cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:27-01-2016
Executado por Wlader (2016-01-30 18:38:01)
Executando a partir de C:\Users\Wlader\Downloads
Windows 8.1 Enterprise (X64) (2015-06-02 23:16:32)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1433210940-3313559613-2812674987-500 - Administrator - Disabled)
Convidado (S-1-5-21-1433210940-3313559613-2812674987-501 - Limited - Disabled)
Wlader (S-1-5-21-1433210940-3313559613-2812674987-1001 - Administrator - Enabled) => C:\Users\Wlader

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16}
AS: Baidu Antivirus (Enabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.00.1683, 29.12.2015 - AIMP DevTeam)
Any Video Converter 5.8.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
AnySend (HKLM-x32\...\ASPackage) (Version: - CMI Limited) <==== ATENÇÃO
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.147185 - Baidu, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DRAGON QUEST HEROES Slime Edition (HKLM\...\ZHJhZ29ucXVlc3RoZXJvZXNzbGltZWVkaXRpb24_is1) (Version: 1 - )
FormatFactory 3.7.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.5.0 - Free Time)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Glary Utilities 5.42 (HKLM-x32\...\Glary Utilities 5) (Version: 5.42.0.62 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.20 - IObit)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Kingdoms of Amalur Reckoning (HKLM-x32\...\Kingdoms of Amalur Reckoning_is1) (Version: - )
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Mad Max v.1.0.1.1 (HKLM-x32\...\Mad Max_is1) (Version: - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pt-BR)) (Version: 39.0 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\MyFreeCodec) (Version: - )
Nero 7 Ultra Edition (HKLM-x32\...\{C6115A28-F277-4E82-B067-84D28BF21046}) (Version: 7.03.1357 - Nero AG)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Renomear Tudo 2.0 (HKLM-x32\...\Renomear Tudo 2.0_is1) (Version: - )
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (Version: - Microsoft) Hidden
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.106 - Skype Technologies S.A.)
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Aspyr)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version: - GOG.com)
The Witcher 3 Wild Hunt (HKLM-x32\...\The Witcher 3 Wild Hunt_is1) (Version: 1.02 - Релиз от R.G. Steamgames)
The Witcher 3: Wild Hunt - Alternative Look for Ciri (HKLM-x32\...\Alternative Look for Ciri_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Finisher Animations (HKLM-x32\...\New Finisher Animations_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - NEW GAME + (HKLM-x32\...\NEW GAME +_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\The Witcher Enhanced Edition Director's Cut_is1) (Version: - GOG.com)
UltraEdit (HKLM\...\{AFFE5F64-3248-41E9-96AE-8B475F6EFAB3}) (Version: 22.20.0.25 - IDM Computer Solutions, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warsaw 1.11.0.2578 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.2578 - GAS Tecnologia)
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter) (Version: 11.0.0.3995 - ZJMedia Digital Technology Ltd.)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001_Classes\CLSID\{034DF736-A378-4292-ACAE-A561088999F5}\InprocServer32 -> C:\Users\Wlader\AppData\Local\PPTAssist\pptassist64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001_Classes\CLSID\{1077138E-896C-445E-BD31-CFCFFA4636C4}\InprocServer32 -> C:\Users\Wlader\AppData\Local\PPTAssist\pptassist64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\Program Files\IDM Computer Solutions\UltraEdit\ue64ctmn.dll ()

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {12CC99FB-2090-4BD8-87D7-149F0973F9F3} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {13C9B102-5049-42EB-894F-11A3CCA102A0} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe
Task: {142C877F-4881-4CC1-91DA-C55A5E3C4B7C} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js" <==== ATENÇÃO
Task: {1DBADF75-F44A-4CA9-BCE3-DDE50287ADE7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {2B476743-B33C-4A13-943B-A42EC263DA84} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {2CB195A5-E21F-4E96-8BB7-FDE2E61961D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-29] (Google Inc.)
Task: {32E4EA9A-12CA-4196-81C6-326EBA02DBBE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {3E548BF6-F866-4576-8B5D-11FEA4DEDF1F} - System32\Tasks\PPTAssistantUpdateTask_Wlader => C:\Users\Wlader\AppData\Local\PPTAssist\assistupdate.exe
Task: {467FC655-1DDD-4F99-9763-4B78DB196CDB} - System32\Tasks\Uninstaller_SkipUac_Wlader => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-11-18] (IObit)
Task: {5925DF5F-FE23-4633-90FA-AE5A856AA3DE} - System32\Tasks\QTSCJDOLRMBKUQGF => C:\ProgramData\Service0561\Service0561.exe [2016-01-30] () <==== ATENÇÃO
Task: {66F99CA8-F493-47A8-B46D-4406BEDE6B9C} - System32\Tasks\Uumoejuk => C:\PROGRA~1\SHOPPE~1\Kalfan.bat
Task: {68DA9A39-7606-4424-818A-2F12BE3D9196} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-01-20] ()
Task: {6F0C8A9B-635C-4514-A99F-E726012188FE} - System32\Tasks\NVXUUDBSGNMGMJGC => C:\ProgramData\Service0561\Service0561.exe [2016-01-30] () <==== ATENÇÃO
Task: {79798EA3-6E81-4FAD-AEEB-9BA37F4336E3} - System32\Tasks\PPTAssistantNotifyTask_Wlader => C:\Users\Wlader\AppData\Local\PPTAssist\notify.exe
Task: {89D5ED51-70C3-4337-B22D-7857209B3935} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-29] (Google Inc.)
Task: {94DA83A2-2CB7-484D-AA5F-DFAC90966FD3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {9EAC57C3-4878-4765-A950-86D0FA5FC791} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
Task: {A839E6D5-F1A4-4B93-8D26-AE23976B33DF} - System32\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200} => C:\ProgramData\ToolsUpdatePlatform\CallBackInstall.exe <==== ATENÇÃO
Task: {AD613C1E-5D01-413C-91EB-5AB40483450C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B0A5766F-ACD3-4B29-81A9-5DB99AD7E597} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-12-04] (@ByELDI)
Task: {B64CE02D-FAA2-45CD-BBDB-B89BF9BB1736} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C0E9BF43-EE3C-4D4F-A59E-B5926C6D72B1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C1BF2EC0-CAC7-4D81-B16C-1C6772DB2AE9} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-01-04] (Glarysoft Ltd)
Task: {CF790094-7454-4C0E-9173-688C5F1D50EA} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-01-04] (Glarysoft Ltd)
Task: {EBF09D18-B6DE-4885-855E-EC17D7DCE610} - System32\Tasks\Driver Booster SkipUAC (Wlader) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {F89EFC54-8AA6-468C-B3C2-9395838B816D} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavUpdater.exe [2015-10-19] (Baidu, Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\NVXUUDBSGNMGMJGC.job => C:\ProgramData\Service0561\Service0561.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\PPTAssistantNotifyTask_Wlader.job => C:\Users\Wlader\AppData\Local\PPTAssist\notify.exe
Task: C:\Windows\Tasks\PPTAssistantUpdateTask_Wlader.job => C:\Users\Wlader\AppData\Local\PPTAssist\assistupdate.exe
Task: C:\Windows\Tasks\QTSCJDOLRMBKUQGF.job => C:\ProgramData\Service0561\Service0561.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Wlader.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job => C:\ProgramData\ToolsUpdatePlatform\CallBackInstall.exe <==== ATENÇÃO

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk -> D:\Jogos\The Witcher 2 Enhanced Edition\Launcher.exe (CD Projekt RED) -> hxxp://www.mysites123.com/?type=sc&ts=1454171124&z=6d418c0e5f7af4dce59b773g7zfw9zfg3m0gfg7o0t&from=tt4u&uid=SAMSUNGXHD161HJ_S15LJ50Q117982

==================== Módulos Carregados (Whitelisted) ==============

2015-05-15 17:26 - 2015-05-15 17:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-12 19:45 - 2015-10-12 19:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-30 14:58 - 2016-01-20 23:42 - 01907200 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2016-01-30 14:26 - 2016-01-30 14:24 - 00572971 _____ () C:\Program Files (x86)\03000200-1454171166-0500-0006-000700080009\vnsqEDE5.tmp
2015-10-19 16:59 - 2015-10-19 16:59 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\HipsLogger.dll
2015-10-19 16:59 - 2015-05-27 09:10 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\dark.dll
2015-10-19 16:59 - 2015-10-19 16:59 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\sqlite.dll
2015-10-19 16:59 - 2015-10-19 16:59 - 01117680 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Operation.dll
2015-10-19 16:59 - 2015-10-19 16:59 - 00370672 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BNetOp.dll
2015-06-04 17:14 - 2015-06-04 17:13 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-10-19 16:59 - 2015-10-19 16:59 - 00277488 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Pulgin_Dark_DeleteFileTip.dll
2015-11-23 18:59 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-23 18:59 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-23 18:59 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-01-30 17:57 - 2016-01-30 17:57 - 00011264 _____ () C:\Users\Wlader\AppData\Local\Temp\nsq2D24.tmp\System.dll
2016-01-30 17:57 - 2016-01-30 17:57 - 00120832 _____ () C:\Users\Wlader\AppData\Local\Temp\nsq2D24.tmp\IpConfig.dll
2016-01-30 17:57 - 2016-01-30 17:57 - 00025088 _____ () C:\Users\Wlader\AppData\Local\Temp\nsq2D24.tmp\INetC.dll
2016-01-28 23:23 - 2016-01-27 15:39 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libglesv2.dll
2016-01-28 23:23 - 2016-01-27 15:39 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""

==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\caixa.gov.br -> imagem.caixa.gov.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 11:25 - 2013-08-22 11:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Wlader\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: CLHNServiceForPowerDVD => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: Service KMSELDI => 2
MSCONFIG\Services: VIAKaraokeService => 2

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FAAB54AC-B04C-4843-989B-D06AA8C7BF69}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{BEAFFBF7-A29B-42A7-9348-0667B072205B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{72B3226E-61C5-47BF-B2FF-0B362C51F277}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{00E495D4-59B1-44B4-9844-6D8B47BF5E31}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{29693AA1-039C-42DB-A4F9-E26259C6CD2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11.exe
FirewallRules: [{7927DAE9-2D91-42DF-9C15-382093CB01FC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
FirewallRules: [{49A530F8-9CBC-4544-9CBD-B6C377682341}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
FirewallRules: [{D0B984E6-A53D-4C3A-B9D4-DB5629F810C7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\PowerDVDCinema11.exe
FirewallRules: [{0F8B1906-731D-4214-825F-7FCEEEA03652}] => (Allow) C:\Users\Wlader\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{20827B0B-4E51-4611-B741-EDF78A0F3F58}] => (Allow) C:\Users\Wlader\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{20D2F52E-D7DA-49F6-AC23-33FDA7B3D0D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{33A39CFA-2CC2-4C58-A821-3577E3FAD66A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7C757DF5-1BFA-49AF-9D6B-BF1CA1AAE6A8}D:\jogos\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\jogos\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{DA7D3613-6740-4DD1-A704-66A40C010EE9}D:\jogos\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\jogos\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [{9CBAE495-0E98-4BF3-88DE-E5E8A48F6366}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{44CD569E-36CA-4E8D-BF44-B89BB4D6FACB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4A24830C-275B-4029-A490-15BCB1EF536A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E618D0A2-0AA1-4164-9DE8-24E592D0E32F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CC83B7F8-5D3C-4188-89B1-141D1CAE2A44}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{FCC6FBD6-8016-4734-97FC-D6F61C1204C3}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{3741FB80-1606-4CD1-90D3-7315565F9583}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{E826E849-E108-4714-ABC8-775F1CDACF3F}D:\jogos\kingdoms of amalur reckoning\reckoning.exe] => (Allow) D:\jogos\kingdoms of amalur reckoning\reckoning.exe
FirewallRules: [UDP Query User{41E85DA5-DBDB-4C84-A5E8-0F9BD9F60870}D:\jogos\kingdoms of amalur reckoning\reckoning.exe] => (Allow) D:\jogos\kingdoms of amalur reckoning\reckoning.exe
FirewallRules: [{3FCD1838-0F73-4B88-ACF1-078076EACB87}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{07C2F565-4414-4E44-AB96-169B437B1201}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{DE5E8A05-0D18-451E-B5A2-8A8A29330D95}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{43AE948B-3E27-451D-AF84-DD6ED3942843}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

24-01-2016 10:44:54 Ponto de Verificação Agendado
30-01-2016 14:28:37 Revo Uninstaller's restore point - mysites123 uninstall

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/30/2016 05:11:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa iSafe.exe versão 6.7.125.29886 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 19f8

Hora de Início: 01d15b91d682de12

Hora de Término: 53844

Caminho do Aplicativo: C:\Program Files (x86)\Elex-tech\YAC\iSafe.exe

ID do Relatório: 1c36d3f1-c785-11e5-82c3-002522c04102

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (01/30/2016 05:11:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa chrome.exe versão 48.0.2564.97 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 56c

Hora de Início: 01d15b911fd21e13

Hora de Término: 60000

Caminho do Aplicativo: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID do Relatório: 06c81413-c785-11e5-82c3-002522c04102

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (01/30/2016 05:10:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa iSafe.exe versão 6.7.125.29886 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: ab8

Hora de Início: 01d15b91af9f32ad

Hora de Término: 3

Caminho do Aplicativo: C:\Program Files (x86)\Elex-tech\YAC\iSafe.exe

ID do Relatório: 05a078a3-c785-11e5-82c3-002522c04102

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (01/30/2016 03:19:55 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (4372) WindowsMail0: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente.

Error: (01/30/2016 03:12:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: nsi664E.tmp, versão: 0.0.0.0, carimbo de data/hora: 0x5577cc7c
Nome do módulo com falha: nsi664E.tmp, versão: 0.0.0.0, carimbo de data/hora: 0x5577cc7c
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x000228a1
ID do processo com falha: 0xc94
Hora de início do aplicativo com falha: 0xnsi664E.tmp0
Caminho do aplicativo com falha: nsi664E.tmp1
Caminho do módulo com falha: nsi664E.tmp2
ID do Relatório: nsi664E.tmp3
Nome completo do pacote com falha: nsi664E.tmp4
ID do aplicativo relativo ao pacote com falha: nsi664E.tmp5

Error: (01/30/2016 02:58:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa EB0.tmp versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: d10

Hora de Início: 01d15b7f6484957e

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Windows\Temp\EB0.tmp

ID do Relatório: b3d9268b-c772-11e5-82c2-002522c04102

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (01/30/2016 02:40:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa 6BA8.tmp versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 19fc

Hora de Início: 01d15b7c67b72e4c

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Windows\Temp\6BA8.tmp

ID do Relatório: 35330e5b-c770-11e5-82c2-002522c04102

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (01/30/2016 02:29:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.

System Error:
Acesso negado.
.

Error: (01/30/2016 02:27:20 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: AUTORIDADE NT)
Description: There was an error with the Windows Location Provider database

Error: (01/30/2016 02:26:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Explorer.EXE, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000004e50fd8
ID do processo com falha: 0x15b4
Hora de início do aplicativo com falha: 0xExplorer.EXE0
Caminho do aplicativo com falha: Explorer.EXE1
Caminho do módulo com falha: Explorer.EXE2
ID do Relatório: Explorer.EXE3
Nome completo do pacote com falha: Explorer.EXE4
ID do aplicativo relativo ao pacote com falha: Explorer.EXE5


Erros de Sistema:
=============
Error: (01/30/2016 06:23:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Free Space Decimal Point foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (01/30/2016 06:23:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Replicate Exit foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (01/30/2016 06:23:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Spelling Drawer foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (01/30/2016 05:28:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (01/30/2016 05:28:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (01/30/2016 05:28:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (01/30/2016 05:27:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (01/30/2016 05:27:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (01/30/2016 05:27:47 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Type com o seguinte erro:
%%5

Error: (01/30/2016 05:27:47 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Type com o seguinte erro:
%%5


CodeIntegrity:
===================================
Date: 2016-01-30 14:30:06.207
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-30 14:30:06.129
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-30 14:30:06.021
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-30 14:30:05.943
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-30 14:30:05.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-30 14:30:05.725
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-30 14:30:04.883
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-30 14:30:04.751
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentagem de memória em uso: 53%
RAM física total: 4078.66 MB
RAM física disponível: 1913.69 MB
Virtual Total: 4782.66 MB
Virtual disponível: 1958.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.71 GB) (Free:21.53 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1075 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: FEA61B01)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 53E1E2C7)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité