Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:27-01-2016
Executado por Samsung (2016-02-03 07:45:23)
Executando a partir de C:\Users\Samsung\Desktop
Microsoft Windows 10 Home (X86) (2015-11-26 02:27:09)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3690752745-870574462-1762750705-500 - Administrator - Disabled)
Convidado (S-1-5-21-3690752745-870574462-1762750705-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3690752745-870574462-1762750705-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3690752745-870574462-1762750705-1008 - Limited - Enabled)
Samsung (S-1-5-21-3690752745-870574462-1762750705-1000 - Administrator - Enabled) => C:\Users\Samsung
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3690752745-870574462-1762750705-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
AVG (Version: 16.41.7441 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7441 - AVG Technologies)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.3.0.110 - Atheros Communications)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
CodeBlocks (HKU\S-1-5-21-3690752745-870574462-1762750705-1000\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Dropbox (HKLM\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.27.37 - Dropbox, Inc.) Hidden
ETDWare X86 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Free YouTube Download version 3.2.49.1022 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.49.1022 - DVDVideoSoft Ltd.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GraphPad Prism 6 (HKLM\...\{606443B0-9831-11DC-5F90-015CFB7A6952}) (Version: 6.01 - GraphPad Software)
HP Support Solutions Framework (HKLM\...\{F58E2607-024E-4E05-8016-6948B24D40F8}) (Version: 12.0.30.219 - Hewlett-Packard Company)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Magical Jelly Bean KeyFinder (HKLM\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metric Collection SDK (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{D9D937B0-E842-4130-9588-B948E876904A}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{044F9133-B8D7-4d11-BF39-803FA20F5C8B}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 pt-BR) (HKLM\...\Mozilla Firefox 43.0.4 (x86 pt-BR)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MySQL Connector C++ 1.1.6 (HKLM\...\{3986AD3D-19E0-4FEF-BCBA-08D66BFC216E}) (Version: 1.1.6 - Oracle and/or its affiliates)
MySQL Connector J (HKLM\...\{08BE0787-D0CE-4240-93EF-D73DA099A285}) (Version: 5.1.37 - Oracle Corporation)
MySQL Connector Net 6.9.8 (HKLM\...\{D01DF7C8-6F2D-46BC-923B-418233EB1D14}) (Version: 6.9.8 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{E05E5D1F-4842-47FD-AB62-57FD89801084}) (Version: 6.1.6 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{4C6A664C-DCA0-4CC6-8752-ED0850E3135A}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.6 (HKLM\...\{86AA8F6B-88B5-4434-8208-4CF7202555C5}) (Version: 5.6.28 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM\...\{A79C58A1-C970-4F8D-AE9C-0A86C1C714B4}) (Version: 5.6.28 - Oracle Corporation)
MySQL Fabric 1.5.6 & MySQL Utilities 1.5.6 (HKLM\...\{C1C0B2B6-B2D8-44BC-86DA-2EFD8283A01A}) (Version: 1.5.6 - Oracle Corporation)
MySQL For Excel 1.3.5 (HKLM\...\{DF0D27D3-60FF-44B0-ACD4-CF64C9C08310}) (Version: 1.3.5 - Oracle)
MySQL Installer - Community (HKLM\...\{E1D1A3E3-9F67-435C-8505-0464D4350CCD}) (Version: 1.4.13.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Server 5.6 (HKLM\...\{84E48E7F-DAC3-4416-8A95-404BEDDBD0CE}) (Version: 5.6.28 - Oracle Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{1B9E05D2-525D-4AA9-B61D-37421A587252}) (Version: 6.3.5 - Oracle Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Oracle VM VirtualBox 5.0.14 (HKLM\...\{8F6D5610-B5D2-4CF3-90ED-584ABC8B946A}) (Version: 5.0.14 - Oracle Corporation)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Python 2.7.11 (HKLM\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
Recover Keys (HKLM\...\Recover Keys_is1) (Version: 9.0.3.168 - Recover Keys)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
Scratch (HKLM\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Sql Server Customer Experience Improvement Program (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
Stremio (HKU\S-1-5-21-3690752745-870574462-1762750705-1000\...\Stremio) (Version: 3.5.1 - Smart Code Ltd.)
Suplemento Microsoft Salvar como PDF ou XPS para programas do Microsoft Office 2007 (HKLM\...\{90120000-00B2-0416-0000-0000000FF1CE}) (Version: 12.0.4518.1019 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Firewall Control (HKLM\...\Windows Firewall Control) (Version: 4.3.0.1 - BiniSoft.org)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {019306AE-EA8B-4800-AD62-5E2F53CC1FCF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {01CF085F-CC33-47F7-8D7D-2E92C0F77589} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {05CA568B-1F6B-4A4F-8E74-99336C619934} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {0996ECCB-2FBD-4E2C-B521-341E34E11721} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0B11B7CC-7803-42D9-9119-E730FA887A34} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-24] (Microsoft Corporation)
Task: {14288BDB-42CE-4E3B-9F55-68521BAA6C9A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F7E6FC5-3047-4D52-B0A9-AD1505B36844} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {27F4A299-16FF-4599-BD83-7D7C6C6718EC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {28978051-3C79-4A77-BF9A-09ABA7721A5F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {39093ACD-8F4A-48F1-AAC9-22861C873B47} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3A7365CA-C78F-4AB9-A7AA-9CF4F69FB7C9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-10-01] (Dropbox, Inc.)
Task: {3BC8478D-A617-43A3-8AB3-9E5BF569A171} - \crash_service -> Nenhum Arquivo <==== ATENÇÃO
Task: {40ECB926-C387-4CBA-B0FA-347DE386072F} - \Run_Bobby_Browser -> Nenhum Arquivo <==== ATENÇÃO
Task: {41B535AE-6BEC-4DF0-B164-60ACB42D5A22} - System32\Tasks\{1A705C74-3630-485A-AA41-BD65C8170B8B} => pcalua.exe -a "C:\Program Files\MPC Cleaner\Uninstall.exe"
Task: {50556029-DD3E-4B73-87C8-E45F90E43C91} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {516CADB0-01FC-46D0-A97A-2E7BF4EFD9A6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {5AF5E46B-9554-4CC7-989A-B850F8779FB7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {5C7EAC2B-2BA8-468A-9448-2D0928391938} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {5D4F283B-718C-48DE-82C1-9CDD08C1AF09} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {652B5820-65A2-4AF5-B988-F56E9123B6E3} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2015-11-28] (Oracle Corporation)
Task: {6D66EF2D-ABF6-4C5F-A08A-EEDD0A107120} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {6E075168-E0F0-40E4-B4BB-877490B06135} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {6EF67F4E-9D77-48C7-81E9-65F772391577} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {743751B0-5C33-4A43-B4C9-2A4558DE8F63} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {762807D4-CF0F-4F87-866C-2FF8B12C730B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77C0AC59-95EA-45A1-AE1D-A1036FED87AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7F54D5C4-E06D-4ADC-BD69-9DB2B011EC7C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9504BFDD-D1DC-47A4-B882-3ACDFD30AE9B} - System32\Tasks\avastBCLRestartS-1-5-21-3690752745-870574462-1762750705-1000 => Chrome.exe
Task: {95497D97-767C-4259-B449-A778ED26E17E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-21] (Adobe Systems Incorporated)
Task: {984B8E80-350E-4837-A543-7678D9528794} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {99322DE9-4430-4F45-A764-08A957682C44} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9A9CA974-0D55-4176-BD82-AE14BA7F4F76} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A57B4D22-CC8A-41CE-9716-208759C48128} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A7189AC7-5247-4121-AC24-C0E42C0C262D} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {AAF26FFE-4C89-4B89-9C16-56CE1BCF3CF0} - System32\Tasks\Driver Booster SkipUAC (Samsung) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {ABF2A971-A21B-4ABD-9C18-669218B50A86} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {B0D760AE-96A5-407C-B89D-F29196425711} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {B21EDB02-BFAB-4F55-8887-D8FF3BA4BB5B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4D2C29B-AE2A-48F3-AD49-21D27B1E2615} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {B71221AE-AA97-4C50-9413-1F1E3A515748} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-10-01] (Dropbox, Inc.)
Task: {B9187621-6D80-4DD3-A8C6-E778F351969C} - \060184C3-9766-46a0-B258-F4518A0B2633 -> Nenhum Arquivo <==== ATENÇÃO
Task: {B98294BE-6AD1-4876-93D0-194BBC445B46} - \SmartWeb Upgrade Trigger Task -> Nenhum Arquivo <==== ATENÇÃO
Task: {BC968C3C-4FF9-46BB-9EA5-C07A2311A819} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C9DF3995-F042-4762-8409-D3B6EBB539A5} - System32\Tasks\MySQLNotifierTask => C:\Program Files\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {D15B4D62-D8C3-424F-BF53-516C0598564F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {D2743B85-D0EE-44C1-8BE8-9CA3130863A1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0E8EA77-4B2F-406F-84B0-87421ADE6CB5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E7673DDB-ADCF-4E82-B506-5F943DF5EF24} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FB4B7344-2A61-4739-ADE2-D4A6597BD1D0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FDCF01EE-DB09-46EA-AACA-98C098218EC4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {FF7E264B-3896-40AD-9059-56900D099C3C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 03:44 - 2015-10-30 03:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-26 16:27 - 2015-12-28 13:49 - 00629536 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2015-11-16 17:03 - 2015-11-16 17:03 - 11070976 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
2015-12-03 07:58 - 2015-11-22 08:41 - 01859448 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 07:58 - 2015-11-22 08:41 - 01859448 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-27 17:10 - 2016-01-27 17:10 - 12345856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.122.14020.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-12-18 11:20 - 2015-12-07 02:11 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 11:20 - 2015-12-07 01:57 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 08:28 - 2016-01-04 23:23 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 08:28 - 2016-01-04 23:19 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 08:54 - 2016-01-16 03:06 - 02366464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 08:54 - 2016-01-16 03:09 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-28 15:57 - 2016-01-28 15:57 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:04 - 2015-12-22 16:11 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3690752745-870574462-1762750705-1000\Control Panel\Desktop\\Wallpaper -> c:\users\samsung\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\windows-10-wallpaper-picture-background-7i411us70o.jpg
DNS Servers: 201.21.192.168 - 201.21.192.122
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{AC1795C9-F73A-42B2-8277-1FAA4705D500}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8ABA8810-EF20-4652-AC16-67B1EE370773}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{7C37DD61-0178-46FC-9DED-AA8FD18A5C07}] => (Allow) C:\Program Files\wfc.exe
FirewallRules: [{7941007F-FBF0-4A9D-8DE1-A831382BD716}] => (Block) C:\Windows\system32\svchost.exe
FirewallRules: [{DC95649F-BF4E-4A3C-A92B-454A47C58562}] => (Block) C:\Windows\system32\svchost.exe
FirewallRules: [{BD247C61-2B23-47AC-8DB2-63FD56B93F3C}] => (Block) C:\Windows\system32\svchost.exe
FirewallRules: [{D4F3CAA4-ECD9-408F-9E31-A38FDFDE630C}] => (Block) C:\Windows\system32\svchost.exe
==================== Pontos de Restauração =========================
27-11-2015 10:19:00 Windows Update
03-12-2015 07:47:26 Instalador de Módulos do Windows
04-12-2015 08:10:44 avast! antivirus system restore point
07-12-2015 20:17:35 Windows Update
11-12-2015 07:41:59 Windows Update
14-12-2015 23:49:17 Installed Oracle VM VirtualBox 5.0.10
15-12-2015 16:33:30 Backup do Windows
15-12-2015 21:02:33 Backup do Windows
22-12-2015 21:02:56 Driver Booster : Controlador LPC
01-01-2016 22:49:18 Windows Update
06-01-2016 14:17:29 Windows Update
13-01-2016 08:35:13 Windows Update
23-01-2016 08:33:02 Installed Oracle VM VirtualBox 5.0.14
27-01-2016 07:32:24 Backup do Windows
27-01-2016 08:31:29 Installed MySQL Installer - Community
27-01-2016 08:36:08 Installed MySQL Installer - Community
27-01-2016 08:55:16 Installed MySQL Installer - Community
27-01-2016 09:01:45 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
27-01-2016 09:06:50 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
27-01-2016 10:12:36 Backup do Windows
28-01-2016 07:41:32 Revo Uninstaller Pro's restore point - Baidu Antivirus
28-01-2016 07:59:03 Backup do Windows
28-01-2016 15:59:50 Installed AVG 2016
28-01-2016 16:00:55 Installed AVG
31-01-2016 00:16:40 Revo Uninstaller Pro's restore point - Chromium
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/02/2016 10:24:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: plugin-container.exe, versão: 43.0.4.5848, carimbo de data/hora: 0x568c88bd
Nome do módulo com falha: mozglue.dll, versão: 43.0.4.5848, carimbo de data/hora: 0x568c7b16
Código de exceção: 0x80000003
Deslocamento da falha: 0x0000ed44
ID do processo com falha: 0x534
Hora de início do aplicativo com falha: 0xplugin-container.exe0
Caminho do aplicativo com falha: plugin-container.exe1
Caminho do módulo com falha: plugin-container.exe2
ID do Relatório: plugin-container.exe3
Nome completo do pacote com falha: plugin-container.exe4
ID do aplicativo relativo ao pacote com falha: plugin-container.exe5
Error: (02/02/2016 10:37:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d899
Nome do módulo com falha: Cortana.Core.dll, versão: 0.0.0.0, carimbo de data/hora: 0x568b1a1f
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00020ce8
ID do processo com falha: 0x1084
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
Error: (02/02/2016 09:24:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIPE-TORRESIN)
Description: Falha na ativação do aplicativo Microsoft.Getstarted_2.6.12.0_x86__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/01/2016 10:05:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (01/31/2016 12:16:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/31/2016 12:16:39 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {8a61fff6-a61d-447a-bc23-56a7f627db9e}
Error: (01/30/2016 09:50:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (01/29/2016 07:40:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa AcroRd32.exe versão 15.10.20056.36345 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 1adc
Hora de Início: 01d15add97cb5049
Hora de Término: 93
Caminho do Aplicativo: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ID do Relatório: e7ec4dbc-c6d0-11e5-947c-e8039a487397
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (01/29/2016 11:11:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIPE-TORRESIN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/29/2016 11:10:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.10586.63, carimbo de data/hora: 0x568b1efd
Nome do módulo com falha: combase.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d304
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00166abe
ID do processo com falha: 0x13e4
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5
Erros de Sistema:
=============
Error: (02/03/2016 07:36:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço HP Network Devices Support terminou com o erro:
%%126
Error: (02/03/2016 07:34:11 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/03/2016 07:34:10 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/03/2016 07:34:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
Error: (02/03/2016 07:34:02 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/03/2016 07:33:38 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: O driver Bluetooth esperava um evento HCI com um determinado tamanho, mas não o recebeu.
Error: (02/03/2016 07:33:26 AM) (Source: sptd2) (EventID: 4) (User: )
Description: O driver detectou um erro interno nas estruturas de dados para .
Error: (02/02/2016 11:38:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_48a2a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (02/02/2016 11:38:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_48a2a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (02/02/2016 11:38:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_48a2a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-02-02 18:30:04.584
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:04.537
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:04.479
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:04.295
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:03.894
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:03.840
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:03.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:03.541
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:01.741
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:24:23.414
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz
Percentagem de memória em uso: 79%
RAM física total: 1908.56 MB
RAM física disponível: 387.1 MB
Virtual Total: 3828.56 MB
Virtual disponível: 1665.58 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.22 GB) (Free:338.55 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A664BD71)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== Fim de Addition.txt ============================
Executado por Samsung (2016-02-03 07:45:23)
Executando a partir de C:\Users\Samsung\Desktop
Microsoft Windows 10 Home (X86) (2015-11-26 02:27:09)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3690752745-870574462-1762750705-500 - Administrator - Disabled)
Convidado (S-1-5-21-3690752745-870574462-1762750705-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3690752745-870574462-1762750705-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3690752745-870574462-1762750705-1008 - Limited - Enabled)
Samsung (S-1-5-21-3690752745-870574462-1762750705-1000 - Administrator - Enabled) => C:\Users\Samsung
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3690752745-870574462-1762750705-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
AVG (Version: 16.41.7441 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7441 - AVG Technologies)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.3.0.110 - Atheros Communications)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
CodeBlocks (HKU\S-1-5-21-3690752745-870574462-1762750705-1000\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Dropbox (HKLM\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.27.37 - Dropbox, Inc.) Hidden
ETDWare X86 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Free YouTube Download version 3.2.49.1022 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.49.1022 - DVDVideoSoft Ltd.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GraphPad Prism 6 (HKLM\...\{606443B0-9831-11DC-5F90-015CFB7A6952}) (Version: 6.01 - GraphPad Software)
HP Support Solutions Framework (HKLM\...\{F58E2607-024E-4E05-8016-6948B24D40F8}) (Version: 12.0.30.219 - Hewlett-Packard Company)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Magical Jelly Bean KeyFinder (HKLM\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metric Collection SDK (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{D9D937B0-E842-4130-9588-B948E876904A}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{044F9133-B8D7-4d11-BF39-803FA20F5C8B}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 pt-BR) (HKLM\...\Mozilla Firefox 43.0.4 (x86 pt-BR)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MySQL Connector C++ 1.1.6 (HKLM\...\{3986AD3D-19E0-4FEF-BCBA-08D66BFC216E}) (Version: 1.1.6 - Oracle and/or its affiliates)
MySQL Connector J (HKLM\...\{08BE0787-D0CE-4240-93EF-D73DA099A285}) (Version: 5.1.37 - Oracle Corporation)
MySQL Connector Net 6.9.8 (HKLM\...\{D01DF7C8-6F2D-46BC-923B-418233EB1D14}) (Version: 6.9.8 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{E05E5D1F-4842-47FD-AB62-57FD89801084}) (Version: 6.1.6 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{4C6A664C-DCA0-4CC6-8752-ED0850E3135A}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.6 (HKLM\...\{86AA8F6B-88B5-4434-8208-4CF7202555C5}) (Version: 5.6.28 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM\...\{A79C58A1-C970-4F8D-AE9C-0A86C1C714B4}) (Version: 5.6.28 - Oracle Corporation)
MySQL Fabric 1.5.6 & MySQL Utilities 1.5.6 (HKLM\...\{C1C0B2B6-B2D8-44BC-86DA-2EFD8283A01A}) (Version: 1.5.6 - Oracle Corporation)
MySQL For Excel 1.3.5 (HKLM\...\{DF0D27D3-60FF-44B0-ACD4-CF64C9C08310}) (Version: 1.3.5 - Oracle)
MySQL Installer - Community (HKLM\...\{E1D1A3E3-9F67-435C-8505-0464D4350CCD}) (Version: 1.4.13.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Server 5.6 (HKLM\...\{84E48E7F-DAC3-4416-8A95-404BEDDBD0CE}) (Version: 5.6.28 - Oracle Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{1B9E05D2-525D-4AA9-B61D-37421A587252}) (Version: 6.3.5 - Oracle Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Oracle VM VirtualBox 5.0.14 (HKLM\...\{8F6D5610-B5D2-4CF3-90ED-584ABC8B946A}) (Version: 5.0.14 - Oracle Corporation)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Python 2.7.11 (HKLM\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
Recover Keys (HKLM\...\Recover Keys_is1) (Version: 9.0.3.168 - Recover Keys)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
Scratch (HKLM\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Sql Server Customer Experience Improvement Program (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
Stremio (HKU\S-1-5-21-3690752745-870574462-1762750705-1000\...\Stremio) (Version: 3.5.1 - Smart Code Ltd.)
Suplemento Microsoft Salvar como PDF ou XPS para programas do Microsoft Office 2007 (HKLM\...\{90120000-00B2-0416-0000-0000000FF1CE}) (Version: 12.0.4518.1019 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Firewall Control (HKLM\...\Windows Firewall Control) (Version: 4.3.0.1 - BiniSoft.org)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {019306AE-EA8B-4800-AD62-5E2F53CC1FCF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {01CF085F-CC33-47F7-8D7D-2E92C0F77589} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {05CA568B-1F6B-4A4F-8E74-99336C619934} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {0996ECCB-2FBD-4E2C-B521-341E34E11721} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0B11B7CC-7803-42D9-9119-E730FA887A34} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-24] (Microsoft Corporation)
Task: {14288BDB-42CE-4E3B-9F55-68521BAA6C9A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F7E6FC5-3047-4D52-B0A9-AD1505B36844} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {27F4A299-16FF-4599-BD83-7D7C6C6718EC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {28978051-3C79-4A77-BF9A-09ABA7721A5F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {39093ACD-8F4A-48F1-AAC9-22861C873B47} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3A7365CA-C78F-4AB9-A7AA-9CF4F69FB7C9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-10-01] (Dropbox, Inc.)
Task: {3BC8478D-A617-43A3-8AB3-9E5BF569A171} - \crash_service -> Nenhum Arquivo <==== ATENÇÃO
Task: {40ECB926-C387-4CBA-B0FA-347DE386072F} - \Run_Bobby_Browser -> Nenhum Arquivo <==== ATENÇÃO
Task: {41B535AE-6BEC-4DF0-B164-60ACB42D5A22} - System32\Tasks\{1A705C74-3630-485A-AA41-BD65C8170B8B} => pcalua.exe -a "C:\Program Files\MPC Cleaner\Uninstall.exe"
Task: {50556029-DD3E-4B73-87C8-E45F90E43C91} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {516CADB0-01FC-46D0-A97A-2E7BF4EFD9A6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {5AF5E46B-9554-4CC7-989A-B850F8779FB7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {5C7EAC2B-2BA8-468A-9448-2D0928391938} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {5D4F283B-718C-48DE-82C1-9CDD08C1AF09} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {652B5820-65A2-4AF5-B988-F56E9123B6E3} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2015-11-28] (Oracle Corporation)
Task: {6D66EF2D-ABF6-4C5F-A08A-EEDD0A107120} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {6E075168-E0F0-40E4-B4BB-877490B06135} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {6EF67F4E-9D77-48C7-81E9-65F772391577} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {743751B0-5C33-4A43-B4C9-2A4558DE8F63} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {762807D4-CF0F-4F87-866C-2FF8B12C730B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77C0AC59-95EA-45A1-AE1D-A1036FED87AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7F54D5C4-E06D-4ADC-BD69-9DB2B011EC7C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9504BFDD-D1DC-47A4-B882-3ACDFD30AE9B} - System32\Tasks\avastBCLRestartS-1-5-21-3690752745-870574462-1762750705-1000 => Chrome.exe
Task: {95497D97-767C-4259-B449-A778ED26E17E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-21] (Adobe Systems Incorporated)
Task: {984B8E80-350E-4837-A543-7678D9528794} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {99322DE9-4430-4F45-A764-08A957682C44} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9A9CA974-0D55-4176-BD82-AE14BA7F4F76} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A57B4D22-CC8A-41CE-9716-208759C48128} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A7189AC7-5247-4121-AC24-C0E42C0C262D} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {AAF26FFE-4C89-4B89-9C16-56CE1BCF3CF0} - System32\Tasks\Driver Booster SkipUAC (Samsung) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {ABF2A971-A21B-4ABD-9C18-669218B50A86} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {B0D760AE-96A5-407C-B89D-F29196425711} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {B21EDB02-BFAB-4F55-8887-D8FF3BA4BB5B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4D2C29B-AE2A-48F3-AD49-21D27B1E2615} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {B71221AE-AA97-4C50-9413-1F1E3A515748} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-10-01] (Dropbox, Inc.)
Task: {B9187621-6D80-4DD3-A8C6-E778F351969C} - \060184C3-9766-46a0-B258-F4518A0B2633 -> Nenhum Arquivo <==== ATENÇÃO
Task: {B98294BE-6AD1-4876-93D0-194BBC445B46} - \SmartWeb Upgrade Trigger Task -> Nenhum Arquivo <==== ATENÇÃO
Task: {BC968C3C-4FF9-46BB-9EA5-C07A2311A819} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C9DF3995-F042-4762-8409-D3B6EBB539A5} - System32\Tasks\MySQLNotifierTask => C:\Program Files\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {D15B4D62-D8C3-424F-BF53-516C0598564F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {D2743B85-D0EE-44C1-8BE8-9CA3130863A1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0E8EA77-4B2F-406F-84B0-87421ADE6CB5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E7673DDB-ADCF-4E82-B506-5F943DF5EF24} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FB4B7344-2A61-4739-ADE2-D4A6597BD1D0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FDCF01EE-DB09-46EA-AACA-98C098218EC4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {FF7E264B-3896-40AD-9059-56900D099C3C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 03:44 - 2015-10-30 03:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-26 16:27 - 2015-12-28 13:49 - 00629536 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2015-11-16 17:03 - 2015-11-16 17:03 - 11070976 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
2015-12-03 07:58 - 2015-11-22 08:41 - 01859448 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 07:58 - 2015-11-22 08:41 - 01859448 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-27 17:10 - 2016-01-27 17:10 - 12345856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.122.14020.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-12-18 11:20 - 2015-12-07 02:11 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 11:20 - 2015-12-07 01:57 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 08:28 - 2016-01-04 23:23 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 08:28 - 2016-01-04 23:19 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 08:54 - 2016-01-16 03:06 - 02366464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 08:54 - 2016-01-16 03:09 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-28 15:57 - 2016-01-28 15:57 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:04 - 2015-12-22 16:11 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3690752745-870574462-1762750705-1000\Control Panel\Desktop\\Wallpaper -> c:\users\samsung\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\windows-10-wallpaper-picture-background-7i411us70o.jpg
DNS Servers: 201.21.192.168 - 201.21.192.122
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{AC1795C9-F73A-42B2-8277-1FAA4705D500}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8ABA8810-EF20-4652-AC16-67B1EE370773}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{7C37DD61-0178-46FC-9DED-AA8FD18A5C07}] => (Allow) C:\Program Files\wfc.exe
FirewallRules: [{7941007F-FBF0-4A9D-8DE1-A831382BD716}] => (Block) C:\Windows\system32\svchost.exe
FirewallRules: [{DC95649F-BF4E-4A3C-A92B-454A47C58562}] => (Block) C:\Windows\system32\svchost.exe
FirewallRules: [{BD247C61-2B23-47AC-8DB2-63FD56B93F3C}] => (Block) C:\Windows\system32\svchost.exe
FirewallRules: [{D4F3CAA4-ECD9-408F-9E31-A38FDFDE630C}] => (Block) C:\Windows\system32\svchost.exe
==================== Pontos de Restauração =========================
27-11-2015 10:19:00 Windows Update
03-12-2015 07:47:26 Instalador de Módulos do Windows
04-12-2015 08:10:44 avast! antivirus system restore point
07-12-2015 20:17:35 Windows Update
11-12-2015 07:41:59 Windows Update
14-12-2015 23:49:17 Installed Oracle VM VirtualBox 5.0.10
15-12-2015 16:33:30 Backup do Windows
15-12-2015 21:02:33 Backup do Windows
22-12-2015 21:02:56 Driver Booster : Controlador LPC
01-01-2016 22:49:18 Windows Update
06-01-2016 14:17:29 Windows Update
13-01-2016 08:35:13 Windows Update
23-01-2016 08:33:02 Installed Oracle VM VirtualBox 5.0.14
27-01-2016 07:32:24 Backup do Windows
27-01-2016 08:31:29 Installed MySQL Installer - Community
27-01-2016 08:36:08 Installed MySQL Installer - Community
27-01-2016 08:55:16 Installed MySQL Installer - Community
27-01-2016 09:01:45 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
27-01-2016 09:06:50 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
27-01-2016 10:12:36 Backup do Windows
28-01-2016 07:41:32 Revo Uninstaller Pro's restore point - Baidu Antivirus
28-01-2016 07:59:03 Backup do Windows
28-01-2016 15:59:50 Installed AVG 2016
28-01-2016 16:00:55 Installed AVG
31-01-2016 00:16:40 Revo Uninstaller Pro's restore point - Chromium
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/02/2016 10:24:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: plugin-container.exe, versão: 43.0.4.5848, carimbo de data/hora: 0x568c88bd
Nome do módulo com falha: mozglue.dll, versão: 43.0.4.5848, carimbo de data/hora: 0x568c7b16
Código de exceção: 0x80000003
Deslocamento da falha: 0x0000ed44
ID do processo com falha: 0x534
Hora de início do aplicativo com falha: 0xplugin-container.exe0
Caminho do aplicativo com falha: plugin-container.exe1
Caminho do módulo com falha: plugin-container.exe2
ID do Relatório: plugin-container.exe3
Nome completo do pacote com falha: plugin-container.exe4
ID do aplicativo relativo ao pacote com falha: plugin-container.exe5
Error: (02/02/2016 10:37:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d899
Nome do módulo com falha: Cortana.Core.dll, versão: 0.0.0.0, carimbo de data/hora: 0x568b1a1f
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00020ce8
ID do processo com falha: 0x1084
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
Error: (02/02/2016 09:24:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIPE-TORRESIN)
Description: Falha na ativação do aplicativo Microsoft.Getstarted_2.6.12.0_x86__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/01/2016 10:05:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (01/31/2016 12:16:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/31/2016 12:16:39 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {8a61fff6-a61d-447a-bc23-56a7f627db9e}
Error: (01/30/2016 09:50:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (01/29/2016 07:40:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa AcroRd32.exe versão 15.10.20056.36345 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 1adc
Hora de Início: 01d15add97cb5049
Hora de Término: 93
Caminho do Aplicativo: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ID do Relatório: e7ec4dbc-c6d0-11e5-947c-e8039a487397
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (01/29/2016 11:11:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIPE-TORRESIN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/29/2016 11:10:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.10586.63, carimbo de data/hora: 0x568b1efd
Nome do módulo com falha: combase.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d304
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00166abe
ID do processo com falha: 0x13e4
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5
Erros de Sistema:
=============
Error: (02/03/2016 07:36:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço HP Network Devices Support terminou com o erro:
%%126
Error: (02/03/2016 07:34:11 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/03/2016 07:34:10 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/03/2016 07:34:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
Error: (02/03/2016 07:34:02 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/03/2016 07:33:38 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: O driver Bluetooth esperava um evento HCI com um determinado tamanho, mas não o recebeu.
Error: (02/03/2016 07:33:26 AM) (Source: sptd2) (EventID: 4) (User: )
Description: O driver detectou um erro interno nas estruturas de dados para .
Error: (02/02/2016 11:38:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_48a2a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (02/02/2016 11:38:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_48a2a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (02/02/2016 11:38:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_48a2a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-02-02 18:30:04.584
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:04.537
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:04.479
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:04.295
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:03.894
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:03.840
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:03.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:03.541
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:30:01.741
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-02-02 18:24:23.414
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz
Percentagem de memória em uso: 79%
RAM física total: 1908.56 MB
RAM física disponível: 387.1 MB
Virtual Total: 3828.56 MB
Virtual disponível: 1665.58 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.22 GB) (Free:338.55 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A664BD71)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== Fim de Addition.txt ============================