cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-08-2015 02
Ran by NEWUSU (2015-08-26 10:52:23)
Running from C:\Users\NEWUSU\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4220064015-3225715080-1381729876-500 - Administrator - Disabled)
arthur (S-1-5-21-4220064015-3225715080-1381729876-1002 - Limited - Enabled) => C:\Users\arthur
Convidado (S-1-5-21-4220064015-3225715080-1381729876-501 - Limited - Enabled) => C:\Users\Convidado.SERVIDOR
NEWUSU (S-1-5-21-4220064015-3225715080-1381729876-1001 - Administrator - Enabled) => C:\Users\NEWUSU
Servidor (S-1-5-21-4220064015-3225715080-1381729876-1003 - Administrator - Enabled) => C:\Users\Servidor.SERVIDOR

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
µTorrent (HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
BB Token Admin Tool (HKLM-x32\...\{95A34656-CD4A-45A0-BAB8-AB950EFCBEBF}) (Version: 1.1.1 - Watchdata Technologies Pte., Ltd.)
CALL - Vs5 (HKLM-x32\...\CALL_VS5) (Version: 5 - CCAA)
CALL Vs.5 (x32 Version: 5 - CCAA) Hidden
Camtasia Studio 8 (HKLM-x32\...\{904AC0F0-F69E-467E-A719-B083940F608A}) (Version: 8.5.2.1999 - TechSmith Corporation)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cobian Backup 10 (HKLM-x32\...\CobBackup10) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Firebird 2.5.1.26351 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.1.26351 - Firebird Project)
Five Nights at Freddy's 2 v1.0 (HKLM-x32\...\Five Nights at Freddy's 2 v1.0_is1) (Version: - )
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
hppLaserJetService (x32 Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (x32 Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (x32 Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
LiveUpdate 3.2 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.2.0.68 - Symantec Corporation)
Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
Norton Ghost (HKLM-x32\...\{B0255743-165B-4BD5-8DA8-37DFB9930015}) (Version: 15.0.0.35659 - Symantec Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{503D2C42-D698-43BC-97FE-3610F4E8CDDC}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{6BF729A5-756B-4AA5-8721-E3B3972FEB96}) (Version: 1.00.0198 - REALTEK Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
Unity (HKLM-x32\...\Unity) (Version: 5.1.2f1 - Unity Technologies ApS)
VNC Free Edition 4.1.1 (HKLM-x32\...\RealVNC_is1) (Version: 4.1.1 - RealVNC Ltd.)
Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

21-08-2015 08:23:05 Ponto de Verificação Agendado
22-08-2015 15:36:15 avast! antivirus system restore point
24-08-2015 05:04:04 Windows Update
26-08-2015 09:58:58 ZHPFix Restore System Point
26-12-2015 07:27:12 Ponto de Verificação Agendado

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-02-04 08:53 - 2014-09-01 09:39 - 00000970 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 oscount.techsmith.com
127.0.0.1 65.52.240.48
127.0.0.1 69.167.144.18


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FB2B336-BC64-4868-96A1-7DFF028CAF1E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-25] (Adobe Systems Incorporated)
Task: {3F5E3C2D-630E-4C29-AF09-E71CC8590A55} - \APSnotifierPP2 -> No File <==== ATTENTION
Task: {427CFD6E-A6AE-42B5-94F3-88C0CDE21851} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-22] (AVAST Software)
Task: {7F786ECB-2FCC-439C-B762-AF06353C6F86} - \APSnotifierPP3 -> No File <==== ATTENTION
Task: {96EB286C-3BF9-47DC-8FE0-4D03DB33D3F5} - \APSnotifierPP1 -> No File <==== ATTENTION
Task: {AE65F7AC-CE6D-48D0-A0DC-0C4309C65915} - System32\Tasks\{60DB1F8F-EC97-4309-A08B-4707B1F6D67F} => pcalua.exe -a C:\Users\servidor\AppData\Roaming\uTorrent\uTorrent.exe -c /UNINSTALL
Task: {BAAEF443-FED0-49B5-874D-99DAF49AD41D} - System32\Tasks\{829AD981-F71F-45C2-9CD1-82CA969E91B2} => pcalua.exe -a C:\Users\Servidor.SERVIDOR\Desktop\ZHPFix.exe -d C:\Users\Servidor.SERVIDOR\Desktop
Task: {C1584255-98F7-4E76-B89F-DE597997EC20} - \SmartWeb Upgrade Trigger Task -> No File <==== ATTENTION
Task: {E0994E4F-9859-40FE-9958-F59FF6DA7A8D} - \NetEngine -> No File <==== ATTENTION
Task: {F99F6A0D-4298-4305-8B54-89D7D1F55041} - System32\Tasks\{4B60F0E6-CB1F-45D3-B1CD-F19E2A6C4FEE} => pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag"
Task: {FAF6D6F3-AC4F-4AAB-9134-21B6D845D594} - System32\Tasks\{B660AFDC-24A2-4A2B-971C-EA18147EFC19} => pcalua.exe -a "C:\Users\servidor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BTQOW3GC\vnc-4_1_1-x86_win32.exe" -d C:\Users\servidor\Desktop

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-02 15:42 - 2012-09-29 13:25 - 00409088 _____ () C:\Windows\System32\HPM1210LM.DLL
2014-12-20 10:39 - 2012-09-29 13:25 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2015-08-22 15:37 - 2015-08-22 15:37 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-22 15:37 - 2015-08-22 15:37 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-25 16:02 - 2015-08-25 16:02 - 02961408 _____ () C:\Program Files\AVAST Software\Avast\defs\15082501\algo.dll
2015-08-26 09:33 - 2015-08-26 09:33 - 02961408 _____ () C:\Program Files\AVAST Software\Avast\defs\15082603\algo.dll
2015-03-05 20:03 - 2015-03-05 20:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-10-15 11:13 - 2009-10-15 11:13 - 00061440 _____ () C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2009-10-15 11:13 - 2009-10-15 11:13 - 00964096 _____ () C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2014-12-20 10:37 - 2012-11-08 00:00 - 00082944 _____ () C:\Windows\system32\mvusbews.DLL
2014-08-16 16:10 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-05-09 14:53 - 2012-08-28 16:54 - 00114688 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Windows\System32:BB9600F7_Bb.gbp

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\.DEFAULT\...\bb.com.br -> hxxps://seg.bb.com.br


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\NEWUSU\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4220064015-3225715080-1381729876-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Servidor.SERVIDOR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^servidor^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TeamViewer 9.lnk => C:\Windows\pss\TeamViewer 9.lnk.Startup
MSCONFIG\startupreg: Cobian Backup 10 => "C:\Arquivos de programas\Cobian Backup 10\Cobian.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{AD624520-2179-4817-A81C-0515A03A58B7}C:\logtec\ltagentserver\ltagentserver.exe] => (Allow) C:\logtec\ltagentserver\ltagentserver.exe
FirewallRules: [UDP Query User{21A75F8C-80CD-49DC-A957-A969F9BAA01B}C:\logtec\ltagentserver\ltagentserver.exe] => (Allow) C:\logtec\ltagentserver\ltagentserver.exe
FirewallRules: [TCP Query User{1B1EC04A-3D2C-4A3F-AB20-5305A785EA9A}C:\logtec\ltconcserver\ltconcserver.exe] => (Allow) C:\logtec\ltconcserver\ltconcserver.exe
FirewallRules: [UDP Query User{E7954592-9BE7-47C7-A4BA-CA903EEDDF4E}C:\logtec\ltconcserver\ltconcserver.exe] => (Allow) C:\logtec\ltconcserver\ltconcserver.exe
FirewallRules: [{975EDD2A-34F4-4022-B656-BA313B5DAC0F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E2256731-0AE7-4C78-BFD0-CD03BE0B3C56}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{61F74626-F210-4DF5-922C-2AD575A592D3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{0FA91199-1D75-4326-8AD6-CEB87C169F9D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{E9566E66-B0C7-4BF4-BAA8-322BCAC3D3BA}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{9433746B-96DE-4AA4-AF15-EC17B2A01A52}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{11428607-247A-47B6-903D-67CA758394C8}] => (Allow) LPort=2869
FirewallRules: [{819A0C48-5394-4B6E-9491-4711A0321A4F}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{C7935616-DEB5-48BD-BF25-494BCCDCDB4B}C:\logtec\ltagentserver\ltagentserver.exe] => (Block) C:\logtec\ltagentserver\ltagentserver.exe
FirewallRules: [UDP Query User{2DBFDDCE-0CAC-4F71-BCD3-C3CC1DBB2020}C:\logtec\ltagentserver\ltagentserver.exe] => (Block) C:\logtec\ltagentserver\ltagentserver.exe
FirewallRules: [TCP Query User{2FC3C4B6-0647-494B-AC68-CEA44ECF32E9}C:\logtec\ltconcserver\ltconcserver.exe] => (Block) C:\logtec\ltconcserver\ltconcserver.exe
FirewallRules: [UDP Query User{B7952136-E2C6-4412-A336-1A59CB9828A2}C:\logtec\ltconcserver\ltconcserver.exe] => (Block) C:\logtec\ltconcserver\ltconcserver.exe
FirewallRules: [{4DD50ABF-888C-42EA-8CC9-4EDF010FE8F2}] => (Allow) LPort=49355
FirewallRules: [{94DFA3AD-A723-4343-A3A5-8269E532F0B5}] => (Allow) LPort=5000
FirewallRules: [{18C1F184-7804-42F1-A5CB-C49730FFF753}] => (Allow) LPort=49262
FirewallRules: [{1C24ED92-DD3C-41BC-8411-6B366986118D}] => (Allow) LPort=5000
FirewallRules: [{44ACF09F-3EAE-4F47-842A-31FA5A56C6B3}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{E17752F5-A94A-4EFC-B774-A9EDC775A4AE}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{31A90B13-1086-42BA-B3A4-9A5AB50E910A}] => (Allow) LPort=1542
FirewallRules: [{53F7152D-A0F3-4660-BCAA-D576A51E2081}] => (Allow) LPort=1542
FirewallRules: [{C72C8EE3-6522-4D7C-8961-2BF0506F091E}] => (Allow) LPort=53
FirewallRules: [{AE0834C0-F735-4F9B-9E1D-9E2A23D29106}] => (Allow) LPort=67
FirewallRules: [{F36F14F0-C465-401A-94E5-50DDB999DDB8}] => (Allow) LPort=68
FirewallRules: [{4B4642EF-0B1E-42A3-A69E-0C5BC9F706B7}] => (Allow) LPort=53
FirewallRules: [{A20E0DD3-3339-4304-B91B-B879F7B93F69}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{B82AF5A2-F3FB-4705-9CAD-345F689D4E41}] => (Allow) LPort=53
FirewallRules: [{9DF27CD3-799B-4CFD-98EA-F0F5856EF30C}] => (Allow) LPort=8317
FirewallRules: [{E5E25A89-69ED-46EA-A6E6-3B2702306F33}] => (Allow) C:\Users\NEWUSU\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E2CD00F0-EFE1-4FF1-957F-01E106F7F662}] => (Allow) C:\Users\NEWUSU\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4BD1A1D1-90B4-4BC6-9DBC-9CCB806BB035}] => (Allow) C:\Users\NEWUSU\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AD19D7C6-F41E-4202-A818-560079D94757}] => (Allow) C:\Users\NEWUSU\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{575BA1AD-721F-4F8A-9633-315718888290}] => (Allow) C:\Users\NEWUSU\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{275D3DE9-1CCB-47F1-A556-9D7C38FC0437}] => (Allow) C:\Users\NEWUSU\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F49D1D77-DA85-47F6-A728-9939EB239425}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe

==================== Faulty Device Manager Devices =============

Name: Bnbase
Description: Bnbase
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bnbase
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Baidu NetDefense
Description: Baidu NetDefense
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bndef
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Baidu Protect
Description: Baidu Protect
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bprotect
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/25/2015 12:06:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de hora: 0x55c116b1
Nome do módulo de falhas: jucheck.exe, versão: 2.8.60.27, carimbo de hora: 0x55c116b1
Código de exceção: 0x40000015
Deslocamento com falha: 0x00052d24
Identificação do processo com falha: 0x838
Hora de início do aplicativo com falha: 0xjucheck.exe0
Caminho do aplicativo com falha: jucheck.exe1
FCaminho do módulo de falhas: jucheck.exe2
Identificação do Relatório: jucheck.exe3

Error: (08/22/2015 05:32:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: svchost.exe_RpcEptMapper, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc3c1
Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000007000a
Identificação do processo com falha: 0x364
Hora de início do aplicativo com falha: 0xsvchost.exe_RpcEptMapper0
Caminho do aplicativo com falha: svchost.exe_RpcEptMapper1
FCaminho do módulo de falhas: svchost.exe_RpcEptMapper2
Identificação do Relatório: svchost.exe_RpcEptMapper3

Error: (08/17/2015 09:48:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Inicializador.exe versão 12.1.1.6 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: b2c

Hora de Início: 01d0d8eadad49a7b

Hora de Término: 0

Caminho do Aplicativo: C:\Logtec\Inicializador\Inicializador.exe

Id do Relatório: 2c3596a3-44de-11e5-88a9-94de80f1e383

Error: (08/15/2015 01:26:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa FormatFactory.exe versão 3.6.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 126c

Hora de Início: 01d0d7771c009ff9

Hora de Término: 15

Caminho do Aplicativo: C:\Users\servidor\Desktop\FormatFactory\FormatFactory.exe

Id do Relatório: 673e228a-436a-11e5-8e5e-94de80f1e383

Error: (08/15/2015 01:23:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa FormatFactory.exe versão 3.6.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 430

Hora de Início: 01d0d77681b32c94

Hora de Término: 0

Caminho do Aplicativo: C:\Users\servidor\Desktop\FormatFactory\FormatFactory.exe

Id do Relatório: d99d22ba-4369-11e5-8e5e-94de80f1e383

Error: (08/14/2015 01:53:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 6.1.7601.17567 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 114c

Hora de Início: 01d0d6b16b9d02c6

Hora de Término: 15

Caminho do Aplicativo: C:\Windows\explorer.exe

Id do Relatório:

Error: (08/14/2015 01:52:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.1.7601.17567 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 9e8

Hora de Início: 01d0d6b0386ed6bd

Hora de Término: 60000

Caminho do Aplicativo: C:\Windows\Explorer.EXE

Id do Relatório:

Error: (08/14/2015 11:53:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.1.7601.17567 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 828

Hora de Início: 01d0d6a094601ef7

Hora de Término: 31

Caminho do Aplicativo: C:\Windows\Explorer.EXE

Id do Relatório: 2c3e8fbc-4294-11e5-9da6-94de80f1e383

Error: (08/12/2015 08:59:20 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: O serviço Pesquisa do Windows está sendo interrompido devido a um problema no indexador:The catalog is corrupt.

Detalhes:
O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/12/2015 08:59:20 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Não é possível inicializar o índice.

Detalhes:
O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (08/26/2015 09:58:52 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NEWUSU\AppData\Local\Temp\catchme.sys foi impedido de carregar devido a uma incompatibilidade com este sistema. Contate o fornecedor do software para obter uma versão compatível do driver.

Error: (08/26/2015 09:58:52 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NEWUSU\AppData\Local\Temp\catchme.sys foi impedido de carregar devido a uma incompatibilidade com este sistema. Contate o fornecedor do software para obter uma versão compatível do driver.

Error: (08/26/2015 09:58:50 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NEWUSU\AppData\Local\Temp\catchme.sys foi impedido de carregar devido a uma incompatibilidade com este sistema. Contate o fornecedor do software para obter uma versão compatível do driver.

Error: (08/26/2015 09:58:50 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NEWUSU\AppData\Local\Temp\catchme.sys foi impedido de carregar devido a uma incompatibilidade com este sistema. Contate o fornecedor do software para obter uma versão compatível do driver.

Error: (08/26/2015 09:58:49 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NEWUSU\AppData\Local\Temp\catchme.sys foi impedido de carregar devido a uma incompatibilidade com este sistema. Contate o fornecedor do software para obter uma versão compatível do driver.

Error: (08/26/2015 09:33:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (08/26/2015 09:33:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (08/26/2015 09:32:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (08/26/2015 09:32:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
Bnbase
Bndef
Bprotect
gbpddfac

Error: (08/25/2015 07:35:25 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: A operação de E/S foi anulada devido a uma saída de thread ou a uma requisição de aplicativo.Watchdata USB CCID Key 0GET_STATEXX XX XX XX


Microsoft Office:
=========================
Error: (08/25/2015 12:06:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.60.2755c116b1jucheck.exe2.8.60.2755c116b14000001500052d2483801d0df4796bf0b40C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exed85ad9fe-4b3a-11e5-a8a6-94de80f1e383

Error: (08/22/2015 05:32:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_RpcEptMapper6.1.7600.163854a5bc3c1unknown0.0.0.000000000c0000005000000000007000a36401d0dcf8f5a0fa7bC:\Windows\system32\svchost.exeunknowne18179de-490c-11e5-b4e2-94de80f1e383

Error: (08/17/2015 09:48:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Inicializador.exe12.1.1.6b2c01d0d8eadad49a7b0C:\Logtec\Inicializador\Inicializador.exe2c3596a3-44de-11e5-88a9-94de80f1e383

Error: (08/15/2015 01:26:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FormatFactory.exe3.6.0.0126c01d0d7771c009ff915C:\Users\servidor\Desktop\FormatFactory\FormatFactory.exe673e228a-436a-11e5-8e5e-94de80f1e383

Error: (08/15/2015 01:23:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FormatFactory.exe3.6.0.043001d0d77681b32c940C:\Users\servidor\Desktop\FormatFactory\FormatFactory.exed99d22ba-4369-11e5-8e5e-94de80f1e383

Error: (08/14/2015 01:53:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.17567114c01d0d6b16b9d02c615C:\Windows\explorer.exe

Error: (08/14/2015 01:52:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.175679e801d0d6b0386ed6bd60000C:\Windows\Explorer.EXE

Error: (08/14/2015 11:53:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756782801d0d6a094601ef731C:\Windows\Explorer.EXE2c3e8fbc-4294-11e5-9da6-94de80f1e383

Error: (08/12/2015 08:59:20 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Detalhes:
O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (08/12/2015 08:59:20 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Detalhes:
O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801)


CodeIntegrity:
===================================
Date: 2015-08-26 09:58:52.315
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-26 09:58:52.268
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-26 09:58:52.222
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-26 09:58:52.175
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-26 09:58:50.849
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-26 09:58:50.802
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-26 09:58:50.755
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-26 09:58:50.708
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-26 09:58:49.258
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-26 09:58:49.211
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G2030 @ 3.00GHz
Percentage of memory in use: 70%
Total physical RAM: 3987.71 MB
Available physical RAM: 1183.77 MB
Total Virtual: 7973.63 MB
Available Virtual: 4776.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:408.95 GB) NTFS
Drive d: (CALL-PEC2) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS
Drive f: () (Removable) (Total:7.44 GB) (Free:5.1 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F0146396)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité