cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:09-12-2015
Executado por Cliente (2015-12-11 18:33:26)
Executando a partir de C:\Users\Cliente\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-03-24 11:22:32)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-279532155-3345686993-822651015-500 - Administrator - Disabled)
Cliente (S-1-5-21-279532155-3345686993-822651015-1000 - Administrator - Enabled) => C:\Users\Cliente
Convidado (S-1-5-21-279532155-3345686993-822651015-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-279532155-3345686993-822651015-1002 - Limited - Enabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-279532155-3345686993-822651015-1000\...\uTorrent) (Version: 3.4.5.41162 - BitTorrent Inc.)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.33 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
K-Lite Codec Pack 10.8.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.5 - )
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pt-BR)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Nome de sua empresa:)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.23 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.27038 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.37 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-279532155-3345686993-822651015-1000\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-279532155-3345686993-822651015-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Pontos de Restauração =========================

03-06-2015 18:00:10 Removed LogMeIn Hamachi
03-06-2015 18:03:46 Installed LogMeIn Hamachi
01-07-2015 05:43:37 Installed Prezi.
09-07-2015 19:10:31 Ponto de Verificação Agendado
22-07-2015 12:39:47 Ponto de Verificação Agendado
29-07-2015 21:21:18 Ponto de Verificação Agendado
06-08-2015 23:51:16 Ponto de Verificação Agendado
20-08-2015 20:50:38 Ponto de Verificação Agendado
28-08-2015 23:19:10 Ponto de Verificação Agendado
07-09-2015 19:30:14 Ponto de Verificação Agendado
12-09-2015 13:28:55 Chrome Cleanup Tool
04-10-2015 02:31:13 Windows Update
04-10-2015 02:47:35 Instalação de Pacote de Driver de Dispositivo: Disc Soft Ltd Controladores de armazenamento
04-10-2015 02:50:36 Instalação de Pacote de Driver de Dispositivo: Disc Soft Ltd Controladores USB (barramento serial universal)
08-10-2015 00:56:01 Removed Skype™ 7.9
12-10-2015 21:37:30 avast! antivirus system restore point
20-10-2015 09:34:44 Ponto de Verificação Agendado
06-11-2015 06:57:44 Ponto de Verificação Agendado
25-11-2015 11:53:17 Ponto de Verificação Agendado
03-12-2015 04:59:48 Ponto de Verificação Agendado
06-12-2015 20:58:54 Removed Microsoft Silverlight
06-12-2015 21:35:59 Removed LogMeIn Hamachi
07-12-2015 17:19:27 Instalador de Módulos do Windows
09-12-2015 10:48:13 Instalador de Módulos do Windows

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:34 - 2009-06-10 19:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0B740121-7AB7-406F-A1F1-49460F4DD535} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0E3C1F68-B1B6-4898-9BBB-6FF804912D5A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-10] (Adobe Systems Incorporated)
Task: {0E8F5BAA-C163-4118-98FE-F4E221C3F255} - System32\Tasks\Tucyt => C:\PROGRA~1\SHOPPE~1\Afogig.bat
Task: {1DE98062-146A-4C58-A0CC-23058978301C} - System32\Tasks\{72D09D04-8F0F-42A0-B4BA-DE1A0D8C2238} => pcalua.exe -a "C:\Users\Cliente\Downloads\Trade Hacker - MuAwaY - Luan Luis 2015.exe" -d C:\Users\Cliente\Downloads
Task: {1E4BBA24-60A8-44D7-8ABC-4F7A27AD414F} - System32\Tasks\Opera scheduled Autoupdate 1427252882 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software)
Task: {288796FB-F72A-49E1-8B2B-83924415051A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4C237F57-83BE-4B42-A0CA-4F326D650D17} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-11-14] ()
Task: {7B014280-5252-413D-9F68-716AB8A1D113} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-10] (Adobe Systems Incorporated)
Task: {9365CF45-A55B-4098-BFEA-CDADBC3E67F1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {A64D86F9-BCEA-448B-8554-E1842E1C2D9A} - System32\Tasks\Chromium => C:\Users\Cliente\AppData\Local\Chromium\APPLIC~1\UNINST~1.EXE
Task: {BE183554-D3DE-46B0-AD5B-01126B682299} - System32\Tasks\{5E1D56B8-EDA0-4092-8647-5695A2371F1B} => pcalua.exe -a C:\Users\Cliente\AppData\Local\PPTAssist\utility\uninst.exe
Task: {D7E73A36-F277-44F6-8995-3BF786F8D0A4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Chromium.job => C:\Users\Cliente\AppData\Local\Chromium\APPLIC~1\UNINST~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Cliente\Desktop\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera Internet Browser.lnk -> C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe (Opera Software) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (12).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (13).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (14).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (15).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (16).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (17).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (18).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (19).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (20).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (21).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (22).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (23).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (24).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ <==== ATENÇÃO
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.top8844.com?oem=mbtkv5&uid=S2ZYJ9EG109341_ST500LM012HN-M500MBB&tm=1440772850 --disable-quic <==== ATENÇÃO

==================== Módulos Carregados (Whitelisted) ==============

2015-03-24 10:44 - 2015-03-24 10:44 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2015-03-24 10:44 - 2015-03-24 10:44 - 00151552 _____ () C:\Windows\KMService.exe
2013-12-24 03:20 - 2013-12-24 03:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2015-12-11 11:09 - 2015-12-11 16:00 - 02947584 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2015-05-20 18:38 - 2015-01-26 14:09 - 03799552 _____ () C:\Program Files (x86)\APPS\apps.exe
2015-05-20 18:38 - 2013-10-08 15:41 - 00019968 _____ () C:\Program Files (x86)\APPS\UIControls.dll
2015-12-08 19:01 - 2015-12-04 05:18 - 61547128 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\opera.dll
2015-12-08 19:01 - 2015-12-04 05:18 - 01983096 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\libglesv2.dll
2015-12-08 19:01 - 2015-12-04 05:18 - 00081528 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\libegl.dll
2015-12-10 03:40 - 2015-12-04 19:32 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libglesv2.dll
2015-12-10 03:40 - 2015-12-04 19:32 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Windows\System32:F158ACBC_Bb.gbp
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:r0d3jo5
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-279532155-3345686993-822651015-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-279532155-3345686993-822651015-1000\...\bb.com.br -> hxxps://seg.bb.com.br

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-279532155-3345686993-822651015-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 201.10.1.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{DF683DE5-0C7A-4AFD-9992-88053F60399E}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{9862D72D-32E3-4FE0-8DC7-90D14CD572E6}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [{1BC16336-6BE4-4D8C-BFAD-03C186552FCA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{1A776736-B6F2-4B47-8577-8B8AFB018991}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{26BD97B0-2FB2-4F73-B881-6F886B3E16B8}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{3BECC94A-3B7C-4CF5-964B-B298F7893CAD}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe
FirewallRules: [{3B0D3576-EE30-4969-9FCB-CA8ABC8BE872}] => (Allow) C:\Users\Cliente\AppData\Roaming\Kamuse\kcsDownloadV32\KCSDownloadV32.exe
FirewallRules: [{AC8CED28-ECD5-4DF7-B8AD-8CE02E58A5CC}] => (Allow) C:\Users\Cliente\AppData\Roaming\Kamuse\kcsDownloadV32\KCSDownloadV32.exe
FirewallRules: [TCP Query User{56138F9F-0A49-4C8F-B635-459CD74A176E}C:\users\cliente\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\cliente\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{F359CD84-C867-413E-BD1A-5565B57E05A5}C:\users\cliente\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\cliente\appdata\local\popcorn time\nw.exe
FirewallRules: [{E3C5EAD2-28F1-422B-ADBE-6F1BC69EAD35}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F66F95AB-AFD7-4235-B937-18D9CADD5330}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8CB382B7-45A7-4037-97FE-FA0470AD8CC6}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{319DC924-E0F5-4E8A-A43C-D3D3C4728F2B}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{29A17E93-FE24-448F-B1FC-28FE182621CC}] => (Allow) C:\Users\Cliente\Desktop\ \Pointblank\PointBlank.exe
FirewallRules: [{2B01A9C0-6392-4A16-8E54-1C6E36506EA9}] => (Allow) C:\Users\Cliente\Desktop\ \Pointblank\PointBlank.exe
FirewallRules: [{9F06201C-53C4-438A-8195-76295D83B677}] => (Allow) C:\Program Files (x86)\RaidCall\rcplugin.exe
FirewallRules: [{76B280C5-8920-4B92-A625-DB8E9CDD55CB}] => (Allow) C:\Program Files (x86)\RaidCall\rcplugin.exe
FirewallRules: [TCP Query User{D1A55317-DB1D-4CD0-9A5F-D26D9E8F2D03}C:\gunboundworld\gunbound.gme] => (Block) C:\gunboundworld\gunbound.gme
FirewallRules: [UDP Query User{E5E08A80-2630-4D4F-8B38-E8A729765FB3}C:\gunboundworld\gunbound.gme] => (Block) C:\gunboundworld\gunbound.gme
FirewallRules: [{74F93DE3-0FB5-489D-BA49-AD4A034FDB75}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3E629CB5-2DBE-4E81-B777-D9452BB70D3C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{92233EF3-39C8-4AD4-AA1F-32FC83653F88}] => (Block) C:\Program Files\AVAST Software\Avast\setup\instup.exe
FirewallRules: [TCP Query User{36EB3796-69E1-42A1-9541-6A879EA4459D}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [UDP Query User{C7C70EC4-94D8-44BA-A7A3-3FEA1AC232E9}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [{B829D4C6-4920-4EDD-B704-E0BA9CBBD319}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5C8526F-140C-4154-AE08-33B1B8D3589D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0C1DD280-745D-4191-B1F8-CB4B66AB200E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) Trusted Execution Engine Interface
Description: Intel(R) Trusted Execution Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: TXEIx64
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (12/11/2015 06:23:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 06:00:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 01:19:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 01:13:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 12:26:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 10:59:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 01:59:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 01:22:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 12:32:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/10/2015 02:19:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Erros de Sistema:
=============
Error: (12/11/2015 06:21:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%647

Error: (12/11/2015 06:21:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
gbpddfac
MPCKpt

Error: (12/11/2015 06:21:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Sumtam devido ao seguinte erro:
%%3

Error: (12/11/2015 06:20:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%647

Error: (12/11/2015 06:20:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço The Desktop Weather Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (12/11/2015 06:20:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.

Error: (12/11/2015 06:20:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Presentation Foundation Font Cache 3.0.0.0 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (12/11/2015 06:20:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço KMService foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (12/11/2015 06:20:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Skype Click to Call PNR Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (12/11/2015 06:20:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Skype Click to Call Updater foi encerrado inesperadamente. Isso aconteceu 1 vez(es).


==================== Informações da Memória ===========================

Processador: Intel(R) Celeron(R) CPU N2820 @ 2.13GHz
Percentagem de memória em uso: 52%
RAM física total: 3982.36 MB
RAM física disponível: 1876.44 MB
Virtual Total: 7962.91 MB
Virtual disponível: 5518.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:250.29 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C18D54FA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité