Addition.txt

Document joint : ELrpFjZccVV_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
Ran by Luana (2015-12-17 13:18:03)
Running from C:\Users\Luana\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-06-26 00:24:42)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3038396689-3654849643-3041127529-500 - Administrator - Disabled)
Guest (S-1-5-21-3038396689-3654849643-3041127529-501 - Limited - Disabled)
Luana (S-1-5-21-3038396689-3654849643-3041127529-1000 - Administrator - Enabled) => C:\Users\Luana

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3038396689-3654849643-3041127529-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11153 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11153 - MEIXIAN XIE) <==== ATTENTION
Any Video Converter 5.8.2 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.235.19 - Broadcom Corporation)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.40.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.1.0.6 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.10.2 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.0.1.3 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.20.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Carambis Driver Updater (HKLM-x32\...\Driver Updater) (Version: 2.3.1.4215 - MEDIA FOG LTD)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ENCORE Driver de LAN Sem Fio - Adaptador USB (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0000 - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.7 - IObit)
Java technology allows you to work and play in a secure computing environment. Packages (HKU\S-1-5-21-3038396689-3654849643-3041127529-1000\...\Java technology allows you to work and play in a secure computing environment. Packages) (Version: - ) <==== ATTENTION
Java(TM) 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
KMSpico v9.3.1 (HKLM\...\KMSpico_is1) (Version: 9.3.1 - )
LibreOffice 4.4.3.2 (HKLM-x32\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.39.161 - MediatekWiFi)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
osTip (HKLM-x32\...\osTip) (Version: 1.0.0.1 - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PIXELA AAC LC CODEC (HKLM-x32\...\PIXELA AAC LC CODEC) (Version: 1.1.0.1 - Canon Inc.)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0244 - REALTEK Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
The Desktop Weather 2.0 (HKLM\...\WeatherTool) (Version: 2.0.0.10998 - ShenZhen Enode Techology co,.Ltd) <==== ATTENTION
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VPNium (HKLM-x32\...\VPNium) (Version: - )
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

14-12-2015 11:45:36 Scheduled Checkpoint
15-12-2015 16:22:57 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 00:34 - 2015-07-22 12:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {195B331E-9C3E-4A9A-83D9-00B49A4BC232} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe <==== ATTENTION
Task: {21A266C5-0337-4497-81DB-25F5D29B7732} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-15] (AVAST Software)
Task: {3050FA6B-352F-480D-B801-143BF496549D} - System32\Tasks\Uninstaller_SkipUac_Luana => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-20] (IObit)
Task: {33CC85AD-9B53-4215-9DDF-DAB6AEB030E9} - System32\Tasks\{C7341CEA-C047-49FA-9842-37C494B39EC7} => pcalua.exe -a "C:\Program Files (x86)\CinemaHDplus-V1.8\Uninstall.exe" -c /fcp=1
Task: {385AF1E3-D475-4C35-A508-CED97D867566} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-06-29] (@ByELDI)
Task: {44841F3C-78E5-49DF-87D5-73380C0ED9B1} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Nero AG)
Task: {49093478-2400-4FCE-9765-EE50E60C5A1A} - System32\Tasks\ASP => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {4C1AD687-71D2-4100-B2CD-4747E1907EB7} - System32\Tasks\VPNium => C:\Program Files (x86)\VPNium\vpnium.exe [2013-03-21] (VPNium)
Task: {77B0BE93-8021-4B0D-8106-08BFA0CF1AD7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {7877D9ED-F296-4FDE-93B3-04D80428227A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {7E44F64C-ED50-4FD0-949C-59F62E58E0CD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-23] (AVAST Software)
Task: {83C23FA8-F839-49A8-A433-8F4AF679537E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-28] (Adobe Systems Incorporated)
Task: {8890783B-1A81-46A7-9B08-EA2B1747DB36} - System32\Tasks\AdobeAAMUpdater-1.0-Luana-PC-Luana => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {8B76BADA-FA79-41F5-9F66-DAF5B8F0D73E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-25] (Google Inc.)
Task: {BC279BE1-6402-4C40-B912-8611FA77611B} - System32\Tasks\Run_Bobby_Browser => C:\Users\Luana\AppData\Local\BoBrowser\Application\bobrowser.exe [2015-02-18] (The BoBrowser Authors) <==== ATTENTION
Task: {C10C1C09-70ED-484E-B930-A61FBA6EEACF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-25] (Google Inc.)
Task: {C2AF4E1E-E71E-41C6-BA23-4ECBFBA5B30E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3038396689-3654849643-3041127529-1000Core => C:\Users\Luana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2015-08-24] (Facebook Inc.)
Task: {D25B894B-018C-4306-A1E6-786A0CB54277} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3038396689-3654849643-3041127529-1000UA => C:\Users\Luana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2015-08-24] (Facebook Inc.)
Task: {E7A7342B-A9C7-4B3F-B6E9-DC9B168E94EF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-09-17] (Sun Microsystems, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3038396689-3654849643-3041127529-1000Core.job => C:\Users\Luana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3038396689-3654849643-3041127529-1000UA.job => C:\Users\Luana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Luana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartsurf.com/?type=sc&ts=1441762220&z=fd27e06c1302e681a638294g7z0zeg8m1qfo4e7tfo&from=cornl&uid=SAMSUNGXHD501LJ_S12ZJ1NPC03891
ShortcutWithArgument: C:\Users\Luana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\ARC Welder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartsurf.com/?type=sc&ts=1441762220&z=fd27e06c1302e681a638294g7z0zeg8m1qfo4e7tfo&from=cornl&uid=SAMSUNGXHD501LJ_S12ZJ1NPC03891
ShortcutWithArgument: C:\Users\Luana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\HelloTalk.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartsurf.com/?type=sc&ts=1441762220&z=fd27e06c1302e681a638294g7z0zeg8m1qfo4e7tfo&from=cornl&uid=SAMSUNGXHD501LJ_S12ZJ1NPC03891
ShortcutWithArgument: C:\Users\Luana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Popcorn Time.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartsurf.com/?type=sc&ts=1441762220&z=fd27e06c1302e681a638294g7z0zeg8m1qfo4e7tfo&from=cornl&uid=SAMSUNGXHD501LJ_S12ZJ1NPC03891
ShortcutWithArgument: C:\Users\Luana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Luana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (2).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Luana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartsurf.com/?type=sc&ts=1441762220&z=fd27e06c1302e681a638294g7z0zeg8m1qfo4e7tfo&from=cornl&uid=SAMSUNGXHD501LJ_S12ZJ1NPC03891

==================== Loaded Modules (Whitelisted) ==============

2015-11-01 23:48 - 2015-11-01 23:48 - 01049032 _____ () C:\Program Files (x86)\WeatherTool\2.0.0.10998\WeatherEntryDll.dll
2015-12-10 06:17 - 2015-12-10 06:17 - 00148104 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11153\CalendarEntry.dll
2015-12-03 01:56 - 2015-12-02 17:30 - 02920448 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2015-11-16 14:55 - 2015-11-16 14:55 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2015-11-01 23:48 - 2015-11-01 23:48 - 00152008 _____ () C:\Program Files (x86)\WeatherTool\2.0.0.10998\WeatherService.exe
2015-12-10 06:16 - 2015-12-10 06:16 - 00153224 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11153\CalendarServ.exe
2015-12-10 06:17 - 2015-12-10 06:17 - 03934344 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11153\Calendar.exe
2015-08-23 01:36 - 2015-08-23 01:36 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-23 01:36 - 2015-08-23 01:36 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-17 07:40 - 2015-12-17 07:40 - 02803712 _____ () C:\Program Files\AVAST Software\Avast\defs\15121700\algo.dll
2015-11-29 09:10 - 2015-03-14 04:44 - 01216144 _____ () C:\Program Files (x86)\MediatekWiFi\Common\RaWLAPI.dll
2015-07-14 13:56 - 2015-07-13 19:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 13:56 - 2015-07-13 19:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
2015-11-27 14:43 - 2015-09-21 10:49 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-27 14:43 - 2015-09-21 10:49 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-27 14:43 - 2015-09-21 10:49 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-03-19 12:20 - 2015-03-19 12:20 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00543368 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11153\EVPTask.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00406664 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11153\EVPNet.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00428680 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11153\EVPDR.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00747144 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11153\EVPKernel.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00327304 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11153\EVPHelp.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Luana\Local Settings:7TjqR7eQFuRkbTy0HbtnO
AlternateDataStreams: C:\Users\Luana\Local Settings:pvckMhzjzwQWAd9Tu
AlternateDataStreams: C:\Users\Luana\AppData\Local:7TjqR7eQFuRkbTy0HbtnO
AlternateDataStreams: C:\Users\Luana\AppData\Local:pvckMhzjzwQWAd9Tu
AlternateDataStreams: C:\Users\Luana\AppData\Local\Application Data:7TjqR7eQFuRkbTy0HbtnO
AlternateDataStreams: C:\Users\Luana\AppData\Local\Application Data:pvckMhzjzwQWAd9Tu

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3038396689-3654849643-3041127529-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Luana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AVGIDSAgent => 2
MSCONFIG\Services: avgwd => 2
MSCONFIG\Services: CashReminder => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: Freemake Improver => 2
MSCONFIG\Services: FreemakeVideoCapture => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MediatekRegistryWriter => 2
MSCONFIG\Services: MediatekRegistryWriter64 => 2
MSCONFIG\Services: MobogenieService => 2
MSCONFIG\Services: RaMediaServer => 3
MSCONFIG\Services: RealtekWlanU => 2
MSCONFIG\Services: RTLDHCPService => 2
MSCONFIG\Services: RunSwUSB => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk => C:\Windows\pss\ImageBrowser EX Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Mediatek Wireless Utility.lnk => C:\Windows\pss\Mediatek Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Luana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk => C:\Windows\pss\EOS Utility.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Luana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: CCleaner Monitoring =>
MSCONFIG\startupreg: Facebook Update => "C:\Users\Luana\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HomePageHelper =>
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Vectir =>
MSCONFIG\startupreg: YeaInstaller =>
MSCONFIG\startupreg: Yeaplayer =>

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{30E675B2-B984-4589-A664-6825130526AF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{963944A2-A1EE-4C63-B050-81308EC314D6}] => (Allow) LPort=2869
FirewallRules: [{597DB31B-C388-4723-B5DB-B88E4415812B}] => (Allow) LPort=1900
FirewallRules: [{1A786233-C74F-4B15-9512-A2E48243E294}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
FirewallRules: [{237461FB-DF91-4992-BFA3-37B4FAC927ED}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
FirewallRules: [{CDB844B9-9912-4036-98FF-9D45AEA26367}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{BE7CDF11-19B4-4449-9398-F7706A7576B1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0DABD185-7684-4E60-BB11-2544C2532944}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{049C529B-9C18-4225-AEF6-E0ACC599D7EC}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{4EBD2523-71AA-4BF9-AB5E-01B9917BE2DA}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{39BE317C-3CB7-4BCE-9BDB-53A5AEDDDCFD}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [TCP Query User{BAC63A4C-2B7B-43F4-83EA-8B73E20EFB84}C:\users\luana\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe] => (Allow) C:\users\luana\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe
FirewallRules: [UDP Query User{D59A3C93-48FB-49FB-A2C2-52BE54B8C85A}C:\users\luana\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe] => (Allow) C:\users\luana\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe
FirewallRules: [{D5ADAD6C-F340-4E4B-8287-3DF447618ACE}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
FirewallRules: [{6B9B8D97-EADB-4D97-99A1-9B8DD94DAF66}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\RtWlan.exe
FirewallRules: [{10D453B9-AEA1-45EF-97B4-DA9FB0F73A0A}] => (Allow) LPort=1542
FirewallRules: [{8BF384AE-2650-4FD8-93C3-2C50BF2D9274}] => (Allow) LPort=1542
FirewallRules: [{745256C7-FF3D-4E5F-B9BE-7571399AB688}] => (Allow) LPort=53
FirewallRules: [{C19D4D71-847E-4056-A9A6-8C04E90557B2}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\Rtldhcp.exe
FirewallRules: [{8436B5D8-D94F-4CA8-AB05-1E48BF88A9F2}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{0E6B692F-9807-4FAE-95B2-FC2F7ECA8065}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{E3BF1206-887B-4CAF-8670-573A87D8FE80}] => (Allow) LPort=53
FirewallRules: [{22E7CC35-198A-4755-A2FF-BB43C6BE7A26}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{E18E0AC9-2EAD-44FE-8A37-987DE4C1789E}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{B31C0FB6-FA70-47E4-BA74-DF2ED3BA0A2C}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{B8F5A429-FA11-4038-BC0F-8F57869A84E1}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{F33F8D3C-52C2-460B-AD79-13A1B043C401}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{10B71A45-2EEE-4A55-B6C7-3F1504E1704A}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{49231598-FC19-493C-9E3C-582CAA9732EC}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{60AD2C2E-6D78-42E0-B2F3-4E52F9383063}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7038B0A5-E1D1-4989-ACE6-B156C797EB38}F:\puoix.scr] => (Block) F:\puoix.scr
FirewallRules: [UDP Query User{EDE4F12B-2E33-48E2-8D58-EB26E6AC2392}F:\puoix.scr] => (Block) F:\puoix.scr
FirewallRules: [TCP Query User{74D32B7E-A3C6-409C-AADE-C97D903DED1F}C:\program files (x86)\vectir\vectir.exe] => (Block) C:\program files (x86)\vectir\vectir.exe
FirewallRules: [UDP Query User{75D225BC-9849-4EB4-A319-CE50085B64CA}C:\program files (x86)\vectir\vectir.exe] => (Block) C:\program files (x86)\vectir\vectir.exe
FirewallRules: [TCP Query User{AD02FDD3-EEE3-4F9C-9062-FDD03056C282}C:\users\luana\zeazem.exe] => (Block) C:\users\luana\zeazem.exe
FirewallRules: [UDP Query User{1FA46F5C-94C4-4663-A8B3-755B2E91321A}C:\users\luana\zeazem.exe] => (Block) C:\users\luana\zeazem.exe
FirewallRules: [{F099CF17-A55F-44DC-BE79-1B5736798E39}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{D20E21C2-12CE-422D-A070-20444C1AFA6F}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [TCP Query User{C704D23A-F649-4E84-997B-9567EFDFDCAF}C:\users\luana\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\luana\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C95F5568-DB71-4CD2-AF84-9D397D878934}C:\users\luana\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\luana\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{BBDA79D8-2445-41CF-9320-CA6774BF7C26}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{CB216B62-6566-4291-9E3A-8452389D0FD8}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{A281EF91-8FCF-4BE2-8050-1C74274ADE64}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{41310501-7426-4A57-A30A-C54EA6D6F35A}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe

==================== Faulty Device Manager Devices =============

Name: Baidu Protect
Description: Baidu Protect
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bprotect
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bnbase
Description: Bnbase
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bnbase
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Baidu NetDefense
Description: Baidu NetDefense
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bndef
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/17/2015 12:38:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: O valor da cadeia de caracteres de nome do contador de desempenho do Registro não está formatado corretamente. A cadeia de caracteres formada incorretamente é . O primeiro DWORD da seção de dados contém o valor de índice da cadeia de caracteres formada incorretamente e o segundo e o terceiro contêm os últimos valores válidos do índice.

Error: (12/17/2015 12:32:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/17/2015 06:10:26 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: O valor da cadeia de caracteres de nome do contador de desempenho do Registro não está formatado corretamente. A cadeia de caracteres formada incorretamente é . O primeiro DWORD da seção de dados contém o valor de índice da cadeia de caracteres formada incorretamente e o segundo e o terceiro contêm os últimos valores válidos do índice.

Error: (12/17/2015 06:06:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 06:34:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: Calendar.exe, versão: 2.0.0.11153, carimbo de hora: 0x566934ab
Nome do módulo de falhas: ole32.dll, versão: 6.1.7601.18915, carimbo de hora: 0x55981fd5
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000028e87
Identificação do processo com falha: 0x878
Hora de início do aplicativo com falha: 0xCalendar.exe0
Caminho do aplicativo com falha: Calendar.exe1
FCaminho do módulo de falhas: Calendar.exe2
Identificação do Relatório: Calendar.exe3

Error: (12/16/2015 06:20:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: O valor da cadeia de caracteres de nome do contador de desempenho do Registro não está formatado corretamente. A cadeia de caracteres formada incorretamente é . O primeiro DWORD da seção de dados contém o valor de índice da cadeia de caracteres formada incorretamente e o segundo e o terceiro contêm os últimos valores válidos do índice.

Error: (12/16/2015 06:15:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 07:10:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: O valor da cadeia de caracteres de nome do contador de desempenho do Registro não está formatado corretamente. A cadeia de caracteres formada incorretamente é . O primeiro DWORD da seção de dados contém o valor de índice da cadeia de caracteres formada incorretamente e o segundo e o terceiro contêm os últimos valores válidos do índice.

Error: (12/16/2015 07:07:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2015 07:58:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Photoshop.exe versão 13.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: a30

Hora de Início: 01d1376f586e10c2

Hora de Término: 940

Caminho do Aplicativo: C:\Users\Luana\AppData\Local\Temp\Rar$EXa0.111\Photoshop CS6 Portable com 3D\AutoPlay\Docs\App\PhotoshopCS6\Photoshop.exe

Id do Relatório:

System errors:
=============
Error: (12/17/2015 01:16:10 PM) (Source: Disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um bloco defeituoso.

Error: (12/17/2015 01:16:06 PM) (Source: Disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um bloco defeituoso.

Error: (12/17/2015 01:16:01 PM) (Source: Disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um bloco defeituoso.

Error: (12/17/2015 01:01:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço eventlog.

Error: (12/17/2015 01:01:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço Schedule.

Error: (12/17/2015 01:01:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço Schedule.

Error: (12/17/2015 01:01:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço eventlog.

Error: (12/17/2015 01:00:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço eventlog.

Error: (12/17/2015 01:00:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço Schedule.

Error: (12/17/2015 01:00:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço DiagTrack.

CodeIntegrity:
===================================
Date: 2015-07-22 11:49:28.473
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-07-22 11:49:28.427
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 55%
Total physical RAM: 3989.86 MB
Available physical RAM: 1769.17 MB
Total Virtual: 7977.93 MB
Available Virtual: 5304.14 MB

==================== Drives ================================

Drive c: (SYSTEMA) (Fixed) (Total:292.87 GB) (Free:81.28 GB) NTFS
Drive d: (DADOS) (Fixed) (Total:172.79 GB) (Free:5.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B2B603B8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=172.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Signaler le contenu de ce document