Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-03-2017
Executado por Renato (21-03-2017 15:09:01)
Executando a partir de C:\Users\Renato\Downloads
Windows 7 Ultimate (X64) (2015-06-24 16:44:23)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3989744648-3571885242-2210684081-500 - Administrator - Disabled)
Convidado (S-1-5-21-3989744648-3571885242-2210684081-501 - Limited - Enabled)
Renato (S-1-5-21-3989744648-3571885242-2210684081-1000 - Administrator - Enabled) => C:\Users\Renato
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Reader 9.3 - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{761B6C00-A23A-4F17-9D23-CB7E48307314}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - BR (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x32 Version: 16.1 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HPSSupply (x32 Version: 140.0.212.0 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Jogotempo version 5.0 (HKLM-x32\...\{B552B283-6EBC-457E-8187-01682C83F26C}_is1) (Version: 5.0 - ) <==== ATENÇÃO
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 2.0.713 - Kyocera Mita Corporation)
KYOCERA Status Monitor 4 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D16}) (Version: 4.1.3407 - KYOCERA Document Solutions Inc.)
Kyocera TWAIN Driver (HKLM-x32\...\InstallShield_{249E5A9C-3F72-49B1-B222-FEF550315CC5}) (Version: 1.7.0615 - Kyocera Mita)
Kyocera TWAIN Driver (x32 Version: 1.7.0615 - Kyocera Mita) Hidden
Kyocera TWAIN Driver (x32 Version: 2.0.1514 - KYOCERA Document Solutions Inc.) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3989744648-3571885242-2210684081-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 pt-BR)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30158 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
ScanSoft PaperPort 11 (HKLM-x32\...\{C0E5B596-4F4F-4A45-A679-153693101050}) (Version: 11.1.0.307 - Nuance Communications, Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Software de dispositivo do Chipset Intel® (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Renato\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Renato\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Renato\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Renato\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Renato\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Renato\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Renato\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1CEE2198-8667-49BC-AF1F-356E98922469} - System32\Tasks\KuaiZip_Update => C:\Program Files\¿ìѹ\X86\Update.exe [2017-03-21] (Shanghai Guangle Network Technology Ltd ) <==== ATENÇÃO
Task: {32999B49-7909-48C0-946D-61737F132B2B} - System32\Tasks\47o751o563t157 => Rundll32.exe "C:\ProgramData\47o751o563t157\47o751o563t157.dll",otWPQTje <==== ATENÇÃO
Task: {34C3E152-3778-4D63-B299-912667BA867B} - System32\Tasks\Stukatprjertion Update => C:\Program Files (x86)\Vehotherdreguty\xnmush.exe [2017-03-21] (Glarysoft Ltd)
Task: {53952A1E-B8FE-4821-8642-0B7FDD59C9BA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated)
Task: {562D57D8-E524-498A-A3F5-24DF8C8932F2} - System32\Tasks\Motupyanegcult Cache => C:\Program Files (x86)\Qejisyfank\xdrijot.exe [2017-03-21] (Glarysoft Ltd)
Task: {6007D9C6-4BDD-4D2C-9DD6-4F10C0E83CD3} - System32\Tasks\{CA5F38A2-BA0E-42A7-852A-90DC65B25F7C} => pcalua.exe -a "C:\Program Files\7LTGCYUNFZ\uninstaller.exe" -d "C:\Program Files\7LTGCYUNFZ"
Task: {7CF49F9B-C8C2-470F-B9E2-64C41094BE12} - System32\Tasks\{5B2EF4D7-B689-467E-B599-43B633463A9A} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {807F7ACB-8E9A-47D6-AB50-352D97313D14} - System32\Tasks\{898BE662-29B0-49C3-949D-73F206BE2086} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Windows Live\.cache\24db3e9b1d0dd1904\onedrivesetup.exe" -d "C:\Program Files (x86)\Common Files\Windows Live\.cache\24db3e9b1d0dd1904" -c C:\Program Files (x86)\Common Files\Windows Live\.cache\24db3e9b1d0dd1904\onedrivesetup.exe /silent /permachine /silent (a entrada de dados tem 69 mais caracteres).
Task: {9C5B455B-A6CE-4968-B3D0-455DCEAA9930} - System32\Tasks\{FF08FBC2-6458-4BE0-AFCB-B4D776CF518F} => pcalua.exe -a C:\Users\Renato\Downloads\GBPCEF.exe -d C:\Users\Renato\Downloads -c admin_service
Task: {AF153F75-35BB-4236-9FF7-D304D0E69C85} - System32\Tasks\{27CF2902-E889-0B48-0CFD-7205D36734C5} => C:\Users\Renato\AppData\Roaming\wincy\sync.exe
Task: {C4157637-0EBB-430C-A68E-D2143F43003D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-24] (Google Inc.)
Task: {C67EF8BF-598F-4098-BDD9-29361EA6BA9A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {C9A2F3D8-69BE-4CC2-9925-1F569ECE1E2C} - System32\Tasks\Ckibugh => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=WDCXWD5000AAKX-08U6AA0_WD-WCC2EX78323383233&v=20170321 /q <==== ATENÇÃO
Task: {CA8552E2-787F-459F-92BD-37AD073D26D9} - System32\Tasks\osTip => Chrome.exe <==== ATENÇÃO
Task: {D34ECB37-68C7-4FF7-AA02-85B72E1D79BC} - System32\Tasks\mG41sVNMLM => C:\Program Files (x86)\jsXuLWuidd\updengine.exe [2017-03-13] () <==== ATENÇÃO
Task: {D440D320-D3D3-4ABA-B0EC-501C5ABD76E4} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {DD1F8A83-35FA-4C2A-96AA-0134DC257A0C} - System32\Tasks\47o751o563t157-dll => Rundll32.exe "C:\ProgramData\47o751o563t157\47o751o563t157.dll",otWPQTje
Task: {EA422E2F-0B53-4A7F-A31D-CE23B4239483} - System32\Tasks\Microsoft\Windows\Media Center\RegisterObject => C:\\ProgramData\\RegisterObject\\RegisterObject.exe [2017-03-20] () <==== ATENÇÃO
Task: {FCEAFE40-98BF-410E-B09C-72E066A07962} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-24] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\{27CF2902-E889-0B48-0CFD-7205D36734C5}.job => C:\Users\Renato\AppData\Roaming\wincy\sync.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.123rede.com?oem=sv1&uid=WD-WCC2EX783233_WDCWD5000AAKX-08U6AA0&tm=1490115698 --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> www.123rede.com?oem=sv1&uid=WD-WCC2EX783233_WDCWD5000AAKX-08U6AA0&tm=1490115698
==================== Módulos Carregados (Whitelisted) ==============
2015-12-16 11:39 - 2014-06-26 19:10 - 00595456 _____ () C:\Program Files (x86)\DoroPDFWriter\Doro.dll
2017-03-21 14:02 - 2017-03-21 14:02 - 00307712 _____ () C:\Program Files (x86)\Stukatprjertion Update\local64spl.dll
2017-03-21 13:57 - 2017-03-21 13:57 - 01620992 _____ () C:\ProgramData\service.exe
2015-06-24 14:51 - 2015-06-24 14:50 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2015-06-24 14:51 - 2015-06-24 14:50 - 00151552 _____ () C:\Windows\KMService.exe
2017-03-21 13:57 - 2017-03-21 13:57 - 00177152 _____ () C:\Windows\svchost.exe
2017-03-21 13:57 - 2017-03-21 13:57 - 01466213 _____ () C:\Windows\csrss.exe
2017-03-21 13:56 - 2016-11-10 04:19 - 05091840 _____ () C:\Users\Renato\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
2017-03-21 13:57 - 2014-03-22 15:18 - 03100672 _____ () C:\ProgramData\47o751o563t157\47o751o563t157.dll
2017-03-21 14:46 - 2017-03-21 14:46 - 00214016 _____ () C:\Windows\TEMP\g7A8D.tmp.exe
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2017-03-21 14:00 - 2017-03-21 14:00 - 00524696 _____ () C:\Program Files\¿ìѹ\X64\KZipShell.dll
2015-06-24 14:01 - 2014-01-23 06:35 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-03-21 13:57 - 2017-03-21 13:57 - 02072064 _____ () C:\Users\Renato\AppData\Local\Temp\00009360\msiql.exe
2017-03-21 12:56 - 2017-03-21 10:18 - 120090112 _____ () C:\Users\Renato\AppData\Local\LikeToles01a\MCHromptoolz0.exe
2017-03-21 14:47 - 2017-03-21 14:47 - 03531776 _____ () C:\Windows\TEMP\g6106.tmp
2017-03-21 14:00 - 2017-03-21 14:00 - 00219032 _____ () c:\program files\¿ìñ¹\x86\kuaizipupdatechecker.dll
2017-03-13 17:46 - 2017-03-13 17:46 - 01009152 _____ () C:\Program Files (x86)\jsXuLWuidd\kl.dll
2017-03-21 13:56 - 2016-03-06 04:40 - 00083456 _____ () C:\Users\Renato\AppData\Roaming\WMPNetworkAcSvc\Interface.dll
2017-03-21 12:44 - 2017-03-21 12:44 - 02145792 _____ () C:\Users\Renato\AppData\Roaming\c4dRcR\dbghelp.dll
- - 00000000 _____ () C:\Users\Renato\AppData\Roaming\c4dRcR\JO5Urp.dll:dGdLpRi8
2017-03-21 14:46 - 2017-03-21 14:46 - 03765248 _____ () C:\Windows\TEMP\g4D73.tmp
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-02-07 07:58 - 2017-02-01 06:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 07:58 - 2017-02-01 06:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\System32:A171AC58_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2166]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000\...\internet-explorer-config.com -> internet-explorer-config.com
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2017-03-21 14:08 - 00001721 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3989744648-3571885242-2210684081-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: wuauserv => 2
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{8E4EC827-FAEE-4F70-BC55-00364973A644}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{4EA8C53C-27D1-459A-9CDF-B299E14AAAB1}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{A447CDD5-02A1-44EB-AD74-AF1BB43D59D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3438801C-4444-4AA3-84FB-E4B947DBB644}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{08D4A4D1-B556-4EA2-8212-F60A526FEF83}C:\users\renato\desktop\aa_v3.1.exe] => (Block) C:\users\renato\desktop\aa_v3.1.exe
FirewallRules: [UDP Query User{FE5EE235-DD96-4A22-AE50-41D7E712CC36}C:\users\renato\desktop\aa_v3.1.exe] => (Block) C:\users\renato\desktop\aa_v3.1.exe
FirewallRules: [{615395E2-8AD0-4B24-9683-7B01DD6BBBBF}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{1F613E4A-E602-4F8E-9AB9-090A14CBD1EE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A6C63288-ABDE-48A1-B3EA-E1578367D8F8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E6BCE3B-2114-4AD2-A2AC-024FB6F44329}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9ECAD9B8-08D6-4652-8D24-5BA0A1BD0347}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4A9E189B-4B30-4BC3-B586-8073C1052CB3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6CF0F38F-BB8E-446D-BBCD-E374549FB562}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C0DBD949-7FCC-4D2C-8471-53412ABD40E7}] => (Allow) LPort=2869
FirewallRules: [{11BE0587-ABDF-438E-9458-88EFE09E8670}] => (Allow) LPort=1900
FirewallRules: [{56DBCCE7-8211-4064-9C74-2592D3C47C6C}] => (Allow) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
FirewallRules: [{E37700FC-8AD6-4E87-B656-550473F37C5D}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{1D4F54D9-025D-47B0-A9D0-8BB227567ADF}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{AF1AFE9C-B985-4B23-8C9B-76A503107FE5}] => (Allow) C:\Windows\System32\rundll32.exe
==================== Pontos de Restauração =========================
13-03-2017 11:00:09 Backup do Windows
20-03-2017 11:00:09 Backup do Windows
21-03-2017 12:45:28 Windows Live Essentials
21-03-2017 12:46:06 DirectX instalado
21-03-2017 12:46:25 DirectX instalado
21-03-2017 13:01:29 Windows Live Essentials
21-03-2017 13:26:22 Windows Live Essentials
21-03-2017 13:30:59 DirectX instalado
21-03-2017 13:31:24 DirectX instalado
21-03-2017 13:31:34 DirectX instalado
21-03-2017 14:22:29 Operação de restauração
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Controlador de comunicação PCI simples
Description: Controlador de comunicação PCI simples
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Warsaw - Driver (PP)
Description: Warsaw - Driver (PP)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wsddpp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Erros de Sistema:
=============
CodeIntegrity:
===================================
Date: 2017-03-21 14:45:21.271
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-21 14:45:21.256
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentagem de memória em uso: 59%
RAM física total: 4013.2 MB
RAM física disponível: 1633.82 MB
Virtual Total: 8024.54 MB
Virtual disponível: 5445.75 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:68.26 GB) (Free:32.07 GB) NTFS
Drive d: () (Fixed) (Total:397.4 GB) (Free:305.69 GB) NTFS
Drive e: (PIGIRS CIDERSP) (CDROM) (Total:0.02 GB) (Free:0 GB) UDF
Drive g: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:562.83 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 49C491A8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=397.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: F6E2412F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Renato (21-03-2017 15:09:01)
Executando a partir de C:\Users\Renato\Downloads
Windows 7 Ultimate (X64) (2015-06-24 16:44:23)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3989744648-3571885242-2210684081-500 - Administrator - Disabled)
Convidado (S-1-5-21-3989744648-3571885242-2210684081-501 - Limited - Enabled)
Renato (S-1-5-21-3989744648-3571885242-2210684081-1000 - Administrator - Enabled) => C:\Users\Renato
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Reader 9.3 - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{761B6C00-A23A-4F17-9D23-CB7E48307314}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - BR (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x32 Version: 16.1 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HPSSupply (x32 Version: 140.0.212.0 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Jogotempo version 5.0 (HKLM-x32\...\{B552B283-6EBC-457E-8187-01682C83F26C}_is1) (Version: 5.0 - ) <==== ATENÇÃO
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 2.0.713 - Kyocera Mita Corporation)
KYOCERA Status Monitor 4 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D16}) (Version: 4.1.3407 - KYOCERA Document Solutions Inc.)
Kyocera TWAIN Driver (HKLM-x32\...\InstallShield_{249E5A9C-3F72-49B1-B222-FEF550315CC5}) (Version: 1.7.0615 - Kyocera Mita)
Kyocera TWAIN Driver (x32 Version: 1.7.0615 - Kyocera Mita) Hidden
Kyocera TWAIN Driver (x32 Version: 2.0.1514 - KYOCERA Document Solutions Inc.) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3989744648-3571885242-2210684081-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 pt-BR)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30158 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
ScanSoft PaperPort 11 (HKLM-x32\...\{C0E5B596-4F4F-4A45-A679-153693101050}) (Version: 11.1.0.307 - Nuance Communications, Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Software de dispositivo do Chipset Intel® (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Renato\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Renato\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Renato\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Renato\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Renato\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Renato\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Renato\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1CEE2198-8667-49BC-AF1F-356E98922469} - System32\Tasks\KuaiZip_Update => C:\Program Files\¿ìѹ\X86\Update.exe [2017-03-21] (Shanghai Guangle Network Technology Ltd ) <==== ATENÇÃO
Task: {32999B49-7909-48C0-946D-61737F132B2B} - System32\Tasks\47o751o563t157 => Rundll32.exe "C:\ProgramData\47o751o563t157\47o751o563t157.dll",otWPQTje <==== ATENÇÃO
Task: {34C3E152-3778-4D63-B299-912667BA867B} - System32\Tasks\Stukatprjertion Update => C:\Program Files (x86)\Vehotherdreguty\xnmush.exe [2017-03-21] (Glarysoft Ltd)
Task: {53952A1E-B8FE-4821-8642-0B7FDD59C9BA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated)
Task: {562D57D8-E524-498A-A3F5-24DF8C8932F2} - System32\Tasks\Motupyanegcult Cache => C:\Program Files (x86)\Qejisyfank\xdrijot.exe [2017-03-21] (Glarysoft Ltd)
Task: {6007D9C6-4BDD-4D2C-9DD6-4F10C0E83CD3} - System32\Tasks\{CA5F38A2-BA0E-42A7-852A-90DC65B25F7C} => pcalua.exe -a "C:\Program Files\7LTGCYUNFZ\uninstaller.exe" -d "C:\Program Files\7LTGCYUNFZ"
Task: {7CF49F9B-C8C2-470F-B9E2-64C41094BE12} - System32\Tasks\{5B2EF4D7-B689-467E-B599-43B633463A9A} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {807F7ACB-8E9A-47D6-AB50-352D97313D14} - System32\Tasks\{898BE662-29B0-49C3-949D-73F206BE2086} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Windows Live\.cache\24db3e9b1d0dd1904\onedrivesetup.exe" -d "C:\Program Files (x86)\Common Files\Windows Live\.cache\24db3e9b1d0dd1904" -c C:\Program Files (x86)\Common Files\Windows Live\.cache\24db3e9b1d0dd1904\onedrivesetup.exe /silent /permachine /silent (a entrada de dados tem 69 mais caracteres).
Task: {9C5B455B-A6CE-4968-B3D0-455DCEAA9930} - System32\Tasks\{FF08FBC2-6458-4BE0-AFCB-B4D776CF518F} => pcalua.exe -a C:\Users\Renato\Downloads\GBPCEF.exe -d C:\Users\Renato\Downloads -c admin_service
Task: {AF153F75-35BB-4236-9FF7-D304D0E69C85} - System32\Tasks\{27CF2902-E889-0B48-0CFD-7205D36734C5} => C:\Users\Renato\AppData\Roaming\wincy\sync.exe
Task: {C4157637-0EBB-430C-A68E-D2143F43003D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-24] (Google Inc.)
Task: {C67EF8BF-598F-4098-BDD9-29361EA6BA9A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {C9A2F3D8-69BE-4CC2-9925-1F569ECE1E2C} - System32\Tasks\Ckibugh => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=WDCXWD5000AAKX-08U6AA0_WD-WCC2EX78323383233&v=20170321 /q <==== ATENÇÃO
Task: {CA8552E2-787F-459F-92BD-37AD073D26D9} - System32\Tasks\osTip => Chrome.exe <==== ATENÇÃO
Task: {D34ECB37-68C7-4FF7-AA02-85B72E1D79BC} - System32\Tasks\mG41sVNMLM => C:\Program Files (x86)\jsXuLWuidd\updengine.exe [2017-03-13] () <==== ATENÇÃO
Task: {D440D320-D3D3-4ABA-B0EC-501C5ABD76E4} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {DD1F8A83-35FA-4C2A-96AA-0134DC257A0C} - System32\Tasks\47o751o563t157-dll => Rundll32.exe "C:\ProgramData\47o751o563t157\47o751o563t157.dll",otWPQTje
Task: {EA422E2F-0B53-4A7F-A31D-CE23B4239483} - System32\Tasks\Microsoft\Windows\Media Center\RegisterObject => C:\\ProgramData\\RegisterObject\\RegisterObject.exe [2017-03-20] () <==== ATENÇÃO
Task: {FCEAFE40-98BF-410E-B09C-72E066A07962} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-24] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\{27CF2902-E889-0B48-0CFD-7205D36734C5}.job => C:\Users\Renato\AppData\Roaming\wincy\sync.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.123rede.com?oem=sv1&uid=WD-WCC2EX783233_WDCWD5000AAKX-08U6AA0&tm=1490115698 --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> www.123rede.com?oem=sv1&uid=WD-WCC2EX783233_WDCWD5000AAKX-08U6AA0&tm=1490115698
==================== Módulos Carregados (Whitelisted) ==============
2015-12-16 11:39 - 2014-06-26 19:10 - 00595456 _____ () C:\Program Files (x86)\DoroPDFWriter\Doro.dll
2017-03-21 14:02 - 2017-03-21 14:02 - 00307712 _____ () C:\Program Files (x86)\Stukatprjertion Update\local64spl.dll
2017-03-21 13:57 - 2017-03-21 13:57 - 01620992 _____ () C:\ProgramData\service.exe
2015-06-24 14:51 - 2015-06-24 14:50 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2015-06-24 14:51 - 2015-06-24 14:50 - 00151552 _____ () C:\Windows\KMService.exe
2017-03-21 13:57 - 2017-03-21 13:57 - 00177152 _____ () C:\Windows\svchost.exe
2017-03-21 13:57 - 2017-03-21 13:57 - 01466213 _____ () C:\Windows\csrss.exe
2017-03-21 13:56 - 2016-11-10 04:19 - 05091840 _____ () C:\Users\Renato\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
2017-03-21 13:57 - 2014-03-22 15:18 - 03100672 _____ () C:\ProgramData\47o751o563t157\47o751o563t157.dll
2017-03-21 14:46 - 2017-03-21 14:46 - 00214016 _____ () C:\Windows\TEMP\g7A8D.tmp.exe
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2017-03-21 14:00 - 2017-03-21 14:00 - 00524696 _____ () C:\Program Files\¿ìѹ\X64\KZipShell.dll
2015-06-24 14:01 - 2014-01-23 06:35 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-03-21 13:57 - 2017-03-21 13:57 - 02072064 _____ () C:\Users\Renato\AppData\Local\Temp\00009360\msiql.exe
2017-03-21 12:56 - 2017-03-21 10:18 - 120090112 _____ () C:\Users\Renato\AppData\Local\LikeToles01a\MCHromptoolz0.exe
2017-03-21 14:47 - 2017-03-21 14:47 - 03531776 _____ () C:\Windows\TEMP\g6106.tmp
2017-03-21 14:00 - 2017-03-21 14:00 - 00219032 _____ () c:\program files\¿ìñ¹\x86\kuaizipupdatechecker.dll
2017-03-13 17:46 - 2017-03-13 17:46 - 01009152 _____ () C:\Program Files (x86)\jsXuLWuidd\kl.dll
2017-03-21 13:56 - 2016-03-06 04:40 - 00083456 _____ () C:\Users\Renato\AppData\Roaming\WMPNetworkAcSvc\Interface.dll
2017-03-21 12:44 - 2017-03-21 12:44 - 02145792 _____ () C:\Users\Renato\AppData\Roaming\c4dRcR\dbghelp.dll
- - 00000000 _____ () C:\Users\Renato\AppData\Roaming\c4dRcR\JO5Urp.dll:dGdLpRi8
2017-03-21 14:46 - 2017-03-21 14:46 - 03765248 _____ () C:\Windows\TEMP\g4D73.tmp
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-02-07 07:58 - 2017-02-01 06:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 07:58 - 2017-02-01 06:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\System32:A171AC58_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2166]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3989744648-3571885242-2210684081-1000\...\internet-explorer-config.com -> internet-explorer-config.com
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2017-03-21 14:08 - 00001721 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3989744648-3571885242-2210684081-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: wuauserv => 2
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{8E4EC827-FAEE-4F70-BC55-00364973A644}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{4EA8C53C-27D1-459A-9CDF-B299E14AAAB1}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{A447CDD5-02A1-44EB-AD74-AF1BB43D59D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3438801C-4444-4AA3-84FB-E4B947DBB644}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{08D4A4D1-B556-4EA2-8212-F60A526FEF83}C:\users\renato\desktop\aa_v3.1.exe] => (Block) C:\users\renato\desktop\aa_v3.1.exe
FirewallRules: [UDP Query User{FE5EE235-DD96-4A22-AE50-41D7E712CC36}C:\users\renato\desktop\aa_v3.1.exe] => (Block) C:\users\renato\desktop\aa_v3.1.exe
FirewallRules: [{615395E2-8AD0-4B24-9683-7B01DD6BBBBF}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{1F613E4A-E602-4F8E-9AB9-090A14CBD1EE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A6C63288-ABDE-48A1-B3EA-E1578367D8F8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E6BCE3B-2114-4AD2-A2AC-024FB6F44329}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9ECAD9B8-08D6-4652-8D24-5BA0A1BD0347}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4A9E189B-4B30-4BC3-B586-8073C1052CB3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6CF0F38F-BB8E-446D-BBCD-E374549FB562}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C0DBD949-7FCC-4D2C-8471-53412ABD40E7}] => (Allow) LPort=2869
FirewallRules: [{11BE0587-ABDF-438E-9458-88EFE09E8670}] => (Allow) LPort=1900
FirewallRules: [{56DBCCE7-8211-4064-9C74-2592D3C47C6C}] => (Allow) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
FirewallRules: [{E37700FC-8AD6-4E87-B656-550473F37C5D}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{1D4F54D9-025D-47B0-A9D0-8BB227567ADF}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{AF1AFE9C-B985-4B23-8C9B-76A503107FE5}] => (Allow) C:\Windows\System32\rundll32.exe
==================== Pontos de Restauração =========================
13-03-2017 11:00:09 Backup do Windows
20-03-2017 11:00:09 Backup do Windows
21-03-2017 12:45:28 Windows Live Essentials
21-03-2017 12:46:06 DirectX instalado
21-03-2017 12:46:25 DirectX instalado
21-03-2017 13:01:29 Windows Live Essentials
21-03-2017 13:26:22 Windows Live Essentials
21-03-2017 13:30:59 DirectX instalado
21-03-2017 13:31:24 DirectX instalado
21-03-2017 13:31:34 DirectX instalado
21-03-2017 14:22:29 Operação de restauração
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Controlador de comunicação PCI simples
Description: Controlador de comunicação PCI simples
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Warsaw - Driver (PP)
Description: Warsaw - Driver (PP)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wsddpp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Erros de Sistema:
=============
CodeIntegrity:
===================================
Date: 2017-03-21 14:45:21.271
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-21 14:45:21.256
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentagem de memória em uso: 59%
RAM física total: 4013.2 MB
RAM física disponível: 1633.82 MB
Virtual Total: 8024.54 MB
Virtual disponível: 5445.75 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:68.26 GB) (Free:32.07 GB) NTFS
Drive d: () (Fixed) (Total:397.4 GB) (Free:305.69 GB) NTFS
Drive e: (PIGIRS CIDERSP) (CDROM) (Total:0.02 GB) (Free:0 GB) UDF
Drive g: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:562.83 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 49C491A8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=397.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: F6E2412F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================