cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:27-01-2016
Executado por Carol (2016-01-31 18:37:50)
Executando a partir de D:\Carol\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-10-07 22:34:31)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2999380129-4172000163-3070118981-500 - Administrator - Disabled)
Carol (S-1-5-21-2999380129-4172000163-3070118981-1000 - Administrator - Enabled) => C:\Users\Carol
Convidado (S-1-5-21-2999380129-4172000163-3070118981-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2999380129-4172000163-3070118981-1002 - Limited - Enabled)
Sérgio (S-1-5-21-2999380129-4172000163-3070118981-1003 - Administrator - Enabled) => C:\Users\Sérgio

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe Reader XI (11.0.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
B1 Free Archiver (HKLM-x32\...\B1FreeArchiver) (Version: 0.0.0.0 - Catalina Group Ltd)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 2.1.0.3 - Byte Technologies LLC)
CheckMeUp (HKLM-x32\...\6ECB650E-8177-CC04-71B4-6BE3CD063758) (Version: - CheckMeUp-software)
Chromium (HKU\.DEFAULT\...\Chromium) (Version: 46.0.2480.0 - Chromium)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hola™ 1.11.399 - Better Internet (HKLM\...\Hola) (Version: 1.11.399 - Hola Networks Ltd.)
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
K-Lite Mega Codec Pack 9.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.0 - )
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 pt-BR)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla)
Norton Security (HKLM-x32\...\NS) (Version: 22.5.4.24 - Symantec Corporation)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Qualcomm Atheros Fast Reconnect (HKLM-x32\...\{0CA2063D-D43F-41F2-A8AC-A3C4A4C722D2}) (Version: 1.0 - QualComm Atheros)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
Remover somente o pacote CopyTrans (HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
Skype Web Plugin (HKLM-x32\...\{34E6C3B4-9354-41C2-9484-25B17F48E7E9}) (Version: 7.13.0.71 - Skype Technologies S.A.)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
YTDownloader (HKLM-x32\...\YTDownloader) (Version: - YTDownloader) <==== ATENÇÃO

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {05D4BD56-FE41-4393-B204-5CA779AA78F8} - System32\Tasks\{76D1320C-5C58-4A65-B476-FB5230F1A710} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/pt/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {25F0A7CB-9FAB-4653-A4BE-B4580A60AED4} - System32\Tasks\{9EC8A845-FF93-4CA2-B955-E8E89865FB66} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/pt/abandoninstall?source=lightinstaller&page=tsInstall
Task: {2CF1101B-917C-4217-BC0A-FBD353C79422} - System32\Tasks\Niwevsor => C:\ProgramData\Niwevsor\1.0.7.1\vunseoib.exe
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {65B6C7D2-C711-4F5C-8BF5-D603C310751A} - System32\Tasks\{118CB0F2-9EE7-408C-B4EE-9D556A1F0D21} => pcalua.exe -a "C:\Program Files (x86)\CleanBrowser\uninstall.exe" -c /uninstallnw
Task: {7FC707E3-7F89-4089-AF0B-4C741E3E95F9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {855236FC-43B8-46B8-A778-C2B476E388ED} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-10-07] ()
Task: {8E5FB137-3C7F-48A8-9D1D-CAE15456077D} - System32\Tasks\Varredura ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2015-12-31] (Byte Technologies LLC)
Task: {920D4A9C-0306-4E57-AD81-2EB66D14F270} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2015-12-31] (Byte Technologies LLC)
Task: {9439C4D6-CBC6-4193-ACE7-A08C990D57B3} - \CheckMeUp Update -> Nenhum Arquivo <==== ATENÇÃO
Task: {952BD11C-8087-4FD7-BC22-8A64C02E3F8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-31] (Google Inc.)
Task: {9D3E0C69-CF1E-427B-BCF9-84C776322018} - System32\Tasks\Amycdal => C:\PROGRA~1\SHOPPE~1\Nucfojy.bat
Task: {D91AE2FE-4B00-49C7-A2A0-428FCFB9EB97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-31] (Google Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {F216F717-705D-4A70-85BE-59D68F6CBAA6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {F250F4F6-EE3E-4B60-B0C8-3EACC95E405F} - System32\Tasks\Iageud => C:\PROGRA~1\SHOPPE~2\Tiusras.bat

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Carol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Carol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Carol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/

==================== Módulos Carregados (Whitelisted) ==============

2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-22 07:57 - 2015-10-22 07:57 - 00112560 _____ () C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe
2016-01-31 17:48 - 2016-01-31 17:48 - 00244664 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
2016-01-31 17:48 - 2016-01-31 17:48 - 00553912 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 00073512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-01-31 17:01 - 2016-01-27 15:39 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libglesv2.dll
2016-01-31 17:01 - 2016-01-27 15:39 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\...\hola.org -> hxxp://hola.org

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:34 - 2016-01-31 18:25 - 00002167 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com

Existem ainda 7 mais linhas.


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.25.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\Services: SkypeUpdate => 2

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{2B7A6D5B-C748-4358-AD3E-4327AC8813BC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{1F68B726-94A7-4B86-A12C-FA246CC1063C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{C040E6A2-D3A2-40D2-9027-317D19EC574C}] => (Allow) C:\Users\Carol\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7FA6375B-1802-4D43-AF7F-FDDB77F59925}] => (Allow) C:\Users\Carol\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9BDACE1-EB95-45EB-B9C2-CB34960F8783}] => (Allow) C:\Users\Carol\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8EDE75C6-FB84-4FC1-90DD-E98D785EA5D6}] => (Allow) C:\Users\Carol\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{22C9C464-A5F6-4B70-BFFA-3690FD1B47CA}] => (Allow) C:\Users\Carol\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A3384A8C-F5E4-4737-AD99-CD89D8D81F86}] => (Allow) C:\Users\Carol\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{696CBC77-4AC7-47D3-AEC1-2B870E9AB30E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7EDA053F-A433-4B9D-BDDF-4FEF9B737D12}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91AD2A55-E5C3-411A-990F-F04D200A8360}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F5BC311A-ABFF-4024-9A46-57CBE7E2939C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B4CD8B4E-CB16-4D52-8945-6EBF192DEE43}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2A027067-5D3F-468C-939D-5579905DA024}] => (Allow) C:\Users\Sérgio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C67A2724-66EC-4A87-AAB9-19F6242211FA}] => (Allow) C:\Users\Sérgio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E98AFFC5-34C3-460B-A9E1-0E95A531326F}] => (Allow) C:\Users\Sérgio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{20BEED0B-6C31-4D81-BF9F-655CBB00D87A}] => (Allow) C:\Users\Sérgio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D7BA79EF-528B-4FA0-B8D9-3FFAF0A5A4D0}] => (Allow) C:\Users\Sérgio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A997B998-48BC-43F2-995A-41F45A92312B}] => (Allow) C:\Users\Sérgio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F4AEBF14-06F0-4562-8256-7458276A1EF5}] => (Allow) C:\Users\Sérgio\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{A7B728B0-4661-493B-9A67-A22C0166F82C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{54DDF6E8-4E70-441D-B766-18D5C98E0985}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8B7928A-4FC4-4317-B94A-1B96DCD137B6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BF20837B-F620-4104-9634-8BFCE907BD21}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{DC71987C-9C9F-437E-AA64-FF88D8E08364}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{11CCAB51-3327-4DF1-A497-80829B74633E}] => (Allow) C:\Windows\system32\config\systemprofile\AppData\Local\Chromium\Application\chrome.exe

==================== Pontos de Restauração =========================

31-01-2016 16:27:08 Revo Uninstaller Pro's restore point - EqualizerAPO 64 bit
31-01-2016 16:34:48 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
31-01-2016 17:53:27 Revo Uninstaller Pro's restore point - CheckMeUp

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/31/2016 06:27:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2016 06:23:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2016 05:55:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: firefox.exe, versão: 44.0.0.5866, carimbo de hora: 0x56a4222c
Nome do módulo de falhas: zybzoz.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x56ab9a11
Código de exceção: 0xc0000005
Deslocamento com falha: 0x72741800
Identificação do processo com falha: 0x1cd4
Hora de início do aplicativo com falha: 0xfirefox.exe0
Caminho do aplicativo com falha: firefox.exe1
FCaminho do módulo de falhas: firefox.exe2
Identificação do Relatório: firefox.exe3

Error: (01/31/2016 05:55:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: chrome.exe, versão: 48.0.2564.97, carimbo de hora: 0x56a8798c
Nome do módulo de falhas: zybzoz.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x56ab9a11
Código de exceção: 0xc0000005
Deslocamento com falha: 0x72741940
Identificação do processo com falha: 0x219c
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
FCaminho do módulo de falhas: chrome.exe2
Identificação do Relatório: chrome.exe3

Error: (01/31/2016 05:53:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.


Operação:
Obtendo Dados do Gravador

Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {24fa50bd-0120-4719-bc3e-3fd54a2e27e4}

Error: (01/31/2016 05:40:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2016 05:35:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: WeatherService.exe, versão: 0.0.0.0, carimbo de hora: 0x00000000
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.18939, carimbo de hora: 0x55afd843
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00042e5b
Identificação do processo com falha: 0x1274
Hora de início do aplicativo com falha: 0xWeatherService.exe0
Caminho do aplicativo com falha: WeatherService.exe1
FCaminho do módulo de falhas: WeatherService.exe2
Identificação do Relatório: WeatherService.exe3

Error: (01/31/2016 05:30:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: knsmA32C.tmpfs, versão: 0.0.0.0, carimbo de hora: 0x00000000
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.18939, carimbo de hora: 0x55afd843
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00042e5b
Identificação do processo com falha: 0x111c
Hora de início do aplicativo com falha: 0xknsmA32C.tmpfs0
Caminho do aplicativo com falha: knsmA32C.tmpfs1
FCaminho do módulo de falhas: knsmA32C.tmpfs2
Identificação do Relatório: knsmA32C.tmpfs3

Error: (01/31/2016 05:29:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: ihpmServer.exe, versão: 0.0.0.0, carimbo de hora: 0x00000000
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.18939, carimbo de hora: 0x55afd843
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00042e5b
Identificação do processo com falha: 0xe40
Hora de início do aplicativo com falha: 0xihpmServer.exe0
Caminho do aplicativo com falha: ihpmServer.exe1
FCaminho do módulo de falhas: ihpmServer.exe2
Identificação do Relatório: ihpmServer.exe3

Error: (01/31/2016 05:05:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.18939, carimbo de hora: 0x55b02e7b
Código de exceção: 0x0000046b
Deslocamento com falha: 0x000000000000b16d
Identificação do processo com falha: 0xc68
Hora de início do aplicativo com falha: 0xwmpnetwk.exe0
Caminho do aplicativo com falha: wmpnetwk.exe1
FCaminho do módulo de falhas: wmpnetwk.exe2
Identificação do Relatório: wmpnetwk.exe3


Erros de Sistema:
=============
Error: (01/31/2016 06:25:37 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2016 06:25:35 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2016 06:25:33 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2016 06:25:32 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2016 06:25:28 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2016 06:24:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Windows Update terminou com o erro:
%%-2147467243

Error: (01/31/2016 06:24:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/31/2016 06:24:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F32D97DF-E3E5-4CB9-9E3E-0EB5B4E49801}

Error: (01/31/2016 06:22:13 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2016 06:22:13 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.


CodeIntegrity:
===================================
Date: 2016-01-31 16:17:21.484
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 16:16:58.530
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 16:07:55.536
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 16:03:45.424
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 16:03:45.332
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 16:02:33.479
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 16:02:33.285
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 16:01:52.480
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 16:01:51.407
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 16:01:50.969
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
Percentagem de memória em uso: 73%
RAM física total: 1782.71 MB
RAM física disponível: 481.21 MB
Virtual Total: 3565.41 MB
Virtual disponível: 1982.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:58.95 GB) (Free:25.4 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive d: () (Fixed) (Total:398.72 GB) (Free:154.37 GB) NTFS

==================== MBR & Tabela de Partições ==================

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité