cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:24-02-2016
Executado por Alice Mota (2016-02-25 09:54:48)
Executando a partir de C:\Users\Alice Mota\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2016-01-14 20:00:22)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2328873562-1806874857-566758227-500 - Administrator - Disabled)
Alice Mota (S-1-5-21-2328873562-1806874857-566758227-1000 - Administrator - Enabled) => C:\Users\Alice Mota
Convidado (S-1-5-21-2328873562-1806874857-566758227-501 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Body Text Feathering (HKLM\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATENÇÃO
Google Chrome (HKLM\...\Google Chrome) (Version: 50.0.2657.3 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2567 - Intel Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 44.0.2 (x86 pt-BR) (HKLM\...\Mozilla Firefox 44.0.2 (x86 pt-BR)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7484 - Realtek Semiconductor Corp.)
Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated)
Tweaks.com Logon Changer (HKLM\...\{12F8EFF0-5C16-473B-99AD-67AB866C3E07}) (Version: 2.0.0 - Advanced PC Media LLC)
Unity Web Player (HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2328873562-1806874857-566758227-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Alice Mota\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {04DB0FC4-53F4-441A-80A2-CD03B97DE467} - System32\Tasks\Zuajtaut => C:\PROGRA~1\GROOVE~1\Olydset.bat
Task: {4570DF28-A877-4E04-B545-602E4F0C4629} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-14] (Google Inc.)
Task: {75BA4BC8-FFD8-43FF-B37C-CE9B2E091EBC} - System32\Tasks\ttwifi => C:\Program Files\ttwifi\tiantianwifi.exe
Task: {8D5E9CBA-18B9-44D9-9826-6EEE52EE47B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-14] (Google Inc.)
Task: {9276BE80-4CA7-4B3D-BCEE-03AD25B16499} - System32\Tasks\WinTaske => C:\Program Files\WinTaske\WinTaske\WinTaske.exe
Task: {C4210118-DA41-4717-A71F-2D12A64978EF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D1F229B8-5D62-4AF2-AA75-A46FFD31D742} - System32\Tasks\Nonaji => C:\PROGRA~1\SHOPPE~1\Farifi.bat
Task: {FCC34F04-705E-41CA-BFD1-070990EDEC6E} - System32\Tasks\Tosmuel => C:\PROGRA~1\SHOPPE~2\Eebupuny.bat

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 ____C () C:\Windows\system32\slc.dll
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 ____C () C:\Windows\System32\slc.dll
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 ____C () c:\windows\system32\slc.dll
2015-12-26 05:59 - 2015-12-26 05:59 - 00158720 ____C () C:\Users\Alice Mota\AppData\Local\D3FDCF80-1456392090-11B2-8000-96261AF2B937\qnseF7D8.tmp
2016-02-24 18:50 - 2016-02-24 08:18 - 03156144 ____C () C:\Users\Alice Mota\AppData\Local\dply_en_015020248\updply_en_015020248.exe
2016-02-24 20:43 - 2016-02-09 12:30 - 02036224 ____C () C:\ProgramData\WindowsMsg\osmsg.exe
2016-02-24 21:19 - 2016-01-26 11:54 - 02415616 ____C () C:\ProgramData\msiql.exe
2016-02-23 17:36 - 2016-02-23 07:32 - 00307352 ____C () C:\Program Files\Google\Chrome\Application\50.0.2657.3\libexif.dll
2016-01-14 23:41 - 2014-02-10 11:44 - 04592128 ____C () C:\Users\Alice Mota\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2016-01-14 23:41 - 2014-02-10 11:44 - 00112128 ____C () C:\Users\Alice Mota\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2016-02-23 17:36 - 2016-02-23 07:33 - 17546904 ____C () C:\Program Files\Google\Chrome\Application\50.0.2657.3\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:04 - 2016-02-24 19:00 - 00001110 ___AC C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2328873562-1806874857-566758227-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alice Mota\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 104.197.191.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\startupreg: Adobe ARM => "c:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{EA700852-FC75-449F-A129-5511CB434666}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{0861B400-6A54-4EB2-8F68-CE17CAFC8D05}C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9743235D-3574-45B0-AE5A-5ED2461F8FCA}C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{3FDC2F1B-F047-44F3-A8A2-20631B351131}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5896EB96-2AE7-4C78-951A-768E273AE17F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{07A8E693-DB9F-494F-AEA8-FBC549C9BA0A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{048B406D-59A9-4F8B-85CC-5204447AD8A9}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CC93169E-A0FB-49C5-A3C0-FEAC32C5294D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BD4214F6-384A-4F69-BB7E-709B5BA72998}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EB8499B8-ACE4-406F-9304-157ABF679D94}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DE297A2A-84CA-45D5-81EE-B2D776B70A4F}] => (Allow) C:\Program Files\SprgFiles\SprgFiles.exe
FirewallRules: [{97346896-675D-4064-94A7-46A851712F9F}] => (Allow) C:\Program Files\SprgFiles\SprgFiles.exe
FirewallRules: [{2CD0B02F-ED71-4F55-90DD-90EFC400A161}] => (Allow) C:\Program Files\SprgFiles\downloader.exe
FirewallRules: [{578B6430-137C-41AA-86D1-E5EA78347A34}] => (Allow) C:\Program Files\SprgFiles\downloader.exe
FirewallRules: [{322853F9-C52A-4205-A678-B806A6CA8F29}] => (Allow) C:\Program Files\Max Driver Updater\maxdu.exe

==================== Pontos de Restauração =========================

23-02-2016 21:56:47 Windows Update
24-02-2016 18:08:15 DLL-Files Fixer qua, fev 24, 16 18:08
24-02-2016 19:16:39 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: MpKsl0d640d57
Description: MpKsl0d640d57
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl0d640d57
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (02/25/2016 09:44:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2016 09:30:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2016 08:45:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/24/2016 09:29:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/24/2016 09:29:25 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2244) WindowsMail0: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente.

Error: (02/24/2016 08:54:12 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2440) WindowsMail0: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente.

Error: (02/24/2016 08:51:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Bubble Dock Uninstall.exe versão 3.0.705.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 11dc

Hora de Início: 01d16f5d3b53829e

Hora de Término: 63

Caminho do Aplicativo: C:\Users\ALICEM~1\AppData\Local\Temp\2422016204354\Bubble Dock Uninstall.exe

Id do Relatório: 5995b3db-db51-11e5-927c-90a4dea47742

Error: (02/24/2016 08:33:26 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (1704) WindowsMail0: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente.

Error: (02/24/2016 08:32:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/24/2016 06:08:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.


Operação:
Obtendo Dados do Gravador

Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {55b8e02e-eba3-4745-b701-cfbdb1eb5093}


Erros de Sistema:
=============
Error: (02/25/2016 09:45:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Winsere devido ao seguinte erro:
%%2

Error: (02/25/2016 09:45:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ggbugreport devido ao seguinte erro:
%%2

Error: (02/25/2016 09:43:33 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom

Error: (02/25/2016 09:43:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Replicate Exit devido ao seguinte erro:
%%2

Error: (02/25/2016 09:43:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Free Space Decimal Point devido ao seguinte erro:
%%2

Error: (02/25/2016 09:43:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Util Oasis Space devido ao seguinte erro:
%%2

Error: (02/25/2016 09:43:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Update Oasis Space devido ao seguinte erro:
%%2

Error: (02/25/2016 09:43:26 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: O serviço SNMP encontrou um erro ao acessar a chave do Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (02/25/2016 09:43:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Narration Command devido ao seguinte erro:
%%2

Error: (02/25/2016 09:43:10 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 09:40:12 às ‎25/‎02/‎2016 não era esperado.


==================== Informações da Memória ===========================

Processador: Intel(R) Atom(TM) CPU N455 @ 1.66GHz
Percentagem de memória em uso: 56%
RAM física total: 2037.3 MB
RAM física disponível: 878.33 MB
Virtual Total: 3061.3 MB
Virtual disponível: 1780.51 MB

==================== Drives ================================

Drive c: (Windows 7 OS) (Fixed) (Total:112 GB) (Free:74.15 GB) NTFS
Drive d: () (Fixed) (Total:165.99 GB) (Free:108.57 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 3F0D3FC8)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=166 GB) - (Type=OF Extended)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité