cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x86) Version:04-11-2015
Ran by casal (2015-11-05 17:46:42)
Running from C:\Users\casal\Downloads
Microsoft Windows 10 Home (X86) (2015-08-15 01:34:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2364669226-1398954891-4146519358-500 - Administrator - Disabled)
casal (S-1-5-21-2364669226-1398954891-4146519358-1000 - Administrator - Enabled) => C:\Users\casal
Convidado (S-1-5-21-2364669226-1398954891-4146519358-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2364669226-1398954891-4146519358-503 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 8.1.4 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.7.1878 - CDBurnerXP)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver 1.2 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.2 - OEM)
Driver Restore (HKLM\...\Driver Restore) (Version: 2.4.0.0 - 383 Media, Inc.)
Dropbox (HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
eXe -- eLearning XHTML editor (HKLM\...\exe) (Version: - eXe Project)
Galeria de Fotos (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gerenciador de Inicialização Positivo (HKLM\...\{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1) (Version: 1.0.16.1 - Positivo Informática S.A.)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
Intel Driver Update Utility (HKLM\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2230 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IPM 1.5 (HKLM\...\{AADF4228-0772-4D43-92EB-B245E3A17B00}) (Version: 1.5 - OEM)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil)
Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Ethernet Adapter NDIS Driver (HKLM\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.45.0 - JMicron Technology Corp.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office com Clique para Executar 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 pt-BR) (HKLM\...\Mozilla Firefox 41.0.2 (x86 pt-BR)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mundo Positivo (HKLM\...\{AAB13E97-449B-4D5B-BDE2-AB47B938B722}_is1) (Version: 1.3.8.0 - Positivo Informática S.A.)
OSD 1.7 (HKLM\...\{5A9C96FE-1376-45E1-8556-C81255F0B5A7}) (Version: 1.7 - OEM)
Positivo Ajudante (HKLM\...\{4F44FDC9-6B66-4549-882A-7D5C4E3A79A2}_is1) (Version: 1.4.0.2 - Positivo Informática S.A)
Positivo Áudio (HKLM\...\{D00FA097-5115-400D-84AD-4ADEF3EBDB5E}_is1) (Version: 1.4.1.0 - Positivo Informática S.A.)
Positivo Backup (HKLM\...\{387B3DFA-BB12-45E6-B431-4A7BF2EBD985}_is1) (Version: 1.5.2.2 - Positivo Informática S.A.)
Positivo Bateria (HKLM\...\{FD6F6859-2863-4ABB-87D0-A263F3E9FF45}_is1) (Version: 1.4.4.0 - Positivo Informática S.A.)
Positivo Conversor 3D (HKLM\...\{D0582368-2DFF-48EA-AC8D-1FA8E31CA38C}_is1) (Version: 1.0.0.7 - Positivo Informática S.A.)
Positivo NIS 2011 License Activator (HKLM\...\{5400FA29-4A55-4EB9-AD27-AF20DBD334E1}_is1) (Version: 1.1.0.0 - Positivo Informática S.A.)
Positivo Sincronize (HKLM\...\{6DA3261A-DCEB-401A-ABE0-A367C252B86C}_is1) (Version: 1.5.3.0 - Positivo Informática S.A.)
Positivo WebCam (HKLM\...\{E11C7438-7550-4676-92CE-846CC5DA3548}_is1) (Version: 1.5.1.0 - Positivo Informática S.A.)
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.4.0 - Ralink)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0174 - REALTEK Semiconductor Corp.)
Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Software básico do dispositivo HP Deskjet 3050 J610 series (HKLM\...\{6FC163A1-3774-4918-8565-47F4FF0DF8B7}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Software de Cadastro Positivo 6.0 (HKLM\...\{4A33ECF3-6AC6-4A9B-932C-4E81625423C7}_is1) (Version: 6.0.0.0 - Positivo Informática)
SpywareBlaster 5.2 (HKLM\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
TP-LINK Wireless Client Utility (HKLM\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
Tutorial 1.0 (HKLM\...\{1C86726E-4A85-4322-8A1C-56EDE170FAB5}_is1) (Version: 1.0.0.0 - Positivo Informática)
Unchecky v0.4 (HKLM\...\Unchecky) (Version: 0.4 - RaMMicHaeL)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Webcam 1.5 (HKLM\...\{39B78651-6FD2-4752-BE68-C3BDB6F2D9EE}) (Version: 1.5 - OEM)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WordPress (HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\wordpress-31007ec6fe23480d7b5eadfb17445965) (Version: 2.2 - Mozilla Apps)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\casal\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe => No File
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\casal\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe => No File
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\casal\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\casal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll => No File
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\casal\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)

==================== Restore Points =========================

18-10-2015 23:23:34 Backup do Windows
27-10-2015 18:27:37 Ponto de Verificação Agendado
03-11-2015 22:20:24 Ponto de Verificação Agendado

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-03-03 14:43 - 2015-11-04 03:34 - 00001235 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00C39C86-E733-41F9-8913-3DB7FE4EF13A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {05C88CBA-376A-4587-9BED-37D5E21E8A84} - System32\Tasks\{77C3D12E-6621-4F9F-92A0-E420B3B88C4F} => pcalua.exe -a C:\PROGRA~1\NETRAT~1\NetSight\NSSetup.exe -c /uninstall
Task: {06C8318D-B39E-4462-8F54-C14099EB5C08} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0E24767B-4193-4C64-9441-B542AAFE81E3} - System32\Tasks\{0DD0F863-9D52-4870-A560-2380B9CC6A63} => Chrome.exe
Task: {1075A74F-EF14-4700-AB47-E27897F4D11A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000UA => C:\Users\casal\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {1079D203-51E0-4299-A17B-03577D43FE3A} - System32\Tasks\{6A51DC2C-9DCA-48BB-9E99-F721479AF6E7} => Chrome.exe
Task: {11319DDE-0260-49F2-918D-68C913E2A7EB} - System32\Tasks\{9F466F0D-28B8-49A8-BA81-29492BEEF9BB} => Chrome.exe
Task: {1D7AF179-48AC-4287-8248-3181044F000F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000UA => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2052721E-B17D-4340-B609-3F41854C6251} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {22D477EC-DA79-4CC6-A19F-4FDB94351864} - System32\Tasks\{6C0FDFCA-0081-464D-8B36-CDE9C7AC4E93} => Chrome.exe
Task: {24697A66-AAE5-4A2C-9368-5CC71EB22989} - System32\Tasks\{410C36AD-4055-4872-81C0-E9EEF31A781A} => C:\Program Files\Norton Internet Security\Engine\19.9.0.9\uistub.exe
Task: {268534DA-449B-4E48-A24C-6048C2F06A72} - System32\Tasks\{1BA8F945-04BA-4AED-AB36-5A4A452EEB01} => Chrome.exe
Task: {2A15E683-1BE4-4862-82EC-33794EE9D260} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000Core => C:\Users\casal\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {2AF0DB67-B87F-4369-BC79-A90F93193544} - System32\Tasks\{54046C9D-0C94-4FBA-AAB9-F47D07EC2927} => Chrome.exe
Task: {2BBD0B62-9F67-4765-B8C7-F696BCEE9891} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2E254A0E-6820-44DC-8A6A-E19A2FB6CC0A} - System32\Tasks\{532103EA-8BB4-4606-ACDC-0EF38D17B960} => pcalua.exe -a "E:\Sharp c260m -PCL5C-0706a-XPVistax64\setup.exe" -d "E:\Sharp c260m -PCL5C-0706a-XPVistax64"
Task: {32012730-E320-4CA4-9074-9461A0BA4D83} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {33E08388-F37B-42C9-9E9C-D5E19E9111C5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3427D40D-A58C-42F3-AF8A-1187B23DD915} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {34AE7C9B-6B76-4D8A-B813-57D0DAA364DC} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation)
Task: {355B03C3-AF4E-4AE7-A6E6-29309EA50BD2} - System32\Tasks\{248790DF-D5AF-4840-ABD4-BA8566CF0511} => Chrome.exe
Task: {3BBD99A3-C749-4DC0-9B9C-1D3BB51928BB} - System32\Tasks\{A12685BF-9102-4465-8B2B-05FC2B80E3AF} => Chrome.exe
Task: {3E9F52B8-77FD-49B2-B532-9267C48F6169} - System32\Tasks\{7161C7D9-CE1A-4527-A4DE-D8A549EDD3DB} => pcalua.exe -a C:\Users\casal\Downloads\jre-8u45-windows-i586-iftw.exe -d C:\Users\casal\Downloads
Task: {44AB0D1D-F5C4-45BF-8F70-CB8C9CEA866A} - System32\Tasks\{4D2C01EF-450D-4959-8491-3A2744483442} => Chrome.exe
Task: {47824B28-00D4-4049-8922-19553196C545} - System32\Tasks\{890FDB3C-DA4B-47DB-B70E-27E8FFC63ACE} => C:\Program Files\Norton Internet Security\Engine\19.9.0.9\uistub.exe
Task: {5435E959-87FF-43A8-A683-D058020961D3} - System32\Tasks\{77A27842-D072-419D-8D89-2634AD44BF5A} => pcalua.exe -a C:\Users\casal\Downloads\Receitanet-1.04.exe -d C:\Users\casal\Downloads
Task: {563621E8-3393-4877-A5B5-C7BE4678BB74} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {5D3A4231-A4BF-4BA6-9A85-978A4F256C1D} - System32\Tasks\{A59BEC52-E4B8-49C9-89CE-EE1F377E4138} => Chrome.exe
Task: {6203C21B-E4B4-42C8-8AB2-D9535CF154D8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {632933D8-8C96-4235-BB5F-2A9CE5644036} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> No File <==== ATTENTION
Task: {648E27EA-AD4B-4362-8A79-6AB6EA154237} - System32\Tasks\{AA22BC3B-9A4F-4522-8D56-3E0ADF29F1AF} => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {66154A41-99B0-45C1-951C-173A0C267217} - System32\Tasks\{8F99B308-F8FF-4076-ACD0-03F7CBF3E68E} => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {6ABF6F92-6763-4963-9E20-D2C212BCEC5C} - System32\Tasks\{56021F95-488E-4FC3-9553-621D91512186} => Chrome.exe
Task: {6EDEB4E6-B244-4726-B425-AF334935108B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {789CF3E5-2457-42A2-892F-9D15D66E1AD4} - System32\Tasks\{12121ECC-8DBE-4945-9C9F-E7F73208044E} => pcalua.exe -a "C:\Program Files\ZHPDiag\ZHPhep.exe" -d "C:\Program Files\ZHPDiag"
Task: {7CA6BC86-8857-43C1-8C38-62D646714DDA} - System32\Tasks\{530E5E59-6E8A-46B0-8D48-1E6A07649722} => pcalua.exe -a C:\Users\casal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSetup.exe -c /uninstall
Task: {7CD0F49B-0F8C-41B6-BFC7-58DF619EFDA8} - System32\Tasks\{181D28A9-04FE-4E02-B0FD-4232ABE545BA} => Chrome.exe
Task: {83AEB79D-1B54-4110-A714-6FE86EF3964B} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> No File <==== ATTENTION
Task: {8A2F105C-5661-43BD-99EF-B9A38A5C38E6} - System32\Tasks\{C3722DD0-F602-4681-A9D1-4CDE6D60A9BB} => Firefox.exe
Task: {8A4799B9-E549-4555-9819-FC956DC45A7C} - System32\Tasks\{0FDF2D55-ED79-4D7D-8C6B-F578BEE678D7} => Chrome.exe
Task: {8BBDF691-B311-4AD8-ACF1-002C3BE7FEAE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {939D7229-C2CB-4629-883C-91FE520ACD18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {95757E7B-7A54-428A-9ECA-CB19A3496D63} - System32\Tasks\{AD3948B1-181B-49ED-8CCD-0A7D7837FD33} => pcalua.exe -a C:\Users\casal\Downloads\zoek(1)\zoek.com -d C:\Users\casal\Downloads\zoek(1)
Task: {96522C20-FA13-48C5-8DB4-0959DF5436D7} - System32\Tasks\{E5A98349-A26B-40D2-B8FC-D4A8E9782B05} => pcalua.exe -a C:\Users\casal\Downloads\Receitanet-1.04.exe -d C:\Users\casal\Downloads
Task: {96D94BB0-2B22-4AD7-B719-D689F27F9000} - System32\Tasks\{67836FBF-4698-4D94-8745-8B76F1409E39} => Chrome.exe
Task: {984D34B0-8236-4508-A129-950A7144A179} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {9A71A48E-2187-4B64-A219-E102FB7041A6} - System32\Tasks\{CCC8D53D-E644-4AD0-A9A1-79C93D92227D} => Chrome.exe
Task: {9E8EC137-5C99-4746-A43B-01FC7FBEDE98} - System32\Tasks\{8747697A-E202-4D89-AA43-7EDC94BC45F6} => Firefox.exe
Task: {A30DDDA2-8F1C-4359-BC80-5DD329D3F931} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A452AD3B-5ACE-4D47-8CCE-8DE0D4543D76} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A7A9A5F4-3352-4A95-B4DD-46569CAA754B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A8C0B4AC-F06A-48D5-9918-6C94D31D11B2} - System32\Tasks\{6E9F8F02-109B-4A92-8189-40699BF83CA0} => pcalua.exe -a C:\Users\casal\Downloads\DIPJ2012v1.0.exe -d "C:\Program Files\Mozilla Firefox"
Task: {AE1AA37B-3ABA-4934-A4D7-44E27B990054} - System32\Tasks\{CB52A441-DC21-4E3B-966E-318F7A0A10C5} => Chrome.exe
Task: {B2F95462-293A-42CD-BD3A-76E6CC32CEF2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B5A57D37-767C-4E15-A894-A3052EFDA6A2} - System32\Tasks\{FA958BE3-360D-4295-87E4-55675F8CCE7A} => Chrome.exe
Task: {B783435D-689F-431F-AE6C-0E3FC3BE9F68} - System32\Tasks\{42004203-8A39-495E-9B5F-07A654D0CFB5} => Firefox.exe
Task: {C21DB8B8-6BEC-4062-9B34-C617E12862C8} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {D1789D0F-BEF2-4731-A149-07ABF2E6B4B5} - System32\Tasks\{A36EB03E-89ED-4868-9E4E-BFD864034877} => Firefox.exe
Task: {D35C4AE2-356A-464A-AB9B-D62290EC2894} - System32\Tasks\LaunchPreSignup => C:\Program Files\OLBPre\OLBPre.exe <==== ATTENTION
Task: {DE3953E6-2C3E-4101-B3E2-6DEF5317B847} - System32\Tasks\{F7ED9E03-AA8D-4405-A914-D955176A81F5} => pcalua.exe -a "C:\Program Files\ZHPDiag\ZHPhep.exe" -d "C:\Program Files\ZHPDiag"
Task: {E0EAE09D-87AA-4F66-A951-FC1447BB2756} - System32\Tasks\{1608256D-2B8C-4045-84BC-DD96A4E64097} => Firefox.exe
Task: {E5E1B4A3-9EB9-40F6-B955-5315F2E3923A} - System32\Tasks\{1E138634-A780-489E-9800-FCD8993BF5AB} => pcalua.exe -a C:\Users\casal\Downloads\Flash_Disinfector.exe -d C:\Users\casal\Downloads
Task: {EFC0170A-7779-420C-ABB5-505945B9B2AD} - System32\Tasks\Programa de atualização online Adobe => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {F0934E4D-3DFA-4057-8947-D465E48B37B1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000Core => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F45F07BA-B8E9-4750-9367-AE105D613750} - System32\Tasks\{77C82021-44ED-4861-AF8E-6959E0AD2409} => Chrome.exe
Task: {F587F037-A624-45BE-BE31-0F5A9711AA5E} - System32\Tasks\Programa de atualização online da HP => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {F71A061D-BE28-4B9F-AC11-409763A77056} - System32\Tasks\{CECDA389-DCF5-497E-B512-04A5A8A154DE} => Chrome.exe
Task: {FD85FE9A-AD79-4F3F-ADF1-593F36366F71} - System32\Tasks\{D0B87182-5868-4D5E-9DD6-54796D2355EA} => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe [2010-11-16] (Hewlett-Packard Co.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000Core.job => C:\Users\casal\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000UA.job => C:\Users\casal\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000Core.job => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2364669226-1398954891-4146519358-1000UA.job => C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-14 22:42 - 2015-08-14 22:42 - 00025088 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2014-12-02 00:02 - 2013-03-19 13:07 - 00508136 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-12-02 00:02 - 2013-09-03 15:29 - 00095088 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2015-08-19 23:14 - 2015-08-11 06:53 - 00301056 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2012-01-31 18:16 - 2009-11-12 13:48 - 00071096 _____ () C:\Program Files\CDBurnerXP\NMSAccessU.exe
2011-11-21 07:39 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-09-30 23:46 - 2015-09-17 04:27 - 01766952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 23:46 - 2015-09-17 04:27 - 01766952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 06:24 - 2015-07-10 06:24 - 00288768 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-09-30 23:46 - 2015-09-17 03:28 - 04317696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 23:45 - 2015-09-17 03:25 - 00377856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 23:45 - 2015-09-17 03:25 - 01183232 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 23:46 - 2015-09-17 03:26 - 01425920 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-24 16:28 - 2015-08-24 16:28 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2015-10-03 22:17 - 2015-10-12 21:33 - 00166416 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-11-05 15:41 - 2015-11-05 15:41 - 00071168 _____ () c:\users\casal\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphwrxzd.dll
2015-07-30 17:10 - 2015-09-23 21:07 - 00012800 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-07-30 17:10 - 2015-09-23 21:07 - 00779776 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 17:10 - 2015-09-23 21:07 - 00056320 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-30 17:10 - 2015-09-23 21:07 - 00012288 _____ () C:\Users\casal\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-10-16 18:02 - 2015-10-16 18:02 - 17599688 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2364669226-1398954891-4146519358-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 172.30.200.4 - 200.195.159.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Assistente para criação de disco de recuperação.lnk => C:\Windows\pss\Assistente para criação de disco de recuperação.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IPM.lnk => C:\Windows\pss\IPM.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OSD.lnk => C:\Windows\pss\OSD.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk => C:\Windows\pss\Ralink Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^casal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^casal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de tela e Iniciador do OneNote 2007.lnk => C:\Windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\casal\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: StartUpManagerPositivo => C:\Program Files\Positivo Informática\Gerenciador de Inicialização Positivo\ManagerWindows.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{48E27CB3-76A8-4644-A815-8E4E0D8246EA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{51146E31-A03B-45AA-90ED-5485A350348C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7B089247-9800-4C34-88F8-D28A70E57C11}] => (Allow) C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{DD75174D-256E-4054-8601-3FBC5507A695}] => (Allow) C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{F9EC3967-1FAA-4524-9B5F-F11C715CA76B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/03/2015 10:20:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.

System Error:
Acesso negado.
.

Error: (11/03/2015 09:36:41 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: O backup não foi concluído devido a um erro ao gravar no local de backup E:\. Erro: Local de backup não encontrado ou inválido. Examine as configurações de backup e verifique o local de backup. (0x81000006).

Error: (10/31/2015 10:15:13 AM) (Source: MsiInstaller) (EventID: 1024) (User: Amore)
Description: Produto: Adobe Acrobat Reader DC - Português - A atualização '{AC76BA86-7AD7-0000-2550-AC0F094E6D00}' não pôde ser instalada. Código de erro 1625. O Windows Installer pode criar logs para ajudar a solucionar problemas na instalação de pacotes de software. Use o link a seguir para obter informações sobre ativação do suporte a registro em log: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/31/2015 09:57:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: chrome.exe, versão: 46.0.2490.80, carimbo de data/hora: 0x56262c73
Nome do módulo com falha: ntdll.dll, versão: 10.0.10240.16430, carimbo de data/hora: 0x55c599e6
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00056aa2
ID do processo com falha: 0x93c
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
Caminho do módulo com falha: chrome.exe2
ID do Relatório: chrome.exe3
Nome completo do pacote com falha: chrome.exe4
ID do aplicativo relativo ao pacote com falha: chrome.exe5

Error: (10/31/2015 09:56:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: chrome.exe, versão: 46.0.2490.80, carimbo de data/hora: 0x56262c73
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00d86f1f
ID do processo com falha: 0x1140
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
Caminho do módulo com falha: chrome.exe2
ID do Relatório: chrome.exe3
Nome completo do pacote com falha: chrome.exe4
ID do aplicativo relativo ao pacote com falha: chrome.exe5

Error: (10/31/2015 09:56:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: chrome.exe, versão: 46.0.2490.80, carimbo de data/hora: 0x56262c73
Nome do módulo com falha: ntdll.dll, versão: 10.0.10240.16430, carimbo de data/hora: 0x55c599e6
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00095fee
ID do processo com falha: 0x408
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
Caminho do módulo com falha: chrome.exe2
ID do Relatório: chrome.exe3
Nome completo do pacote com falha: chrome.exe4
ID do aplicativo relativo ao pacote com falha: chrome.exe5

Error: (10/31/2015 09:56:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: chrome.exe, versão: 46.0.2490.80, carimbo de data/hora: 0x56262c73
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0073331f
ID do processo com falha: 0x1fcc
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
Caminho do módulo com falha: chrome.exe2
ID do Relatório: chrome.exe3
Nome completo do pacote com falha: chrome.exe4
ID do aplicativo relativo ao pacote com falha: chrome.exe5

Error: (10/31/2015 09:56:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: chrome.exe, versão: 46.0.2490.80, carimbo de data/hora: 0x56262c73
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00b8831f
ID do processo com falha: 0x1b84
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
Caminho do módulo com falha: chrome.exe2
ID do Relatório: chrome.exe3
Nome completo do pacote com falha: chrome.exe4
ID do aplicativo relativo ao pacote com falha: chrome.exe5

Error: (10/31/2015 09:56:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: chrome.exe, versão: 46.0.2490.80, carimbo de data/hora: 0x56262c73
Nome do módulo com falha: ntdll.dll, versão: 10.0.10240.16430, carimbo de data/hora: 0x55c599e6
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00095fee
ID do processo com falha: 0xcb0
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
Caminho do módulo com falha: chrome.exe2
ID do Relatório: chrome.exe3
Nome completo do pacote com falha: chrome.exe4
ID do aplicativo relativo ao pacote com falha: chrome.exe5

Error: (10/30/2015 10:11:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: nielsenonline.exe, versão: 7.1.0.16, carimbo de data/hora: 0x560597a9
Nome do módulo com falha: nielsenonline.exe, versão: 7.1.0.16, carimbo de data/hora: 0x560597a9
Código de exceção: 0xc0000409
Deslocamento da falha: 0x0000efc2
ID do processo com falha: 0x19e8
Hora de início do aplicativo com falha: 0xnielsenonline.exe0
Caminho do aplicativo com falha: nielsenonline.exe1
Caminho do módulo com falha: nielsenonline.exe2
ID do Relatório: nielsenonline.exe3
Nome completo do pacote com falha: nielsenonline.exe4
ID do aplicativo relativo ao pacote com falha: nielsenonline.exe5


System errors:
=============
Error: (11/05/2015 03:45:22 PM) (Source: DCOM) (EventID: 10016) (User: Amore)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AmorecasalS-1-5-21-2364669226-1398954891-4146519358-1000LocalHost (Usando LRPC)Microsoft.WindowsStore_2015.21.12.0_x86__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (11/05/2015 04:03:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_Session3 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (11/04/2015 06:35:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_Session2 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (11/04/2015 08:46:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (11/04/2015 06:05:08 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (11/04/2015 03:35:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Listener Adapter do Net.Pipe devido ao seguinte erro:
%%1053

Error: (11/04/2015 03:35:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Listener Adapter do Net.Pipe.

Error: (11/04/2015 03:34:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Battery Manager Service devido ao seguinte erro:
%%1053

Error: (11/04/2015 03:34:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Battery Manager Service.

Error: (11/04/2015 03:34:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Listener Adapter Net.Tcp depende do serviço Serviço de Compartilhamento de Porta Net.Tcp, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058


CodeIntegrity:
===================================
Date: 2015-11-04 17:58:36.873
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-04 17:58:36.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-04 17:58:36.575
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-04 17:58:36.219
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-04 17:58:35.959
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-04 17:58:35.777
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-04 17:58:30.484
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-04 17:58:28.163
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 12:23:55.838
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 12:23:55.636
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Atom(TM) CPU D525 @ 1.80GHz
Percentage of memory in use: 77%
Total physical RAM: 2038.3 MB
Available physical RAM: 465.78 MB
Total Virtual: 4086.3 MB
Available Virtual: 2122.74 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:288.32 GB) (Free:247.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 96E1CA8E)
Partition 1: (Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Not Active) - (Size=288.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité