cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-08-2015 03
Ran by juan (2015-08-23 01:33:03)
Running from C:\Users\juan\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1587237700-1280612641-2327837381-500 - Administrator - Disabled)
Convidado (S-1-5-21-1587237700-1280612641-2327837381-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1587237700-1280612641-2327837381-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1587237700-1280612641-2327837381-1003 - Limited - Enabled)
juan (S-1-5-21-1587237700-1280612641-2327837381-1001 - Administrator - Enabled) => C:\Users\juan
Juanz (S-1-5-21-1587237700-1280612641-2327837381-1004 - Limited - Enabled) => C:\Users\Juanz

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
B1 Free Archiver (HKLM-x32\...\B1FreeArchiver) (Version: 0.0.0.0 - Catalina Group Ltd)
Baidu Browser (HKLM-x32\...\Spark) (Version: 43.18 Preview - Baidu Inc.)
Baidu PC Faster (HKLM-x32\...\Baidu PC Faster 5.1.0.0) (Version: 5.1.3.131061 - Baidu, Inc.) <==== ATTENTION
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.67.1076 - AB Team, d.o.o.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 3.1.0.0368 - Disc Soft Ltd)
Evernote v. 5.8.16 (HKLM-x32\...\{FE336164-3C80-11E5-8D19-0050569584E9}) (Version: 5.8.16.8509 - Evernote Corp.)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
IcoFX 2.7 (HKLM-x32\...\IcoFX 2_is1) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MKV Player 2.1.20 (HKLM-x32\...\MKV Player_is1) (Version: - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 pt-BR)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Popcorn Time (HKU\S-1-5-21-1587237700-1280612641-2327837381-1001\...\Popcorn Time) (Version: - Popcorn Official)
qBittorrent 3.2.3 (HKLM-x32\...\qBittorrent) (Version: 3.2.3 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RealWorld Cursor Editor (HKLM-x32\...\{25A344BB-378D-4E51-9A39-780755012B2D}) (Version: 13.1.0 - RealWorld Graphics)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM-x32\...\Sniper Elite 3_is1) (Version: - Rebellion)
SPlayer (HKLM-x32\...\SPlayer) (Version: - )
The Logo Creator v6 6.0 (HKLM-x32\...\The Logo Creator v6) (Version: 6.0 - Laughingbird Software)
The Logo Creator v6.6 (HKLM-x32\...\The Logo Creator) (Version: v6.6 - Laughingbird Software)
The Settlers Online (HKLM-x32\...\Steam App 354640) (Version: - Blue Byte)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.00.000 - Ubisoft)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\juan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\juan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\juan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\juan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\juan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\juan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\juan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\juan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\juan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587237700-1280612641-2327837381-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\juan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 08:04 - 2015-07-10 08:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {1310E6B7-EE51-4DD4-9C79-BB05E8ABDBF7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-28] (Microsoft Corporation)
Task: {144B4595-8083-46AD-9A9C-84787858898E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1587237700-1280612641-2327837381-1001
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {481EF4A1-9976-411A-8229-79EB42B51FEE} - System32\Tasks\Baidu PC Faster Service => C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [2015-05-13] (Baidu, Inc.)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {79681C5B-029D-4F73-9442-1CC2DC04A3FF} - System32\Tasks\{EE5A77FE-AFBD-4FFC-B2FC-D9B8D742DC4E} => pcalua.exe -a "C:\Program Files (x86)\GUPlayer\Uninstaller.exe" -d "C:\Program Files (x86)\GUPlayer"
Task: {86262CAB-3D26-4035-9521-7A50779C6D38} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\PC Faster\5.1.0.0\Updater.exe [2015-05-07] (Baidu, Inc.)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-29] (Microsoft Corporation)
Task: {920E62C3-1B3A-416D-BEA9-F82316095C3C} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [2015-08-17] (Baidu.com, Inc.)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {E9C81227-A73E-4EC2-BE1B-98F23B30CF31} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (Whitelisted) ==============

2015-07-29 09:11 - 2015-07-29 09:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 12:19 - 2015-08-11 06:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-06 08:35 - 2015-07-30 03:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-06 08:35 - 2015-07-30 03:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-13 08:16 - 2015-08-02 22:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 08:00 - 2015-07-10 13:49 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 12:19 - 2015-08-11 05:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-13 08:16 - 2015-08-02 22:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 08:00 - 2015-07-10 08:00 - 00215352 _____ () c:\windows\system32\WerEtw.dll
2015-08-09 09:01 - 2015-08-17 05:36 - 00982840 _____ () C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
2015-07-10 11:59 - 2015-07-03 13:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-07-10 11:59 - 2015-07-03 13:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-07-10 11:59 - 2015-08-19 17:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-07-10 11:59 - 2014-12-01 18:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-07-10 11:59 - 2014-12-01 18:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-07-10 11:59 - 2014-12-01 18:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-07-10 11:59 - 2014-12-01 18:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-07-10 11:59 - 2014-12-01 18:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-07-10 11:59 - 2015-07-03 13:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-07-10 11:59 - 2015-07-03 13:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-07-10 11:59 - 2015-08-19 17:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 06:11 - 2015-07-26 22:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-07-10 11:59 - 2015-07-03 13:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-09 09:01 - 2015-08-17 05:36 - 00430904 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdminiopenssl.dll
2015-08-09 09:01 - 2015-08-17 05:36 - 01018168 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdxui.dll
2015-08-09 09:02 - 2015-08-17 05:36 - 00321848 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdaccount.dll
2015-08-09 09:02 - 2015-08-17 05:37 - 00521016 _____ () C:\Program Files (x86)\baidu\Baidu Browser\xnet.dll
2015-08-09 09:02 - 2015-08-17 05:36 - 00276792 _____ () C:\Program Files (x86)\baidu\Baidu Browser\p2squery.dll
2015-08-09 09:02 - 2015-08-17 05:36 - 00219448 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdbrowsertray.dll
2015-08-09 09:01 - 2015-08-17 05:36 - 00410936 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdxctrl.dll
2015-08-09 09:01 - 2015-08-17 05:36 - 00581432 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdstatreport.dll
2015-08-09 09:02 - 2015-08-17 05:37 - 00116024 _____ () C:\Program Files (x86)\baidu\Baidu Browser\SparkSafe.dll
2015-08-09 09:02 - 2015-08-09 09:02 - 00083088 _____ () C:\Users\juan\AppData\Roaming\baidu\Spark\sysdata\ExtApp\SnapImg\SnapImg.dll
2015-08-09 09:02 - 2015-08-17 05:36 - 01281848 _____ () C:\Program Files (x86)\baidu\Baidu Browser\libglesv2.dll
2015-08-09 09:02 - 2015-08-17 05:36 - 00080696 _____ () C:\Program Files (x86)\baidu\Baidu Browser\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\147579b99b652317d265864e28:Win32App
AlternateDataStreams: C:\280e9c27fdd5d49dae:Win32App
AlternateDataStreams: C:\8bb7d29a47f9bc23712379ea:Win32App
AlternateDataStreams: C:\b6294729a10ffce53ce73a97ca6ac6:Win32App
AlternateDataStreams: C:\eed34ddfae16d49d804d3d7c014e2a:Win32App
AlternateDataStreams: C:\Program Files\Adobe:Win32App
AlternateDataStreams: C:\Program Files (x86)\IcoFX 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\LogMeIn Hamachi:Win32App
AlternateDataStreams: C:\Program Files (x86)\WinRAR:Win32App
AlternateDataStreams: C:\Users\juan\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1587237700-1280612641-2327837381-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\juan\Desktop\Triangle-Illuminati-Symbolism-Dekstop-Wallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Disc Soft Ultra Bus Service => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: NetTcpHandler => 2
MSCONFIG\Services: PCFasterSvc_{PCFaster_5.1.0.0} => 2
MSCONFIG\Services: Sed => 2
MSCONFIG\Services: SparkUpdater => 3
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-1587237700-1280612641-2327837381-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-1587237700-1280612641-2327837381-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1587237700-1280612641-2327837381-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1587237700-1280612641-2327837381-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1587237700-1280612641-2327837381-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1587237700-1280612641-2327837381-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{C5548515-008B-43FD-8FA4-64B485485C54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E7708345-8348-4C20-9085-8F04B49A0348}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AFE0025D-D272-4B9C-B539-99442E194DA4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E96824AA-C392-496C-9472-977029FF0400}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{8D6F4690-CD31-420A-AAFA-B622E80017DE}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{E7F24824-3471-41A9-ADF1-3E98A218B5F2}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe
FirewallRules: [{D38E957C-418E-4D00-A666-6411CAB713D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{7DE23CF2-9171-4C56-8D01-43E27F455324}E:\jogos (instalador) ---savegames---\zumbiblocks\zumbiblocks.exe] => (Allow) E:\jogos (instalador) ---savegames---\zumbiblocks\zumbiblocks.exe
FirewallRules: [UDP Query User{7D2E5A62-E19B-4637-85E1-B62E9AEBD344}E:\jogos (instalador) ---savegames---\zumbiblocks\zumbiblocks.exe] => (Allow) E:\jogos (instalador) ---savegames---\zumbiblocks\zumbiblocks.exe
FirewallRules: [TCP Query User{CBBB789D-B59A-453A-BC00-EE1E466B97A5}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{3184B26A-A8BC-48E3-BA57-6287AD9BDEB6}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{C2AC697C-5D02-4066-8652-0641F3E252A8}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{DBEA6BE2-005B-4391-9E3F-DF4F59AD57EB}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{74C14F47-E9AE-41AA-BB2E-B0600CE56CD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{2D1CB5E3-9E2C-4076-BF1D-54184D487DA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{28D75B65-91C2-439B-8BE1-2293F8840EE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{929C8043-33CE-44D4-AC25-7C267D17553B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4C43F8F-41B1-4791-A82A-FDE6BABB69A6}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{B6CE9AE5-8BDB-420E-B03A-AA530A2B54BB}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{D7E019F9-349D-4906-B57D-F76C80CA182D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A9CDB065-EC54-4A5F-9E08-97DC46352345}] => (Allow) LPort=2869
FirewallRules: [{6DF433B5-0EFF-44D0-8420-BC8397D15219}] => (Allow) LPort=1900
FirewallRules: [{F662C11F-7ACF-4B50-8E38-45E24CBBB6C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{5AF9285D-F76F-436A-AD59-F5F9E2D5C5C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0BAA487B-7C9D-44F5-A86E-8B77B8DA97A1}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{C5C70835-CFC1-47AB-9E27-F98472E691E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{72B674CA-6AFB-41F5-B350-782189943D41}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe
FirewallRules: [{2E1F047A-D535-49EE-AB14-48CB242CCE9B}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe
FirewallRules: [TCP Query User{3F77FF89-BCDE-47ED-9F03-074B48A2DF6B}C:\users\juan\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\juan\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{8AC78DFD-2B74-44AE-B71F-B79A36EC4E99}C:\users\juan\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\juan\appdata\local\popcorn time\nw.exe
FirewallRules: [{4714D9E8-1E36-499D-94A2-FE368ED38242}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Settlers Online\nw.exe
FirewallRules: [{90996DD5-B776-4556-AB18-9EDA47546151}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Settlers Online\nw.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/22/2015 11:50:48 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5016) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032.

Error: (08/22/2015 11:50:48 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5016) Uma tentativa de criar o arquivo "C:\WINDOWS\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8).

Error: (08/22/2015 11:50:38 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5016) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032.

Error: (08/22/2015 11:50:38 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5016) Uma tentativa de criar o arquivo "C:\WINDOWS\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8).

Error: (08/22/2015 11:50:28 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5016) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032.

Error: (08/22/2015 11:50:28 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5016) Uma tentativa de criar o arquivo "C:\WINDOWS\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8).

Error: (08/22/2015 11:50:17 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5016) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032.

Error: (08/22/2015 11:50:17 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5016) Uma tentativa de criar o arquivo "C:\WINDOWS\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8).

Error: (08/22/2015 11:50:07 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5016) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032.

Error: (08/22/2015 11:50:07 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5016) Uma tentativa de criar o arquivo "C:\WINDOWS\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8).


System errors:
=============
Error: (08/23/2015 01:13:59 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (08/23/2015 01:11:50 AM) (Source: DCOM) (EventID: 10010) (User: JUANCARLOS)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (08/23/2015 01:11:50 AM) (Source: DCOM) (EventID: 10010) (User: JUANCARLOS)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (08/23/2015 01:11:50 AM) (Source: DCOM) (EventID: 10010) (User: JUANCARLOS)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (08/23/2015 01:11:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (08/23/2015 01:11:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (08/23/2015 01:11:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (08/23/2015 01:11:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (08/23/2015 12:17:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Steam Client Service devido ao seguinte erro:
%%1053

Error: (08/23/2015 12:17:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Steam Client Service.


Microsoft Office:
=========================
Error: (08/22/2015 11:50:48 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5016-1032

Error: (08/22/2015 11:50:48 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5016C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Acesso negado.

Error: (08/22/2015 11:50:38 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5016-1032

Error: (08/22/2015 11:50:38 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5016C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Acesso negado.

Error: (08/22/2015 11:50:28 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5016-1032

Error: (08/22/2015 11:50:28 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5016C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Acesso negado.

Error: (08/22/2015 11:50:17 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5016-1032

Error: (08/22/2015 11:50:17 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5016C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Acesso negado.

Error: (08/22/2015 11:50:07 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5016-1032

Error: (08/22/2015 11:50:07 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5016C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Acesso negado.


CodeIntegrity:
===================================
Date: 2015-08-05 20:16:37.031
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-05 20:16:36.850
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-05 20:16:35.743
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-05 20:16:35.657
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-05 20:16:35.264
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-05 20:16:34.847
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-05 20:16:33.073
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-05 20:16:32.883
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-05 20:16:31.864
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-05 20:16:31.737
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU G1610 @ 2.60GHz
Percentage of memory in use: 46%
Total physical RAM: 3991.86 MB
Available physical RAM: 2141.45 MB
Total Virtual: 6423.86 MB
Available Virtual: 4338.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:175.14 GB) (Free:5.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (IMAGENS) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
Drive e: (JUAN E.E) (Fixed) (Total:122.07 GB) (Free:0.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 93859385)
Partition 1: (Active) - (Size=175.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=122.1 GB) - (Type=07 NTFS)

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité