cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:24-02-2016
Executado por CCE (2016-02-25 13:49:24)
Executando a partir de C:\Users\CCE\Desktop
Windows 10 Pro Versão 1511 (X64) (2016-01-12 05:02:09)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1064973888-287232329-1114148859-500 - Administrator - Disabled)
CCE (S-1-5-21-1064973888-287232329-1114148859-1000 - Administrator - Enabled) => C:\Users\CCE
Convidado (S-1-5-21-1064973888-287232329-1114148859-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1064973888-287232329-1114148859-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1064973888-287232329-1114148859-1002 - Limited - Enabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
Desinstalar impressora EPSON TX300F Series (HKLM\...\EPSON TX300F Series) (Version: - SEIKO EPSON Corporation)
Dot4 (HKLM\...\{3EEDA265-C6F3-4EC1-A317-1C9315DEDDDE}) (Version: 1.0.0.0 - HP)
DVD Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Maelstrom (HKU\S-1-5-21-1064973888-287232329-1114148859-1000\...\Maelstrom) (Version: 44.0.1.3 - Maelstrom)
Microsoft .NET Framework 4.5.2 Hotfix Rollup (KB3035805) (HKLM\...\{EBDC09D6-C831-3CF9-80D6-8870C304FF88}) (Version: 4.5.52290 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{45B3A3BD-F90D-48FE-A147-D74878A51046}) (Version: 7.03.0920 - Nero AG)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation)
PowerProducer (HKLM-x32\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7285 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SpO2 Assistant V1.5 (HKLM-x32\...\SpO2_is1) (Version: - )
Windows Driver Package - Silicon Laboratories (silabenm) Ports (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1064973888-287232329-1114148859-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\CCE\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {09BD82E1-0E27-41EB-A498-784B9D66464B} - System32\Tasks\PhraseProfessor Auto Updater 1.10.0.24 Pending Update => C:\Program Files (x86)\PhraseProfessor_1.10.0.24\Update\PhraseProfessorAutoUpdateClient.exe <==== ATENÇÃO
Task: {0F64DBC2-D118-490C-B306-9F86BD97388A} - System32\Tasks\{61D9C599-793B-449B-BD86-88D47447976C} => pcalua.exe -a C:\ProgramData\HealthAlert\uninstall.exe -c /kb=y /ic=1
Task: {1BFFA628-29B8-465B-B071-CCADFCB6C002} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {23E62872-A3F8-43FF-B8F4-01AD2053613C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {29B4078E-4A48-4989-8EE1-0F05F60FFF90} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-02-09] ()
Task: {36F02489-6A27-4FAB-AC21-13A256576091} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {396C2D82-AEF6-4261-9037-E01B766E7507} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {3FE1A2DF-668C-4014-BC80-59070D216880} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {52BF9605-22C1-4C5B-B131-719D61236A13} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {55314F57-F008-4CB1-8208-F0317B4F3040} - System32\Tasks\Pritc => C:\Users\CCE\AppData\Local\Temp\00004326\casrss.exe <==== ATENÇÃO
Task: {5579FB39-D292-4778-B3B7-7BC158DADF12} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {567374CB-104C-47CD-B4CF-A7B4DF3F1DE6} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {599785CA-9090-416D-A02F-25D8F7F6107A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {63CA7ED6-09D5-4CC5-9B27-A790B5068FF1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {66083E9C-CAEA-4B75-A3FE-52595F0DE902} - System32\Tasks\{E53F9628-604B-4835-8A4B-943CE987B6C6} => pcalua.exe -a "C:\Program Files (x86)\UPCleaner\0.9.30.12075\UGunInstall.exe" -c -unurl=hxxp://www.upcleaner.net
Task: {69B512A2-9628-4458-8E47-9164CE7D948D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6CCD12CF-EC3A-4040-9E14-4BA1A73E4C55} - System32\Tasks\PhraseProfessor Auto Updater 1.10.0.24 Core => C:\Program Files (x86)\PhraseProfessor_1.10.0.24\Update\PhraseProfessorAutoUpdateClient.exe <==== ATENÇÃO
Task: {71C57841-CC88-441F-B833-86AE1A1414EA} - System32\Tasks\{82CFDC10-586B-40A9-BE00-3BF3B0249911} => pcalua.exe -a "c:\program files (x86)\cmcm\Clean Master\uni0nst.exe"
Task: {727F1762-4B90-4DA5-AC52-15550BA564E2} - System32\Tasks\{DEF24CB0-F94A-4915-8E0F-1DB73E3CE976} => pcalua.exe -a "C:\Users\CCE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AWMRNGE1\TX300F_X64_6.62APS_C1.exe" -d C:\Users\CCE\Desktop
Task: {762969B7-A5BC-437D-9150-F11C1D93F937} - \Inst_Rep -> Nenhum Arquivo <==== ATENÇÃO
Task: {7E1A0DE2-AB44-4837-941C-DF1726669D1A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {7E77BCD6-9E92-4666-9174-161F9D4FB0CC} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe
Task: {911B6C53-ED9E-4576-B7CE-F5A5D2B73337} - \MPC AdCleaner -> Nenhum Arquivo <==== ATENÇÃO
Task: {A7164423-6DD3-440E-8610-AFAAF2A904DB} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {ADED95BF-1EFE-4E4D-B1B9-0A4B4AB47AAF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {B48B7DAC-7782-4807-897C-A2BFE3D55DA4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {B80050B5-1EAD-4A3F-8168-22AAFFEB3941} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {C6B5DC1B-585E-4324-B9DD-C39E00D8B31E} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe [2016-02-02] ()
Task: {C847566D-EF25-47AB-AEA4-DB007E4D0608} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E9F667DA-161B-4707-AF03-046093EE5F58} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {F178A010-EEA7-4C79-9CA0-7DD17B231EB2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {F1B3B40E-5959-418B-BD33-3EB02E49C686} - System32\Tasks\PFExe => C:\Users\CCE\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO
Task: {F64AC8A9-0960-41F8-AEF5-D9F0AAC96D97} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-12] (Microsoft Corporation)
Task: {FED71228-1BD2-43FD-8FEF-B07F40A8BACB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\Chrome.exe (Google Inc.) -> %SNP%

==================== Módulos Carregados (Whitelisted) ==============

2015-07-07 16:19 - 2007-05-13 23:54 - 00272024 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2016-02-14 17:58 - 2016-02-14 17:58 - 00142688 _____ () C:\Users\CCE\AppData\Roaming\QoiklLoo\Enyigro.exe
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-13 14:11 - 2015-11-22 07:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-13 14:11 - 2015-11-22 07:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-01-13 14:08 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-01-13 14:08 - 2015-12-07 01:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 14:12 - 2016-01-04 22:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 14:09 - 2016-01-04 22:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 20:33 - 2016-01-16 02:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 20:49 - 2016-01-16 02:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-15 00:03 - 2016-02-09 11:30 - 02036224 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2016-01-22 01:41 - 2016-01-22 01:42 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-05 09:24 - 2016-02-05 09:24 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-02-05 09:24 - 2016-02-05 09:24 - 14869504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-20 22:38 - 2015-11-20 22:39 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-02-14 17:58 - 2016-02-14 20:38 - 00173408 _____ () C:\Users\CCE\AppData\Roaming\QoiklLoo\Rurju.din
2016-01-22 01:41 - 2016-01-22 01:42 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 01:41 - 2016-01-22 01:43 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2016-02-19 10:06 - 00002024 ____N C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Existem ainda 4 mais linhas.


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1064973888-287232329-1114148859-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\CCE\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\circuito.jpg
DNS Servers: 192.168.25.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{51883C03-E713-48E7-8417-7C2498BB9EA3}C:\program files (x86)\emule\emuletorrent.exe] => (Allow) C:\program files (x86)\emule\emuletorrent.exe
FirewallRules: [TCP Query User{A5EDB44F-956B-4DCD-A843-85B411D6C25A}C:\program files (x86)\emule\emuletorrent.exe] => (Allow) C:\program files (x86)\emule\emuletorrent.exe
FirewallRules: [{1240C198-6A59-430B-9EFC-89A2D54B2D5B}] => (Allow) C:\Users\CCE\AppData\Local\Maelstrom\Application\chrome.native.torrent.exe
FirewallRules: [{5B0C0897-8B1D-425F-BA2A-31876C3180AD}] => (Allow) C:\Users\CCE\AppData\Local\Maelstrom\Application\chrome.native.torrent.exe
FirewallRules: [{DF60A085-703A-44BC-89C9-13506CF969B5}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{182351B0-540A-4854-A9D5-5C7DE55B2CA8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.EXE
FirewallRules: [{44F2BBEB-356A-4C9B-B49F-1B7076B59CD8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{41132015-C9C8-4A3F-85F3-24D014A8DB47}] => (Allow) C:\Users\CCE\AppData\Roaming\IQIYI Video\GeePlayer\GpUpdate.exe
FirewallRules: [{8735E096-76EE-4086-9D99-D6B2157B277B}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe
FirewallRules: [{5B9E1658-6B62-429A-B890-893004F27240}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

14-02-2016 12:01:36 Ponto de Verificação Agendado
19-02-2016 12:49:31 Chrome Cleanup Tool
21-02-2016 07:12:57 Uniblue DriverScanner installation
24-02-2016 18:02:46 Removed Corel Graphics - Windows Shell Extension.
24-02-2016 18:04:34 Removed Corel Graphics - Windows Shell Extension 32 Bit.
24-02-2016 18:40:14 JRT Pre-Junkware Removal

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (02/25/2016 12:34:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Pcb.exe, versão: 1.0.0.6677, carimbo de data/hora: 0x44a05adf
Nome do módulo com falha: Pcb.exe, versão: 1.0.0.6677, carimbo de data/hora: 0x44a05adf
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00102231
ID do processo com falha: 0x5a4
Hora de início do aplicativo com falha: 0xPcb.exe0
Caminho do aplicativo com falha: Pcb.exe1
Caminho do módulo com falha: Pcb.exe2
ID do Relatório: Pcb.exe3
Nome completo do pacote com falha: Pcb.exe4
ID do aplicativo relativo ao pacote com falha: Pcb.exe5

Error: (02/24/2016 06:40:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.

System Error:
Acesso negado.
.

Error: (02/24/2016 06:40:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Baidu Protect.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (02/24/2016 06:40:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary (Bnmon).

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (02/24/2016 06:40:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Baidu NetDefense.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (02/24/2016 06:40:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Bnbase.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (02/24/2016 06:40:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Baidu FS Monitor Driver.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (02/24/2016 06:40:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Baidu Antivirus Minifilter Driver.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (02/24/2016 06:40:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary BdCameraProtect.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (02/24/2016 06:40:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary BdApiUtil.

System Error:
O sistema não pode encontrar o arquivo especificado.
.


Erros de Sistema:
=============
Error: (02/25/2016 01:36:06 PM) (Source: DCOM) (EventID: 10016) (User: CCE-PC)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}CCE-PCCCES-1-5-21-1064973888-287232329-1114148859-1000LocalHost (Usando LRPC)Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (02/25/2016 09:14:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_219cedc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (02/25/2016 09:14:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_219cedc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (02/25/2016 09:14:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_219cedc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (02/25/2016 09:14:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_219cedc foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (02/25/2016 09:14:02 AM) (Source: DCOM) (EventID: 10016) (User: CCE-PC)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}CCE-PCCCES-1-5-21-1064973888-287232329-1114148859-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/25/2016 09:14:01 AM) (Source: DCOM) (EventID: 10016) (User: CCE-PC)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}CCE-PCCCES-1-5-21-1064973888-287232329-1114148859-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/25/2016 09:14:01 AM) (Source: DCOM) (EventID: 10016) (User: CCE-PC)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}CCE-PCCCES-1-5-21-1064973888-287232329-1114148859-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/25/2016 09:14:01 AM) (Source: DCOM) (EventID: 10016) (User: CCE-PC)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}CCE-PCCCES-1-5-21-1064973888-287232329-1114148859-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/25/2016 09:14:01 AM) (Source: DCOM) (EventID: 10016) (User: CCE-PC)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}CCE-PCCCES-1-5-21-1064973888-287232329-1114148859-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


CodeIntegrity:
===================================
Date: 2016-02-24 17:44:21.181
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-02-24 17:29:49.873
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-02-24 17:29:49.858
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-02-24 17:23:47.474
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-02-24 17:01:07.660
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-02-24 16:49:05.494
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-02-24 16:34:05.585
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-02-24 16:16:12.096
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-02-24 16:09:08.909
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-02-24 16:05:33.502
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentagem de memória em uso: 36%
RAM física total: 4009.99 MB
RAM física disponível: 2544.28 MB
Virtual Total: 8105.99 MB
Virtual disponível: 6618.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.51 GB) (Free:74.86 GB) NTFS
Drive e: () (Removable) (Total:7.6 GB) (Free:7.6 GB) FAT32

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.3 GB) (Disk ID: 41726A2C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.6 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.6 GB) - (Type=0C)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité