Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 11-03-2017 Executado por Leandro (11-03-2017 07:30:07) Executando a partir de C:\Users\Leandro\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2012-08-29 01:08:12) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-3644643762-1090977706-553488109-500 - Administrator - Disabled) Convidado (S-1-5-21-3644643762-1090977706-553488109-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-3644643762-1090977706-553488109-1365 - Limited - Enabled) Leandro (S-1-5-21-3644643762-1090977706-553488109-1000 - Administrator - Enabled) => C:\Users\Leandro ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Reader XI (11.0.03) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.) Attribute Changer 8.20 (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 8.20 - Romain Petges) AV121 (HKLM-x32\...\AV121) (Version: - ) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 12.1.2272 - AVAST Software) Brother MFL-Pro Suite DCP-8157DN (HKLM-x32\...\{37372D85-4945-4B6B-AC87-7BC5D1AB9F5C}) (Version: 2.0.1.0 - Brother Industries, Ltd.) Brother MFL-Pro Suite MFC-8890DW (HKLM-x32\...\{004B8D14-7E3A-490A-ABB3-753535E169E3}) (Version: 1.0.5.0 - Brother Industries, Ltd.) CAT VERSÃO 4.0 (HKLM-x32\...\CAT 4.0_mp1) (Version: - DATAPREV) CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform) Combat Arms (HKLM-x32\...\Combat Arms) (Version: - ) Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation) CrazyTalk Cam Suite PRO (HKLM-x32\...\{D1504C77-1B19-4AF0-8DEC-946666123B55}) (Version: 3.0 - Reallusion) CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DriverPack Solution Updater (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\DRPSu Updater) (Version: 0.0.25 - DriverPack Solution) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FWC Connection 1.0.5.0 (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\FWC Connection 1.0.5.0) (Version: - ) GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - ) Gerenciador de Downloads (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\0dd67a782103f089) (Version: 0.9.3.40 - Level Up! Gerenciador) GO-Global Client (HKLM-x32\...\{4EE4B3B1-39EC-42DB-9693-14EA20C0C48F}) (Version: 4.8.0.18673 - GraphOn Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) hppLaserJetService (x32 Version: 001.003.000145 - Hewlett-Packard) Hidden hppM1130M1210SeriesLaserJetService (x32 Version: 001.003.00073 - Hewlett-Packard) Hidden hppusgM1130M1210Series (x32 Version: 1.0.0.2 - Hewlett-Packard) Hidden HxD Hex Editor versão 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.0 - Receita Federal do Brasil) IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.4 - Receita Federal do Brasil) IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil) IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil) IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2017) (Version: 1.0 - Receita Federal do Brasil) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 9.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.5 - ) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden MeganaNuvem-Castellar versão v3-New DC (HKLM-x32\...\{D0227E75-F4AF-4BCB-BE5E-E7E2B349E87A}_is1) (Version: v3-New DC - FWC-CLOUD) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Motorola Bluetooth (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.12.285 - Motorola, Inc.) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - ) OpenVPN Client (HKLM-x32\...\{072A5217-8165-4AB7-8366-36CB3245DB60}) (Version: 1.5.6 - OpenVPN Technologies) PDF24 Creator 7.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden Sistema de Controle de qualidade (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\Sistema de Controle de qualidade) (Version: - ) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.) Software básico do dispositivo HP Deskjet 2050 J510 series (HKLM\...\{9C957F82-7EE0-423D-A386-587C9A4A83FB}) (Version: 22.50.231.0 - Hewlett-Packard Co.) Software básico do dispositivo HP Deskjet 3050 J610 series (HKLM\...\{477347C0-64CF-4E41-8D51-4EB47EEE6460}) (Version: 22.50.231.0 - Hewlett-Packard Co.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer) Unity Web Player (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden Video Downloader version 2.0 (HKLM-x32\...\Video Downloader_is1) (Version: 2.0 - ) Warsaw 1.14.2.35 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.14.2.35 - GAS Tecnologia) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Connection Plugin version 9.80.0.44 (HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\{51321E9A-0DEB-4ED3-B8D7-ABED7D2C4757}_is1) (Version: 9.80.0.44 - JWTS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}) (Version: 14.0.8089.726 - Microsoft Corporation) WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-3644643762-1090977706-553488109-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Leandro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-3644643762-1090977706-553488109-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Leandro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-3644643762-1090977706-553488109-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Leandro\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {127736E2-6E20-466E-AB52-BB40E514096F} - System32\Tasks\{F518AA19-C077-466E-A2F8-9658C18F464F} => pcalua.exe -a C:\Users\Leandro\Downloads\iGBPCEFsf.exe -d C:\Users\Leandro\Downloads Task: {1F6A00A6-5167-41B1-A289-D3B11DF8843E} - System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 => C:\Users\Leandro\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATENÇÃO Task: {286FA8E4-D958-4DDE-AFB5-2A1C22EEB038} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask => "%Systemdrive%\Office Activation Technologies\Install.cmd" Task: {39FF379A-46ED-4E56-9425-CBCB58D8FDCF} - System32\Tasks\{B5EC668B-46F0-4CBE-A2BB-4B0CC8050EED} => pcalua.exe -a "C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe" Task: {3C8BA6E9-60DE-4228-939F-83AFF9B7719C} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO Task: {428D6DB9-BF63-48AE-9998-EE925501C2BD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software) Task: {46E9DFEB-B1C4-48DD-A711-7DD81A8CAF53} - System32\Tasks\{4EEAEE10-E56C-484A-9DA6-83B661324462} => pcalua.exe -a C:\Users\Leandro\Downloads\Receitanet-1.04.exe -d C:\Users\Leandro\Downloads Task: {4EC01077-7183-4CE0-B2C4-0D16F4862284} - System32\Tasks\{C84498B0-1170-4413-8E43-FB9E631BB92A} => pcalua.exe -a "C:\Users\Leandro\Downloads\iGBPCEFsf (1).exe" -d C:\Users\Leandro\Desktop Task: {4EF46B6E-5F71-4FB7-9C86-60D92ECD4AA8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-11] (AVAST Software) Task: {69B72098-4659-411C-B4CD-22547A168455} - System32\Tasks\{1CD4C13D-293E-427E-8D5D-86F1809A9D1F} => Chrome.exe hxxps://ui.skype.com/ui/0/7.32.0.104/pt/abandoninstall?page=tsProgressBar Task: {6E492CCA-BE2E-49A9-8B18-1370867372FB} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO Task: {73D4B572-4EE8-47CC-9443-B313B05E0CF7} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2014-01-27] () Task: {76E47E36-68A8-403D-8FF5-F85735ED5F79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated) Task: {870AA6DB-340E-408D-BCBC-D0095BE7DD5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd) Task: {8D9FB103-C7C6-4C6D-89D6-3B5EB2D58472} - System32\Tasks\{8462E510-5026-492B-8426-F41EC6DF876C} => pcalua.exe -a "G:\VIVO INTERNET\Setup.exe" -d "G:\VIVO INTERNET" Task: {8E18A407-8D8C-4D77-82F3-FE371675C410} - System32\Tasks\{F3F9F90F-7431-425C-9512-B41270816006} => pcalua.exe -a C:\Users\Leandro\Downloads\Receitanet-1.05.exe -d C:\Users\Leandro\Downloads Task: {93F46729-DB7D-4607-9AB8-448BFAD118FB} - System32\Tasks\Run_Bobby_Browser => C:\Users\Leandro\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATENÇÃO Task: {9ECF214B-7F30-4B6E-9B38-D6CC801D8842} - System32\Tasks\crash_service => C:\Users\Leandro\AppData\Local\BoBrowser\Application\crash_service.exe <==== ATENÇÃO Task: {B23FCE2E-BF3E-49B0-A26F-9AE451214129} - System32\Tasks\{CEC161D8-A70E-45F8-8152-CF8E556576DE} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.73.106.456/pt/abandoninstall?page=tsWLM Task: {C056FC8B-809D-4E8B-9E92-CCE1E72661A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {CBB54974-B227-4F44-AF1E-8899658829C2} - System32\Tasks\SafeZone scheduled Autoupdate 1468264871 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software) Task: {D1B7BEC1-5678-4E2C-AE99-EC16C9A74C5A} - System32\Tasks\{D3508B0F-A8D2-4C42-A830-D2C33E76AD55} => Chrome.exe hxxp://ui.skype.com/ui/0/7.5.64.102/pt/abandoninstall?page=tsProgressBar Task: {E593E7B7-E0C9-42C3-8913-8DEEE53954E0} - System32\Tasks\{994A8097-6B42-48A6-8F56-7A51706A4ED9} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/pt/abandoninstall?page=tsProgressBar Task: {F1028E55-6970-43DB-B47C-269EF0B0DBFE} - System32\Tasks\{08F3C4AE-20FA-452A-A758-6CF2F846A742} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.59.103/pt/abandoninstall?page=tsMain Task: {FDFFFFD0-0A81-45CA-A34D-0E16725DADE4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Leandro\Desktop\Acesso Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Leandro\AppData\Local\Google\Chrome\User Data" --profile-directory="Profile 1" --app-id=jekaallldjdjoloogjoidclbnpckjifm ShortcutWithArgument: C:\Users\Leandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Acesso Web (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Leandro\AppData\Local\Google\Chrome\User Data" --profile-directory="Profile 1" --app-id=jekaallldjdjoloogjoidclbnpckjifm ShortcutWithArgument: C:\Users\Leandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Acesso Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Leandro\AppData\Local\Google\Chrome\User Data" --profile-directory="Profile 1" --app-id=jekaallldjdjoloogjoidclbnpckjifm ShortcutWithArgument: C:\Users\Leandro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Módulos Carregados (Whitelisted) ============== 2012-08-30 17:56 - 2012-07-31 11:31 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll 2014-04-16 01:22 - 2014-04-16 05:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll 2014-04-25 06:28 - 2010-03-31 10:51 - 00074240 ____N () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll 2014-03-19 08:37 - 2014-03-19 08:36 - 00277504 _____ () C:\ProgramData\KMSAuto\KMSES.exe 2010-08-12 17:45 - 2010-08-12 17:45 - 00024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe 2013-01-21 14:10 - 2005-04-22 12:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll 2012-08-29 15:33 - 2011-10-21 12:49 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-07-17 07:59 - 2015-07-09 13:58 - 00076800 _____ () C:\Windows\system32\CompatTel\CosQuery.dll 2016-07-11 13:31 - 2016-07-11 13:31 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-03-10 14:57 - 2017-03-10 14:57 - 05883392 _____ () C:\Program Files\AVAST Software\Avast\defs\17031001\algo.dll 2016-07-11 13:31 - 2016-07-11 13:31 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2009-07-05 06:35 - 2009-07-05 06:35 - 00028160 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\servicemanager.pyd 2009-07-05 06:35 - 2009-07-05 06:35 - 00110592 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pywintypes26.dll 2009-07-05 06:35 - 2009-07-05 06:35 - 00041472 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32service.pyd 2009-07-05 06:35 - 2009-07-05 06:35 - 00096256 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32api.pyd 2009-10-26 09:27 - 2009-10-26 09:27 - 00153088 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyexpat.pyd 2009-10-26 09:25 - 2009-10-26 09:25 - 00040448 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_socket.pyd 2009-10-26 09:25 - 2009-10-26 09:25 - 00645120 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ssl.pyd 2010-03-16 13:05 - 2010-03-16 13:05 - 00020480 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\zope.interface._zope_interface_coptimizations.pyd 2009-10-26 09:27 - 2009-10-26 09:27 - 00311808 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_hashlib.pyd 2009-10-26 09:25 - 2009-10-26 09:25 - 00073728 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ctypes.pyd 2009-10-26 09:27 - 2009-10-26 09:27 - 00011776 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\select.pyd 2010-05-05 13:44 - 2010-05-05 13:44 - 00010752 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.rand.pyd 2010-05-05 13:44 - 2010-05-05 13:44 - 00051200 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.crypto.pyd 2010-05-05 13:44 - 2010-05-05 13:44 - 00039936 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.SSL.pyd 2009-07-05 06:35 - 2009-07-05 06:35 - 00036352 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32process.pyd 2010-05-05 13:43 - 2010-05-05 13:43 - 00008192 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\twisted.protocols._c_urlarg.pyd 2009-07-05 06:35 - 2009-07-05 06:35 - 00110592 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32security.pyd 2009-07-05 06:35 - 2009-07-05 06:35 - 00017920 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32event.pyd 2009-07-06 04:16 - 2009-07-06 04:16 - 00111104 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32file.pyd 2009-07-05 06:35 - 2009-07-05 06:35 - 00024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32pipe.pyd 2016-07-11 13:31 - 2016-07-11 13:31 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-02-07 11:20 - 2017-02-01 05:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-07 11:20 - 2017-02-01 05:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\Windows\System32:1DE39065_Bb.gbp [2] AlternateDataStreams: C:\Windows\System32:1DE39065_Cef.gbp [2] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410] AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10] AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\bb.com.br -> aapj.bb.com.br IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-3644643762-1090977706-553488109-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 22:34 - 2015-02-12 06:11 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3644643762-1090977706-553488109-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Leandro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MonitorCloud.lnk => C:\Windows\pss\MonitorCloud.lnk.CommonStartup MSCONFIG\startupreg: FWC Connection => "C:\Users\Leandro\FWC Connection\FWCConnection.exe" -Start MSCONFIG\startupreg: OneDrive => "C:\Users\Leandro\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{84F5C155-A233-4975-93FB-1D09B89A6A60}] => (Allow) svchost.exe FirewallRules: [{BE82B473-5FC1-4115-9508-E2AFA8FCB7B9}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{9B3AA208-A5C2-4A80-9B07-945B22B71421}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{8FF2107E-6D76-489C-BB83-FA31DEBB5E6C}] => (Allow) LPort=2869 FirewallRules: [{3EBADD57-8518-4F64-8112-D01506EA7274}] => (Allow) LPort=1900 FirewallRules: [{1DF22629-B649-4492-A340-649644DC5EC2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{6CEC5158-A637-481D-B793-1B0E3F19DBC6}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe FirewallRules: [{68516D0C-67F2-48A0-ACC2-5E37F30F72A7}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe FirewallRules: [{F31880FE-8C20-4E05-BDE9-962A02342EC1}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{8098885C-1892-4E92-9DB9-49438413A316}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{58F5244D-7A4A-4A56-86DB-38A562C15575}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [{B568C77E-EE59-4F1F-98A7-191EA16DC389}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [{15C6C82A-2642-416E-87AD-768A6C0E975C}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08i\FAXRX.exe FirewallRules: [{A3902360-3D0A-48D2-BC83-91187362C8BF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08i\FAXRX.exe FirewallRules: [{94739CAC-F920-49CE-A277-7A8933DE4258}] => (Allow) LPort=54925 FirewallRules: [{9FF9CDB0-DB58-4C5B-A888-34CF9C2ADBA3}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe FirewallRules: [{85A2EC63-1ECB-4150-8980-38AC0573A1E6}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe FirewallRules: [{A2DDC051-FE37-4C14-902F-3F3511BBD3E2}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [{6C8D47BE-8E3E-4A58-814C-C92810E6687A}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [GO-Global Client Launcher-Out-UDP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe FirewallRules: [GO-Global Client Launcher-In-TCP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe FirewallRules: [GO-Global Client Launcher-Out-TCP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe FirewallRules: [GO-Global Client Launcher-In-UDP] => (Allow) C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe FirewallRules: [TCP Query User{054FFF73-5DD0-4CC1-9A76-6861085F8FF1}C:\level up! games\combat arms\engine.exe] => (Allow) C:\level up! games\combat arms\engine.exe FirewallRules: [UDP Query User{4C45F2EE-2DC0-4E60-A77D-9E18AFE0932C}C:\level up! games\combat arms\engine.exe] => (Allow) C:\level up! games\combat arms\engine.exe FirewallRules: [{34077BAB-49BF-437F-A026-F7E8BFB9DCE5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1F6582E0-100C-4F52-A1B3-09760383C272}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{42A467AC-4829-4233-845E-7FCCBC852C30}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{728A2646-4556-4A9D-B618-C236572E806E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{43520B69-0D5E-4067-8B98-459B0C1D453F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{2A35DE1F-B887-44E9-92E7-771B033254D9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{05143421-8922-411F-B7D6-DCDEBD8807F0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{065FE0FD-4F8E-4A38-8A70-404B86650865}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{29EB3FF6-BF52-4534-9AFF-B98DB04066EE}] => (Allow) C:\Users\Leandro\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{7478CE02-9ED8-406F-9DF6-A61ACE750E56}] => (Allow) C:\Users\Leandro\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{01060B6E-CB5B-4B53-A3AB-5A36F5F31C21}] => (Allow) LPort=1688 FirewallRules: [{653946AA-7E4C-4BFA-8643-5A5A5CC14585}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{7569709C-B582-4397-8F74-9FCC911974B1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{3B15EFFA-2031-466C-B6CE-14306CA7E48E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{94355CBB-0859-42A2-BFDC-44D839EAB17E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{EE25D611-8F3E-4557-B1DB-E113AD095769}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{DAC13AE9-422F-4CDC-99D3-9355DA49714D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{FF177318-2042-4954-9DD1-24601FEA9A03}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{4448EFC2-41B4-4CF3-B9CE-32C384681822}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [TCP Query User{C1247EA4-90F6-450F-87F6-B938AEAA6ADE}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{D2F9193B-1EA0-4C0D-92C9-8DC3A784983C}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [{3AC84A79-C9FF-4D96-AC0B-0886405F41F6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe DomainProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\CombatArms.exe] => :*Enabled:CombatArms.exe DomainProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\Engine.exe] => :*Enabled:Engine.exe DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe] => Enabled:GO-Global Client Launcher StandardProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\CombatArms.exe] => :*Enabled:CombatArms.exe StandardProfile\AuthorizedApplications: [C:\Level Up! Games\Combat Arms\Engine.exe] => :*Enabled:Engine.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\GraphOn\GO-Global\Client\clientlauncher.exe] => Enabled:GO-Global Client Launcher ==================== Pontos de Restauração ========================= 18-02-2017 07:02:57 Ponto de Verificação Agendado 25-02-2017 07:31:43 Windows Update 06-03-2017 09:01:35 Ponto de Verificação Agendado 07-03-2017 15:05:02 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 08-03-2017 10:05:48 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 08-03-2017 11:28:58 Removed Skype™ 7.33 08-03-2017 11:30:01 Removed Skype Web Plugin 08-03-2017 11:33:32 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 09-03-2017 06:17:44 Removed Skype™ 7.33 09-03-2017 09:49:28 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Realtek PCIe GBE Family Controller Description: Realtek PCIe GBE Family Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: RTL8169 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Controlador de barramento SM Description: Controlador de barramento SM Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Controlador de aquisição de dados e processamento de sinal PCI Description: Controlador de aquisição de dados e processamento de sinal PCI Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Adaptador de Miniporta WiFi Virtual da Microsoft Description: Adaptador de Miniporta WiFi Virtual da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Adaptador de Túnel Teredo da Microsoft Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: avast! SecureLine TAP Adapter v3 Description: avast! SecureLine TAP Adapter v3 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: aswTap Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/11/2017 07:12:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT) Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro. Error: (03/11/2017 07:12:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT) Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados. Error: (03/11/2017 07:12:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT) Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados. Error: (03/10/2017 02:33:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT) Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro. Error: (03/10/2017 02:33:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT) Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados. Error: (03/10/2017 02:33:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT) Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados. Error: (03/10/2017 09:31:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT) Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro. Error: (03/10/2017 09:31:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT) Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados. Error: (03/10/2017 09:31:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT) Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados. Error: (03/10/2017 09:29:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT) Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro. Erros de Sistema: ============= Error: (03/11/2017 07:14:59 AM) (Source: iaStor) (EventID: 9) (User: ) Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite. Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (03/11/2017 07:08:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (03/11/2017 07:08:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (03/11/2017 07:08:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (03/11/2017 07:07:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. CodeIntegrity: =================================== Date: 2017-03-11 07:08:15.122 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddprm.sys because the set of per-page image hashes could not be found on the system. Date: 2017-03-11 07:07:50.116 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\GbPlugin\wsftprp64.sys because the set of per-page image hashes could not be found on the system. Date: 2017-03-11 07:07:49.710 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbprcm64.sys because the set of per-page image hashes could not be found on the system. Date: 2017-03-11 07:06:09.194 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system. Date: 2017-03-11 07:05:32.549 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2017-03-11 07:05:32.424 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2017-03-10 06:54:26.570 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddprm.sys because the set of per-page image hashes could not be found on the system. Date: 2017-03-10 06:54:06.680 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\GbPlugin\wsftprp64.sys because the set of per-page image hashes could not be found on the system. Date: 2017-03-10 06:54:06.399 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbprcm64.sys because the set of per-page image hashes could not be found on the system. Date: 2017-03-10 06:52:46.157 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz Percentagem de memória em uso: 58% RAM física total: 8038.5 MB RAM física disponível: 3354.71 MB Virtual Total: 16075.21 MB Virtual disponível: 11630.54 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:273.53 GB) NTFS ==================== MBR & Tabela de Partições ================== ==================== Fim de Addition.txt ============================