Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 08-03-2017 Executado por edson (10-03-2017 00:10:11) Executando a partir de C:\Users\edson\Downloads\Programs Windows 7 Ultimate Service Pack 1 (X64) (2016-10-25 13:56:25) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-707682792-1128049521-3259909178-500 - Administrator - Disabled) Convidado (S-1-5-21-707682792-1128049521-3259909178-501 - Limited - Disabled) edson (S-1-5-21-707682792-1128049521-3259909178-1001 - Administrator - Enabled) => C:\Users\edson HomeGroupUser$ (S-1-5-21-707682792-1128049521-3259909178-1002 - Limited - Enabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.19) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated) Aplicativo Itaú (HKLM-x32\...\{6F6626F1-1813-4C3F-BE9C-290CCF55782B}) (Version: 1.0.72 - Banco Itaú) aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.372 - Bigfoot Networks) Bigfoot Networks Killer Network Manager (Version: 6.1.0.372 - Bigfoot Networks) Hidden BitTorrent (HKU\S-1-5-21-707682792-1128049521-3259909178-1001\...\BitTorrent) (Version: 7.9.9.43296 - BitTorrent Inc.) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.) Bulk Image Downloader v5.1.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version: - Antibody Software) CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) DFX (HKLM-x32\...\DFX) (Version: 12.023.0.0 - Power Technology) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Imo Messenger (HKLM-x32\...\{14C80468-1A2D-4EF4-BF39-C25EAC1F4A45}) (Version: 1.0.5 - PageBites, Inc) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2017) (Version: 1.0 - Receita Federal do Brasil) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.) LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) Pacote de Driver do Windows - Advanced Micro Devices (AtiHDAudioService) MEDIA (03/21/2016 7.12.0.7723) (HKLM\...\649259B0CC9FC877E5E9F540185379310FDB2E31) (Version: 03/21/2016 7.12.0.7723 - Advanced Micro Devices) Pacote de Driver do Windows - Advanced Micro Devices, Inc. (amdkmdap) Display (07/15/2015 15.200.1062.0000) (HKLM\...\516B7FCB7EC7470E248FBBC0032C54943549713E) (Version: 07/15/2015 15.200.1062.0000 - Advanced Micro Devices, Inc.) Pacote de Driver do Windows - Advanced Micro Devices, Inc. (amdkmdap) Display (11/09/2011 8.920.0.0000) (HKLM\...\5AB2D746845693A6D74588B2C4768B96DF2E9A92) (Version: 11/09/2011 8.920.0.0000 - Advanced Micro Devices, Inc.) Pacote de Driver do Windows - Corsair Memory, Inc. (SIUSBXP) USB (07/14/2010 3.3) (HKLM\...\30AE39A30E283A69901DB01C9A57F1433534ED43) (Version: 07/14/2010 3.3 - Corsair Memory, Inc.) Pacote de Driver do Windows - Intel (e1yexpress) Net (10/20/2011 10.1.17.0) (HKLM\...\DC22FE141C79254F8E8ED3AD56936349CE429288) (Version: 10/20/2011 10.1.17.0 - Intel) Pacote de Driver do Windows - Intel System (07/25/2013 9.1.9.1005) (HKLM\...\0D5FF16DF1EB1D79525FA3E61418108F8F3002E1) (Version: 07/25/2013 9.1.9.1005 - Intel) Pacote de Driver do Windows - Intel System (07/25/2013 9.1.9.1005) (HKLM\...\CAC45647A959F237CE25C052FDB9A4A914C34830) (Version: 07/25/2013 9.1.9.1005 - Intel) Pacote de Driver do Windows - Intel System (07/25/2013 9.1.9.1005) (HKLM\...\ED810FFB415BA44CFFBFDE4E3A80FA4D67842D61) (Version: 07/25/2013 9.1.9.1005 - Intel) Pacote de Driver do Windows - Intel USB (07/31/2013 9.1.9.1006) (HKLM\...\B0CC38E1CE139A5179BF0F8255865BD29DA00B02) (Version: 07/31/2013 9.1.9.1006 - Intel) Pacote de Driver do Windows - JMicron Technology Corp. (JRAID) SCSIAdapter (11/25/2010 1.17.62.0) (HKLM\...\B7C07CAD54947588D1B39652CAF2B9DAAEBE1983) (Version: 11/25/2010 1.17.62.0 - JMicron Technology Corp.) Pacote de Driver do Windows - Logitech (lvrs64) MEDIA (08/19/2011 13.30.1394.0) (HKLM\...\23D76B52057C5852723C76C59113302EF3D6E5F6) (Version: 08/19/2011 13.30.1394.0 - Logitech) Pacote de Driver do Windows - Logitech (LVUVC64) Image (01/17/2012 13.31.1044.0) (HKLM\...\D638728CE1CF1A957709C8C07993C6303419D568) (Version: 01/17/2012 13.31.1044.0 - Logitech) Pacote de Driver do Windows - Logitech USB (01/17/2012 13.31.1044.0) (HKLM\...\D5D647CA93F09CD4805083CBA3763989E4CF99DC) (Version: 01/17/2012 13.31.1044.0 - Logitech) Pacote de Driver do Windows - Logitech USB (08/19/2011 13.30.1394.0) (HKLM\...\35C415966BFF461BB8CC8BDE5432186CCD29CC96) (Version: 08/19/2011 13.30.1394.0 - Logitech) Pacote de Driver do Windows - Marvell Inc. (mv91xx) SCSIAdapter (08/28/2012 1.2.0.1028) (HKLM\...\163A48B321DBE144FBEF8363552F004D3DA9FB31) (Version: 08/28/2012 1.2.0.1028 - Marvell Inc.) Pacote de Driver do Windows - Marvell Inc. (mvs91xx) SCSIAdapter (09/05/2013 1.2.0.1039) (HKLM\...\05B50942F684BFC1A8D9895EF5D1FA0690995543) (Version: 09/05/2013 1.2.0.1039 - Marvell Inc.) Pacote de Driver do Windows - Qualcomm Atheros Communications (BtFilter) Bluetooth (03/20/2014 8.0.0001.0320) (HKLM\...\E170F1C9690C441FA2A0345CC4FA0FFB31B064A1) (Version: 03/20/2014 8.0.0001.0320 - Qualcomm Atheros Communications) Pacote de Driver do Windows - Qualcomm Atheros Communications Inc. (athr) Net (11/24/2014 10.0.0.303) (HKLM\...\909D3CB63BE223F6634125C07A98EC4161E7AC4B) (Version: 11/24/2014 10.0.0.303 - Qualcomm Atheros Communications Inc.) Pacote de Driver do Windows - Realtek Semiconductor Corp. HD Audio Driver (06/18/2015 6.0.1.7541) (HKLM\...\0E2114218A5E9D633979D3220C24548BEF0C7294) (Version: 06/18/2015 6.0.1.7541 - Realtek Semiconductor Corp.) Pacote de Driver do Windows - Realtek Semiconductor Corp. HD Audio Driver (06/18/2015 6.0.1.7541) (HKLM\...\65EA5D9C329D0FE8E123D6D9B6F1CE3405247CAD) (Version: 06/18/2015 6.0.1.7541 - Realtek Semiconductor Corp.) Pacote de Driver do Windows - Renesas Electronics (nusb3xhc) USB (10/25/2011 2.1.28.0) (HKLM\...\2ACCDEE1BCC981498B3C034E6165E806F3638C1F) (Version: 10/25/2011 2.1.28.0 - Renesas Electronics) Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Razer Mamba (HKLM-x32\...\{060B61F0-50BD-4043-AB77-B3EF5769569A}) (Version: 2.04.00 - Razer USA Ltd.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.7 - VS Revo Group, Ltd.) ROG Thunderbolt Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006620}) (Version: 7.0.1.21 - ASUSTek Computer Inc.) Screenshot Captor 4.16.1 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - ) Skype™ 7.33 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.33.104 - Skype Technologies S.A.) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.24.3.4750 - Enigma Software Group, LLC) Teoma Shopping App (HKLM-x32\...\{41545533-2D54-5347-00A7-A758B70C2D02}) (Version: 12.45.2.1366 - APN, LLC) Warsaw 1.12.3.5 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.3.5 - GAS Tecnologia) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {1D00CD85-40F9-4940-872D-52DC6507520C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-03-09] (Adobe Systems Incorporated) Task: {2E5CC35C-A8E5-4AFD-A894-56269CC36DA8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software) Task: {3484F3FB-E74A-43A1-AC75-6E5D71DAB94F} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation) Task: {4377064A-6D13-4007-8FF0-1E6512107CD2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-09] (Adobe Systems Incorporated) Task: {82770EED-46FE-4D3E-8732-785E5AAC0D7D} - System32\Tasks\AdobeAAMUpdater-1.0-edson-PC-edson => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {8F6B588D-E898-4CA9-86CA-4AC5FE01DE8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-25] (Google Inc.) Task: {94F7BE01-C515-4E10-924E-80EDAACD7C58} - System32\Tasks\{CA086635-09CC-4295-8B37-9AB961BF3969} => pcalua.exe -a C:\Users\edson\Downloads\Programs\DiagnosticoItau.exe -d C:\Users\edson\Downloads\Programs Task: {DEDF32BB-A152-4ACA-B22C-3C5108E96E5F} - System32\Tasks\Yahoo! Powered lisir => Wscript.exe "C:\ProgramData\{4AC58FA6-C087-0560-4641-9B22DC0310EC}\dima.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b34414335384641362d433038372d303536302d343634312d3942323244433033313045437d5c6d6f64696c69" "433a5c50726f6772616d446174615c7b34414335384641362d433038372d303536302d343634 (a entrada de dados tem 78 mais caracteres). Task: {DFC229F3-AC23-4C01-8145-9059865F413D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {E70883C2-F67D-4C11-93B0-4D5FCEBF001A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-25] (Google Inc.) Task: {F9618155-F737-4D76-BD39-1B65F8AC231F} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [2015-07-01] (Megaify Software Co., Ltd.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe Task: C:\Windows\Tasks\Yahoo! Powered lisir.job => Wscript.exe C:\ProgramData\{4AC58FA6-C087-0560-4641-9B22DC0310EC}\dima.txt <==== ATENÇÃO ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2012-07-03 14:26 - 2012-07-03 14:26 - 00492032 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe 2011-05-09 19:46 - 2011-05-09 19:46 - 02760192 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll 2011-05-09 19:56 - 2011-05-09 19:56 - 09856000 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll 2011-05-09 19:47 - 2011-05-09 19:47 - 00416256 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll 2012-07-03 14:26 - 2012-07-03 14:26 - 00217600 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll 2011-05-10 11:32 - 2011-05-10 11:32 - 00731648 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll 2011-05-09 19:48 - 2011-05-09 19:48 - 00990720 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll 2016-10-25 11:35 - 2011-02-25 17:07 - 00204800 ____N () C:\Windows\SysWOW64\ExMgr.exe 2016-10-13 12:05 - 2016-10-13 12:05 - 01596920 _____ () C:\Program Files (x86)\DFX\DFX.exe 2016-10-13 11:57 - 2016-10-13 11:57 - 00161784 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe 2016-10-13 12:01 - 2016-10-13 12:01 - 00176120 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe 2016-10-13 12:42 - 2016-10-13 12:42 - 00098296 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared64.dll 2017-02-06 23:21 - 2017-02-01 06:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-06 23:21 - 2017-02-01 06:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll 2016-10-25 11:35 - 2011-07-13 17:54 - 00086016 ____N () C:\Windows\SysWOW64\ExSrv.dll 2016-10-25 10:58 - 2014-02-17 18:13 - 00092984 _____ () C:\Program Files (x86)\DriverToolkit\zlibwapi.dll 2016-10-13 12:40 - 2016-10-13 12:40 - 00083960 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll 2016-10-27 09:33 - 2016-03-18 08:32 - 02160128 _____ () C:\Users\edson\AppData\Local\chromium\Application\51.0.2683.0\libglesv2.dll 2016-10-27 09:33 - 2016-03-18 08:32 - 00075776 _____ () C:\Users\edson\AppData\Local\chromium\Application\51.0.2683.0\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Windows\System32:2D33B32F_Uni.gbp [2] AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:r0d3jo5 [20] AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1270] AlternateDataStreams: C:\Windows\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\.DEFAULT\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\.DEFAULT\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br IE trusted site: HKU\S-1-5-21-707682792-1128049521-3259909178-1001\...\google.com -> www.google.com IE trusted site: HKU\S-1-5-21-707682792-1128049521-3259909178-1001\...\google.com.br -> www.google.com.br IE trusted site: HKU\S-1-5-21-707682792-1128049521-3259909178-1001\...\itau.b.br -> www.itau.b.br IE trusted site: HKU\S-1-5-21-707682792-1128049521-3259909178-1001\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-707682792-1128049521-3259909178-1001\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-707682792-1128049521-3259909178-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br IE trusted site: HKU\S-1-5-21-707682792-1128049521-3259909178-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2017-03-09 11:22 - 00000853 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-707682792-1128049521-3259909178-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\edson\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{2DD5BCF6-1079-4420-A970-F53FC5F6064C}] => (Allow) C:\Users\edson\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{C44F09C1-FDEA-4FE5-8683-F7C1B2D6ABBE}] => (Allow) C:\Users\edson\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{49BA5724-9EF9-4AB7-A876-031EBDBAD089}] => (Allow) C:\Users\edson\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{0C0E514D-7351-4ADB-A792-036E5F91AAA3}] => (Allow) C:\Users\edson\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{730F67DD-0B66-4725-ACD2-5476DCDDBA9C}] => (Allow) C:\Users\edson\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{141A4F8C-822F-407E-B1B9-88872742C8A3}] => (Allow) C:\Users\edson\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{DFC50045-FEE5-4757-97CA-5BDF2A5E4BF9}] => (Allow) C:\Users\edson\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [TCP Query User{C55F17AA-6E53-40BF-B079-1D47D7E49355}C:\users\edson\appdata\roaming\bittorrent\updates\7.9.9_42924.exe] => (Allow) C:\users\edson\appdata\roaming\bittorrent\updates\7.9.9_42924.exe FirewallRules: [UDP Query User{236681B4-4AD1-4CB1-AE87-9622389C785E}C:\users\edson\appdata\roaming\bittorrent\updates\7.9.9_42924.exe] => (Allow) C:\users\edson\appdata\roaming\bittorrent\updates\7.9.9_42924.exe FirewallRules: [{4673E1F3-842A-40C8-A4B6-5C66A64A072D}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{FB7B2B76-9283-4F60-B1DF-868463400A5F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{9CE2E1E8-4486-4FB4-A9E3-F47A59289E87}C:\program files\java\jre1.8.0_121\launch4j-tmp\irpf2017.exe] => (Allow) C:\program files\java\jre1.8.0_121\launch4j-tmp\irpf2017.exe FirewallRules: [UDP Query User{720C96B2-5427-425B-9EC5-00B6BD007BAA}C:\program files\java\jre1.8.0_121\launch4j-tmp\irpf2017.exe] => (Allow) C:\program files\java\jre1.8.0_121\launch4j-tmp\irpf2017.exe FirewallRules: [{65C1B2CA-4ADB-4B49-B1FD-DBFCA5AB2594}] => (Allow) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe FirewallRules: [{DB1B5014-7BC0-4B73-89C8-4D3000259A3B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Pontos de Restauração ========================= 22-02-2017 11:23:48 Ponto de Verificação Agendado 04-03-2017 14:40:06 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 04-03-2017 14:41:49 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 04-03-2017 14:46:14 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 05-03-2017 12:10:37 Uniblue SpeedUpMyPC installation 06-03-2017 10:34:15 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 06-03-2017 10:36:27 Installed Skype™ 7.33 06-03-2017 10:38:41 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 06-03-2017 10:39:51 Installed Skype™ 7.33 06-03-2017 10:41:16 Removed Skype™ 7.33 06-03-2017 10:42:39 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 06-03-2017 10:43:59 Installed Skype™ 7.33 ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Module Description: Bluetooth Module Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Qualcomm Atheros Communications Service: BTHUSB Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bigfoot Networks Killer Ethernet Controller Description: Bigfoot Networks Killer Ethernet Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Bigfoot Networks, Inc. Service: BfEdge7x64 Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: AMD Radeon HD 6900 Series Description: AMD Radeon HD 6900 Series Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: Advanced Micro Devices, Inc. Service: amdkmdap Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/10/2017 12:04:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: KillerNetManager.exe, versão: 0.0.0.0, carimbo de hora: 0x4ff3552c Nome do módulo de falhas: modSystemInfo.dll, versão: 0.0.0.0, carimbo de hora: 0x4ff35510 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00000000000087fd Identificação do processo com falha: 0xf28 Hora de início do aplicativo com falha: 0x01d2994afc82cf17 Caminho do aplicativo com falha: C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe FCaminho do módulo de falhas: C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll Identificação do Relatório: 3babaef2-053e-11e7-8378-f46d04240343 Error: (03/09/2017 11:21:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: InstallerWrapperService.exe, versão: 4.4.127.0, carimbo de hora: 0x578eace8 Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.17514, carimbo de hora: 0x4ce7bafa Código de exceção: 0xe0434352 Deslocamento com falha: 0x0000b727 Identificação do processo com falha: 0x840 Hora de início do aplicativo com falha: 0x01d298df5ff139de Caminho do aplicativo com falha: C:\Program Files\TrueKey\InstallerWrapperService.exe FCaminho do módulo de falhas: C:\Windows\syswow64\KERNELBASE.dll Identificação do Relatório: bdefbef7-04d3-11e7-86a9-f46d04240343 Error: (03/09/2017 11:21:52 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: InstallerWrapperService.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.IO.FileNotFoundException Pilha: em ISecG.Installer.Library.Reporting.MixPanel..ctor() em ISecG.Installer.Library.Utilities.Helper.LogInfoToMixPanel(System.String, Boolean, System.String) em ISecG.TrueKey.InstallerWrapperService.InstallerSvc.BeginInstallation() em System.Threading.ThreadHelper.ThreadStart_Context(System.Object) em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) em System.Threading.ThreadHelper.ThreadStart() Error: (03/09/2017 11:14:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: KillerNetManager.exe, versão: 0.0.0.0, carimbo de hora: 0x4ff3552c Nome do módulo de falhas: modSystemInfo.dll, versão: 0.0.0.0, carimbo de hora: 0x4ff35510 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00000000000087fd Identificação do processo com falha: 0xe80 Hora de início do aplicativo com falha: 0x01d298df7f81acbf Caminho do aplicativo com falha: C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe FCaminho do módulo de falhas: C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll Identificação do Relatório: bda91e64-04d2-11e7-86a9-f46d04240343 Error: (03/09/2017 11:01:20 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa bsplayer.exe versão 2.7.0.1080 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 173c Hora de Início: 01d298dd981371c1 Hora de Término: 15 Caminho do Aplicativo: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe Id do Relatório: dc4af2d1-04d0-11e7-a427-f46d04240343 Error: (03/09/2017 11:00:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: InstallerWrapperService.exe, versão: 4.4.127.0, carimbo de hora: 0x578eace8 Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.17514, carimbo de hora: 0x4ce7bafa Código de exceção: 0xe0434352 Deslocamento com falha: 0x0000b727 Identificação do processo com falha: 0x100c Hora de início do aplicativo com falha: 0x01d298dc6dcc3fbc Caminho do aplicativo com falha: C:\Program Files\TrueKey\InstallerWrapperService.exe FCaminho do módulo de falhas: C:\Windows\syswow64\KERNELBASE.dll Identificação do Relatório: cbb20c59-04d0-11e7-a427-f46d04240343 Error: (03/09/2017 11:00:47 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: InstallerWrapperService.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.IO.FileNotFoundException Pilha: em ISecG.Installer.Library.Reporting.MixPanel..ctor() em ISecG.Installer.Library.Utilities.Helper.LogInfoToMixPanel(System.String, Boolean, System.String) em ISecG.TrueKey.InstallerWrapperService.InstallerSvc.BeginInstallation() em System.Threading.ThreadHelper.ThreadStart_Context(System.Object) em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) em System.Threading.ThreadHelper.ThreadStart() Error: (03/09/2017 10:46:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: KillerNetManager.exe, versão: 0.0.0.0, carimbo de hora: 0x4ff3552c Nome do módulo de falhas: modSystemInfo.dll, versão: 0.0.0.0, carimbo de hora: 0x4ff35510 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00000000000087fd Identificação do processo com falha: 0xeb8 Hora de início do aplicativo com falha: 0x01d298db94fe6acf Caminho do aplicativo com falha: C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe FCaminho do módulo de falhas: C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll Identificação do Relatório: d3f145bf-04ce-11e7-a427-f46d04240343 Error: (03/09/2017 10:45:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: KillerNetManager.exe, versão: 0.0.0.0, carimbo de hora: 0x4ff3552c Nome do módulo de falhas: modSystemInfo.dll, versão: 0.0.0.0, carimbo de hora: 0x4ff35510 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00000000000087fd Identificação do processo com falha: 0xce8 Hora de início do aplicativo com falha: 0x01d298db5d3ed8fc Caminho do aplicativo com falha: C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe FCaminho do módulo de falhas: C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll Identificação do Relatório: 9ba80f88-04ce-11e7-8ca0-f46d04240343 Error: (03/09/2017 10:44:55 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: edson-PC) Description: O Windows não pode localizar o perfil local e está fazendo seu logon com um perfil temporário. As alterações que você fizer nesse perfil serão perdidas quando você fizer logoff. Erros de Sistema: ============= Error: (03/10/2017 12:04:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Agrupamento de Rede de Mesmo Nível depende do serviço Protocolo PNRP, mas não foi possível iniciá-lo devido ao seguinte erro: %%-2140993535 Error: (03/10/2017 12:04:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Protocolo PNRP terminou com o erro: %%-2140993535 Error: (03/10/2017 12:04:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Protocolo PNRP terminou com o erro: %%-2140993535 Error: (03/10/2017 12:04:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Agrupamento de Rede de Mesmo Nível depende do serviço Protocolo PNRP, mas não foi possível iniciá-lo devido ao seguinte erro: %%-2140993535 Error: (03/10/2017 12:04:26 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: A nuvem do Protocolo de Resolução de Nomes de Mesmo Nível não foi iniciada porque houve falha na criação da identidade padrão com o código de erro: 0x80630801. Error: (03/10/2017 12:04:26 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: A nuvem do Protocolo de Resolução de Nomes de Mesmo Nível não foi iniciada porque houve falha na criação da identidade padrão com o código de erro: 0x80630801. Error: (03/10/2017 12:04:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Agrupamento de Rede de Mesmo Nível depende do serviço Protocolo PNRP, mas não foi possível iniciá-lo devido ao seguinte erro: %%-2140993535 Error: (03/10/2017 12:04:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Protocolo PNRP terminou com o erro: %%-2140993535 Error: (03/10/2017 12:04:15 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: A nuvem do Protocolo de Resolução de Nomes de Mesmo Nível não foi iniciada porque houve falha na criação da identidade padrão com o código de erro: 0x80630801. Error: (03/10/2017 12:04:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O driver não foi carregado porque houve falha na chamada de inicialização. CodeIntegrity: =================================== Date: 2016-10-25 12:35:51.498 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\CMEffectLFX.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-25 12:35:51.487 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\CMEffectLFX.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-25 12:35:51.483 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\CMEffectGFX.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i7 CPU X 990 @ 3.47GHz Percentagem de memória em uso: 27% RAM física total: 24567.07 MB RAM física disponível: 17824.39 MB Virtual Total: 49132.33 MB Virtual disponível: 42314.59 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:476.85 GB) (Free:180 GB) NTFS Drive d: (HD 3 TERA) (Fixed) (Total:2794.39 GB) (Free:523.94 GB) NTFS Drive e: (HD 1 TERA) (Fixed) (Total:931.51 GB) (Free:187.28 GB) NTFS Drive f: (GRMCULXFRER_BR_DVD) (CDROM) (Total:2.9 GB) (Free:0 GB) UDF ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 2A513DCC) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=476.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B124A613) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================