Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 26-11-2017 01
Executado por Carlos Meneses (27-11-2017 06:34:41)
Executando a partir de C:\Users\Carlos Meneses\Downloads
Windows 10 Home Single Language Versão 1703 15063.729 (X64) (2017-08-01 03:27:04)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-211336474-3829928626-3676143547-500 - Administrator - Disabled)
Carlos Meneses (S-1-5-21-211336474-3829928626-3676143547-1001 - Administrator - Enabled) => C:\Users\Carlos Meneses
Convidado (S-1-5-21-211336474-3829928626-3676143547-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-211336474-3829928626-3676143547-503 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{4592BAE7-B99A-47A5-9B6B-3BC236B9D3E9}) (Version: 3.9.145.62246 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.145.62246 - Alcor Micro Corp.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS PC Link (HKLM-x32\...\{52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1) (Version: 3.0.22.1029 - ASUSTEK)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS S Series Product Demo (HKLM-x32\...\{387AA3E2-B9FE-4DA1-A097-A0D2213E8794}) (Version: 1.0.0 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.0 - ASUS)
ASUS Share Link (HKLM-x32\...\{c3bcc1e3-f950-439c-bcae-f01283e9f2a4}_is1) (Version: 1.0.27.0911 - ASUSTEK)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0014 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.27 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0026 - ASUS)
Baixar Musicas Gratis (HKLM-x32\...\Baixar Musicas Gratis_is1) (Version: 3.8.7.0 - Baixar Musicas Gratis Company)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diagnóstico da impressora Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.04 - Samsung Electronics Co., Ltd.)
Divulga versão 14.9.1 (HKLM-x32\...\{B15DA231-5B02-439A-9D33-3B1639508E46}_is1) (Version: 14.9.1 - Justiça Eleitoral)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
Exibir Manual do Usuário (HKLM-x32\...\View User Guide) (Version: 3.60.45.0 - )
Galeria de Fotografias (HKLM-x32\...\{F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (HKLM-x32\...\{F5248B7E-779A-4FA4-8134-D1933D8680FA}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.11.0.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 8.17.0.7943 (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\GoToMeeting) (Version: 8.17.0.7943 - LogMeIn, Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® CCF Manager (HKLM-x32\...\{0f3d8dd5-54af-4404-a01c-4967e485a065}) (Version: 3.0.13.2211 - Intel Corporation)
IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
League of Legends (HKLM-x32\...\{BCCDE721-9F4D-4396-9592-92DD865D965E}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft Office Language Pack 2013 - Portuguese/Português (Brasil) (HKLM\...\Office15.OMUI.pt-br) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
modaltrader (HKLM-x32\...\{3C401051-7776-4D22-A46F-EB6643DCBEA5}) (Version: 1.0.6277.17502 - modalmais) Hidden
modaltrader (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\{d564c39a-15ae-44ec-a207-8bffc9adbbdf}) (Version: 1.0.6277.17502 - modalmais)
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2AC4C6D7-512D-4B78-A85B-2C16E748AB8E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{C32D87E1-6310-4CD5-8D6D-865AFE0E9B4E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0 (x64 pt-BR)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Nelogica NEWF (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\NEWF) (Version: 3.2.3.68 - Nelogica)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Driver do Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 3.0.11 - Portforward, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.35.00(15/04/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.29 (09/09/2015) - Samsung Electronics Co., Ltd.)
ScanRn/ScanRnServer (HKLM-x32\...\ScanRn/ScanRnServer) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0416-1000-0000000FF1CE}_Office15.OMUI.pt-br_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
STCServ (HKLM\...\{A954D353-9DAF-4916-8E71-F1E959EBCD1E}) (Version: 3.0.0.1783 - Intel Corporation) Hidden
Steam Packages (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\Steam Packages) (Version: - ) <==== ATENÇÃO
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.OMUI.pt-br_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warsaw 1.12.3.5 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.3.5 - GAS Tecnologia)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-211336474-3829928626-3676143547-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Carlos Meneses\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-211336474-3829928626-3676143547-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Carlos Meneses\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-211336474-3829928626-3676143547-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-211336474-3829928626-3676143547-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Carlos Meneses\AppData\Local\Citrix\GoToMeeting\7155\G2MOutlookAddin64.dll => Nenhum Arquivo
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Windows\System32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Intel Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Nenhum Arquivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Nenhum Arquivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0012F1A5-2AB1-4D3A-AE77-95714DCABDB6} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {0710B38E-87A2-401C-AEFA-A1342A30607B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {0A376344-3404-4960-8759-9D0D8286B705} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-07-31] (ASUSTeK Computer Inc.)
Task: {14D3FD0C-6774-4FED-8B18-DC8D6A2C3F86} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-11-21] (Microsoft Corporation)
Task: {1A521956-4D0E-4873-BB56-1673C18519B8} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-cegmjor@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {1CEC71B2-8460-4C7C-B6DB-222D5C1BF37F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {21581C60-3F4E-43C7-BBA3-984EE1E37AAD} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-08-10] ()
Task: {22102787-6359-4F0C-9DC4-8051A4317817} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {275D5BDA-7196-4E42-947A-9A874BE1FA35} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {2A3D89E7-5CAA-46D7-8AC3-FFA3A7DECD8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {2B1B048E-800C-4388-B30E-1D3705EC9CB5} - \WPD\SqmUpload_S-1-5-21-211336474-3829928626-3676143547-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {39D4B79D-69FF-45BD-86D1-2F8E71FC84D0} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {3BE6F3E0-AFCF-48EA-8CEB-0317B4756CF8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {43213609-1294-4406-A50A-BC646551B0BA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {4796E42B-D77A-4E9C-BFAE-A23521956390} - System32\Tasks\G2MUpdateTask-S-1-5-21-211336474-3829928626-3676143547-1001 => C:\Users\Carlos Meneses\AppData\Local\GoToMeeting\7943\g2mupdate.exe [2017-11-18] (LogMeIn, Inc.)
Task: {543A9E5A-6344-4E34-AB5A-061880E3B22D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-06-03] (ASUS)
Task: {5C432082-E105-4915-B584-F13610B3BBE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5D9DA5F3-156C-4173-ABD3-0E84A5DA4E66} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {6190327B-8E94-4557-89BA-7A361A70393E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {636EFAFF-44C1-4AE6-B109-679CA6B12CDC} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {7017E4DC-BC2C-4B63-B732-50F331127F5D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {A2E8F92D-0599-4BDC-BE7B-4AF299B135FE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {A83A8829-CB8B-4868-BBAC-8106F1F50E2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A846B760-A69B-43D7-839D-5470ACBB3314} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {AD4CF4E6-B193-46F0-AED7-41C70C0DBC09} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {AD5777E5-3AC0-4F87-A481-694767D515E6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {B1CEA260-A956-4A0C-88FB-40462FA13F05} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {B3C2ABA3-9478-4189-B0B6-7A10141AE2BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {B5353CBA-17B2-4428-856C-4FF59097BEA9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D69F5932-FE8F-4177-A19D-DB6B71284C5B} - System32\Tasks\G2MUploadTask-S-1-5-21-211336474-3829928626-3676143547-1001 => C:\Users\Carlos Meneses\AppData\Local\GoToMeeting\7943\g2mupload.exe [2017-11-18] (LogMeIn, Inc.)
Task: {D7E3DE38-0EC3-4A06-BC0D-97864589B7E1} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16] (Intel® Corporation)
Task: {DC022C75-19CD-4A47-92A5-70668F70011D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {E2FC0FB9-7951-4D51-B8CE-586C58AA8420} - System32\Tasks\Programa de atualização online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {E3EFC984-9A20-4CE0-A411-661CA0A7DA58} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {EA28DBE6-9E29-4CE9-9B4D-937B193EF7A1} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {EA6674B5-8102-4900-8333-1E563DD81831} - System32\Tasks\ASUS VivoBook => C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe [2013-01-29] (ASUSTeK Computer Inc.)
Task: {FB311977-F737-4838-AE5A-6ACC8B51397F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {FD61D5C0-EAEA-474F-8D7B-85D4DEED2879} - \Microsoft OneDrive Auto Update Task-S-1-5-21-211336474-3829928626-3676143547-1001 -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-211336474-3829928626-3676143547-1001.job => C:\Users\Carlos Meneses\AppData\Local\GoToMeeting\7943\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-211336474-3829928626-3676143547-1001.job => C:\Users\Carlos Meneses\AppData\Local\GoToMeeting\7943\g2mupload.exe
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2014-09-18 11:06 - 2014-09-18 11:06 - 000034304 _____ () C:\WINDOWS\System32\ssm1mlm.dll
2017-01-24 15:36 - 2016-07-17 22:43 - 000499000 _____ () C:\WINDOWS\SysWOW64\spdsvc.exe
2017-03-18 18:58 - 2017-03-18 18:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2012-08-24 22:26 - 2012-08-24 22:26 - 000031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2017-03-18 18:59 - 2017-03-20 02:02 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 000462712 ____C () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 000057208 ____C () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2017-11-11 18:54 - 2017-11-11 18:55 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-11 18:54 - 2017-11-11 18:55 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-11 18:54 - 2017-11-11 18:55 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-06 20:05 - 2017-11-06 20:06 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-11 18:54 - 2017-11-11 18:55 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-11-13 17:40 - 2017-11-10 07:57 - 004135768 ____C () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-13 17:40 - 2017-11-10 07:57 - 000100184 ____C () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2017-03-18 18:58 - 2017-03-18 18:58 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2017-07-10 22:37 - 2017-07-10 22:37 - 002331136 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-07-10 22:37 - 2017-07-10 22:37 - 002836480 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2017-09-13 20:29 - 2017-09-13 20:29 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-01 08:59 - 2017-11-01 09:00 - 001919680 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-11-01 08:59 - 2017-11-01 09:00 - 001226416 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-09-30 14:33 - 2017-09-30 14:33 - 003553704 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-09 17:43 - 2017-10-09 17:43 - 004252672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-30 14:33 - 2017-09-30 14:33 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2013-08-13 15:07 - 2012-06-25 15:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-04-29 15:17 - 2013-04-29 15:17 - 000587264 ____C () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1270]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Carlos Meneses\Cookies:JUyMCvyulB0gcuYHMN1cZ5 [2300]
AlternateDataStreams: C:\Users\Carlos Meneses\AppData\Local\zJBjLBrlf2u:HfQF4C68LF2w94y47l4jhp6SEp5Q [1920]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\caixa.gov.br -> imagem.caixa.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 11:25 - 2016-08-17 22:48 - 000000869 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Diebold - Warsaw"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUSPRP"
HKLM\...\StartupApproved\Run32: => "ASUSWebStorage"
HKLM\...\StartupApproved\Run32: => "ATLauncher"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "Baixar Musicas Gratis Service"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "EEDSpeedLauncher"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "ContentSinder"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "ContentFinder"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "ContentAgent"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "Baixar Musicas Gratis"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "PCLink"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{1C36BE56-8C5B-4A61-B152-EF867BD6FD41}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe
FirewallRules: [UDP Query User{BE8FF75E-CAB6-4F79-BA10-5E39210DE230}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{A4869962-818C-4721-97F6-5836455A6D2F}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{706D1978-6CFA-403B-A96D-CE4EF57F2B5D}C:\program files (x86)\laryon\scanrn\scanrn.exe] => (Allow) C:\program files (x86)\laryon\scanrn\scanrn.exe
FirewallRules: [TCP Query User{C119BDA7-10D6-4121-A321-EF69F592D472}C:\program files (x86)\laryon\scanrn\scanrn.exe] => (Allow) C:\program files (x86)\laryon\scanrn\scanrn.exe
FirewallRules: [{9A2946DF-C1AB-4D35-8946-78FC05E44392}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{DD47139A-EFF4-4089-8CE0-7EAE683DC812}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{DC6EE089-FD58-4171-AED5-D2E88CCE38F5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{361C9687-3428-4A1C-BF44-785397CAF846}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AA28E59F-B380-432D-BFAB-39900ABDAAE5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{30D962FB-8E02-4E87-A919-B6A6672607AF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{FDDD5427-CDE7-43C8-8B1D-75DDBA554087}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{8E75CB0A-967A-4A25-89D8-832AD2BA7CA6}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{EB5F95EB-A0BC-4AB3-B692-67503F3FD1BA}] => (Allow) C:\Users\Carlos Meneses\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{806378F3-BBE7-40C8-A79C-29C7532561AF}] => (Allow) C:\Users\Carlos Meneses\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9A68A2E-B31C-419F-950E-6B7BFB7CDF0C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7C6F3345-B525-40F0-827C-984EC4C8837D}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{FCB6146B-0BE1-4F28-98B1-F2D021C4B939}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{3558F6BD-47EB-44D5-B4A3-18A116A730C0}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{92363E24-A008-425E-A69E-A38F2C9B83F6}] => (Allow) LPort=1900
FirewallRules: [{2792A0DC-C63A-4316-9429-9486B0B1AC97}] => (Allow) LPort=2869
FirewallRules: [{EC09CD54-8260-47B3-9568-329B696B1B5F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{1FF01222-3B2A-432A-AD60-33AD592C080E}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{A14A76E1-B6FC-4F1C-9C32-F0148DEC9DC4}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{615C69AE-660E-4BCA-B3D9-AA5B9CF7A5AE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{2AC0DBF1-C767-48B1-B225-5E4A71DF9BB8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{F12E719F-F2EB-468F-82F4-C058C5AF3AB4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{A2AE0B6E-81EB-4C02-8D95-A3D60FCED189}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{3DAF6C7B-24E0-4D88-98A2-80D7E8A26300}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{238394DF-FB4F-40BA-ABFE-5520D95FDC47}] => (Allow) E:\Setup.exe
FirewallRules: [{F1151E1F-A364-4449-9A9B-BCDA2B0CABF5}] => (Allow) E:\Setup.exe
FirewallRules: [{7D517733-085A-41C8-875E-F1B013347F5A}] => (Allow) E:\setup.exe
FirewallRules: [{00F8E277-FD3C-4AA8-9487-11ED581C5A0A}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{4D0F4C03-339A-49ED-BCDD-7B532D50003A}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{040A1CD4-68BB-45E0-8C2A-827418039591}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{7FB4CD6F-27D0-4C3C-9D54-80665A758549}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{D75248FA-E279-455E-B9F9-87C72601D2C4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{1B9FDA5C-EDEF-4FE2-8CED-786DD3590A30}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{D2380286-C7CC-4980-93B3-BB83C9447681}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{2DD98D3D-5C79-4A79-85EB-527EE202AD4A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{8DDE2E42-A79A-4A23-BA80-8F0A1AABA0EB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{FDC98A2A-364B-415F-8F60-84D877A4CE0C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{D810C47E-81C9-4859-9619-8ABA40ADA6D0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{9015906D-4608-4CAF-BDD6-5579798555E8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{EC30E63E-5571-477A-B993-325E4B153F33}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{D0F3A4A5-1315-445B-B6EC-116020FB7523}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{09328D74-9A3D-42FE-A4E4-DA7C88C068B4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{1C33EF53-F9EA-4244-9766-458ABE69AEA9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{7945F7FD-2BEF-46A8-84F2-EE12F667EF52}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{1659643B-9CFC-4DAD-AE98-1ED889F208F5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{15B903FC-2A79-4EBB-9A20-23B449C2DFCA}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{E7EE2A57-D2AF-4A71-872C-0FC2F9030BD6}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [TCP Query User{888F6B06-5CE9-4265-9A7E-409F31C88AD6}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [UDP Query User{2FE2C7CC-1E56-4FF1-9BB2-6B8B9133A23C}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [TCP Query User{1A02DE0A-452C-460B-BE6E-24D06CE558B5}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{BA9C96B6-C854-41C5-AABC-03D04AB0E628}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{EF7F5530-B0C1-42C9-ABC7-C5A65AB6B829}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{E95D8F68-C445-45D8-9DE3-7A5942D8E0DB}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{1A7A6019-E46A-4944-8F42-4C2A4BAAD9E8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FEB65A60-99B9-4D62-89B3-E24A7137D96E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{30AD0109-9287-4A89-964B-26E2D7B8D82B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F4A9100C-7007-4C0C-B33D-483EA1210991}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6FC857C4-E2D3-4AE2-8F44-A8608ABAC414}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{05695A04-4CA3-4B32-B60C-360850B49796}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{11C26936-304F-4A5F-9A30-4B609BE70E88}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [{BDD85A2C-1F2D-4C8F-8972-2DA616920927}] => (Allow) C:\Program Files (x86)\ASUS\Share Link\ShareLink.exe
FirewallRules: [{B561F26B-E2CE-441C-9C09-4B497590AFF1}] => (Allow) C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe
FirewallRules: [{DA9E94FB-395A-4041-90C6-0CB107AF0F17}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [{14D49690-7D40-4500-9102-0D63555FCBFB}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [TCP Query User{1437E11D-B492-43CD-8DC5-F714C6EB651D}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{939EBC95-FC15-4B4D-8CC0-FBCA6EC70D8C}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [TCP Query User{1CA050FA-E17C-494F-81C4-DFFDD5366F6B}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{7527538A-2EAD-429D-B31D-1D0B0A9EAF2E}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{F78AC53A-337B-4B8B-8766-98D2CE186856}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{0449D5D0-D786-4BCD-8809-1ED54E1D0D1B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C6CAB0ED-D174-4EFA-8716-C5049A132FEC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{45BC9BE2-E88B-4CD0-8C42-F87DCF6FE907}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A9B2509E-A29A-4E9D-8D27-760EA6500579}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
21-11-2017 04:25:29 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (11/26/2017 07:57:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x2d6c
Hora de início do aplicativo com falha: 0x01d3670190521a83
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 00429ce2-5425-49f6-8177-87cee42dde39
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/26/2017 07:42:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x26e4
Hora de início do aplicativo com falha: 0x01d366ff77dfdbd9
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: a14513f6-c8e8-4e66-858b-aed4cf087d6a
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/26/2017 07:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x1b28
Hora de início do aplicativo com falha: 0x01d366fd5f6e431d
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 02917634-33e9-4f79-83da-a27b6385d2a6
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/26/2017 07:12:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x2b94
Hora de início do aplicativo com falha: 0x01d366fb46fc5229
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 5b675325-851e-440e-bd7d-c4184f6016b9
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/26/2017 06:58:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x27c0
Hora de início do aplicativo com falha: 0x01d366f901384f22
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 1942a9a7-d3e8-410e-a4f5-93cb21343df6
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/26/2017 06:30:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x2adc
Hora de início do aplicativo com falha: 0x01d36690c0959665
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: f595c51c-a67d-4251-9ba7-d7c3c32ca945
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/25/2017 06:29:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x2cdc
Hora de início do aplicativo com falha: 0x01d365c771d81efe
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 97ef9b20-17e7-4035-8b9f-664a5d573165
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/24/2017 07:45:38 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL rdyboost do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.
Error: (11/24/2017 07:45:38 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: Coleta de dados de contador de desempenho desabilitada no serviço "Outlook" porque a biblioteca de contadores de desempenho desse serviço gerou um ou mais erros. Os erros que forçaram essa ação foram gravados no log de eventos do aplicativo. Corrija os erros antes de habilitar os contadores de desempenho para esse serviço.
Error: (11/24/2017 07:45:38 AM) (Source: Perflib) (EventID: 1022) (User: )
Description: O Windows não pode abrir a DLL Outlook do contador extensível de 64 bits em um ambiente de 32 bits. Contate o fornecedor do arquivo para obter uma versão de 32 bits. Opcionalmente, se você estiver executando em um ambiente nativo de 64 bits, poderá abrir a DLL do contador extensível de 64 bits usando a versão de 64 bits do Monitor de desempenho. Para usar essa ferramenta, abra a pasta Windows, a pasta System32 e inicie Perfmon.exe.
Erros de Sistema:
=============
Error: (11/27/2017 05:35:17 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (11/27/2017 05:34:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (11/27/2017 05:33:47 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (11/26/2017 07:24:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (11/26/2017 06:58:57 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (11/26/2017 06:44:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Intel(R) Common Connectivity Framework devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (11/26/2017 06:44:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Intel(R) Common Connectivity Framework.
Error: (11/26/2017 06:42:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro:
Não há suporte para o pedido.
Error: (11/26/2017 06:42:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 18:02:59 do dia 26/11/2017 não era esperado.
Error: (11/24/2017 09:24:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 4 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2017-11-27 06:17:14.217
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 06:34:28.108
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-16 05:06:57.473
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-15 08:19:42.951
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-03 08:09:43.657
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-24 01:54:36.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-18 01:41:00.575
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-11 00:37:18.582
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-01 00:44:09.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-18 12:54:39.651
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentagem de memória em uso: 73%
RAM física total: 3917.7 MB
RAM física disponível: 1025.35 MB
Virtual Total: 6861.7 MB
Virtual disponível: 3124.95 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:185.31 GB) (Free:80.12 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:73.82 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0D7C9FC3)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por Carlos Meneses (27-11-2017 06:34:41)
Executando a partir de C:\Users\Carlos Meneses\Downloads
Windows 10 Home Single Language Versão 1703 15063.729 (X64) (2017-08-01 03:27:04)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-211336474-3829928626-3676143547-500 - Administrator - Disabled)
Carlos Meneses (S-1-5-21-211336474-3829928626-3676143547-1001 - Administrator - Enabled) => C:\Users\Carlos Meneses
Convidado (S-1-5-21-211336474-3829928626-3676143547-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-211336474-3829928626-3676143547-503 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{4592BAE7-B99A-47A5-9B6B-3BC236B9D3E9}) (Version: 3.9.145.62246 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.145.62246 - Alcor Micro Corp.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS PC Link (HKLM-x32\...\{52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1) (Version: 3.0.22.1029 - ASUSTEK)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS S Series Product Demo (HKLM-x32\...\{387AA3E2-B9FE-4DA1-A097-A0D2213E8794}) (Version: 1.0.0 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.0 - ASUS)
ASUS Share Link (HKLM-x32\...\{c3bcc1e3-f950-439c-bcae-f01283e9f2a4}_is1) (Version: 1.0.27.0911 - ASUSTEK)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0014 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.27 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0026 - ASUS)
Baixar Musicas Gratis (HKLM-x32\...\Baixar Musicas Gratis_is1) (Version: 3.8.7.0 - Baixar Musicas Gratis Company)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diagnóstico da impressora Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.04 - Samsung Electronics Co., Ltd.)
Divulga versão 14.9.1 (HKLM-x32\...\{B15DA231-5B02-439A-9D33-3B1639508E46}_is1) (Version: 14.9.1 - Justiça Eleitoral)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
Exibir Manual do Usuário (HKLM-x32\...\View User Guide) (Version: 3.60.45.0 - )
Galeria de Fotografias (HKLM-x32\...\{F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (HKLM-x32\...\{F5248B7E-779A-4FA4-8134-D1933D8680FA}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.11.0.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 8.17.0.7943 (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\GoToMeeting) (Version: 8.17.0.7943 - LogMeIn, Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® CCF Manager (HKLM-x32\...\{0f3d8dd5-54af-4404-a01c-4967e485a065}) (Version: 3.0.13.2211 - Intel Corporation)
IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
League of Legends (HKLM-x32\...\{BCCDE721-9F4D-4396-9592-92DD865D965E}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft Office Language Pack 2013 - Portuguese/Português (Brasil) (HKLM\...\Office15.OMUI.pt-br) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
modaltrader (HKLM-x32\...\{3C401051-7776-4D22-A46F-EB6643DCBEA5}) (Version: 1.0.6277.17502 - modalmais) Hidden
modaltrader (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\{d564c39a-15ae-44ec-a207-8bffc9adbbdf}) (Version: 1.0.6277.17502 - modalmais)
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2AC4C6D7-512D-4B78-A85B-2C16E748AB8E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{C32D87E1-6310-4CD5-8D6D-865AFE0E9B4E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0 (x64 pt-BR)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Nelogica NEWF (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\NEWF) (Version: 3.2.3.68 - Nelogica)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Driver do Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 3.0.11 - Portforward, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.35.00(15/04/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.29 (09/09/2015) - Samsung Electronics Co., Ltd.)
ScanRn/ScanRnServer (HKLM-x32\...\ScanRn/ScanRnServer) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0416-1000-0000000FF1CE}_Office15.OMUI.pt-br_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
STCServ (HKLM\...\{A954D353-9DAF-4916-8E71-F1E959EBCD1E}) (Version: 3.0.0.1783 - Intel Corporation) Hidden
Steam Packages (HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\Steam Packages) (Version: - ) <==== ATENÇÃO
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.OMUI.pt-br_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warsaw 1.12.3.5 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.3.5 - GAS Tecnologia)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-211336474-3829928626-3676143547-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Carlos Meneses\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-211336474-3829928626-3676143547-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Carlos Meneses\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-211336474-3829928626-3676143547-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-211336474-3829928626-3676143547-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Carlos Meneses\AppData\Local\Citrix\GoToMeeting\7155\G2MOutlookAddin64.dll => Nenhum Arquivo
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Windows\System32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Intel Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Nenhum Arquivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Nenhum Arquivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0012F1A5-2AB1-4D3A-AE77-95714DCABDB6} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {0710B38E-87A2-401C-AEFA-A1342A30607B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {0A376344-3404-4960-8759-9D0D8286B705} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-07-31] (ASUSTeK Computer Inc.)
Task: {14D3FD0C-6774-4FED-8B18-DC8D6A2C3F86} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-11-21] (Microsoft Corporation)
Task: {1A521956-4D0E-4873-BB56-1673C18519B8} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-cegmjor@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {1CEC71B2-8460-4C7C-B6DB-222D5C1BF37F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {21581C60-3F4E-43C7-BBA3-984EE1E37AAD} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-08-10] ()
Task: {22102787-6359-4F0C-9DC4-8051A4317817} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {275D5BDA-7196-4E42-947A-9A874BE1FA35} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {2A3D89E7-5CAA-46D7-8AC3-FFA3A7DECD8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {2B1B048E-800C-4388-B30E-1D3705EC9CB5} - \WPD\SqmUpload_S-1-5-21-211336474-3829928626-3676143547-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {39D4B79D-69FF-45BD-86D1-2F8E71FC84D0} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {3BE6F3E0-AFCF-48EA-8CEB-0317B4756CF8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {43213609-1294-4406-A50A-BC646551B0BA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {4796E42B-D77A-4E9C-BFAE-A23521956390} - System32\Tasks\G2MUpdateTask-S-1-5-21-211336474-3829928626-3676143547-1001 => C:\Users\Carlos Meneses\AppData\Local\GoToMeeting\7943\g2mupdate.exe [2017-11-18] (LogMeIn, Inc.)
Task: {543A9E5A-6344-4E34-AB5A-061880E3B22D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-06-03] (ASUS)
Task: {5C432082-E105-4915-B584-F13610B3BBE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5D9DA5F3-156C-4173-ABD3-0E84A5DA4E66} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {6190327B-8E94-4557-89BA-7A361A70393E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {636EFAFF-44C1-4AE6-B109-679CA6B12CDC} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {7017E4DC-BC2C-4B63-B732-50F331127F5D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {A2E8F92D-0599-4BDC-BE7B-4AF299B135FE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {A83A8829-CB8B-4868-BBAC-8106F1F50E2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A846B760-A69B-43D7-839D-5470ACBB3314} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {AD4CF4E6-B193-46F0-AED7-41C70C0DBC09} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {AD5777E5-3AC0-4F87-A481-694767D515E6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {B1CEA260-A956-4A0C-88FB-40462FA13F05} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {B3C2ABA3-9478-4189-B0B6-7A10141AE2BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {B5353CBA-17B2-4428-856C-4FF59097BEA9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D69F5932-FE8F-4177-A19D-DB6B71284C5B} - System32\Tasks\G2MUploadTask-S-1-5-21-211336474-3829928626-3676143547-1001 => C:\Users\Carlos Meneses\AppData\Local\GoToMeeting\7943\g2mupload.exe [2017-11-18] (LogMeIn, Inc.)
Task: {D7E3DE38-0EC3-4A06-BC0D-97864589B7E1} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16] (Intel® Corporation)
Task: {DC022C75-19CD-4A47-92A5-70668F70011D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {E2FC0FB9-7951-4D51-B8CE-586C58AA8420} - System32\Tasks\Programa de atualização online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {E3EFC984-9A20-4CE0-A411-661CA0A7DA58} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {EA28DBE6-9E29-4CE9-9B4D-937B193EF7A1} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {EA6674B5-8102-4900-8333-1E563DD81831} - System32\Tasks\ASUS VivoBook => C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe [2013-01-29] (ASUSTeK Computer Inc.)
Task: {FB311977-F737-4838-AE5A-6ACC8B51397F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {FD61D5C0-EAEA-474F-8D7B-85D4DEED2879} - \Microsoft OneDrive Auto Update Task-S-1-5-21-211336474-3829928626-3676143547-1001 -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-211336474-3829928626-3676143547-1001.job => C:\Users\Carlos Meneses\AppData\Local\GoToMeeting\7943\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-211336474-3829928626-3676143547-1001.job => C:\Users\Carlos Meneses\AppData\Local\GoToMeeting\7943\g2mupload.exe
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2014-09-18 11:06 - 2014-09-18 11:06 - 000034304 _____ () C:\WINDOWS\System32\ssm1mlm.dll
2017-01-24 15:36 - 2016-07-17 22:43 - 000499000 _____ () C:\WINDOWS\SysWOW64\spdsvc.exe
2017-03-18 18:58 - 2017-03-18 18:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2012-08-24 22:26 - 2012-08-24 22:26 - 000031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2017-03-18 18:59 - 2017-03-20 02:02 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 000462712 ____C () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 000057208 ____C () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2017-11-11 18:54 - 2017-11-11 18:55 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-11 18:54 - 2017-11-11 18:55 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-11 18:54 - 2017-11-11 18:55 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-06 20:05 - 2017-11-06 20:06 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-11 18:54 - 2017-11-11 18:55 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-11-13 17:40 - 2017-11-10 07:57 - 004135768 ____C () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-13 17:40 - 2017-11-10 07:57 - 000100184 ____C () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2017-03-18 18:58 - 2017-03-18 18:58 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2017-07-10 22:37 - 2017-07-10 22:37 - 002331136 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-07-10 22:37 - 2017-07-10 22:37 - 002836480 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2017-09-13 20:29 - 2017-09-13 20:29 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-01 08:59 - 2017-11-01 09:00 - 001919680 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-11-01 08:59 - 2017-11-01 09:00 - 001226416 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-09-30 14:33 - 2017-09-30 14:33 - 003553704 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-09 17:43 - 2017-10-09 17:43 - 004252672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-30 14:33 - 2017-09-30 14:33 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2013-08-13 15:07 - 2012-06-25 15:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-04-29 15:17 - 2013-04-29 15:17 - 000587264 ____C () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1270]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Carlos Meneses\Cookies:JUyMCvyulB0gcuYHMN1cZ5 [2300]
AlternateDataStreams: C:\Users\Carlos Meneses\AppData\Local\zJBjLBrlf2u:HfQF4C68LF2w94y47l4jhp6SEp5Q [1920]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\caixa.gov.br -> imagem.caixa.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 11:25 - 2016-08-17 22:48 - 000000869 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Diebold - Warsaw"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUSPRP"
HKLM\...\StartupApproved\Run32: => "ASUSWebStorage"
HKLM\...\StartupApproved\Run32: => "ATLauncher"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "Baixar Musicas Gratis Service"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "EEDSpeedLauncher"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "ContentSinder"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "ContentFinder"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "ContentAgent"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "Baixar Musicas Gratis"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\StartupApproved\Run: => "PCLink"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{1C36BE56-8C5B-4A61-B152-EF867BD6FD41}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe
FirewallRules: [UDP Query User{BE8FF75E-CAB6-4F79-BA10-5E39210DE230}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{A4869962-818C-4721-97F6-5836455A6D2F}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{706D1978-6CFA-403B-A96D-CE4EF57F2B5D}C:\program files (x86)\laryon\scanrn\scanrn.exe] => (Allow) C:\program files (x86)\laryon\scanrn\scanrn.exe
FirewallRules: [TCP Query User{C119BDA7-10D6-4121-A321-EF69F592D472}C:\program files (x86)\laryon\scanrn\scanrn.exe] => (Allow) C:\program files (x86)\laryon\scanrn\scanrn.exe
FirewallRules: [{9A2946DF-C1AB-4D35-8946-78FC05E44392}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{DD47139A-EFF4-4089-8CE0-7EAE683DC812}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{DC6EE089-FD58-4171-AED5-D2E88CCE38F5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{361C9687-3428-4A1C-BF44-785397CAF846}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AA28E59F-B380-432D-BFAB-39900ABDAAE5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{30D962FB-8E02-4E87-A919-B6A6672607AF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{FDDD5427-CDE7-43C8-8B1D-75DDBA554087}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{8E75CB0A-967A-4A25-89D8-832AD2BA7CA6}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{EB5F95EB-A0BC-4AB3-B692-67503F3FD1BA}] => (Allow) C:\Users\Carlos Meneses\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{806378F3-BBE7-40C8-A79C-29C7532561AF}] => (Allow) C:\Users\Carlos Meneses\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9A68A2E-B31C-419F-950E-6B7BFB7CDF0C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7C6F3345-B525-40F0-827C-984EC4C8837D}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{FCB6146B-0BE1-4F28-98B1-F2D021C4B939}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{3558F6BD-47EB-44D5-B4A3-18A116A730C0}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{92363E24-A008-425E-A69E-A38F2C9B83F6}] => (Allow) LPort=1900
FirewallRules: [{2792A0DC-C63A-4316-9429-9486B0B1AC97}] => (Allow) LPort=2869
FirewallRules: [{EC09CD54-8260-47B3-9568-329B696B1B5F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{1FF01222-3B2A-432A-AD60-33AD592C080E}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{A14A76E1-B6FC-4F1C-9C32-F0148DEC9DC4}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{615C69AE-660E-4BCA-B3D9-AA5B9CF7A5AE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{2AC0DBF1-C767-48B1-B225-5E4A71DF9BB8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{F12E719F-F2EB-468F-82F4-C058C5AF3AB4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{A2AE0B6E-81EB-4C02-8D95-A3D60FCED189}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{3DAF6C7B-24E0-4D88-98A2-80D7E8A26300}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{238394DF-FB4F-40BA-ABFE-5520D95FDC47}] => (Allow) E:\Setup.exe
FirewallRules: [{F1151E1F-A364-4449-9A9B-BCDA2B0CABF5}] => (Allow) E:\Setup.exe
FirewallRules: [{7D517733-085A-41C8-875E-F1B013347F5A}] => (Allow) E:\setup.exe
FirewallRules: [{00F8E277-FD3C-4AA8-9487-11ED581C5A0A}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{4D0F4C03-339A-49ED-BCDD-7B532D50003A}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{040A1CD4-68BB-45E0-8C2A-827418039591}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{7FB4CD6F-27D0-4C3C-9D54-80665A758549}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{D75248FA-E279-455E-B9F9-87C72601D2C4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{1B9FDA5C-EDEF-4FE2-8CED-786DD3590A30}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{D2380286-C7CC-4980-93B3-BB83C9447681}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{2DD98D3D-5C79-4A79-85EB-527EE202AD4A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{8DDE2E42-A79A-4A23-BA80-8F0A1AABA0EB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{FDC98A2A-364B-415F-8F60-84D877A4CE0C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{D810C47E-81C9-4859-9619-8ABA40ADA6D0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{9015906D-4608-4CAF-BDD6-5579798555E8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{EC30E63E-5571-477A-B993-325E4B153F33}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{D0F3A4A5-1315-445B-B6EC-116020FB7523}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{09328D74-9A3D-42FE-A4E4-DA7C88C068B4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{1C33EF53-F9EA-4244-9766-458ABE69AEA9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{7945F7FD-2BEF-46A8-84F2-EE12F667EF52}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{1659643B-9CFC-4DAD-AE98-1ED889F208F5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{15B903FC-2A79-4EBB-9A20-23B449C2DFCA}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{E7EE2A57-D2AF-4A71-872C-0FC2F9030BD6}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [TCP Query User{888F6B06-5CE9-4265-9A7E-409F31C88AD6}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [UDP Query User{2FE2C7CC-1E56-4FF1-9BB2-6B8B9133A23C}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [TCP Query User{1A02DE0A-452C-460B-BE6E-24D06CE558B5}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{BA9C96B6-C854-41C5-AABC-03D04AB0E628}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{EF7F5530-B0C1-42C9-ABC7-C5A65AB6B829}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{E95D8F68-C445-45D8-9DE3-7A5942D8E0DB}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{1A7A6019-E46A-4944-8F42-4C2A4BAAD9E8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FEB65A60-99B9-4D62-89B3-E24A7137D96E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{30AD0109-9287-4A89-964B-26E2D7B8D82B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F4A9100C-7007-4C0C-B33D-483EA1210991}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6FC857C4-E2D3-4AE2-8F44-A8608ABAC414}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{05695A04-4CA3-4B32-B60C-360850B49796}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{11C26936-304F-4A5F-9A30-4B609BE70E88}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [{BDD85A2C-1F2D-4C8F-8972-2DA616920927}] => (Allow) C:\Program Files (x86)\ASUS\Share Link\ShareLink.exe
FirewallRules: [{B561F26B-E2CE-441C-9C09-4B497590AFF1}] => (Allow) C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe
FirewallRules: [{DA9E94FB-395A-4041-90C6-0CB107AF0F17}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [{14D49690-7D40-4500-9102-0D63555FCBFB}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [TCP Query User{1437E11D-B492-43CD-8DC5-F714C6EB651D}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{939EBC95-FC15-4B4D-8CC0-FBCA6EC70D8C}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [TCP Query User{1CA050FA-E17C-494F-81C4-DFFDD5366F6B}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{7527538A-2EAD-429D-B31D-1D0B0A9EAF2E}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{F78AC53A-337B-4B8B-8766-98D2CE186856}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{0449D5D0-D786-4BCD-8809-1ED54E1D0D1B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C6CAB0ED-D174-4EFA-8716-C5049A132FEC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{45BC9BE2-E88B-4CD0-8C42-F87DCF6FE907}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A9B2509E-A29A-4E9D-8D27-760EA6500579}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
21-11-2017 04:25:29 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (11/26/2017 07:57:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x2d6c
Hora de início do aplicativo com falha: 0x01d3670190521a83
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 00429ce2-5425-49f6-8177-87cee42dde39
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/26/2017 07:42:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x26e4
Hora de início do aplicativo com falha: 0x01d366ff77dfdbd9
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: a14513f6-c8e8-4e66-858b-aed4cf087d6a
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/26/2017 07:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x1b28
Hora de início do aplicativo com falha: 0x01d366fd5f6e431d
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 02917634-33e9-4f79-83da-a27b6385d2a6
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/26/2017 07:12:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x2b94
Hora de início do aplicativo com falha: 0x01d366fb46fc5229
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 5b675325-851e-440e-bd7d-c4184f6016b9
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/26/2017 06:58:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x27c0
Hora de início do aplicativo com falha: 0x01d366f901384f22
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 1942a9a7-d3e8-410e-a4f5-93cb21343df6
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/26/2017 06:30:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x2adc
Hora de início do aplicativo com falha: 0x01d36690c0959665
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: f595c51c-a67d-4251-9ba7-d7c3c32ca945
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/25/2017 06:29:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wwahost.exe, versão: 10.0.15063.674, carimbo de data/hora: 0xe8e657f1
Nome do módulo com falha: biwinrt.dll, versão: 10.0.15063.0, carimbo de data/hora: 0x87ee4a59
Código de exceção: 0xe0464645
Deslocamento da falha: 0x00000000000156f9
ID do processo com falha: 0x2cdc
Hora de início do aplicativo com falha: 0x01d365c771d81efe
Caminho do aplicativo com falha: C:\WINDOWS\system32\wwahost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 97ef9b20-17e7-4035-8b9f-664a5d573165
Nome completo do pacote com falha: YahooInc.YahooMail_1.7.0.23_neutral__xvnatx83ncrvj
ID do aplicativo relativo ao pacote com falha: YahooInc.YahooMail
Error: (11/24/2017 07:45:38 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL rdyboost do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.
Error: (11/24/2017 07:45:38 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: Coleta de dados de contador de desempenho desabilitada no serviço "Outlook" porque a biblioteca de contadores de desempenho desse serviço gerou um ou mais erros. Os erros que forçaram essa ação foram gravados no log de eventos do aplicativo. Corrija os erros antes de habilitar os contadores de desempenho para esse serviço.
Error: (11/24/2017 07:45:38 AM) (Source: Perflib) (EventID: 1022) (User: )
Description: O Windows não pode abrir a DLL Outlook do contador extensível de 64 bits em um ambiente de 32 bits. Contate o fornecedor do arquivo para obter uma versão de 32 bits. Opcionalmente, se você estiver executando em um ambiente nativo de 64 bits, poderá abrir a DLL do contador extensível de 64 bits usando a versão de 64 bits do Monitor de desempenho. Para usar essa ferramenta, abra a pasta Windows, a pasta System32 e inicie Perfmon.exe.
Erros de Sistema:
=============
Error: (11/27/2017 05:35:17 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (11/27/2017 05:34:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (11/27/2017 05:33:47 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (11/26/2017 07:24:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (11/26/2017 06:58:57 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (11/26/2017 06:44:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Intel(R) Common Connectivity Framework devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (11/26/2017 06:44:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Intel(R) Common Connectivity Framework.
Error: (11/26/2017 06:42:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro:
Não há suporte para o pedido.
Error: (11/26/2017 06:42:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 18:02:59 do dia 26/11/2017 não era esperado.
Error: (11/24/2017 09:24:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 4 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2017-11-27 06:17:14.217
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 06:34:28.108
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-16 05:06:57.473
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-15 08:19:42.951
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-03 08:09:43.657
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-24 01:54:36.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-18 01:41:00.575
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-11 00:37:18.582
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-01 00:44:09.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-18 12:54:39.651
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentagem de memória em uso: 73%
RAM física total: 3917.7 MB
RAM física disponível: 1025.35 MB
Virtual Total: 6861.7 MB
Virtual disponível: 3124.95 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:185.31 GB) (Free:80.12 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:73.82 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0D7C9FC3)
Partition: GPT.
==================== Fim de Addition.txt ============================