cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:21-02-2016 01
Executado por zeneida (2016-02-23 13:59:59)
Executando a partir de C:\Users\zeneida\Downloads
Windows 8.1 Single Language (X64) (2014-08-26 19:03:57)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1745426921-2193795256-1152630720-500 - Administrator - Disabled)
Convidado (S-1-5-21-1745426921-2193795256-1152630720-501 - Limited - Disabled)
zeneida (S-1-5-21-1745426921-2193795256-1152630720-1001 - Administrator - Enabled) => C:\Users\zeneida

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATENÇÃO
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EMSC (x32 Version: 0.0.0.23C - Compal Electronics, Inc.) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Galeria de Fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATENÇÃO
Google Chrome (HKU\.DEFAULT\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Chrome (HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Ajuda (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{8D71EFB0-B1EF-4478-92D2-A65DB23AC460}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{2DCBB45E-AA03-4089-87E7-EC17E606D738}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 pt-BR)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.0.5866 - Mozilla)
Opera Stable 35.0.2066.68 (HKLM-x32\...\Opera 35.0.2066.68) (Version: 35.0.2066.68 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PriceFountain (remove only) (HKU\.DEFAULT\...\PriceFountain) (Version: 1.2.9.6 - PBNGTBJJPYO) <==== ATENÇÃO
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1206 - SUPERAntiSpyware.com)
Update for PriceFountain (HKU\.DEFAULT\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATENÇÃO
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1745426921-2193795256-1152630720-1001_Classes\CLSID\{724FE766-71C2-4E6E-8379-CD0EF5E51BDD}\InprocServer32 -> C:\Users\zeneida\AppData\Local\Google\Update\1.3.28.17\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1745426921-2193795256-1152630720-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\zeneida\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1745426921-2193795256-1152630720-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1745426921-2193795256-1152630720-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\zeneida\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1745426921-2193795256-1152630720-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\zeneida\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {17564924-6389-468B-9C11-7391C8BAA5A0} - \Touch Browser -> Nenhum Arquivo <==== ATENÇÃO
Task: {38D1E741-2BB2-4672-9ED0-2FEE0FB29E41} - System32\Tasks\{BAA684FF-E0DD-4679-90B9-D56529D5FC5F} => pcalua.exe -a "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Uninstall.exe"
Task: {3D229E95-65B8-47E8-AA41-90B5F66FD5CF} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {45A1B4CD-C22F-4580-96E2-6990B6230E9C} - System32\Tasks\Opera scheduled Autoupdate 1432578946 => C:\Program Files (x86)\Opera\launcher.exe [2016-02-15] (Opera Software)
Task: {5AA3002B-2F8D-43B9-965B-9DCFD5EE3E40} - System32\Tasks\svchost => C:\Users\zeneida\AppData\Local\Temp\setup_767.exe <==== ATENÇÃO
Task: {620822B6-3139-4531-A478-F19EA7F0A95F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-22] (Google Inc.)
Task: {67E76B28-82B7-42C4-8C2A-380089DC0ACB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-18UA => C:\WINDOWS\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {8ED83034-AC13-4BD5-A708-41F5070D7205} - System32\Tasks\GoogleUpdateTaskUserS-1-5-18Core => C:\WINDOWS\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {942FD052-75BE-44B4-91CF-5E081DC4EF81} - \ASP -> Nenhum Arquivo <==== ATENÇÃO
Task: {9876B569-7D78-45B2-872A-B7FFCB1DF50B} - System32\Tasks\Joaeajioht => C:\ProgramData\Joaeajioht\1.0.7.1\ivuesesa.exe [2016-02-22] ()
Task: {9B728753-D527-4C75-A792-49A9E8D7DBD5} - \pricemeterdownloader -> Nenhum Arquivo <==== ATENÇÃO
Task: {ABC664FC-A33A-41AB-80F7-9587FCDEAACC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-22] (Google Inc.)
Task: {D4A5977F-D9C8-4570-9202-58A09ECF427D} - \PriceMeterUpdater -> Nenhum Arquivo <==== ATENÇÃO
Task: {D70400CB-C569-4D61-B14F-73809A062939} - \Kit Diner -> Nenhum Arquivo <==== ATENÇÃO
Task: {D910371F-A156-4D37-899E-DAFF538A6F91} - System32\Tasks\PFExe => C:\WINDOWS\system32\config\systemprofile\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO
Task: {E3627FA5-DE3B-419E-B9B9-063BBE91A3E5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {E77FE1C8-87FF-4690-A7BA-D66256009974} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1745426921-2193795256-1152630720-1001Core.job => C:\Users\zeneida\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\WINDOWS\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\WINDOWS\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1745426921-2193795256-1152630720-1001Core.job => C:\Users\zeneida\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1745426921-2193795256-1152630720-1001Core1d13ca83a6c3376.job => C:\Users\zeneida\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1745426921-2193795256-1152630720-1001Core1d13ca85b413b95.job => C:\Users\zeneida\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1745426921-2193795256-1152630720-1001Core1d15ddcd86a00d4.job => C:\Users\zeneida\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\zeneida\Desktop\Google Chrome.lnk -> C:\Users\zeneida\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\zeneida\Desktop\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\zeneida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Users\zeneida\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.123rede.com?oem=mbtkv3&uid=TE8522L90UGGKS_HGSTHTS545050A7E380&tm=1431777953
ShortcutWithArgument: C:\Users\zeneida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.321oyun.com?oem=mbtkv3&uid=TE8522L90UGGKS_HGSTHTS545050A7E380&tm=1431875082
ShortcutWithArgument: C:\Users\zeneida\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Users\zeneida\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.123rede.com?oem=mbtkv3&uid=TE8522L90UGGKS_HGSTHTS545050A7E380&tm=1431777953 --disable-quic
ShortcutWithArgument: C:\Users\zeneida\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\zeneida\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk -> C:\Users\zeneida\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\zeneida\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\zeneida\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\zeneida\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\zeneida\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Public\Desktop\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yeabests.cc/

==================== Módulos Carregados (Whitelisted) ==============

2015-09-24 19:54 - 2015-09-24 09:25 - 00185800 _____ () C:\Users\zeneida\AppData\Local\Crsoft\crsvc.exe
2015-09-09 14:45 - 2015-09-07 08:06 - 00142792 _____ () C:\Users\zeneida\AppData\Roaming\DNSHelper\DNSSVC.exe
2015-12-21 12:58 - 2015-12-16 06:21 - 04845408 _____ () C:\Users\zeneida\AppData\Roaming\WinNetSvc\WinNetSvc.exe
2016-02-22 20:33 - 2016-01-26 10:54 - 02415616 _____ () c:\programdata\msiql.exe
2016-02-22 20:42 - 2016-02-22 20:42 - 00158720 _____ () C:\ProgramData\Joaeajioht\1.0.7.1\ivuesesa.exe
2015-12-25 05:42 - 2015-12-25 05:42 - 00148104 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarEntry.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-25 05:42 - 2015-12-25 05:42 - 00141960 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
2015-12-25 05:42 - 2015-12-25 05:42 - 03934344 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\Calendar.exe
2015-12-21 12:58 - 2015-11-28 06:45 - 00083456 _____ () C:\Users\zeneida\AppData\Roaming\WinNetSvc\Interface.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 00543368 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPTask.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 00406664 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPNet.dll
2015-12-25 05:41 - 2015-12-25 05:41 - 00428680 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPDR.dll
2016-02-22 20:34 - 2016-02-04 14:57 - 02010624 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll
2016-02-17 20:21 - 2016-02-17 20:21 - 62327848 _____ () C:\Program Files (x86)\Opera\35.0.2066.68\opera.dll
2016-02-17 20:21 - 2016-02-17 20:20 - 02074664 _____ () C:\Program Files (x86)\Opera\35.0.2066.68\libglesv2.dll
2016-02-17 20:21 - 2016-02-17 20:20 - 00081960 _____ () C:\Program Files (x86)\Opera\35.0.2066.68\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2016-02-23 13:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\ibyte\w1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\...\StartupApproved\StartupFolder: => "WebBrowserMixVideoPlayer.lnk"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "HomePageHelper"
HKLM\...\StartupApproved\Run32: => "SPDriver"
HKLM\...\StartupApproved\Run32: => "LightGate"
HKLM\...\StartupApproved\Run32: => "sun7"
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\StartupApproved\Run: => "Birds"
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\StartupApproved\Run: => "msiql"
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\StartupApproved\Run: => "YeaInstaller"
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\StartupApproved\Run: => "Yeaplayer"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BB940C1B-B950-4906-8479-A4B5A8317146}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{F398047D-C8D6-4AA0-A228-78B294D36A95}] => (Allow) C:\Users\zeneida\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{3C5FF46A-3191-4B45-9178-7B19A4CCBC56}] => (Allow) LPort=1900
FirewallRules: [{C90F59A2-0D91-4555-80BC-C58EC7EE3CB1}] => (Allow) LPort=2869
FirewallRules: [{4339C504-6A02-46D9-9168-02D95BE672FF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{31AA007B-E62E-48C3-A714-EF8691E201F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2772C5C9-723D-4E36-9B1F-F14683FC48AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C43EF40B-6BD3-47C9-B25A-8381AB2E60CB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCE19DB7-A186-4872-B356-0CEBC8979F93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A284C91D-7ACF-4683-9B84-61C8E8DD973B}] => (Allow) C:\Users\zeneida\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{1525E886-675C-47C7-8981-E0C6426DB72B}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{AB6961C6-7308-49AF-B8EA-5759CF5C74DC}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe

==================== Pontos de Restauração =========================

02-02-2016 08:09:42 Ponto de Verificação Agendado
10-02-2016 14:33:47 Windows Update
18-02-2016 09:18:20 Ponto de Verificação Agendado
22-02-2016 20:36:40 Uniblue DriverScanner installation

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (02/23/2016 01:18:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: spbia.exe, versão: 1.0.0.4, carimbo de data/hora: 0x56cb07d7
Nome do módulo com falha: spbia.exe, versão: 1.0.0.4, carimbo de data/hora: 0x56cb07d7
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000003f81
ID do processo com falha: 0xa08
Hora de início do aplicativo com falha: 0xspbia.exe0
Caminho do aplicativo com falha: spbia.exe1
Caminho do módulo com falha: spbia.exe2
ID do Relatório: spbia.exe3
Nome completo do pacote com falha: spbia.exe4
ID do aplicativo relativo ao pacote com falha: spbia.exe5

Error: (02/23/2016 01:16:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x358
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (02/23/2016 01:16:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x8ac
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (02/23/2016 01:16:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x157c
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (02/23/2016 01:16:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x13d8
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (02/23/2016 01:16:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0xe2c
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (02/23/2016 01:16:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x94c
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (02/23/2016 01:16:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0xc80
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (02/23/2016 01:16:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x1234
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (02/23/2016 01:16:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x1320
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5


Erros de Sistema:
=============
Error: (02/23/2016 01:48:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Net Service Event Handler devido ao seguinte erro:
%%2

Error: (02/23/2016 01:44:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço BRXxpaMkuc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (02/23/2016 01:41:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Net Service Event Handler devido ao seguinte erro:
%%2

Error: (02/23/2016 01:32:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Net Service Event Handler devido ao seguinte erro:
%%2

Error: (02/23/2016 01:30:54 PM) (Source: DCOM) (EventID: 10001) (User: ZENEIDA)
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe -Embedding740{E9513610-F218-4DDA-B954-2C7E6BA7CABB}Não DisponívelNão Disponível

Error: (02/23/2016 01:29:02 PM) (Source: DCOM) (EventID: 10001) (User: ZENEIDA)
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe -Embedding740{E9513610-F218-4DDA-B954-2C7E6BA7CABB}Não DisponívelNão Disponível

Error: (02/23/2016 01:18:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Windows Presentation Foundation Font Cache 3.0.0.0 devido ao seguinte erro:
%%1053

Error: (02/23/2016 01:18:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Windows Presentation Foundation Font Cache 3.0.0.0.

Error: (02/23/2016 01:17:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço WajaNetEn Monitor devido ao seguinte erro:
%%1053

Error: (02/23/2016 01:17:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço WajaNetEn Monitor.


CodeIntegrity:
===================================
Date: 2016-02-20 13:14:55.561
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-17 22:59:24.565
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-14 12:07:26.236
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-12 09:56:31.655
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-11 11:38:14.899
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-07 14:37:10.187
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-02 08:21:08.060
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-01 18:04:48.108
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-26 16:35:28.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-26 09:39:36.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentagem de memória em uso: 39%
RAM física total: 3987.02 MB
RAM física disponível: 2396.51 MB
Virtual Total: 4691.02 MB
Virtual disponível: 2944.17 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:456.02 GB) (Free:395.71 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0A21756C)

Partition: GPT.

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité