cjoint

Publicité


Publicité

Commentaire : http://www.cjoint.com/c/FADdepyBNHi

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:27-01-2016
Executado por Rick (2016-01-29 00:59:42)
Executando a partir de C:\Users\Rick\Desktop
Windows 10 Pro (X64) (2015-12-11 07:04:38)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-3000669175-3693074153-1746941336-500 - Administrator - Disabled)
Convidado (S-1-5-21-3000669175-3693074153-1746941336-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3000669175-3693074153-1746941336-503 - Limited - Disabled)
Familia (S-1-5-21-3000669175-3693074153-1746941336-1002 - Limited - Enabled) => C:\Users\Familia
Rick (S-1-5-21-3000669175-3693074153-1746941336-1001 - Administrator - Enabled) => C:\Users\Rick

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
ELAN Touchpad 11.15.0.14_X64 (HKLM\...\Elantech) (Version: 11.15.0.14 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Jogos Level Up (HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\...\6d7bdf9c3c2a31f9) (Version: 0.9.4.29 - Level Up)
Jogos Level Up (HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\6d7bdf9c3c2a31f9) (Version: 0.9.4.29 - Level Up)
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Maxx Audio Installer (x64) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{B99D9591-8A59-447F-B8F7-78F58E15B531}) (Version: 4.12.9782 - Apache Software Foundation)
Pacote de Driver do Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Roller Coaster Tycoon 3 Platinum - CarlesNeo ! (HKLM-x32\...\Roller Coaster Tycoon 3 Platinum - CarlesNeo !) (Version: - )
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warface (HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\...\{094FAADD-5A39-4C64-911A-B4C9AD818484}_is1) (Version: 1.1.367.81 - Level Up! Games)
Warface (HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{094FAADD-5A39-4C64-911A-B4C9AD818484}_is1) (Version: 1.1.367.81 - Level Up! Games)
Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Rick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Rick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3000669175-3693074153-1746941336-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Familia\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {160BC0B3-29AB-44D8-93AF-8BEA45EDADCB} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe
Task: {1B4B7DA1-5892-4EF0-8F15-83DEFEB7167A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {269F8240-995E-48A3-A50F-573B4CB6E510} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {2B946581-7405-43BF-858B-025F071DD344} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {3D133DC5-9B5A-4749-8FE1-5C34A5F7E70F} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
Task: {48509749-7689-497E-B1F1-83967F9EFA98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {7908D75B-7C65-4F22-B505-2B2441DD6012} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-16] (Microsoft Corporation)
Task: {815FA367-D563-42C5-9EBC-86D2DF1AC374} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-08] (Dropbox, Inc.)
Task: {9A57FF0E-7546-4183-96FB-8F59D46AB6E5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {A339F290-392F-457D-BD91-2E549593EC6A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {BCCCCE25-F35E-4B99-87BC-0EB2FEDC4E72} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-01-20] ()
Task: {C23943B9-D9C8-47D4-9ABC-FBD059474F0A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {CFAB3231-DC61-4E21-A92E-481AF422484E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-21] (Google Inc.)
Task: {EBF6194A-E08A-47F4-95D7-CD747D5932E2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-08] (Dropbox, Inc.)
Task: {ECCDDF4F-A0DF-492F-A4B7-029473B98BBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-21] (Google Inc.)
Task: {F17D32FD-96ED-4945-B86B-0068780D01FA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {FCEF4E6C-4103-4C96-837A-8C45EAC8D319} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2015-10-30 05:18 - 2015-10-30 05:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-11 05:21 - 2015-12-11 05:21 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-12 19:44 - 2016-01-04 23:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-22 00:17 - 2016-01-22 10:09 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-11 05:21 - 2015-12-11 05:21 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-18 02:31 - 2015-12-07 02:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 02:31 - 2015-12-07 02:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 19:44 - 2016-01-04 23:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 19:44 - 2016-01-04 23:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-12 19:44 - 2016-01-04 23:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-28 17:09 - 2016-01-20 23:42 - 01907200 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2016-01-22 00:17 - 2016-01-22 10:09 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 00:17 - 2016-01-22 10:09 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-12-14 23:21 - 2015-10-30 22:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-14 23:20 - 2015-12-08 19:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-14 23:20 - 2015-12-08 19:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-14 23:20 - 2015-12-08 19:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-14 23:21 - 2015-10-30 22:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-14 23:21 - 2015-10-30 22:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-14 23:21 - 2015-10-30 22:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-14 23:21 - 2015-10-30 22:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-14 23:21 - 2015-12-08 19:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-14 23:21 - 2015-10-30 22:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-14 23:20 - 2015-12-08 19:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-14 23:20 - 2015-12-08 19:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-14 23:20 - 2015-12-08 19:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-14 23:21 - 2015-10-30 23:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-14 23:20 - 2015-12-08 19:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2015-11-08 01:54 - 2015-11-04 22:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-14 23:21 - 2015-12-08 19:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 23:21 - 2015-10-30 22:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-14 23:21 - 2015-10-30 22:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-14 23:20 - 2015-12-08 19:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-14 23:20 - 2015-12-08 19:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-14 23:21 - 2015-12-08 19:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-14 23:21 - 2015-10-30 23:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-14 23:21 - 2015-12-08 19:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-11-08 01:54 - 2015-10-30 23:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-11-08 01:54 - 2015-10-30 23:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-11-08 01:54 - 2015-10-30 23:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-11-08 01:54 - 2015-10-30 23:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2016-01-29 00:32 - 2016-01-29 00:32 - 00098816 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32api.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00110080 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\pywintypes27.dll
2016-01-29 00:32 - 2016-01-29 00:32 - 00364544 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\pythoncom27.dll
2016-01-29 00:32 - 2016-01-29 00:32 - 00320512 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32com.shell.shell.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00776704 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\_hashlib.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 01176576 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\wx._core_.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00806400 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\wx._gdi_.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00816128 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\wx._windows_.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 01067008 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\wx._controls_.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00733184 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\wx._misc_.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00682496 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\pysqlite2._sqlite.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00088064 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\_ctypes.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00119808 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32file.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00108544 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32security.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00007168 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\hashobjs_ext.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00017920 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\thumbnails_ext.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00088064 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\usb_ext.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00167936 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32gui.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00018432 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32event.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00046080 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\_socket.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 01208320 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\_ssl.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00128512 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\_elementtree.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00127488 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\pyexpat.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00013824 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\common.time34.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00036864 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\_psutil_windows.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00038912 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32inet.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00525240 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\windows._lib_cacheinvalidation.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00011264 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32crypt.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00077312 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\wx._html2.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00027136 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\_multiprocessing.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00020480 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\_yappi.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00035840 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32process.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00686080 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\unicodedata.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00078848 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\wx._animate.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00123392 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\wx._wizard.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00024064 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32pipe.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00010240 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\select.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00025600 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32pdh.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00017408 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32profile.pyd
2016-01-29 00:32 - 2016-01-29 00:32 - 00022528 _____ () C:\Users\Rick\AppData\Local\Temp\_MEI76962\win32ts.pyd
2016-01-28 22:22 - 2016-01-27 15:39 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libglesv2.dll
2016-01-28 22:22 - 2016-01-27 15:39 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3000669175-3693074153-1746941336-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 11:25 - 2016-01-28 16:52 - 00000967 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3000669175-3693074153-1746941336-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3000669175-3693074153-1746941336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3000669175-3693074153-1746941336-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C2F3ACD2-10AA-4B1E-BC5F-3C3B91C8B6AC}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{227A9686-2CA1-4166-816C-C4A7A6AE25A0}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{0B8153AD-1A57-4C55-B302-63A9B2DE3D12}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{644435D8-3FA9-4224-BE18-C36B9A5F767C}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{24EEF988-ADB6-49F5-B2B8-22089EE858BD}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{8FD41F9D-19D9-4744-93AC-4A790773A091}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [UDP Query User{E17C4C63-C1D3-46E6-BBF4-25279EA2F3F1}C:\level up\warface\2b3f2740-f442-489f-a2cb-8f7153924698\c4671e0070fc31ea2c40e9a15d0dbdb4\aria2c.exe] => (Allow) C:\level up\warface\2b3f2740-f442-489f-a2cb-8f7153924698\c4671e0070fc31ea2c40e9a15d0dbdb4\aria2c.exe
FirewallRules: [TCP Query User{237B3F5C-7922-4221-8BFB-50584B56CECA}C:\level up\warface\2b3f2740-f442-489f-a2cb-8f7153924698\c4671e0070fc31ea2c40e9a15d0dbdb4\aria2c.exe] => (Allow) C:\level up\warface\2b3f2740-f442-489f-a2cb-8f7153924698\c4671e0070fc31ea2c40e9a15d0dbdb4\aria2c.exe
FirewallRules: [UDP Query User{A4714FAF-28ED-46DF-AB70-D33E0F1CE5F0}C:\users\rick\appdata\local\apps\2.0\9btb8amp.thj\lhmdawb5.84p\leve..tion_277729edc54ae6cf_0000.0009_b7445b2a18252fba\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\rick\appdata\local\apps\2.0\9btb8amp.thj\lhmdawb5.84p\leve..tion_277729edc54ae6cf_0000.0009_b7445b2a18252fba\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [TCP Query User{F783A74C-0D62-4F83-A854-1F80E9913A68}C:\users\rick\appdata\local\apps\2.0\9btb8amp.thj\lhmdawb5.84p\leve..tion_277729edc54ae6cf_0000.0009_b7445b2a18252fba\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\rick\appdata\local\apps\2.0\9btb8amp.thj\lhmdawb5.84p\leve..tion_277729edc54ae6cf_0000.0009_b7445b2a18252fba\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{C34DE186-11A9-4F42-848A-6FF46E3559BE}] => (Allow) C:\Users\Rick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D5B25B20-D96C-4974-91C6-F4349C531AA7}] => (Allow) C:\Users\Rick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{754C7848-523F-47D3-983D-3733B96E3BE6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{633728A4-54A5-4903-9D61-585E077F2F78}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CF87D71D-9F0C-4553-902F-E0433EB8F0F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FBFCDA83-51D9-4EB8-9C58-282B5C8D1B38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EA8D42E7-B50E-4B65-9F82-EB95A33BAEE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{A6A368C1-04BF-4EC7-9BA4-2D62FC796B71}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{786673C0-C9AD-4C74-A7B8-B2190EB7D3A8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C56DED60-6117-4CD3-9DF2-47314FA66A3D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B1EFA4EA-A673-48CC-B9EE-0BD0C8614CFF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{23D0CA09-5C94-40A8-8A73-6564D1F27D6A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7D4763BE-F077-4290-A417-765831F2C0F6}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{8259EC43-AF49-4DC6-9D9C-DEF54493F1F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{C44E5C68-9E82-415D-B8E7-70C2AEF7F16F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{B5F6A1FA-F760-4AFD-ACF4-32238E45608F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C4368F11-8D1F-4FC4-B7E5-64CF057445CC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{18B8A5A9-F424-43FF-947C-9E7747CAE23A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

ATENÇÃO: A Restauração do Sistema está desabilitada

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/29/2016 12:30:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: GbpSv.exe, versão: 3.8.0.0, carimbo de data/hora: 0x557aea03
Nome do módulo com falha: gbiehuni.dll, versão: 4.14.0.100, carimbo de data/hora: 0x55cbc50e
Código de exceção: 0xc0000417
Deslocamento da falha: 0x00152818
ID do processo com falha: 0xb4c
Hora de início do aplicativo com falha: 0xGbpSv.exe0
Caminho do aplicativo com falha: GbpSv.exe1
Caminho do módulo com falha: GbpSv.exe2
ID do Relatório: GbpSv.exe3
Nome completo do pacote com falha: GbpSv.exe4
ID do aplicativo relativo ao pacote com falha: GbpSv.exe5

Error: (01/29/2016 12:30:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007ff921ca0668
ID do processo com falha: 0xa20
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5

Error: (01/29/2016 12:29:33 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10603.192) TYPE: ERROR

DPTF Build Version: 8.1.10603.192
DPTF Build Date: Aug 7 2015 10:44:44
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 183
Executing Function: ConfigTdpPolicy::onDomainPowerControlCapabilityChanged
Message: dataLength is invalid.
Participant: TCPU [1]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]

Error: (01/29/2016 12:08:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Rick-PC)
Description: Falha na ativação do aplicativo Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (01/29/2016 12:08:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.10586.35, carimbo de data/hora: 0x566505bc
Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d2f5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x000000000004b199
ID do processo com falha: 0x1828
Hora de início do aplicativo com falha: 0xShellExperienceHost.exe0
Caminho do aplicativo com falha: ShellExperienceHost.exe1
Caminho do módulo com falha: ShellExperienceHost.exe2
ID do Relatório: ShellExperienceHost.exe3
Nome completo do pacote com falha: ShellExperienceHost.exe4
ID do aplicativo relativo ao pacote com falha: ShellExperienceHost.exe5

Error: (01/28/2016 09:07:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007ffc545c0668
ID do processo com falha: 0xa6c
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5

Error: (01/28/2016 09:07:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: GbpSv.exe, versão: 3.8.0.0, carimbo de data/hora: 0x557aea03
Nome do módulo com falha: gbiehuni.dll, versão: 4.14.0.100, carimbo de data/hora: 0x55cbc50e
Código de exceção: 0xc0000417
Deslocamento da falha: 0x00152818
ID do processo com falha: 0xe0c
Hora de início do aplicativo com falha: 0xGbpSv.exe0
Caminho do aplicativo com falha: GbpSv.exe1
Caminho do módulo com falha: GbpSv.exe2
ID do Relatório: GbpSv.exe3
Nome completo do pacote com falha: GbpSv.exe4
ID do aplicativo relativo ao pacote com falha: GbpSv.exe5

Error: (01/28/2016 09:06:17 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10603.192) TYPE: ERROR

DPTF Build Version: 8.1.10603.192
DPTF Build Date: Aug 7 2015 10:44:44
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 183
Executing Function: ConfigTdpPolicy::onDomainPowerControlCapabilityChanged
Message: dataLength is invalid.
Participant: TCPU [1]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]

Error: (01/28/2016 06:14:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa nsiBDAD.tmp versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 1bfc

Hora de Início: 01d15a087a2cbab8

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Users\Rick\AppData\Local\Temp\nsiBDAD.tmp

ID do Relatório: bfc60a8d-c5fb-11e5-bf0a-e03f49238641

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (01/28/2016 06:14:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa 6483.tmp versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 1b34

Hora de Início: 01d15a0812de84c3

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Windows\Temp\6483.tmp

ID do Relatório: b49016ba-c5fb-11e5-bf0a-e03f49238641

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:


Erros de Sistema:
=============
Error: (01/29/2016 12:35:42 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Gerenciador de Mapas Baixados suspenso ao iniciar.

Error: (01/29/2016 12:31:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Service KMSELDI foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (01/29/2016 12:31:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Windows Presentation Foundation Font Cache 3.0.0.0 devido ao seguinte erro:
%%1053

Error: (01/29/2016 12:31:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Windows Presentation Foundation Font Cache 3.0.0.0.

Error: (01/29/2016 12:29:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço veriwuruzbt devido ao seguinte erro:
%%2

Error: (01/29/2016 12:28:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_5feb533 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/29/2016 12:28:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_5feb533 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/29/2016 12:28:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_5feb533 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/29/2016 12:28:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_5feb533 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/29/2016 12:28:32 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível


CodeIntegrity:
===================================
Date: 2016-01-28 23:13:16.709
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-28 23:13:16.694
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-28 23:13:16.676
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-28 21:11:04.756
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-28 21:11:04.744
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-28 21:11:04.696
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-28 20:20:02.409
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-28 20:20:02.400
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-28 20:20:02.388
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-28 20:20:02.373
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
Percentagem de memória em uso: 46%
RAM física total: 6029.71 MB
RAM física disponível: 3253.87 MB
Virtual Total: 6989.71 MB
Virtual disponível: 4303.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:96.78 GB) (Free:31.91 GB) NTFS
Drive d: () (Fixed) (Total:297.66 GB) (Free:88 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DF37CAF3)

Partition: GPT.

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité