Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 07-12-2016
Executado por MD1 (16-12-2016 16:41:58)
Executando a partir de C:\Users\MD1\Downloads
Windows 7 Professional (X64) (2016-04-06 19:54:51)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3812218261-3367438231-1600833196-500 - Administrator - Enabled) => C:\Users\Administrador
Caroline Pinho (S-1-5-21-3812218261-3367438231-1600833196-1001 - Administrator - Enabled) => C:\Users\Caroline Pinho
Convidado (S-1-5-21-3812218261-3367438231-1600833196-501 - Limited - Disabled)
MD1 (S-1-5-21-3812218261-3367438231-1600833196-1002 - Administrator - Enabled) => C:\Users\MD1
WP (S-1-5-21-3812218261-3367438231-1600833196-1000 - Administrator - Enabled) => C:\Users\WP
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader 9.3 - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
Aplicativo Itaú (HKLM-x32\...\{3DB32008-4479-49E3-886B-CD502BF4291E}) (Version: 1.0.76 - Banco Itaú)
Assistente de Conexão do Windows Live (HKLM-x32\...\{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Bradesco (Departamento de Seguranca Corporativa))
F-117A Nighthawk Stealth Fighter 2.0 (HKLM\...\Steam App 328920) (Version: - MicroProse Software, Inc.)
F-19 Stealth Fighter (HKLM\...\Steam App 347250) (Version: - MicroProse Software, Inc)
Ferramenta de Carregamento do Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
FromDocToPDF Internet Explorer Homepage and New Tab (HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\FromDocToPDFTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATENÇÃO
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hospital Tycoon (HKLM\...\Steam App 11590) (Version: - Deep Red Limited)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-3812218261-3367438231-1600833196-1002\...\Kodi) (Version: - XBMC-Foundation)
Leviathan: Warships (HKLM\...\Steam App 202270) (Version: - Pieces Interactive)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.469.2 - McAfee, Inc.)
Medieval II: Total War (HKLM\...\Steam App 4700) (Version: - The Creative Assembly)
MEDIEVAL: Total War™ - Gold Edition (HKLM\...\Steam App 345260) (Version: - Creative Assembly)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office com Clique para Executar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Português (Brasil) (HKLM-x32\...\{90140011-0066-0416-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pt-BR)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Sid Meier's Pirates! (HKLM\...\Steam App 3920) (Version: - Firaxis Games)
Sid Meier's Starships (HKLM\...\Steam App 282210) (Version: - Firaxis Games)
Spotify (HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UFO: Extraterrestrials Gold (HKLM\...\Steam App 37030) (Version: - Chaos Concept)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Video Convert Internet Explorer Homepage and New Tab (HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\Video ConvertTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATENÇÃO
Warsaw 1.13.0.525 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.13.0.525 - GAS Tecnologia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version: - Firaxis Games)
X-COM: Terror from the Deep (HKLM\...\Steam App 7650) (Version: - MicroProse Software, Inc)
X-COM: UFO Defense (HKLM\...\Steam App 7760) (Version: - MicroProse Software, Inc)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {15772911-6FF4-4D8C-AF7F-0C723FF252E6} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2016-05-12] ()
Task: {2A35D0D9-913C-4F82-8761-B415FB01B99A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
Task: {52D76CCF-A527-4A2F-ACD5-0EBC6CC8F43A} - System32\Tasks\{51072BEE-12B4-4051-9701-9E38388B3E6F} => pcalua.exe -a C:\Users\WP\Downloads\Install-WinUpt-v1.2223.exe -d C:\Users\WP\Downloads
Task: {CF0E2EA4-AD5E-4FE8-A9CD-5CA49749BB95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\AppleTV AirPlay Remote.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mkpajhmkokbofklfighdhlbkmjimaekg
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Telegram.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=clhhggbfdinjmjhajaheehoeibfljjno
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\WifiTransfer - Instant wireless file transfer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ebmnhcblgohjilfjffdkfikgpakhgajc
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Área de trabalho remota do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Módulos Carregados (Whitelisted) ==============
2016-05-05 18:30 - 2015-03-12 00:43 - 00022528 _____ () C:\Windows\System32\us003lm.dll
2016-12-06 14:49 - 2016-12-06 14:49 - 02841920 ____H () c:\windows\syswow64\srts\wmipr.exe
2016-12-06 14:49 - 2016-12-06 14:48 - 09678656 ____H () c:\windows\system32\wnba\csrss.exe
2016-12-06 14:49 - 2016-12-06 14:49 - 04397376 ____H () c:\windows\system32\resmon\csvc.exe
2016-12-06 14:49 - 2016-12-06 14:49 - 03995968 ____H () c:\windows\system32\systsk\age.exe
2016-12-06 14:49 - 2016-12-06 14:49 - 02793792 ____H () c:\windows\syswow64\cksvc\apwrk.exe
2016-04-06 18:13 - 2012-08-23 06:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-04-06 18:19 - 2012-08-16 19:04 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2016-04-06 18:19 - 2012-08-16 19:04 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2010-02-28 03:33 - 2010-02-28 03:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2016-12-14 21:57 - 2016-12-08 06:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 21:57 - 2016-12-08 06:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-13 11:28 - 2016-12-13 11:28 - 31164504 _____ () C:\Users\MD1\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
2016-05-05 18:30 - 2015-09-10 17:31 - 01676592 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\us003du.dll
2016-05-05 18:30 - 2015-03-12 00:42 - 01533440 _____ () C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\US003UM.DLL
2016-12-06 14:49 - 2016-12-06 14:49 - 00657773 _____ () c:\windows\syswow64\srts\db.dll
2016-04-06 18:15 - 2012-06-25 00:41 - 01198912 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:95C92311_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:95C92311_Cef.gbp [2]
AlternateDataStreams: C:\Windows\System32:95C92311_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2030]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2166]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DpsiBSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SL2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpsiBSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SL2Svc => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-500\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-500\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-500\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2016-12-15 20:32 - 00000853 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\WP\AppData\Local\bsdw.jpg
HKU\S-1-5-21-3812218261-3367438231-1600833196-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3812218261-3367438231-1600833196-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrador\AppData\Local\bsdw.jpg
DNS Servers: 177.38.102.33 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F1696645-3015-4E14-817C-53571B9F8C10}] => C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{211FDAB8-DE5B-4954-B16B-1673DE34EF29}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A67CDC96-C9AD-4EDC-9090-63C739BCC87F}] => svchost.exe
FirewallRules: [{0260B88F-9D80-412F-AB5C-3CA4A848ABD1}] => C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{BFF45816-304E-475E-B8BC-B68C1E69BC16}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C545434A-1EED-4DFE-B121-9846E5D249AA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{55F39D6C-3CB3-4BE7-924D-0F6E05C5F65B}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{673EFE4D-34B5-4ECF-ABE2-02E27BBD73EF}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2BC1FB46-47BB-40C8-AC60-B2E1BD04E0C3}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BCDABAB2-D382-4EB4-8C45-147E5D1C2FE5}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{04C42FCB-33BD-4666-A3A5-5854FD0F7458}] => C:\Program Files (x86)\Steam\steamapps\common\F-19 Stealth Fighter\dosbox_windows\dosbox.exe
FirewallRules: [{447B204D-196D-4603-B0C7-18936952179A}] => C:\Program Files (x86)\Steam\steamapps\common\F-19 Stealth Fighter\dosbox_windows\dosbox.exe
FirewallRules: [{3514AE08-0CA5-40E2-9BD2-1F1E3C0BCD1B}] => C:\Program Files (x86)\Steam\steamapps\common\F-19 Stealth Fighter\dosbox_windows\daum\dosbox.exe
FirewallRules: [{FD4754F2-6E12-4716-BD20-C3C8C1EF8924}] => C:\Program Files (x86)\Steam\steamapps\common\F-19 Stealth Fighter\dosbox_windows\daum\dosbox.exe
FirewallRules: [{3F748068-05BB-4AFF-BB4F-66B9134C2FDA}] => C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{834778D4-2B6F-4EA9-B2D5-04DD898A8121}] => C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{B76212D6-1FD9-47DE-B16C-F7993DF90560}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{0345F65B-7F69-43CF-AFA1-B3612BDDA361}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{E99897F3-A241-4907-8E69-3B195220D6DD}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5CFFFE06-04BE-48CF-8A80-568BE3A8F4F0}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4BA92752-88E0-498A-A1CB-FB53C720516F}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1713E355-ABF9-4901-A540-25876276AC19}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FC9CBE78-59CE-4732-B84C-C5D438BC2694}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E08D832-C53D-4513-8F20-72B4129D9B34}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{05B2DA0E-35BF-4621-8CDB-346201879767}] => C:\Program Files (x86)\Steam\steamapps\common\Total War Medieval 1 Gold\launcher\launcher.exe
FirewallRules: [{C7EF3170-5A15-4C36-B59A-2A1F95B9D662}] => C:\Program Files (x86)\Steam\steamapps\common\Total War Medieval 1 Gold\launcher\launcher.exe
FirewallRules: [{6AA257ED-9604-47E7-B046-5E34C6B3DDB4}] => C:\Program Files (x86)\Steam\steamapps\common\X-COM Terror from the Deep\runme.exe
FirewallRules: [{A33EB08F-FBA8-48CD-A599-B75A3422652F}] => C:\Program Files (x86)\Steam\steamapps\common\X-COM Terror from the Deep\runme.exe
FirewallRules: [{2C5FF048-F0C6-452C-A15F-3A999C2CA92C}] => C:\Program Files (x86)\Steam\steamapps\common\X-COM Terror from the Deep\TFD\Terror From the Deep_patched.exe
FirewallRules: [{3017DCF0-229C-4F04-AFAC-D06769EBC5BA}] => C:\Program Files (x86)\Steam\steamapps\common\X-COM Terror from the Deep\TFD\Terror From the Deep_patched.exe
FirewallRules: [{2BFF8C5D-243B-4047-8DF3-95407B686AAB}] => C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\dosbox.exe
FirewallRules: [{48458E99-80CE-40D9-8260-A2C5121A9BF8}] => C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\dosbox.exe
FirewallRules: [{1AC318F9-43F1-4C04-B679-E1E2460144FE}] => C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe
FirewallRules: [{9EBF43FA-5FD6-4A1F-81A9-451DE4F0BE06}] => C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe
FirewallRules: [{55A6D9D2-AC7C-446C-8EA7-BA9034DBB9E2}] => C:\Program Files (x86)\Steam\steamapps\common\F-117A Nighthawk Stealth Fighter\dosbox_windows\dosbox.exe
FirewallRules: [{6E0BE505-48D2-46D6-8959-B56671A5AFC2}] => C:\Program Files (x86)\Steam\steamapps\common\F-117A Nighthawk Stealth Fighter\dosbox_windows\dosbox.exe
FirewallRules: [{0776F645-63C9-477D-83F5-DE18178D86CC}] => C:\Program Files (x86)\Steam\steamapps\common\F-117A Nighthawk Stealth Fighter\dosbox_windows\daum\dosbox.exe
FirewallRules: [{21A39A8F-D93C-4566-8EF6-A0DC845EC35A}] => C:\Program Files (x86)\Steam\steamapps\common\F-117A Nighthawk Stealth Fighter\dosbox_windows\daum\dosbox.exe
FirewallRules: [{701A4F69-E165-4379-B3FE-E916F8FAFC6C}] => C:\Program Files (x86)\Steam\steamapps\common\Hospital Tycoon\HospitalTycoon.exe
FirewallRules: [{379D0799-86D1-4107-9465-5B23FAA057ED}] => C:\Program Files (x86)\Steam\steamapps\common\Hospital Tycoon\HospitalTycoon.exe
FirewallRules: [{9F339B05-E95C-4BEE-8680-7860D4A2614E}] => C:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{8C8465D6-345C-4DBF-BAB5-324A7C44735E}] => C:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{44B2C854-FE6C-4228-83C9-037BF74DA6D0}] => C:\Program Files (x86)\Steam\steamapps\common\UFO Extraterrestrials Gold\UFO_ET.exe
FirewallRules: [{C81D22C4-1C14-45F7-B320-8A40559233A3}] => C:\Program Files (x86)\Steam\steamapps\common\UFO Extraterrestrials Gold\UFO_ET.exe
FirewallRules: [{83D7C84A-A905-4795-ABDE-DCA1372AB3B9}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{235A5A11-A450-4438-BF34-00F8159EDEFA}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{A8DF5A7B-15A3-4D2E-B7DD-6640BDB97D3F}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Starships\Starships64.exe
FirewallRules: [{E2F344AD-61AF-4743-8E00-748CF8B71959}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Starships\Starships64.exe
FirewallRules: [{AD799558-5342-4BE6-96C2-A23DB98057D7}] => C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{5CE783AC-34B0-4808-BF5E-C74C8EE15D06}] => C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{DABF8845-0F6B-4AA1-BB14-40C70B855C45}] => C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{BA1DB0AF-80E1-4BFD-8701-745BB98A23D4}] => C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [TCP Query User{850801CE-845D-401C-B762-EBFCF5EB27DF}C:\users\wp\appdata\roaming\spotify\spotify.exe] => C:\users\wp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A70A58C5-799A-474A-9EA6-629225D61322}C:\users\wp\appdata\roaming\spotify\spotify.exe] => C:\users\wp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{16A496A5-AE26-480F-8D04-E8BC576BC881}] => C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{AF263398-7335-45DB-8B2A-D899280407CB}C:\users\wp\appdata\roaming\spotify\spotify.exe] => C:\users\wp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C2D55E0A-20E3-4B9D-90F3-5E05119B13DD}C:\users\wp\appdata\roaming\spotify\spotify.exe] => C:\users\wp\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{24FF02FF-2F32-42A8-893D-5A528102C27F}C:\windows\system32\resmon\csvc.exe] => C:\windows\system32\resmon\csvc.exe
FirewallRules: [UDP Query User{F0F3FC91-E812-4D5C-8EF1-1F60373E77C2}C:\windows\system32\resmon\csvc.exe] => C:\windows\system32\resmon\csvc.exe
FirewallRules: [NETDIS-ND_DATAGRAM-In-TCP] => c:\windows\system32\wnba\csrss.exe
FirewallRules: [NETDIS-ND_DATAGRAM-In-TCPo] => c:\windows\system32\wnba\csrss.exe
FirewallRules: [NetRpcTo-WSD-In-TCP] => c:\windows\syswow64\srts\wmipr.exe
FirewallRules: [NETDIS-ND_NAME-In-TCP] => c:\windows\system32\resmon\csvc.exe
FirewallRules: [NETDIS-ND_CLOSE-In-TCP] => c:\program files\tnba\hl.exe
FirewallRules: [NETDIS-ND_FOUND-In-TCP] => c:\program files\tnba\sp.exe
FirewallRules: [{28A43885-2691-42DE-8345-2F5A0234BC57}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
25-11-2016 12:28:07 Ponto de Verificação Agendado
02-12-2016 20:29:43 Ponto de Verificação Agendado
10-12-2016 01:16:04 Ponto de Verificação Agendado
15-12-2016 06:51:13 Instalação de Pacote de Driver de Dispositivo: Diebold Network Monitor Serviço de Rede
16-12-2016 16:08:40 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
16-12-2016 16:19:56 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (12/16/2016 04:19:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 04:19:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 04:19:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 04:19:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 04:09:35 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 04:09:35 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 03:49:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 03:49:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 03:49:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 03:49:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Erros de Sistema:
=============
Error: (12/16/2016 04:04:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: O servidor {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} não se registrou com o DCOM dentro do tempo limite requerido.
Error: (12/15/2016 07:21:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Service Installer Wrapper TrueKey devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (12/15/2016 07:21:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Service Installer Wrapper TrueKey.
Error: (12/15/2016 06:47:51 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão Específico do aplicativo não concedem permissãoLocal Iniciar para o aplicativo de Servidor COM com CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
e APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
ao usuárioAUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/15/2016 06:46:31 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 06:19:50 às 15/12/2016 não era esperado.
Error: (12/15/2016 05:33:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 154 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (12/15/2016 04:33:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 153 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (12/15/2016 03:33:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 152 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (12/15/2016 02:33:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 151 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (12/15/2016 01:33:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 150 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Percentagem de memória em uso: 79%
RAM física total: 3990.63 MB
RAM física disponível: 837.59 MB
Virtual Total: 7979.41 MB
Virtual disponível: 2766.69 MB
==================== Drives ================================
Drive c: (Win7) (Fixed) (Total:465.76 GB) (Free:369.17 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================
Executado por MD1 (16-12-2016 16:41:58)
Executando a partir de C:\Users\MD1\Downloads
Windows 7 Professional (X64) (2016-04-06 19:54:51)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3812218261-3367438231-1600833196-500 - Administrator - Enabled) => C:\Users\Administrador
Caroline Pinho (S-1-5-21-3812218261-3367438231-1600833196-1001 - Administrator - Enabled) => C:\Users\Caroline Pinho
Convidado (S-1-5-21-3812218261-3367438231-1600833196-501 - Limited - Disabled)
MD1 (S-1-5-21-3812218261-3367438231-1600833196-1002 - Administrator - Enabled) => C:\Users\MD1
WP (S-1-5-21-3812218261-3367438231-1600833196-1000 - Administrator - Enabled) => C:\Users\WP
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader 9.3 - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
Aplicativo Itaú (HKLM-x32\...\{3DB32008-4479-49E3-886B-CD502BF4291E}) (Version: 1.0.76 - Banco Itaú)
Assistente de Conexão do Windows Live (HKLM-x32\...\{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Bradesco (Departamento de Seguranca Corporativa))
F-117A Nighthawk Stealth Fighter 2.0 (HKLM\...\Steam App 328920) (Version: - MicroProse Software, Inc.)
F-19 Stealth Fighter (HKLM\...\Steam App 347250) (Version: - MicroProse Software, Inc)
Ferramenta de Carregamento do Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
FromDocToPDF Internet Explorer Homepage and New Tab (HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\FromDocToPDFTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATENÇÃO
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hospital Tycoon (HKLM\...\Steam App 11590) (Version: - Deep Red Limited)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-3812218261-3367438231-1600833196-1002\...\Kodi) (Version: - XBMC-Foundation)
Leviathan: Warships (HKLM\...\Steam App 202270) (Version: - Pieces Interactive)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.469.2 - McAfee, Inc.)
Medieval II: Total War (HKLM\...\Steam App 4700) (Version: - The Creative Assembly)
MEDIEVAL: Total War™ - Gold Edition (HKLM\...\Steam App 345260) (Version: - Creative Assembly)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office com Clique para Executar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Português (Brasil) (HKLM-x32\...\{90140011-0066-0416-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pt-BR)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Sid Meier's Pirates! (HKLM\...\Steam App 3920) (Version: - Firaxis Games)
Sid Meier's Starships (HKLM\...\Steam App 282210) (Version: - Firaxis Games)
Spotify (HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UFO: Extraterrestrials Gold (HKLM\...\Steam App 37030) (Version: - Chaos Concept)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Video Convert Internet Explorer Homepage and New Tab (HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\Video ConvertTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATENÇÃO
Warsaw 1.13.0.525 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.13.0.525 - GAS Tecnologia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version: - Firaxis Games)
X-COM: Terror from the Deep (HKLM\...\Steam App 7650) (Version: - MicroProse Software, Inc)
X-COM: UFO Defense (HKLM\...\Steam App 7760) (Version: - MicroProse Software, Inc)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {15772911-6FF4-4D8C-AF7F-0C723FF252E6} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2016-05-12] ()
Task: {2A35D0D9-913C-4F82-8761-B415FB01B99A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
Task: {52D76CCF-A527-4A2F-ACD5-0EBC6CC8F43A} - System32\Tasks\{51072BEE-12B4-4051-9701-9E38388B3E6F} => pcalua.exe -a C:\Users\WP\Downloads\Install-WinUpt-v1.2223.exe -d C:\Users\WP\Downloads
Task: {CF0E2EA4-AD5E-4FE8-A9CD-5CA49749BB95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\AppleTV AirPlay Remote.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mkpajhmkokbofklfighdhlbkmjimaekg
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Telegram.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=clhhggbfdinjmjhajaheehoeibfljjno
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\WifiTransfer - Instant wireless file transfer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ebmnhcblgohjilfjffdkfikgpakhgajc
ShortcutWithArgument: C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Área de trabalho remota do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Módulos Carregados (Whitelisted) ==============
2016-05-05 18:30 - 2015-03-12 00:43 - 00022528 _____ () C:\Windows\System32\us003lm.dll
2016-12-06 14:49 - 2016-12-06 14:49 - 02841920 ____H () c:\windows\syswow64\srts\wmipr.exe
2016-12-06 14:49 - 2016-12-06 14:48 - 09678656 ____H () c:\windows\system32\wnba\csrss.exe
2016-12-06 14:49 - 2016-12-06 14:49 - 04397376 ____H () c:\windows\system32\resmon\csvc.exe
2016-12-06 14:49 - 2016-12-06 14:49 - 03995968 ____H () c:\windows\system32\systsk\age.exe
2016-12-06 14:49 - 2016-12-06 14:49 - 02793792 ____H () c:\windows\syswow64\cksvc\apwrk.exe
2016-04-06 18:13 - 2012-08-23 06:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-04-06 18:19 - 2012-08-16 19:04 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2016-04-06 18:19 - 2012-08-16 19:04 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2010-02-28 03:33 - 2010-02-28 03:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2016-12-14 21:57 - 2016-12-08 06:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 21:57 - 2016-12-08 06:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-13 11:28 - 2016-12-13 11:28 - 31164504 _____ () C:\Users\MD1\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
2016-05-05 18:30 - 2015-09-10 17:31 - 01676592 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\us003du.dll
2016-05-05 18:30 - 2015-03-12 00:42 - 01533440 _____ () C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\US003UM.DLL
2016-12-06 14:49 - 2016-12-06 14:49 - 00657773 _____ () c:\windows\syswow64\srts\db.dll
2016-04-06 18:15 - 2012-06-25 00:41 - 01198912 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:95C92311_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:95C92311_Cef.gbp [2]
AlternateDataStreams: C:\Windows\System32:95C92311_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2030]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2166]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DpsiBSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SL2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpsiBSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SL2Svc => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-500\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-500\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-3812218261-3367438231-1600833196-500\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2016-12-15 20:32 - 00000853 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3812218261-3367438231-1600833196-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\WP\AppData\Local\bsdw.jpg
HKU\S-1-5-21-3812218261-3367438231-1600833196-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\MD1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3812218261-3367438231-1600833196-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrador\AppData\Local\bsdw.jpg
DNS Servers: 177.38.102.33 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F1696645-3015-4E14-817C-53571B9F8C10}] => C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{211FDAB8-DE5B-4954-B16B-1673DE34EF29}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A67CDC96-C9AD-4EDC-9090-63C739BCC87F}] => svchost.exe
FirewallRules: [{0260B88F-9D80-412F-AB5C-3CA4A848ABD1}] => C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{BFF45816-304E-475E-B8BC-B68C1E69BC16}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C545434A-1EED-4DFE-B121-9846E5D249AA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{55F39D6C-3CB3-4BE7-924D-0F6E05C5F65B}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{673EFE4D-34B5-4ECF-ABE2-02E27BBD73EF}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2BC1FB46-47BB-40C8-AC60-B2E1BD04E0C3}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BCDABAB2-D382-4EB4-8C45-147E5D1C2FE5}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{04C42FCB-33BD-4666-A3A5-5854FD0F7458}] => C:\Program Files (x86)\Steam\steamapps\common\F-19 Stealth Fighter\dosbox_windows\dosbox.exe
FirewallRules: [{447B204D-196D-4603-B0C7-18936952179A}] => C:\Program Files (x86)\Steam\steamapps\common\F-19 Stealth Fighter\dosbox_windows\dosbox.exe
FirewallRules: [{3514AE08-0CA5-40E2-9BD2-1F1E3C0BCD1B}] => C:\Program Files (x86)\Steam\steamapps\common\F-19 Stealth Fighter\dosbox_windows\daum\dosbox.exe
FirewallRules: [{FD4754F2-6E12-4716-BD20-C3C8C1EF8924}] => C:\Program Files (x86)\Steam\steamapps\common\F-19 Stealth Fighter\dosbox_windows\daum\dosbox.exe
FirewallRules: [{3F748068-05BB-4AFF-BB4F-66B9134C2FDA}] => C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{834778D4-2B6F-4EA9-B2D5-04DD898A8121}] => C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{B76212D6-1FD9-47DE-B16C-F7993DF90560}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{0345F65B-7F69-43CF-AFA1-B3612BDDA361}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{E99897F3-A241-4907-8E69-3B195220D6DD}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5CFFFE06-04BE-48CF-8A80-568BE3A8F4F0}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4BA92752-88E0-498A-A1CB-FB53C720516F}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1713E355-ABF9-4901-A540-25876276AC19}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FC9CBE78-59CE-4732-B84C-C5D438BC2694}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E08D832-C53D-4513-8F20-72B4129D9B34}] => C:\Users\WP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{05B2DA0E-35BF-4621-8CDB-346201879767}] => C:\Program Files (x86)\Steam\steamapps\common\Total War Medieval 1 Gold\launcher\launcher.exe
FirewallRules: [{C7EF3170-5A15-4C36-B59A-2A1F95B9D662}] => C:\Program Files (x86)\Steam\steamapps\common\Total War Medieval 1 Gold\launcher\launcher.exe
FirewallRules: [{6AA257ED-9604-47E7-B046-5E34C6B3DDB4}] => C:\Program Files (x86)\Steam\steamapps\common\X-COM Terror from the Deep\runme.exe
FirewallRules: [{A33EB08F-FBA8-48CD-A599-B75A3422652F}] => C:\Program Files (x86)\Steam\steamapps\common\X-COM Terror from the Deep\runme.exe
FirewallRules: [{2C5FF048-F0C6-452C-A15F-3A999C2CA92C}] => C:\Program Files (x86)\Steam\steamapps\common\X-COM Terror from the Deep\TFD\Terror From the Deep_patched.exe
FirewallRules: [{3017DCF0-229C-4F04-AFAC-D06769EBC5BA}] => C:\Program Files (x86)\Steam\steamapps\common\X-COM Terror from the Deep\TFD\Terror From the Deep_patched.exe
FirewallRules: [{2BFF8C5D-243B-4047-8DF3-95407B686AAB}] => C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\dosbox.exe
FirewallRules: [{48458E99-80CE-40D9-8260-A2C5121A9BF8}] => C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\dosbox.exe
FirewallRules: [{1AC318F9-43F1-4C04-B679-E1E2460144FE}] => C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe
FirewallRules: [{9EBF43FA-5FD6-4A1F-81A9-451DE4F0BE06}] => C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe
FirewallRules: [{55A6D9D2-AC7C-446C-8EA7-BA9034DBB9E2}] => C:\Program Files (x86)\Steam\steamapps\common\F-117A Nighthawk Stealth Fighter\dosbox_windows\dosbox.exe
FirewallRules: [{6E0BE505-48D2-46D6-8959-B56671A5AFC2}] => C:\Program Files (x86)\Steam\steamapps\common\F-117A Nighthawk Stealth Fighter\dosbox_windows\dosbox.exe
FirewallRules: [{0776F645-63C9-477D-83F5-DE18178D86CC}] => C:\Program Files (x86)\Steam\steamapps\common\F-117A Nighthawk Stealth Fighter\dosbox_windows\daum\dosbox.exe
FirewallRules: [{21A39A8F-D93C-4566-8EF6-A0DC845EC35A}] => C:\Program Files (x86)\Steam\steamapps\common\F-117A Nighthawk Stealth Fighter\dosbox_windows\daum\dosbox.exe
FirewallRules: [{701A4F69-E165-4379-B3FE-E916F8FAFC6C}] => C:\Program Files (x86)\Steam\steamapps\common\Hospital Tycoon\HospitalTycoon.exe
FirewallRules: [{379D0799-86D1-4107-9465-5B23FAA057ED}] => C:\Program Files (x86)\Steam\steamapps\common\Hospital Tycoon\HospitalTycoon.exe
FirewallRules: [{9F339B05-E95C-4BEE-8680-7860D4A2614E}] => C:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{8C8465D6-345C-4DBF-BAB5-324A7C44735E}] => C:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{44B2C854-FE6C-4228-83C9-037BF74DA6D0}] => C:\Program Files (x86)\Steam\steamapps\common\UFO Extraterrestrials Gold\UFO_ET.exe
FirewallRules: [{C81D22C4-1C14-45F7-B320-8A40559233A3}] => C:\Program Files (x86)\Steam\steamapps\common\UFO Extraterrestrials Gold\UFO_ET.exe
FirewallRules: [{83D7C84A-A905-4795-ABDE-DCA1372AB3B9}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{235A5A11-A450-4438-BF34-00F8159EDEFA}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{A8DF5A7B-15A3-4D2E-B7DD-6640BDB97D3F}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Starships\Starships64.exe
FirewallRules: [{E2F344AD-61AF-4743-8E00-748CF8B71959}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Starships\Starships64.exe
FirewallRules: [{AD799558-5342-4BE6-96C2-A23DB98057D7}] => C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{5CE783AC-34B0-4808-BF5E-C74C8EE15D06}] => C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{DABF8845-0F6B-4AA1-BB14-40C70B855C45}] => C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{BA1DB0AF-80E1-4BFD-8701-745BB98A23D4}] => C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [TCP Query User{850801CE-845D-401C-B762-EBFCF5EB27DF}C:\users\wp\appdata\roaming\spotify\spotify.exe] => C:\users\wp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A70A58C5-799A-474A-9EA6-629225D61322}C:\users\wp\appdata\roaming\spotify\spotify.exe] => C:\users\wp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{16A496A5-AE26-480F-8D04-E8BC576BC881}] => C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{AF263398-7335-45DB-8B2A-D899280407CB}C:\users\wp\appdata\roaming\spotify\spotify.exe] => C:\users\wp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C2D55E0A-20E3-4B9D-90F3-5E05119B13DD}C:\users\wp\appdata\roaming\spotify\spotify.exe] => C:\users\wp\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{24FF02FF-2F32-42A8-893D-5A528102C27F}C:\windows\system32\resmon\csvc.exe] => C:\windows\system32\resmon\csvc.exe
FirewallRules: [UDP Query User{F0F3FC91-E812-4D5C-8EF1-1F60373E77C2}C:\windows\system32\resmon\csvc.exe] => C:\windows\system32\resmon\csvc.exe
FirewallRules: [NETDIS-ND_DATAGRAM-In-TCP] => c:\windows\system32\wnba\csrss.exe
FirewallRules: [NETDIS-ND_DATAGRAM-In-TCPo] => c:\windows\system32\wnba\csrss.exe
FirewallRules: [NetRpcTo-WSD-In-TCP] => c:\windows\syswow64\srts\wmipr.exe
FirewallRules: [NETDIS-ND_NAME-In-TCP] => c:\windows\system32\resmon\csvc.exe
FirewallRules: [NETDIS-ND_CLOSE-In-TCP] => c:\program files\tnba\hl.exe
FirewallRules: [NETDIS-ND_FOUND-In-TCP] => c:\program files\tnba\sp.exe
FirewallRules: [{28A43885-2691-42DE-8345-2F5A0234BC57}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
25-11-2016 12:28:07 Ponto de Verificação Agendado
02-12-2016 20:29:43 Ponto de Verificação Agendado
10-12-2016 01:16:04 Ponto de Verificação Agendado
15-12-2016 06:51:13 Instalação de Pacote de Driver de Dispositivo: Diebold Network Monitor Serviço de Rede
16-12-2016 16:08:40 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
16-12-2016 16:19:56 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (12/16/2016 04:19:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 04:19:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 04:19:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 04:19:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 04:09:35 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 04:09:35 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 03:49:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 03:49:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 03:49:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (12/16/2016 03:49:48 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (368) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Erros de Sistema:
=============
Error: (12/16/2016 04:04:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: O servidor {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} não se registrou com o DCOM dentro do tempo limite requerido.
Error: (12/15/2016 07:21:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Service Installer Wrapper TrueKey devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (12/15/2016 07:21:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Service Installer Wrapper TrueKey.
Error: (12/15/2016 06:47:51 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão Específico do aplicativo não concedem permissãoLocal Iniciar para o aplicativo de Servidor COM com CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
e APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
ao usuárioAUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/15/2016 06:46:31 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 06:19:50 às 15/12/2016 não era esperado.
Error: (12/15/2016 05:33:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 154 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (12/15/2016 04:33:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 153 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (12/15/2016 03:33:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 152 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (12/15/2016 02:33:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 151 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (12/15/2016 01:33:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 150 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Percentagem de memória em uso: 79%
RAM física total: 3990.63 MB
RAM física disponível: 837.59 MB
Virtual Total: 7979.41 MB
Virtual disponível: 2766.69 MB
==================== Drives ================================
Drive c: (Win7) (Fixed) (Total:465.76 GB) (Free:369.17 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================