EAAA-2582-44C8-A71E-B2A0FD06EAB2}C:\users\solemar\appdata\local\temp\rar$exa0.360\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.360\mt7xx_teste_11.exe FirewallRules: [TCP Query User{DFEEED3E-2DB5-46B1-94C2-9ECC88088A5F}C:\users\solemar\appdata\local\temp\rar$exa0.491\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.491\mt7xx_teste_11.exe FirewallRules: [UDP Query User{14EA7750-DA00-4E5F-ACA6-4A75853C6931}C:\users\solemar\appdata\local\temp\rar$exa0.491\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.491\mt7xx_teste_11.exe FirewallRules: [TCP Query User{F7BF8B06-9DD8-4D5C-B893-4F22382279A0}C:\users\solemar\appdata\local\temp\rar$exa0.592\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.592\mt7xx_teste_11.exe FirewallRules: [UDP Query User{9FDC985D-397E-42EC-9F57-7614CE974372}C:\users\solemar\appdata\local\temp\rar$exa0.592\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.592\mt7xx_teste_11.exe FirewallRules: [TCP Query User{D7057F76-B0F7-4620-A8E4-41741E1925B2}C:\users\solemar\appdata\local\temp\rar$exa0.608\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.608\mt7xx_teste_11.exe FirewallRules: [UDP Query User{B95F207A-3E67-482C-9372-20A998124FA7}C:\users\solemar\appdata\local\temp\rar$exa0.608\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.608\mt7xx_teste_11.exe FirewallRules: [TCP Query User{DAFAF28A-0D75-4F14-A246-A451F745189A}C:\program files (x86)\bematech\printers\user\bematech user software.exe] => (Allow) C:\program files (x86)\bematech\printers\user\bematech user software.exe FirewallRules: [UDP Query User{7E37CAFA-EFF9-4050-A548-CD77BC8572DF}C:\program files (x86)\bematech\printers\user\bematech user software.exe] => (Allow) C:\program files (x86)\bematech\printers\user\bematech user software.exe FirewallRules: [TCP Query User{9E917A58-2617-43A3-8330-363DA6018FEE}C:\users\solemar\downloads\anydesk.exe] => (Allow) C:\users\solemar\downloads\anydesk.exe FirewallRules: [UDP Query User{CA86F4E6-0212-4CA8-918E-C280D147ECE7}C:\users\solemar\downloads\anydesk.exe] => (Allow) C:\users\solemar\downloads\anydesk.exe FirewallRules: [TCP Query User{DCE11894-21E8-4D4F-A9C1-A3357FD6C6EB}C:\users\solemar\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\solemar\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe FirewallRules: [{05186297-838A-47B8-A755-5FBE59E80252}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X.exe FirewallRules: [{7231D98C-4CBE-4166-BD2C-B8C93273BB24}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe FirewallRules: [{D6F447E3-D50E-47A1-B686-5ABFBF1616CF}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe FirewallRules: [TCP Query User{A55EBE62-8F16-46B2-B93B-8D578C357CF6}C:\users\solemar\appdata\local\temp\rar$exa0.852\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.852\mt7xx_teste_11.exe FirewallRules: [UDP Query User{701087B5-EC1B-4927-B3F5-2367306DC27E}C:\users\solemar\appdata\local\temp\rar$exa0.852\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.852\mt7xx_teste_11.exe FirewallRules: [TCP Query User{CAFA3699-D473-482F-A21F-B30E6CAD5858}C:\users\solemar\appdata\local\temp\rar$exa0.124\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.124\mt7xx_teste_11.exe FirewallRules: [UDP Query User{1F900233-D0C3-46C2-845C-ECE68FCDA865}C:\users\solemar\appdata\local\temp\rar$exa0.124\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.124\mt7xx_teste_11.exe FirewallRules: [TCP Query User{ACB74821-21BD-43DD-8CCA-43CD7A5586B1}C:\users\solemar\appdata\local\temp\rar$exa0.425\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.425\mt7xx_teste_11.exe FirewallRules: [UDP Query User{3E9C8599-B8D4-4C8A-A4C8-700684A477E1}C:\users\solemar\appdata\local\temp\rar$exa0.425\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.425\mt7xx_teste_11.exe FirewallRules: [TCP Query User{23A89954-A889-475B-82CF-B02A3860987E}C:\users\solemar\appdata\local\temp\rar$exa0.241\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.241\mt7xx_teste_11.exe FirewallRules: [UDP Query User{857824A9-E139-46C5-B5B4-7ADC60BBEC56}C:\users\solemar\appdata\local\temp\rar$exa0.241\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.241\mt7xx_teste_11.exe FirewallRules: [TCP Query User{7ACC7367-2B4A-4546-8A10-5D31A3E9D75B}C:\users\solemar\appdata\local\temp\rar$exa0.114\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.114\mt7xx_teste_11.exe FirewallRules: [UDP Query User{20E89C73-4148-41AA-A430-260D165D7FA0}C:\users\solemar\appdata\local\temp\rar$exa0.114\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.114\mt7xx_teste_11.exe FirewallRules: [TCP Query User{ECF03D11-EDC2-408B-94B3-E59358EFB14C}C:\users\solemar\appdata\local\temp\rar$exa0.598\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.598\mt7xx_teste_11.exe FirewallRules: [UDP Query User{19ECD96E-09CF-4452-911E-05C449BFEA49}C:\users\solemar\appdata\local\temp\rar$exa0.598\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.598\mt7xx_teste_11.exe FirewallRules: [{6DA7DFC0-7CF6-4853-BFED-BDC109BE5B3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{07EE18FB-C0C6-4168-8E2C-78489B73B061}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{F98B6309-7897-45F2-A42A-7FB45CE293EF}C:\users\solemar\appdata\local\temp\rar$exa0.772\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.772\mt7xx_teste_11.exe FirewallRules: [UDP Query User{0A408D21-375E-486C-987F-8B1DD037CEF6}C:\users\solemar\appdata\local\temp\rar$exa0.772\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.772\mt7xx_teste_11.exe FirewallRules: [TCP Query User{9224FE01-6508-47E5-99C7-FE4947DB6B31}C:\users\solemar\appdata\local\temp\rar$exa0.555\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.555\mt7xx_teste_11.exe FirewallRules: [UDP Query User{C6676277-4EAC-4972-BC53-A60A0063D541}C:\users\solemar\appdata\local\temp\rar$exa0.555\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.555\mt7xx_teste_11.exe FirewallRules: [TCP Query User{0BF279C4-A2F2-49F0-AD71-6AEDE1DFAA77}C:\users\solemar\appdata\local\temp\rar$exa0.341\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.341\mt7xx_teste_11.exe FirewallRules: [UDP Query User{300DB92B-D73B-4139-ABAC-DD861567FE19}C:\users\solemar\appdata\local\temp\rar$exa0.341\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.341\mt7xx_teste_11.exe FirewallRules: [TCP Query User{88556689-FED2-4968-B03A-D60297C27B6A}C:\users\solemar\desktop\gradual\gradual windows versão 4_2_0_2\gradualwindows.exe] => (Allow) C:\users\solemar\desktop\gradual\gradual windows versão 4_2_0_2\gradualwindows.exe FirewallRules: [UDP Query User{84AF22B0-7E3F-444A-A1EB-0C2446806A88}C:\users\solemar\desktop\gradual\gradual windows versão 4_2_0_2\gradualwindows.exe] => (Allow) C:\users\solemar\desktop\gradual\gradual windows versão 4_2_0_2\gradualwindows.exe FirewallRules: [TCP Query User{6B05A9B8-9D56-4CFD-84C9-03A391272C49}C:\users\solemar\appdata\local\temp\rar$exa0.521\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.521\mt7xx_teste_11.exe FirewallRules: [UDP Query User{81F4215E-11DC-4839-88BA-5941FBF0BEA4}C:\users\solemar\appdata\local\temp\rar$exa0.521\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.521\mt7xx_teste_11.exe FirewallRules: [{FD684DC9-981E-4FDF-A2D3-EF55F6009B7B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{DA86F46E-9865-4DEE-9C05-E3AD3B2EF977}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{788A6AEF-8D9A-4D83-91C7-748BBBDE6A15}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{01CC0178-C602-48E1-B25F-B4961E64CC0A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{E00D7F30-BBC3-4C7D-B905-42DCEBAFB3D9}C:\users\solemar\appdata\local\temp\rar$exa0.271\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.271\mt7xx_teste_11.exe FirewallRules: [UDP Query User{3A8EAE99-3177-4140-9942-B1A1BB66C3C4}C:\users\solemar\appdata\local\temp\rar$exa0.271\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.271\mt7xx_teste_11.exe FirewallRules: [TCP Query User{A754EE9A-D704-4C96-A14D-0199D862DBB9}\\server\real tecnologia\orçamentos\variados\aa_v3.exe] => (Allow) \\server\real tecnologia\orçamentos\variados\aa_v3.exe FirewallRules: [UDP Query User{652A0EBB-589A-4401-BAA2-17B3CBC89A6C}\\server\real tecnologia\orçamentos\variados\aa_v3.exe] => (Allow) \\server\real tecnologia\orçamentos\variados\aa_v3.exe FirewallRules: [TCP Query User{D74D1481-348F-47E3-8E45-4788FED93ED9}\\server\real tecnologia\orçamentos\solemar\aa_v3.exe] => (Allow) \\server\real tecnologia\orçamentos\solemar\aa_v3.exe FirewallRules: [UDP Query User{2F0C0CD2-FE38-4B6A-8FD8-FB08671B68B3}\\server\real tecnologia\orçamentos\solemar\aa_v3.exe] => (Allow) \\server\real tecnologia\orçamentos\solemar\aa_v3.exe FirewallRules: [TCP Query User{E5A2F012-6F4F-486E-A6AE-E91713606EAC}\\server\real tecnologia\orçamentos\aa_v3.exe] => (Allow) \\server\real tecnologia\orçamentos\aa_v3.exe FirewallRules: [UDP Query User{A9CB2DEA-84CB-42C3-BA85-0814AFDD7907}\\server\real tecnologia\orçamentos\aa_v3.exe] => (Allow) \\server\real tecnologia\orçamentos\aa_v3.exe FirewallRules: [TCP Query User{D390A9AB-DA36-4AA5-A5DD-623C3AB9F7C0}C:\users\solemar\appdata\local\temp\rar$exa0.639\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.639\mt7xx_teste_11.exe FirewallRules: [UDP Query User{B567F75A-0343-40C5-9AD8-00404B80F3D6}C:\users\solemar\appdata\local\temp\rar$exa0.639\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.639\mt7xx_teste_11.exe FirewallRules: [TCP Query User{FA57C02C-46C5-489F-8CB4-0AF5D8FFC31B}C:\users\solemar\appdata\local\temp\rar$exa0.603\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.603\mt7xx_teste_11.exe FirewallRules: [UDP Query User{5ED18C26-EC37-4B05-A30A-3C3EDB9CC71D}C:\users\solemar\appdata\local\temp\rar$exa0.603\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.603\mt7xx_teste_11.exe FirewallRules: [TCP Query User{A330AD31-2549-4C95-B890-8176BE60DFF9}C:\users\solemar\appdata\local\temp\rar$exa0.900\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.900\mt7xx_teste_11.exe FirewallRules: [UDP Query User{1A40057D-0B1E-43C5-A256-B14721A5FF02}C:\users\solemar\appdata\local\temp\rar$exa0.900\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.900\mt7xx_teste_11.exe FirewallRules: [{AAF90D7F-33A8-4439-94DE-5A24ADA8C2C3}] => (Allow) LPort=6160 FirewallRules: [{57209850-BD8A-49E6-966D-2AF902B108F0}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\BtSystem.Service.exe FirewallRules: [{367E9C5E-25A0-44BE-84F7-5CB66145F2EF}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\BtSystem.Service.exe FirewallRules: [{9F0F9CDA-6CAF-4F3D-801D-A08ACF04A972}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\HistoryExplorer.exe FirewallRules: [{672D0056-9583-4EC4-9900-9BE8458F49D0}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\HistoryExplorer.exe FirewallRules: [{CAAD5274-0E7C-4C03-AA28-6C727E33DDDD}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\ReprintConsole.exe FirewallRules: [{7464B1E4-2EB1-4544-A92E-16EA472875BC}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\ReprintConsole.exe FirewallRules: [{E4E17A6D-C12F-4DFC-8A30-30E95EBA34E0}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\SystemDatabaseWizard.exe FirewallRules: [{40F6BCC1-7DA0-412F-AFE9-1DA0B6E3FDE2}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\SystemDatabaseWizard.exe FirewallRules: [{C90A1C3C-2E07-4585-B686-F9E961518ACF}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\SystemDatabaseSetup.exe FirewallRules: [{2D4CAB4F-D74D-468D-9CC3-99B6B5BA2610}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\SystemDatabaseSetup.exe FirewallRules: [{83870A3D-0D1A-4190-A153-673D634DCBE1}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\Maestro.Service.exe FirewallRules: [{C31C730C-E621-4802-9CB9-57C6336EEC64}] => (Allow) C:\Program Files (x86)\Seagull\BarTender Suite\Maestro.Service.exe FirewallRules: [{E0ACCB1F-C63B-4536-B2FD-1E1E3703059A}] => (Allow) C:\Program Files (x86)\Droid4X\MultiMgr.exe FirewallRules: [TCP Query User{0A435330-5204-4265-B62E-60876FC943BC}C:\users\solemar\appdata\local\temp\rar$exa0.005\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.005\mt7xx_teste_11.exe FirewallRules: [UDP Query User{9FBFD346-C1FD-40A7-9380-8BCB48BB62DE}C:\users\solemar\appdata\local\temp\rar$exa0.005\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.005\mt7xx_teste_11.exe FirewallRules: [{E1EF78FC-4B06-4DE0-947F-64239ED6AA24}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{701FAEC2-9877-4B49-88AE-6E35218C6A5D}C:\users\solemar\appdata\local\temp\rar$exa0.001\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.001\mt7xx_teste_11.exe FirewallRules: [UDP Query User{45336E2F-8C62-4016-B24F-53CC2687240C}C:\users\solemar\appdata\local\temp\rar$exa0.001\mt7xx_teste_11.exe] => (Allow) C:\users\solemar\appdata\local\temp\rar$exa0.001\mt7xx_teste_11.exe FirewallRules: [{792B3517-A30D-4962-A472-881661A9ED2F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Pontos de Restauração ========================= 14-02-2017 08:19:18 Ponto de Verificação Agendado 17-02-2017 12:54:58 Installed LG United Mobile Drivers. 24-02-2017 17:39:51 Operação de restauração 03-03-2017 10:11:05 Removed Skype™ 7.33 ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/03/2017 10:08:27 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: EloSrvce.exe, versão: 0.0.0.0, carimbo de hora: 0x00000000 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdb3b Código de exceção: 0xc0000005 Deslocamento com falha: 0x0003ff94 Identificação do processo com falha: 0x5b0 Hora de início do aplicativo com falha: 0x01d2940b078ff81d Caminho do aplicativo com falha: C:\Windows\SysWOW64\EloSrvce.exe FCaminho do módulo de falhas: C:\Windows\SysWOW64\ntdll.dll Identificação do Relatório: 7cdb729e-0012-11e7-9165-7427ea71384f Error: (03/03/2017 08:45:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: splwow64.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bd3ca Nome do módulo de falhas: ole32.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5be01a Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000009eaa0 Identificação do processo com falha: 0xfdc Hora de início do aplicativo com falha: 0x01d294134a2c24c5 Caminho do aplicativo com falha: C:\Windows\splwow64.exe FCaminho do módulo de falhas: C:\Windows\system32\ole32.dll Identificação do Relatório: d70d37ae-0006-11e7-9165-7427ea71384f Error: (03/03/2017 08:44:59 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: splwow64.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bd3ca Nome do módulo de falhas: ntdll.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5be02b Código de exceção: 0xc00000fd Deslocamento com falha: 0x00000000000159ad Identificação do processo com falha: 0xfdc Hora de início do aplicativo com falha: 0x01d294134a2c24c5 Caminho do aplicativo com falha: C:\Windows\splwow64.exe FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll Identificação do Relatório: d3e7fc39-0006-11e7-9165-7427ea71384f Error: (03/03/2017 08:44:46 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: splwow64.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bd3ca Nome do módulo de falhas: ole32.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5be01a Código de exceção: 0xc0000005 Deslocamento com falha: 0x0000000000021669 Identificação do processo com falha: 0xfdc Hora de início do aplicativo com falha: 0x01d294134a2c24c5 Caminho do aplicativo com falha: C:\Windows\splwow64.exe FCaminho do módulo de falhas: C:\Windows\system32\ole32.dll Identificação do Relatório: cc7f61d2-0006-11e7-9165-7427ea71384f Error: (03/03/2017 08:31:51 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll". Assembly dependente Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (03/02/2017 03:59:41 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa WinITFI.exe versão 1.1.14.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: ae8 Hora de Início: 01d2937be6dcd1ad Hora de Término: 3 Caminho do Aplicativo: C:\Program Files (x86)\Bematech\WinITFI\WinITFI.exe Id do Relatório: Error: (03/02/2017 03:12:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: eECFc.exe, versão: 3.0.14.0, carimbo de hora: 0x4b13f9f7 Nome do módulo de falhas: BemaMFD2_MP4000THFI.dll, versão: 2.0.0.0, carimbo de hora: 0x4e28332b Código de exceção: 0xc0000005 Deslocamento com falha: 0x000d2dc6 Identificação do processo com falha: 0x2e8 Hora de início do aplicativo com falha: 0x01d293806af8c346 Caminho do aplicativo com falha: C:\Users\SOLEMAR\Desktop\eECFc\eECFc.exe FCaminho do módulo de falhas: C:\Users\SOLEMAR\Desktop\eECFc\Bematech\BemaMFD2_MP4000THFI.dll Identificação do Relatório: d71e04d6-ff73-11e6-a7f9-7427ea71384f Error: (03/02/2017 03:10:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: eECFc.exe, versão: 3.0.14.0, carimbo de hora: 0x4b13f9f7 Nome do módulo de falhas: BemaMFD2_MP4000THFI.dll, versão: 2.0.0.0, carimbo de hora: 0x4e28332b Código de exceção: 0xc0000005 Deslocamento com falha: 0x000d2dc6 Identificação do processo com falha: 0x17ec Hora de início do aplicativo com falha: 0x01d293801abe0982 Caminho do aplicativo com falha: C:\Users\SOLEMAR\Desktop\eECFc\eECFc.exe FCaminho do módulo de falhas: C:\Users\SOLEMAR\Desktop\eECFc\Bematech\BemaMFD2_MP4000THFI.dll Identificação do Relatório: 8757e29d-ff73-11e6-a7f9-7427ea71384f Error: (03/02/2017 03:08:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: eECFc.exe, versão: 3.0.14.0, carimbo de hora: 0x4b13f9f7 Nome do módulo de falhas: BemaMFD2_MP4000THFI.dll, versão: 2.0.0.0, carimbo de hora: 0x4e28332b Código de exceção: 0xc0000005 Deslocamento com falha: 0x000d2dc6 Identificação do processo com falha: 0x1d0 Hora de início do aplicativo com falha: 0x01d2937fd8fe9993 Caminho do aplicativo com falha: C:\Users\SOLEMAR\Desktop\eECFc\eECFc.exe FCaminho do módulo de falhas: C:\Users\SOLEMAR\Desktop\eECFc\Bematech\BemaMFD2_MP4000THFI.dll Identificação do Relatório: 4c3f50f1-ff73-11e6-a7f9-7427ea71384f Error: (03/01/2017 07:52:13 AM) (Source: BarTender System Service) (EventID: 10105) (User: ) Description: The BarTender System Service failed an attempt to find information. Table: MessageLog, Command: ; Inner Message: Erro de rede ou específico à instância ao estabelecer conexão com o SQL Server. O servidor não foi encontrado ou não estava acessível. Verifique se o nome da instância está correto e se o SQL Server está configurado para permitir conexões remotas. (provider: Interfaces de Rede SQL, error: 26 - Erro ao Localizar Servidor/Instância Especificada) Erros de Sistema: ============= Error: (03/03/2017 10:10:11 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: cdrom Error: (03/03/2017 10:08:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço EloSystemService foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/03/2017 08:48:38 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 10. O estado do erro interno é 10. Error: (03/03/2017 08:47:55 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 10. O estado do erro interno é 10. Error: (03/03/2017 08:46:56 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 10. O estado do erro interno é 10. Error: (03/03/2017 08:46:52 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 10. O estado do erro interno é 10. Error: (03/03/2017 08:46:48 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 10. O estado do erro interno é 10. Error: (03/03/2017 08:46:01 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 10. O estado do erro interno é 10. Error: (03/03/2017 08:45:12 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 10. O estado do erro interno é 10. Error: (03/03/2017 08:44:51 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 10. O estado do erro interno é 10. CodeIntegrity: =================================== Date: 2016-10-11 09:55:58.676 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BemaUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-11 09:55:58.667 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BemaUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-11 08:29:31.177 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BemaUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-11 08:29:31.157 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BemaUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-10 17:27:44.125 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BemaUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-10 17:27:44.116 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BemaUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-26 15:11:48.044 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BemaUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-26 15:11:48.032 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BemaUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-26 15:07:59.756 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BemaUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-26 15:07:59.746 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\BemaUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== Processador: Intel(R) Celeron(R) CPU 847 @ 1.10GHz Percentagem de memória em uso: 80% RAM física total: 3980.41 MB RAM física disponível: 793.91 MB Virtual Total: 7958.96 MB Virtual disponível: 4391.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:400.15 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EA8C97A4) Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================