Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 16-04-2017
Executado por Usuario (16-04-2017 12:24:38)
Executando a partir de C:\Users\Usuario\Downloads
Microsoft Windows 7 Ultimate (X86) (2011-12-14 17:00:33)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-955063874-2782673793-527263387-500 - Administrator - Disabled)
Convidado (S-1-5-21-955063874-2782673793-527263387-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-955063874-2782673793-527263387-1002 - Limited - Enabled)
Usuario (S-1-5-21-955063874-2782673793-527263387-1000 - Administrator - Enabled) => C:\Users\Usuario
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software)
Common Desktop Agent (Version: 1.52.0 - OEM) Hidden
Conectividade Social (HKLM\...\Conectividade Social) (Version: - )
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
EFD Contribuições 2.0.11 (HKLM\...\EFD Contribuições 2.0.11) (Version: 1.0.0.0 - SERPRO)
EFD Contribuições 2.0.12 (HKLM\...\EFD Contribuições 2.0.12) (Version: 1.0.0.0 - SERPRO)
Ferramenta de Carregamento do Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
ffdshow v1.1.4399 [2012-03-22] (HKLM\...\ffdshow_is1) (Version: 1.1.4399.0 - )
GBBD Caixa Economica Federal (HKLM\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (Version: 1.3.23.0 - SaveSense) Hidden <==== ATENÇÃO
Google Update Helper (Version: 1.3.33.3 - Google Inc.) Hidden
GRRF Eletrônica (HKLM\...\GRRF Eletrônica) (Version: - )
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
IRPF2008 Windows - Declaração de Ajuste Anual (HKLM\...\IRPF2008 Windows - Declaração de Ajuste Anual) (Version: - )
IRPF2009 - Declaração de Ajuste Anual e Final de Espólio (HKLM\...\IRPF2009 - Declaração de Ajuste Anual e Final de Espólio) (Version: - )
IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2011) (Version: 1.2 - Receita Federal do Brasil)
IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2013) (Version: 1.0 - Receita Federal do Brasil)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2014) (Version: 1.0 - Receita Federal do Brasil)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2015) (Version: 1.2 - Receita Federal do Brasil)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
IRPF2017 (HKLM\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
ITR2011 (HKLM\...\ITR2011) (Version: - )
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
K-Lite Codec Pack 8.0.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 8.0.0 - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 pt-BR) (HKLM\...\Mozilla Firefox 52.0.2 (x86 pt-BR)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.0.2 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{43FFE159-3199-4188-A1CD-629166AD1046}) (Version: 7.02.6445 - Nero AG)
Pacote de Driver do Windows - Perto S.A. Perifericos para Automacao (PERTO38U) SmartCardReader (04/10/2007 1.1.5.6) (HKLM\...\608D1FA1C8C461081A6695F228B2DC54B0BFD5E8) (Version: 04/10/2007 1.1.5.6 - Perto S.A. Perifericos para Automacao)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.4.6 - Nikon)
QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
SafeZone Stable 3.55.2393.596 (Version: 3.55.2393.596 - Avast Software) Hidden
Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.00.47.00 - Samsung Electronics Co., Ltd.)
Samsung ML-1610 Series (HKLM\...\Samsung ML-1610 Series) (Version: - Samsung Electronics CO.,LTD)
Samsung ML-1860 Series (HKLM\...\Samsung ML-1860 Series) (Version: - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: - Samsung Electronics Co., Ltd.)
SEFIP 8.40 (HKLM\...\SEFIP 8.40) (Version: - )
Spotify (HKU\S-1-5-21-955063874-2782673793-527263387-1000\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.14484 - TeamViewer)
VIMICRO USB PC Camera (HKLM\...\{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}) (Version: 1.00.000 - )
Warsaw 1.15.1.61 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.15.1.61 - GAS Tecnologia)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{2DF215E0-BD3C-4C98-8616-AFEF09747285}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.135\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.99\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.57\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.79\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.145\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.123\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.153\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.149\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.22.3\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.165\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.115\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.22.5\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{FB451ACC-65B5-456a-A84E-6F9B8B75B077}\InprocServer32 -> C:\Windows\system32\shdocvw.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-955063874-2782673793-527263387-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.21.111\psuser.dll => Nenhum Arquivo
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0650A7FD-712D-4E6C-BAE6-A4C633484567} - System32\Tasks\{E5B5B891-D402-4DA5-B559-1B5E525975AF} => pcalua.exe -a C:\Users\Usuario\Downloads\IRPF2011win32v1.2.exe -d C:\Users\Usuario\Downloads
Task: {0740D39F-3B8D-4E5F-8E83-C7331827A5B4} - System32\Tasks\{80307DA7-F6F0-4DCD-BE17-1DF79FF5954B} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {0F909CFF-8AB1-4DDD-98C7-78E1A58C9177} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {23687882-24E6-4103-B854-CAE3E83D00E6} - System32\Tasks\{9550A4E5-78F6-4BAF-B3A8-CB2EEE3CF4BA} => pcalua.exe -a C:\Users\Usuario\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATENÇÃO
Task: {3E30164D-B2EF-4E11-AB27-5E37DF7B807B} - System32\Tasks\{7F9E559F-D61D-4F1A-9FF2-E294FDE48E99} => pcalua.exe -a F:\dma_2012(2).exe -d F:\
Task: {403BEABE-66C1-4E66-ABE5-D9286A37AF9B} - System32\Tasks\{1645D9B5-AFF0-4F1A-8F2D-7F0E8E8E71D1} => pcalua.exe -a "C:\Users\Usuario\Downloads\B2CAppSetup (3).exe" -d C:\Users\Usuario\Downloads
Task: {596ECCFC-ECCA-4605-B9A7-07C8B7D49533} - System32\Tasks\{DD03810E-4AED-4595-BB7E-008103337402} => pcalua.exe -a "C:\Users\Usuario\Downloads\B2CAppSetup (2).exe" -d C:\Users\Usuario\Downloads
Task: {74B2EEB1-B045-4840-AEF6-6C721ED71888} - System32\Tasks\{D58B7950-7784-42D6-9259-0DFFB0082AEC} => C:\Users\Usuario\Downloads\avast_free_antivirus_setup_online.exe [2016-06-30] (AVAST Software)
Task: {7CD333A0-5ECA-4A21-8796-73A6321E3113} - System32\Tasks\{55FC62CA-31C6-4EBE-8B05-E5D2D1ED33BD} => pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q23CM11X\dma_2012.exe" -d C:\Users\Usuario\Desktop
Task: {877A30FA-924F-4EB3-8673-87999F851AD7} - System32\Tasks\Avast Emergency Update => D:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-03] (AVAST Software)
Task: {887C3D26-780B-4D8B-A075-A9BB40822B3C} - System32\Tasks\{B1717881-08B7-484D-BABE-FCEDEF08D2B7} => pcalua.exe -a C:\Users\Usuario\Downloads\DCTFMensalV3.2.exe -d C:\Users\Usuario\Downloads
Task: {A51ED93C-5853-4CB3-82E6-03819A279D0E} - System32\Tasks\{6689FF90-B608-4B2D-AC74-4A40B3BE1836} => pcalua.exe -a C:\Users\Usuario\Downloads\B2CAppSetup.exe -d C:\Users\Usuario\Downloads
Task: {AE7E01DB-C85A-4C02-9BAC-83D0AF435DE8} - System32\Tasks\{5FC518A1-04A3-4CA2-9B9C-B87707B55287} => pcalua.exe -a C:\Users\Usuario\Downloads\dma_2012.exe -d C:\Users\Usuario\Downloads
Task: {C60E3682-A805-48D8-87E0-223B403EAED8} - System32\Tasks\{46D960A5-7CD3-4F32-9993-1D8ACF91879B} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.0.106/pt/abandoninstall?source=lightinstaller&page=tsMain
Task: {D33AEBF4-AE95-4204-AA9E-2EBE05356F19} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-13] (Adobe Systems Incorporated)
Task: {E445E1E7-2ECB-4F3D-98CE-41B978475033} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E5CB8174-5CBE-49D1-B499-AFDD76385F01} - \ClickMeInUpdate -> Nenhum Arquivo <==== ATENÇÃO
Task: {EBA65C4B-9C67-4B2F-8624-A5693B2E7A43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {ED16D907-70DA-414E-B2B8-06C3110EE7AF} - System32\Tasks\{5F4EBE6D-7FEC-4AD8-9F5D-A373081BE8E2} => pcalua.exe -a "G:\J RAMOS\GRRF_INSTALADOR_2_0_4(1).EXE" -d "G:\J RAMOS"
Task: {F1C9E3E8-7FA5-4985-B63E-982FE5967C0F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {F94D9A75-2C11-43E3-9E70-1E4D10A774AD} - \ClickMeInUpdateLogin -> Nenhum Arquivo <==== ATENÇÃO
Task: {FCC7BBDB-3E22-4BE5-A1F7-22BEE753CBFA} - System32\Tasks\SafeZone scheduled Autoupdate 1469397519 => D:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {FF53A2B0-0CEE-4787-A417-43097D897BDE} - System32\Tasks\{FC40985A-7EFF-4F26-9B9E-6811C9F0C48D} => pcalua.exe -a E:\setup.exe -d E:\
Task: {FFD1ED8D-8281-4280-A753-5913528C2D14} - System32\Tasks\{6E607468-0AF5-449C-977B-4F0A18DFFC32} => pcalua.exe -a "C:\Users\Usuario\Downloads\SweetImSetup (1).exe" -d C:\Users\Usuario\Downloads
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-04-03 17:41 - 2017-04-03 17:41 - 00170216 _____ () D:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-04-03 17:42 - 2017-04-03 17:42 - 00176480 _____ () D:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-16 08:07 - 2017-04-16 08:07 - 05917184 _____ () D:\Program Files\AVAST Software\Avast\defs\17041600\algo.dll
2017-04-03 17:42 - 2017-04-03 17:42 - 00653520 _____ () D:\Program Files\AVAST Software\Avast\ffl2.dll
2017-04-03 17:41 - 2017-04-03 17:41 - 00230632 _____ () D:\Program Files\AVAST Software\Avast\streamback.dll
2011-08-31 11:13 - 2011-08-31 11:13 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2011-12-24 20:47 - 2007-01-02 22:32 - 00520192 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2010-11-26 22:17 - 2010-11-26 22:17 - 00331264 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2016-07-24 18:29 - 2016-07-24 18:29 - 48936448 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-03 17:41 - 2017-04-03 17:41 - 00293936 _____ () D:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2012-01-10 12:26 - 2009-11-05 07:39 - 00087552 _____ () C:\Windows\System32\cpwmon2k.dll
2012-08-08 08:02 - 2010-07-29 09:43 - 00026624 _____ () C:\Windows\System32\ssb6mlm.dll
2011-12-24 20:44 - 2007-01-03 12:57 - 00022723 _____ () C:\Windows\System32\sugs1l3.dll
2011-12-14 14:28 - 2011-04-20 00:56 - 00083240 _____ () C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
2017-04-03 17:41 - 2017-04-03 17:41 - 00134920 _____ () d:\Program Files\AVAST Software\Avast\vaarclient.dll
2017-04-03 17:41 - 2017-04-03 17:41 - 00230632 _____ () d:\Program Files\AVAST Software\Avast\StreamBack.dll
2017-03-29 19:12 - 2017-03-28 23:04 - 02187096 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-03-29 19:12 - 2017-03-28 23:04 - 00086360 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8]
AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:7CDCC812_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:7CDCC812_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [569]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2174]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-955063874-2782673793-527263387-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-955063874-2782673793-527263387-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-955063874-2782673793-527263387-1000\...\caixa.gov.br -> hxxps://cmt.caixa.gov.br
IE trusted site: HKU\S-1-5-21-955063874-2782673793-527263387-1000\...\caixa.gov.br -> hxxp://cmt.caixa.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2016-04-09 20:04 - 00000865 ____N C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-955063874-2782673793-527263387-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.239.112.213 - 69.64.54.93
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{FEFE5212-7FE1-4D05-A924-C1EEBEB6A46D}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{8BFE14C9-37B8-4C3C-994C-3A6D0AE72B37}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5DFED6E7-3784-417F-8ACA-1E5718546A05}] => (Allow) svchost.exe
FirewallRules: [{2DEEB73E-66F7-4627-93D1-1BE40C532AA3}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{57525BA7-7311-4ACE-91D2-A27C7D4B97E0}] => (Allow) C:\Program Files\CyberLink\PowerDVD11\PowerDVD11.exe
FirewallRules: [{B156EECC-00B7-4804-A15B-BBAD624F2515}] => (Allow) C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe
FirewallRules: [{78D0E329-4A68-4555-ADD4-426F16CBC59D}] => (Allow) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
FirewallRules: [{2E91A180-F766-4258-9A25-F06D55C5A655}] => (Allow) C:\Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\PowerDVDCinema11.exe
FirewallRules: [TCP Query User{5D7E1593-E9AC-4CFB-BCDC-D8BF3703C70A}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{7B6892C0-33D4-43DC-91D2-DAC1269D26C7}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{6D2FEF2A-048D-4544-84FB-4ABE3C84BCE4}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{6334EACA-ADFE-4A26-B90D-40DF653BFA7E}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{52236750-B3C9-4A0B-96ED-16E18914F8D8}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{DB55A4A1-A329-4190-B0AD-9380BAF9A2B9}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{817576F3-28FA-425E-AA4F-6B152139B72A}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{17BF7652-FEE1-4767-A30B-7D8CC80C70D7}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{A7476EC2-3670-452E-9396-5B53B30CBECC}C:\program files\dsnet corp\atube catcher 2.0\yct.exe] => (Allow) C:\program files\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [UDP Query User{385145AA-A6CE-4575-87A5-BD8D2248DC08}C:\program files\dsnet corp\atube catcher 2.0\yct.exe] => (Allow) C:\program files\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [{CDADE79D-145E-4DDA-ACBC-2BE78AD541E6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{6FD95B84-6AEA-42EA-9342-FDE9B3D08C5D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{D3CE851F-A862-47F3-9669-33D1F4202AC8}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{A6CAFDEB-4182-4990-A2EA-E4C082B9A1F8}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{9C38B3C4-B8EA-4A77-97C8-F81FE5F89B29}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{2BEC77E7-CCE6-470F-B2D4-83A54D40C96A}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{725260DF-655A-428C-8BFE-5987010455FB}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{DF4CFAF1-DDD0-40E7-B229-FF4AE76CECED}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{EDDC757C-FB6F-4DE0-8693-799EB8D0D83B}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{863AFCD5-764D-4250-9649-409EBD43BEB4}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [TCP Query User{4CC9022F-2547-43D4-A539-B8BBD71ED362}C:\program files\java\jre7\launch4j-tmp\irpf2013.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\irpf2013.exe
FirewallRules: [UDP Query User{BEB77C67-55DC-403C-A47F-57DBD152DF1F}C:\program files\java\jre7\launch4j-tmp\irpf2013.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\irpf2013.exe
FirewallRules: [TCP Query User{82A660F5-6214-4DF3-856E-247BF7B31CD8}C:\program files\dsnet corp\atube catcher 2.0\yct.exe] => (Allow) C:\program files\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [UDP Query User{E4F57F92-4484-4D50-A5E1-9C4CD25C5C69}C:\program files\dsnet corp\atube catcher 2.0\yct.exe] => (Allow) C:\program files\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [TCP Query User{E48C55A2-F746-4D77-BCC6-5C9CA7412D83}C:\program files\java\jre7\launch4j-tmp\irpf2013.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\irpf2013.exe
FirewallRules: [UDP Query User{C0CDB2B1-7BBE-4DC0-B961-5B00588DDF6E}C:\program files\java\jre7\launch4j-tmp\irpf2013.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\irpf2013.exe
FirewallRules: [TCP Query User{91587CA0-7E83-4C76-920E-E6846C27D2D1}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{831BA434-24F1-4308-B8F0-6B6B246ABEBF}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{4E2042D9-9E87-4BD8-ADB5-7DE815908E54}] => (Allow) C:\Users\Usuario\Downloads\VideoPerformerSetup.exe
FirewallRules: [{F2EE6DAC-6A50-4CE4-85A0-54296600384F}] => (Allow) C:\Users\Usuario\Downloads\VideoPerformerSetup.exe
FirewallRules: [{381562E8-6C6C-4514-997A-BD1460BB9D63}] => (Allow) C:\Users\Usuario\AppData\Local\Temp\Video Performer63817.exe
FirewallRules: [{65D68310-82BE-4381-8736-0D08C770E02B}] => (Allow) C:\Users\Usuario\AppData\Local\Temp\Video Performer63817.exe
FirewallRules: [TCP Query User{DD116EDB-D376-4085-8116-FB0A7A67C0E5}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{60AEB3FC-81BB-4287-A3EB-20E4BB1A395F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{25972508-6655-41A3-8203-02C8DC95750A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E95F347C-C9A6-4EA4-8726-3DA983D9DFD4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{101C7A89-1CAC-4C45-93CF-8C61386089E1}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe
FirewallRules: [UDP Query User{C3B0D333-1406-4C9B-B28D-119C523F3037}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe
FirewallRules: [TCP Query User{386DA776-38D1-4B4F-90B8-9AAD5D286B6F}C:\program files\java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\jp2launcher.exe
FirewallRules: [UDP Query User{C356F20A-FADB-44DC-9C50-AA80898C15DE}C:\program files\java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\jp2launcher.exe
FirewallRules: [TCP Query User{332FBB75-257D-44F4-9CEE-EBC17F22E5AE}C:\program files\Java\jre1.8.0_51\bin\jp2launcher.exe] => (Allow) C:\program files\Java\jre1.8.0_51\bin\jp2launcher.exe
FirewallRules: [UDP Query User{481224F7-B9DA-4650-BB2D-032B7882B818}C:\program files\Java\jre1.8.0_51\bin\jp2launcher.exe] => (Allow) C:\program files\Java\jre1.8.0_51\bin\jp2launcher.exe
FirewallRules: [TCP Query User{E1997B36-7716-45CC-B048-D99E814F2C90}C:\program files\java\jre1.8.0_60\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\jp2launcher.exe
FirewallRules: [UDP Query User{DE675200-E928-4DBD-9DAB-E8E2D2AE947F}C:\program files\java\jre1.8.0_60\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\jp2launcher.exe
FirewallRules: [{D6C9CE8B-82F9-4010-9613-0E5CFBC3F542}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{F14CB03A-EC75-4F92-B59D-6B399A2C4DBB}C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe
FirewallRules: [UDP Query User{035AE0DD-8241-4324-8D39-8E577183C99F}C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\jp2launcher.exe
FirewallRules: [TCP Query User{B65D0EA8-D120-4562-86C7-2D71BFB34EBD}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{826375B6-FB20-4306-969F-FC18DFB5DD85}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{44B848C5-5221-48FE-BA01-A01F0C9D3DA9}C:\program files\java\jre1.8.0_77\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\jp2launcher.exe
FirewallRules: [UDP Query User{E17B038E-3D15-4EE4-A525-B0EDACEAB739}C:\program files\java\jre1.8.0_77\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\jp2launcher.exe
FirewallRules: [TCP Query User{F442B5B0-2825-48FD-9D8E-9D3DFDE74529}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4206CE04-4E79-4519-836F-BE0746A8C544}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7A949CEB-7C57-4661-AA24-B8E63605C0BE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{321D4527-3BE8-480F-8D4F-394C686E0A00}C:\program files\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe] => (Allow) C:\program files\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe
FirewallRules: [UDP Query User{F772B379-84F1-46B6-968C-CB33283C0A21}C:\program files\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe] => (Allow) C:\program files\java\jre1.8.0_77\launch4j-tmp\irpf2016.exe
FirewallRules: [TCP Query User{5A414BEC-85D5-453A-89FD-D8F57DB6945A}C:\program files\java\jre1.8.0_91\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\jp2launcher.exe
FirewallRules: [UDP Query User{C7A4C853-BEDF-46FE-BD99-22D620893CCD}C:\program files\java\jre1.8.0_91\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\jp2launcher.exe
FirewallRules: [TCP Query User{F86C41DB-6AE5-466F-A060-41EC5AA90E6D}C:\users\usuario\appdata\local\temp\java\sysusuario-pc.exe] => (Allow) C:\users\usuario\appdata\local\temp\java\sysusuario-pc.exe
FirewallRules: [UDP Query User{9B6D4959-0CB1-4BF4-828B-F4D5FB500DE4}C:\users\usuario\appdata\local\temp\java\sysusuario-pc.exe] => (Allow) C:\users\usuario\appdata\local\temp\java\sysusuario-pc.exe
FirewallRules: [{7705CDC7-B1AF-409C-AC3F-99B029C19AAB}] => (Allow) D:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
FirewallRules: [{A582A2A8-2F80-4011-B8EB-855A18BFC9D0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{D7D41F1D-A582-4E87-88D9-5228E5328DB4}] => (Allow) D:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [{5C13FD46-08D2-4BF6-A886-AD6DCEB1228F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1309D393-5616-4E87-B1A0-D743D2115382}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Pontos de Restauração =========================
06-11-2016 02:01:59 Ponto de Verificação Agendado
23-11-2016 07:34:42 Ponto de Verificação Agendado
22-01-2017 18:07:26 Instalação de Pacote de Driver de Dispositivo: Diebold Network Monitor Serviço de Rede
22-01-2017 18:11:18 Backup do Windows
06-02-2017 16:18:09 Backup do Windows
12-02-2017 17:53:48 Removeu League of Legends
28-02-2017 20:12:44 Ponto de Verificação Agendado
01-03-2017 09:00:08 Backup do Windows
13-03-2017 14:11:18 Ponto de Verificação Agendado
27-03-2017 15:20:22 Ponto de Verificação Agendado
03-04-2017 17:42:09 Backup do Windows
09-04-2017 17:59:56 Removido Assistente de Conexão do Windows Live
09-04-2017 18:11:14 Configurado PowerDVD
09-04-2017 18:11:33 Removed Bluetooth Win7 Suite.
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Warsaw - Driver (PP)
Description: Warsaw - Driver (PP)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wsddpp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Warsaw - Driver (PRM)
Description: Warsaw - Driver (PRM)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wsddprm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/16/2017 12:23:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SYSUSUARIO-PC.exe, versão: 0.0.0.0, carimbo de hora: 0x577a9370
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdaae
Código de exceção: 0xe053534f
Deslocamento com falha: 0x00009617
Identificação do processo com falha: 0x%9
Hora de início do aplicativo com falha: 0xSYSUSUARIO-PC.exe0
Caminho do aplicativo com falha: SYSUSUARIO-PC.exe1
FCaminho do módulo de falhas: SYSUSUARIO-PC.exe2
Identificação do Relatório: SYSUSUARIO-PC.exe3
Error: (04/16/2017 09:26:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SYSUSUARIO-PC.exe, versão: 0.0.0.0, carimbo de hora: 0x577a9370
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdaae
Código de exceção: 0xe053534f
Deslocamento com falha: 0x00009617
Identificação do processo com falha: 0x%9
Hora de início do aplicativo com falha: 0xSYSUSUARIO-PC.exe0
Caminho do aplicativo com falha: SYSUSUARIO-PC.exe1
FCaminho do módulo de falhas: SYSUSUARIO-PC.exe2
Identificação do Relatório: SYSUSUARIO-PC.exe3
Error: (04/13/2017 04:53:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SYSUSUARIO-PC.exe, versão: 0.0.0.0, carimbo de hora: 0x577a9370
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdaae
Código de exceção: 0xe053534f
Deslocamento com falha: 0x00009617
Identificação do processo com falha: 0x%9
Hora de início do aplicativo com falha: 0xSYSUSUARIO-PC.exe0
Caminho do aplicativo com falha: SYSUSUARIO-PC.exe1
FCaminho do módulo de falhas: SYSUSUARIO-PC.exe2
Identificação do Relatório: SYSUSUARIO-PC.exe3
Error: (04/10/2017 10:20:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SYSUSUARIO-PC.exe, versão: 0.0.0.0, carimbo de hora: 0x577a9370
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdaae
Código de exceção: 0xe053534f
Deslocamento com falha: 0x00009617
Identificação do processo com falha: 0x%9
Hora de início do aplicativo com falha: 0xSYSUSUARIO-PC.exe0
Caminho do aplicativo com falha: SYSUSUARIO-PC.exe1
FCaminho do módulo de falhas: SYSUSUARIO-PC.exe2
Identificação do Relatório: SYSUSUARIO-PC.exe3
Error: (04/09/2017 06:11:14 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {b1f0cc4f-e188-474b-810d-1cf5235ce427}
Error: (04/09/2017 01:57:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SYSUSUARIO-PC.exe, versão: 0.0.0.0, carimbo de hora: 0x577a9370
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdaae
Código de exceção: 0xe053534f
Deslocamento com falha: 0x00009617
Identificação do processo com falha: 0x%9
Hora de início do aplicativo com falha: 0xSYSUSUARIO-PC.exe0
Caminho do aplicativo com falha: SYSUSUARIO-PC.exe1
FCaminho do módulo de falhas: SYSUSUARIO-PC.exe2
Identificação do Relatório: SYSUSUARIO-PC.exe3
Error: (04/07/2017 01:05:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa chrome.exe versão 57.0.2987.133 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: f2c
Hora de Início: 01d2afb604364762
Hora de Término: 6
Caminho do Aplicativo: C:\Program Files\Google\Chrome\Application\chrome.exe
Id do Relatório: 01c49807-1bac-11e7-8943-1078d2b9d31a
Error: (04/07/2017 10:17:46 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={AC48E77E-8465-470A-A0F5-46BC01A6F642}: o usuário Usuario-PC\Usuario discou uma conexão de nome DSTech que falhou. O código do erro retornado na falha é 651.
Error: (04/07/2017 09:35:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "d:\program files\avast software\Avast\x64\gaming_hook.exe".
Assembly dependente Avast.VC140.CRT,processorArchitecture="amd64",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (04/07/2017 09:12:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: SYSUSUARIO-PC.exe, versão: 0.0.0.0, carimbo de hora: 0x577a9370
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdaae
Código de exceção: 0xe053534f
Deslocamento com falha: 0x00009617
Identificação do processo com falha: 0x%9
Hora de início do aplicativo com falha: 0xSYSUSUARIO-PC.exe0
Caminho do aplicativo com falha: SYSUSUARIO-PC.exe1
FCaminho do módulo de falhas: SYSUSUARIO-PC.exe2
Identificação do Relatório: SYSUSUARIO-PC.exe3
Erros de Sistema:
=============
Error: (04/16/2017 12:13:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/16/2017 11:56:05 AM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 46.
Error: (04/16/2017 11:54:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço LM devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/16/2017 11:52:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/16/2017 11:52:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
gbpddreg
Error: (04/16/2017 11:52:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço DgiVecp devido ao seguinte erro:
O sistema não pode encontrar o dispositivo especificado.
Error: (04/16/2017 11:52:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ClickMeIn Connectivity devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/16/2017 11:50:57 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: Não é possível iniciar o servidor DCOM: {C3D84F57-9904-4F7D-8D79-1D72DAD51ADC}. O erro:
"2"
Aconteceu ao iniciar este comando:
"C:\Program Files\Samsung\Easy Printer Manager\SpoolerComp.exe" -Embedding
Error: (04/16/2017 11:50:51 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: O computador foi reinicializado após uma verificação de erro. Essa verificação foi: 0x00000124 (0x00000000, 0x85ca901c, 0xb2000000, 0x84000402). Um despejo de memória foi salvo em: C:\Windows\MEMORY.DMP. Id de Relatório: 041617-24148-01.
Error: (04/16/2017 11:50:50 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 11:40:42 às 16/04/2017 não era esperado.
CodeIntegrity:
===================================
Date: 2016-08-25 21:22:01.846
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-25 21:22:00.317
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-25 21:22:00.145
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-24 20:11:59.064
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-24 20:11:57.520
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-24 20:11:57.254
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-24 05:04:22.877
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-24 05:04:21.551
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-24 05:04:21.239
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-23 09:01:12.409
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz
Percentagem de memória em uso: 66%
RAM física total: 3236.88 MB
RAM física disponível: 1098.72 MB
Virtual Total: 6472.04 MB
Virtual disponível: 4170.75 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:68.27 GB) (Free:21.95 GB) NTFS
Drive d: () (Fixed) (Total:397.39 GB) (Free:179.08 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 000617C3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=397.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================