cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:17-01-2015
Executado por Marcelo Marino (2016-01-17 19:19:40)
Executando a partir de C:\Users\Marcelo Marino\Desktop
Windows 7 Home Premium (X64) (2015-12-29 15:25:36)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1067590768-3278730982-2382162906-500 - Administrator - Disabled)
Convidado (S-1-5-21-1067590768-3278730982-2382162906-501 - Limited - Disabled)
Marcelo Marino (S-1-5-21-1067590768-3278730982-2382162906-1000 - Administrator - Enabled) => C:\Users\Marcelo Marino

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Kaspersky Anti-Virus (Enabled - Out of date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Anti-Virus (Enabled - Out of date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
AutoCAD 2011 - Brasil (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2011 Language Pack - Brasil (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
BIAS FX Plugins Pack (64bit) (HKLM\...\{77558DEB-4B65-4921-8855-D8593EF5BCDD}) (Version: 1.1.0.745 - PositiveGrid)
BitTorrent (HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
Dic Michaelis - UOL (HKLM-x32\...\WDIC) (Version: - )
Euro Truck Simulator 2 (HKLM-x32\...\Euro Truck Simulator 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.0 - Toontrack)
EZdrummer 2 64-bit Update (HKLM\...\{11CC8964-9CB0-46E6-9218-CD39ED4A554D}) (Version: 2.0.1 - Toontrack)
Gain Reduction version 1.0.2 (HKLM\...\Gain Reduction_is1) (Version: 1.0.2 - )
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.3 - Intel)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Mozilla Firefox 43.0.4 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 pt-BR)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.1.451 - Native Instruments)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.5936 - NVIDIA Corporation)
Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation)
QFCAD2000 (HKLM-x32\...\{6E74E480-B602-4517-B0ED-06325051DD90}_is1) (Version: - MICROCAD)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SportTracks 3.1 (HKLM-x32\...\{99895EF0-B290-4B21-B1FE-FB00E1B5D195}) (Version: 3.1.5770 - Zone Five Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
Waves Complete V9r24 (HKLM-x32\...\{93000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.3.24 - Waves)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe /Automation => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe /Automation => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {1098848F-3E9D-4543-93D8-C3601212B694} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {663C8424-E875-4926-8F8D-7825A1944178} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe
Task: {6EB46C89-699D-4293-9C1A-C777078136F5} - System32\Tasks\{D284A3C7-59BE-42D1-860A-B4D6E641B707} => pcalua.exe -a "C:\Users\Marcelo Marino\Desktop\Hola-Setup(1).exe" -d "C:\Users\Marcelo Marino\Desktop"
Task: {77F66EE4-F02D-4598-B3DD-DA75D4139B1D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {7FF5EA29-1EE9-4E2E-BB4E-C557068DF749} - System32\Tasks\{D38E5A9A-D402-4EA7-8386-69358C776A58} => pcalua.exe -a "C:\Users\Marcelo Marino\Desktop\install-antimalware.exe" -d "C:\Users\Marcelo Marino\Desktop"
Task: {87BDDE86-3964-4235-8752-790CDE81E126} - System32\Tasks\{F67ECF00-BC44-43EE-A29A-30273C43C332} => pcalua.exe -a "C:\Users\Marcelo Marino\Desktop\install-antimalware.exe" -d "C:\Users\Marcelo Marino\Desktop"
Task: {8D390601-2BAD-419C-9BCF-E5AF73EDED50} - System32\Tasks\Opera N Saturday => C:\Program Files (x86)\Opera\launcher.exe
Task: {9B6937A3-9B47-4EF2-B960-50A7226213A7} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-01-16] ()
Task: {B128C123-3789-4B10-A0B7-FC6F91A13F2F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-02] (Adobe Systems Incorporated)
Task: {C4216D37-0B4D-4EA6-8483-C15EEA6E3DAC} - \Marcelo MarinoPoolhallsAbstemiousV2 -> Nenhum Arquivo <==== ATENÇÃO
Task: {DCC14789-468F-433B-9208-1C8967EEF31F} - System32\Tasks\{1AD58184-F386-4659-9F9C-32609F52F78A} => pcalua.exe -a "C:\Users\Marcelo Marino\Downloads\Setup_SportTracks_3.1.5770(1).exe" -d "C:\Users\Marcelo Marino\Downloads"
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Marcelo Marino\Desktop\Yeabeats Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Marcelo Marino\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Marcelo Marino\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Marcelo Marino\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (2).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Marcelo Marino\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser (3).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Marcelo Marino\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/

==================== Módulos Carregados (Whitelisted) ==============

2015-12-30 16:25 - 2013-10-23 14:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2016-01-17 16:27 - 2016-01-16 18:42 - 01905664 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2015-12-08 17:25 - 2015-12-08 17:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\kpcengine.2.3.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Windows\System32:5E33191E_Uni.gbp
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\.DEFAULT\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\.DEFAULT\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\...\line6.net -> line6.net

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:34 - 2016-01-17 16:18 - 00001110 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1067590768-3278730982-2382162906-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcelo Marino\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\startupreg: - => c:\users\marcelo marino\appdata\roaming\msiql.exe /RUNNING
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Marcelo Marino\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{FB336E49-6020-4705-A9BA-695C1A46F717}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C1589C55-82E6-4CB9-8E09-7CD22AE0925C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8513AAC8-01F6-4E5A-9509-D2C73DB719BE}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C1938385-DAC2-4B5F-95E1-27085E5230A3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{133625CA-F7C4-4862-9216-3F28463992CB}] => (Allow) C:\Users\Marcelo Marino\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{034B8B10-1BF7-44AE-B95B-EAAFABA7F652}] => (Allow) C:\Users\Marcelo Marino\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E3AA9011-A747-49EB-9951-E84D033B78D9}] => (Allow) C:\Users\Marcelo Marino\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4EDCE34E-34C7-451D-9AD3-BE61BA6BD0D1}] => (Allow) C:\Users\Marcelo Marino\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1444A538-0CDF-4E1B-B127-6995342CAF51}] => (Allow) C:\Users\Marcelo Marino\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{85CF32F5-8116-40AE-99B0-555A41E40907}] => (Allow) C:\Users\Marcelo Marino\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1EA8C003-D43A-4083-B045-1044825A2C81}] => (Allow) LPort=50248
FirewallRules: [{FB846EAB-2A62-48C7-B135-5BE1CD3E61DC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{804F003B-65DE-4B66-B8FB-06A4F56EDD3C}] => (Allow) LPort=8317
FirewallRules: [{0A340873-9A1A-4A60-A2E7-4C61C1FCB124}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe

==================== Pontos de Restauração =========================

10-01-2016 17:11:51 Instalação de Pacote de Driver de Dispositivo: EPSON Impressoras
17-01-2016 14:11:44 Installed BIAS Plugins Pack (64bit)
17-01-2016 14:46:42 Removed BIAS Plugins Pack (64bit)
17-01-2016 14:49:37 Removed BIAS FX Plugins Pack (64bit)
17-01-2016 14:57:34 Windows Defender Checkpoint
17-01-2016 15:43:39 Installed BIAS FX Plugins Pack (64bit)

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/17/2016 04:50:49 PM) (Source: Wininit) (EventID: 3005) (User: )
Description: O processo de inicialização do Windows não pôde encerrar os processos do sistema.

Error: (01/17/2016 04:19:35 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3304) WindowsMail0: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente.

Error: (01/17/2016 03:09:57 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (1216) WindowsMail0: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente.

Error: (01/16/2016 05:40:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: EXCEL.EXE, versão: 12.0.4518.1014, carimbo de hora: 0x45428263
Nome do módulo de falhas: EXCEL.EXE, versão: 12.0.4518.1014, carimbo de hora: 0x45428263
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0013d7f0
Identificação do processo com falha: 0x14f8
Hora de início do aplicativo com falha: 0xEXCEL.EXE0
Caminho do aplicativo com falha: EXCEL.EXE1
FCaminho do módulo de falhas: EXCEL.EXE2
Identificação do Relatório: EXCEL.EXE3

Error: (01/16/2016 05:40:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: EXCEL.EXE, versão: 12.0.4518.1014, carimbo de hora: 0x45428263
Nome do módulo de falhas: EXCEL.EXE, versão: 12.0.4518.1014, carimbo de hora: 0x45428263
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0013d7f0
Identificação do processo com falha: 0x1594
Hora de início do aplicativo com falha: 0xEXCEL.EXE0
Caminho do aplicativo com falha: EXCEL.EXE1
FCaminho do módulo de falhas: EXCEL.EXE2
Identificação do Relatório: EXCEL.EXE3

Error: (01/16/2016 05:38:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: EXCEL.EXE, versão: 12.0.4518.1014, carimbo de hora: 0x45428263
Nome do módulo de falhas: EXCEL.EXE, versão: 12.0.4518.1014, carimbo de hora: 0x45428263
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0013ba43
Identificação do processo com falha: 0x10ac
Hora de início do aplicativo com falha: 0xEXCEL.EXE0
Caminho do aplicativo com falha: EXCEL.EXE1
FCaminho do módulo de falhas: EXCEL.EXE2
Identificação do Relatório: EXCEL.EXE3

Error: (01/16/2016 05:28:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: EXCEL.EXE, versão: 12.0.4518.1014, carimbo de hora: 0x45428263
Nome do módulo de falhas: EXCEL.EXE, versão: 12.0.4518.1014, carimbo de hora: 0x45428263
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0013d7f0
Identificação do processo com falha: 0x1278
Hora de início do aplicativo com falha: 0xEXCEL.EXE0
Caminho do aplicativo com falha: EXCEL.EXE1
FCaminho do módulo de falhas: EXCEL.EXE2
Identificação do Relatório: EXCEL.EXE3

Error: (01/16/2016 12:08:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: WSCommCntr4.exe, versão: 4.0.3.0, carimbo de hora: 0x50dcb523
Nome do módulo de falhas: WSCommCntr4.exe, versão: 4.0.3.0, carimbo de hora: 0x50dcb523
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000016490
Identificação do processo com falha: 0x13e8
Hora de início do aplicativo com falha: 0xWSCommCntr4.exe0
Caminho do aplicativo com falha: WSCommCntr4.exe1
FCaminho do módulo de falhas: WSCommCntr4.exe2
Identificação do Relatório: WSCommCntr4.exe3

Error: (01/15/2016 12:36:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa avpui.exe versão 16.0.0.625 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: e0c

Hora de Início: 01d14fa1954df342

Hora de Término: 60000

Caminho do Aplicativo: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe

Id do Relatório: 2180ceb9-bb95-11e5-9816-7071bc9a6144

Error: (01/15/2016 12:31:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa CamtasiaStudio.exe versão 8.6.0.2054 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 10e4

Hora de Início: 01d14fa12f1354bf

Hora de Término: 122

Caminho do Aplicativo: C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe

Id do Relatório: a13448d9-bb94-11e5-9816-7071bc9a6144


Erros de Sistema:
=============
Error: (01/17/2016 06:18:24 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (01/17/2016 05:04:19 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Windows Search, mas essa ação falhou com o seguinte erro:
%%1056

Error: (01/17/2016 05:03:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Proteção de Software foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.

Error: (01/17/2016 05:03:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Serviço de Compartilhamento de Rede do Windows Media Player foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.

Error: (01/17/2016 05:03:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.

Error: (01/17/2016 05:03:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Arrow Temporary Internet Files foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (01/17/2016 05:03:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (01/17/2016 05:03:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço NVIDIA Stereoscopic 3D Driver Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (01/17/2016 05:03:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Autodesk Content Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/17/2016 05:03:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Adobe Acrobat Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).


CodeIntegrity:
===================================
Date: 2016-01-17 15:05:28.003
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ShopperPro3\spbiw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-17 15:05:27.988
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ShopperPro3\spbiw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-17 15:05:13.433
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10630\jsdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-17 15:05:13.433
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10630\jsdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-17 14:58:42.220
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ShopperPro3\spbiw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-17 14:58:42.187
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ShopperPro3\spbiw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-17 14:58:26.269
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10630\jsdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-17 14:58:26.258
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10630\jsdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-07 17:14:10.292
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-07 17:14:10.277
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Percentagem de memória em uso: 51%
RAM física total: 4029.39 MB
RAM física disponível: 1937.21 MB
Virtual Total: 8056.92 MB
Virtual disponível: 5575 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:194.24 GB) (Free:117.25 GB) NTFS
Drive d: () (Fixed) (Total:271.42 GB) (Free:132.86 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8F781217)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=194.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=271.4 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité