Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 17-12-2016
Executado por Murilo (19-12-2016 00:06:18)
Executando a partir de C:\Users\Murilo\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-04-29 13:03:56)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3751139926-2844582733-179673249-500 - Administrator - Disabled)
Convidado (S-1-5-21-3751139926-2844582733-179673249-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3751139926-2844582733-179673249-1002 - Limited - Enabled)
Murilo (S-1-5-21-3751139926-2844582733-179673249-1000 - Administrator - Enabled) => C:\Users\Murilo
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Adobe Shockwave Player + Authorware Web Player (HKLM-x32\...\Adobe Shockwave Player + Authorware Web Player) (Version: v12.0.6.147 - Adobe Systems, Inc.)
Age of Mythology: Extended Edition Tale of the Dragon (HKLM\...\YWdlb2ZteXRob2xvZ3lleHRlbmRlZGVkaXRpb24_is1) (Version: 1 - )
Akamai NetSession Interface (HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.427.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.80.218.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
SAM CoDeC Pack (HKLM\...\SAM CoDeC Pack) (Version: 5.30 - www.SamLab.ws)
Skype Web Plugin (HKLM-x32\...\{DFEFDADB-A98C-4AA0-BD7B-55CD4E554DC0}) (Version: 7.22.0.120 - Skype Technologies S.A.)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.2.13 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version: - )
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{070219A6-00C9-4147-A0A0-BA9518737749}\localserver32 -> C:\Users\Murilo\AppData\Local\SkypePlugin\7.22.0.120\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0001}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0001}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{9F48481E-98E0-49E0-9258-617102B357E7}\InprocServer32 -> C:\Users\Murilo\AppData\Local\SkypePlugin\7.22.0.120\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Murilo\AppData\Local\SkypePlugin\7.22.0.120\EdgeCalling.exe (Skype Technologies S.A.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {05BC3194-BCDE-4931-AD7F-F7D5F77A5C2D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3751139926-2844582733-179673249-1000UA => C:\Users\Murilo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-10] (Facebook Inc.)
Task: {1593FC31-BF47-4CCA-99B4-FD95F4E62C64} - System32\Tasks\{C09C70AB-2C81-4B9F-88A0-16C45262F7E0} => pcalua.exe -a C:\Users\Murilo\Downloads\Receitanet-1.07.exe -d C:\Users\Murilo\Downloads
Task: {35C98DFD-DB24-4D6D-8E1A-2A1CFB993148} - System32\Tasks\{334AED7D-7E7E-46A9-B562-4681657AD41F} => pcalua.exe -a "C:\Users\Murilo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C0UHJPGH\iGBPCEFgb.exe" -d C:\Users\Murilo\Desktop
Task: {6803250A-41DA-4435-BFEF-21D184F13828} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {9023845B-534D-4AAC-9794-78422CDA2A2C} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {9210DDFD-B9CA-4AD9-B0AE-C05B11D1EFB3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {9C52FB09-0F42-499E-8F84-F2CC4949A040} - System32\Tasks\{9B80EB57-2EF8-47CA-A765-5468F898741E} => pcalua.exe -a "C:\Users\Murilo\Downloads\iGBPCEFsf (1).exe" -d C:\Users\Murilo\Downloads
Task: {C2E82B15-0D96-4F2C-B98C-71D0AE969E37} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3751139926-2844582733-179673249-1000Core => C:\Users\Murilo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-10] (Facebook Inc.)
Task: {CB64A6F5-A7AA-4891-A5CB-D504B9E05F33} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D4C8DBCF-2B0D-467B-8BF1-7BA6E8433826} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3751139926-2844582733-179673249-1000Core.job => C:\Users\Murilo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3751139926-2844582733-179673249-1000UA.job => C:\Users\Murilo\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-12-13 21:43 - 2016-12-08 05:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-13 21:43 - 2016-12-08 05:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-13 02:21 - 2016-12-13 02:21 - 17833560 _____ () C:\Users\Murilo\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:1FC2A6E5_Abn.gbp [2]
AlternateDataStreams: C:\Windows\System32:1FC2A6E5_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:1FC2A6E5_Cef.gbp [2]
AlternateDataStreams: C:\Windows\System32:1FC2A6E5_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2166]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\.DEFAULT\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\bancoreal.com.br -> hxxp://www.bancoreal.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\bancosantander.com.br -> hxxp://www.bancosantander.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\bancosantander.com.br -> hxxps://www.bancosantander.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\realsecureweb.com.br -> hxxps://www.realsecureweb.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santander.com.br -> www.santander.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santander.com.br -> hxxp://www.santander.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santanderempresarial.com.br -> www.santanderempresarial.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santanderempresarial.com.br -> hxxp://www.santanderempresarial.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santandernet.com.br -> www.santandernet.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santandernet.com.br -> hxxps://www.santandernet.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santandernetibe.com.br -> www.santandernetibe.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santandernetibe.com.br -> hxxps://www.santandernetibe.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\secureweb.com.br -> hxxps://www.secureweb.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2016-12-16 09:24 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3751139926-2844582733-179673249-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Murilo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.11.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{6763549E-0E3C-4DBA-B654-DB4B35A673FC}] => C:\Users\Murilo\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{B7FB7FFA-72B3-4414-AFFB-F3888E49C394}] => C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{4D0D02DD-2EE3-4E4E-BCAA-E684F2276B91}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C737FD6D-8439-45A9-85B4-F51CDE33502F}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DF7BAEA4-424B-4E68-B3E9-2F10A57966BA}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F531E300-4046-494D-A449-67DCBF3B9D42}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E39C7F0-FB12-4A7E-B9B5-570678962BB4}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{503E0232-9AB5-4EC6-BA0E-98ABB3A142C0}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B1B0A5AA-CD29-4EAE-AF6D-6083CE3B948C}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D4B3E07C-9334-4654-AA90-9836511C9F85}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F4CB777F-9AFD-4311-B0A5-B644B5FCCF2E}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3B4EE8A4-B2C8-4193-BC40-44358AB8973F}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B0B62D9-A4DF-4378-9B28-2389DD003254}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B3A45B41-5806-4101-8EB6-E938C6BFB974}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{695589D6-5A60-47D8-B47E-E4E21113070F}] => LPort=49961
FirewallRules: [{26C6B304-E60F-44A1-85FB-C63BAC562C3D}] => LPort=5000
==================== Pontos de Restauração =========================
06-12-2016 21:08:52 Instalação de Pacote de Driver de Dispositivo: Diebold Network Monitor Serviço de Rede
14-12-2016 02:54:39 Ponto de Verificação Agendado
18-12-2016 22:20:53 Instalação de Pacote de Driver de Dispositivo: Disc Soft Ltd Controladores de armazenamento
18-12-2016 22:21:39 Instalação de Pacote de Driver de Dispositivo: Disc Soft Ltd Controladores USB (barramento serial universal)
18-12-2016 23:11:54 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660
18-12-2016 23:13:48 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24406
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (12/18/2016 11:50:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/18/2016 11:49:18 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Falha de ativação da licença do Windows. Erro 0x80070005.
Error: (12/18/2016 09:09:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12261
Error: (12/18/2016 09:09:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12261
Error: (12/18/2016 09:09:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/18/2016 09:09:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11107
Error: (12/18/2016 09:09:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11107
Error: (12/18/2016 09:09:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/18/2016 09:09:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10093
Error: (12/18/2016 09:09:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10093
Erros de Sistema:
=============
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentagem de memória em uso: 41%
RAM física total: 5581.67 MB
RAM física disponível: 3277.11 MB
Virtual Total: 11161.54 MB
Virtual disponível: 8455.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:341.06 GB) NTFS
Drive f: (AOMX: Tale) (CDROM) (Total:1.72 GB) (Free:0 GB) UDF
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================
Executado por Murilo (19-12-2016 00:06:18)
Executando a partir de C:\Users\Murilo\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-04-29 13:03:56)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3751139926-2844582733-179673249-500 - Administrator - Disabled)
Convidado (S-1-5-21-3751139926-2844582733-179673249-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3751139926-2844582733-179673249-1002 - Limited - Enabled)
Murilo (S-1-5-21-3751139926-2844582733-179673249-1000 - Administrator - Enabled) => C:\Users\Murilo
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Adobe Shockwave Player + Authorware Web Player (HKLM-x32\...\Adobe Shockwave Player + Authorware Web Player) (Version: v12.0.6.147 - Adobe Systems, Inc.)
Age of Mythology: Extended Edition Tale of the Dragon (HKLM\...\YWdlb2ZteXRob2xvZ3lleHRlbmRlZGVkaXRpb24_is1) (Version: 1 - )
Akamai NetSession Interface (HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.427.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.80.218.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
SAM CoDeC Pack (HKLM\...\SAM CoDeC Pack) (Version: 5.30 - www.SamLab.ws)
Skype Web Plugin (HKLM-x32\...\{DFEFDADB-A98C-4AA0-BD7B-55CD4E554DC0}) (Version: 7.22.0.120 - Skype Technologies S.A.)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.2.13 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version: - )
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{070219A6-00C9-4147-A0A0-BA9518737749}\localserver32 -> C:\Users\Murilo\AppData\Local\SkypePlugin\7.22.0.120\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0001}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0001}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Murilo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{9F48481E-98E0-49E0-9258-617102B357E7}\InprocServer32 -> C:\Users\Murilo\AppData\Local\SkypePlugin\7.22.0.120\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3751139926-2844582733-179673249-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Murilo\AppData\Local\SkypePlugin\7.22.0.120\EdgeCalling.exe (Skype Technologies S.A.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {05BC3194-BCDE-4931-AD7F-F7D5F77A5C2D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3751139926-2844582733-179673249-1000UA => C:\Users\Murilo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-10] (Facebook Inc.)
Task: {1593FC31-BF47-4CCA-99B4-FD95F4E62C64} - System32\Tasks\{C09C70AB-2C81-4B9F-88A0-16C45262F7E0} => pcalua.exe -a C:\Users\Murilo\Downloads\Receitanet-1.07.exe -d C:\Users\Murilo\Downloads
Task: {35C98DFD-DB24-4D6D-8E1A-2A1CFB993148} - System32\Tasks\{334AED7D-7E7E-46A9-B562-4681657AD41F} => pcalua.exe -a "C:\Users\Murilo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C0UHJPGH\iGBPCEFgb.exe" -d C:\Users\Murilo\Desktop
Task: {6803250A-41DA-4435-BFEF-21D184F13828} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {9023845B-534D-4AAC-9794-78422CDA2A2C} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {9210DDFD-B9CA-4AD9-B0AE-C05B11D1EFB3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {9C52FB09-0F42-499E-8F84-F2CC4949A040} - System32\Tasks\{9B80EB57-2EF8-47CA-A765-5468F898741E} => pcalua.exe -a "C:\Users\Murilo\Downloads\iGBPCEFsf (1).exe" -d C:\Users\Murilo\Downloads
Task: {C2E82B15-0D96-4F2C-B98C-71D0AE969E37} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3751139926-2844582733-179673249-1000Core => C:\Users\Murilo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-10] (Facebook Inc.)
Task: {CB64A6F5-A7AA-4891-A5CB-D504B9E05F33} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D4C8DBCF-2B0D-467B-8BF1-7BA6E8433826} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3751139926-2844582733-179673249-1000Core.job => C:\Users\Murilo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3751139926-2844582733-179673249-1000UA.job => C:\Users\Murilo\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-12-13 21:43 - 2016-12-08 05:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-13 21:43 - 2016-12-08 05:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-13 02:21 - 2016-12-13 02:21 - 17833560 _____ () C:\Users\Murilo\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:1FC2A6E5_Abn.gbp [2]
AlternateDataStreams: C:\Windows\System32:1FC2A6E5_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:1FC2A6E5_Cef.gbp [2]
AlternateDataStreams: C:\Windows\System32:1FC2A6E5_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2166]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\.DEFAULT\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\bancoreal.com.br -> hxxp://www.bancoreal.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\bancosantander.com.br -> hxxp://www.bancosantander.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\bancosantander.com.br -> hxxps://www.bancosantander.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\realsecureweb.com.br -> hxxps://www.realsecureweb.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santander.com.br -> www.santander.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santander.com.br -> hxxp://www.santander.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santanderempresarial.com.br -> www.santanderempresarial.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santanderempresarial.com.br -> hxxp://www.santanderempresarial.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santandernet.com.br -> www.santandernet.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santandernet.com.br -> hxxps://www.santandernet.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santandernetibe.com.br -> www.santandernetibe.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\santandernetibe.com.br -> hxxps://www.santandernetibe.com.br
IE trusted site: HKU\S-1-5-21-3751139926-2844582733-179673249-1000\...\secureweb.com.br -> hxxps://www.secureweb.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2016-12-16 09:24 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3751139926-2844582733-179673249-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Murilo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.11.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{6763549E-0E3C-4DBA-B654-DB4B35A673FC}] => C:\Users\Murilo\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{B7FB7FFA-72B3-4414-AFFB-F3888E49C394}] => C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{4D0D02DD-2EE3-4E4E-BCAA-E684F2276B91}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C737FD6D-8439-45A9-85B4-F51CDE33502F}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DF7BAEA4-424B-4E68-B3E9-2F10A57966BA}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F531E300-4046-494D-A449-67DCBF3B9D42}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E39C7F0-FB12-4A7E-B9B5-570678962BB4}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{503E0232-9AB5-4EC6-BA0E-98ABB3A142C0}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B1B0A5AA-CD29-4EAE-AF6D-6083CE3B948C}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D4B3E07C-9334-4654-AA90-9836511C9F85}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F4CB777F-9AFD-4311-B0A5-B644B5FCCF2E}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3B4EE8A4-B2C8-4193-BC40-44358AB8973F}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B0B62D9-A4DF-4378-9B28-2389DD003254}] => C:\Users\Murilo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B3A45B41-5806-4101-8EB6-E938C6BFB974}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{695589D6-5A60-47D8-B47E-E4E21113070F}] => LPort=49961
FirewallRules: [{26C6B304-E60F-44A1-85FB-C63BAC562C3D}] => LPort=5000
==================== Pontos de Restauração =========================
06-12-2016 21:08:52 Instalação de Pacote de Driver de Dispositivo: Diebold Network Monitor Serviço de Rede
14-12-2016 02:54:39 Ponto de Verificação Agendado
18-12-2016 22:20:53 Instalação de Pacote de Driver de Dispositivo: Disc Soft Ltd Controladores de armazenamento
18-12-2016 22:21:39 Instalação de Pacote de Driver de Dispositivo: Disc Soft Ltd Controladores USB (barramento serial universal)
18-12-2016 23:11:54 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660
18-12-2016 23:13:48 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24406
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (12/18/2016 11:50:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/18/2016 11:49:18 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Falha de ativação da licença do Windows. Erro 0x80070005.
Error: (12/18/2016 09:09:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12261
Error: (12/18/2016 09:09:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12261
Error: (12/18/2016 09:09:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/18/2016 09:09:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11107
Error: (12/18/2016 09:09:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11107
Error: (12/18/2016 09:09:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/18/2016 09:09:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10093
Error: (12/18/2016 09:09:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10093
Erros de Sistema:
=============
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (12/18/2016 11:54:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentagem de memória em uso: 41%
RAM física total: 5581.67 MB
RAM física disponível: 3277.11 MB
Virtual Total: 11161.54 MB
Virtual disponível: 8455.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:341.06 GB) NTFS
Drive f: (AOMX: Tale) (CDROM) (Total:1.72 GB) (Free:0 GB) UDF
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================