Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:05-03-2016 01
Executado por Cliente (2016-03-25 23:31:52)
Executando a partir de C:\Users\Cliente\Downloads
Microsoft Windows 7 Professional (X86) (2014-03-25 19:22:44)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2997136290-654796359-1393769141-500 - Administrator - Disabled)
Cliente (S-1-5-21-2997136290-654796359-1393769141-1000 - Administrator - Enabled) => C:\Users\Cliente
Convidado (S-1-5-21-2997136290-654796359-1393769141-501 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Baidu Antivirus (Enabled - Up to date) {10616E6C-0E20-8594-D377-A7D03F6128A6}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Advanced System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.13591 - Systweak Software) <==== ATENÇÃO
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Baidu Antivirus (HKLM\...\Baidu Antivirus) (Version: 4.4.4.71380 - Baidu, Inc.)
BoBrowser (HKU\S-1-5-21-2997136290-654796359-1393769141-1000\...\BoBrowser) (Version: 36.0.1985.142 - BoBrowser) <==== ATENÇÃO
Body Text Feathering (HKLM\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATENÇÃO
BubbleSound (HKLM\...\BubbleSound) (Version: 1.0 - BubbleSound) <==== ATENÇÃO
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATENÇÃO
CCE+SABER - v1.0 (HKLM\...\{D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1) (Version: - CCE+SABER)
Chromium (HKU\S-1-5-21-2997136290-654796359-1393769141-1000\...\Chromium) (Version: 46.0.2461.0 - Chromium)
comowin_otut_20160325 version 1.0 (HKLM\...\comowin_otut_20160325_is1) (Version: 1.0 - azec)
DNS Unlocker (HKLM\...\DNSUnlocker.ns) (Version: - ) <==== ATENÇÃO
Dropbox (HKU\S-1-5-21-2997136290-654796359-1393769141-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
GamesDesktop 020.002030047 (HKLM\...\gmsd_br_002030047_is1) (Version: - GAMESDESKTOP) <==== ATENÇÃO
Greener Web (HKLM\...\Greener Web) (Version: 2014.06.12.140946 - Greener Web) <==== ATENÇÃO
groover (HKLM\...\{0B4D9AF2-D703-4ECD-8E9C-95A355C944F5}) (Version: 2.0.0.477 - groover)
Hostify version 1.1 (HKLM\...\Hostify_is1) (Version: 1.1 - Wizzlabs)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
istartsurf uninstall (HKLM\...\istartsurf uninstall) (Version: - istartsurf) <==== ATENÇÃO
Java 7 Update 79 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java(TM) 6 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 20 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160200}) (Version: 1.6.0.200 - Sun Microsystems, Inc.)
JavaFX(TM) 1.3 SDK (HKLM\...\{5aa47dba-b584-4d47-a626-76e53f010300}) (Version: 1.3.0 - Sun Microsystems, Inc.)
K-Lite Codec Pack 4.8.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 4.8.0 - )
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.101 - LSI Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Music Chow (HKLM\...\{4EF29379-4068-42AC-AB24-745CED5FADFE}) (Version: 1.0.2 - Breakthru Limited)
NewExt (HKLM\...\{629529fb-edaf-4033-89cc-5ef7b43f021a}) (Version: 1.0 - NewExt)
RegClean-Pro (HKLM\...\RegClean-Pro_is1) (Version: 6.21 - sys tweak) <==== ATENÇÃO
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATENÇÃO
Satellite Comma (HKLM\...\SoftwareUpdater) (Version: 1.0.0.0 - Satellite Comma) <==== ATENÇÃO
seekmx (HKLM\...\seekmx) (Version: - Navigation)
Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
sunnyday version 1.1 (HKLM\...\sunnyday_is1) (Version: 1.1 - sunnyday)
The Desktop Weather 1.2 (HKLM\...\WeatherTool) (Version: 1.2.2.10256 - ShenZhen Enode Techology co,.Ltd) <==== ATENÇÃO
Tools Update Platform (HKLM\...\{6A128791-4857-4484-9BB2-71D4C1257200}) (Version: 1.1.0.15707 - Beijing Zhihuimen Techology co,.Ltd) <==== ATENÇÃO
VIVO INTERNET (HKLM\...\VIVO INTERNET) (Version: 16.002.10.02.149 - Huawei Technologies Co.,Ltd)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIN (HKLM\...\win_en_77_is1) (Version: - ) <==== ATENÇÃO
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Cliente\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{19041B6B-8F97-4669-BA21-C17572737ED2}\localserver32 -> "C:\Users\Cliente\AppData\Local\BoBrowser\Application\36.0.1985.142\delegate_execute.exe" => Nenhum (a entrada de dados tem 7 mais caracteres).
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Users\Cliente\AppData\Local\Chromium\Application\46.0.2461.0\delegate_execute.exe (The Chromium Authors) <==== ATENÇÃO
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cliente\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cliente\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cliente\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cliente\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0040EC63-AC79-4E58-8CD6-264761FFD1AA} - System32\Tasks\{3B7FD029-D932-411b-AF15-C96CF8EF0C18}{19F8DB95-4D78-4ddb-AC71-C610654FE37F} => C:\Program Files\WeatherTool\1.2.2.10256\InstallHelper.exe [2015-06-14] () <==== ATENÇÃO
Task: {06DBC2DF-B0DC-44F8-90B2-2C002DCF7A0B} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe [2015-07-02] () <==== ATENÇÃO
Task: {074EB462-5D10-4EEA-8C00-FE99A68E1CDF} - System32\Tasks\Berkorn => C:\PROGRA~1\SHOPPE~1\Fyfem.bat
Task: {2626313D-A75A-4733-ABEF-A2639FDEAAA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-21] (Adobe Systems Incorporated)
Task: {33C82073-F794-4861-ADD7-9F3CF887463E} - System32\Tasks\Baidu Antivirus Update => C:\Program Files\Baidu Security\Baidu Antivirus\BavUpdater.exe [2014-05-28] (Baidu, Inc.)
Task: {33D82BEA-B4B4-4365-8281-70378110D82E} - System32\Tasks\DNS Monitoring => C:\Windows\system32\regsvr32.exe [2009-07-13] (Microsoft Corporation)
Task: {357E800B-8E8E-4EB0-BDC6-37BC5D2849B6} - System32\Tasks\DNSWILLISTON => dnswilliston.exe <==== ATENÇÃO
Task: {5ED2C54D-825A-427D-8F3E-2D75DCB28515} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-03-23] ()
Task: {6039C079-DE06-4D71-B236-58F97C68DC4F} - System32\Tasks\PhraseProfessor Auto Updater 1.10.0.21 Core => C:\Program Files\PhraseProfessor_1.10.0.21\Update\PhraseProfessorAutoUpdateClient.exe <==== ATENÇÃO
Task: {610AB27A-4DF5-428E-B7CF-05DB12B96248} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-15] (Avast Software s.r.o.)
Task: {6D8097EA-0F20-4BB6-8F2E-E69A03594312} - System32\Tasks\UpdateTask => C:\Users\Cliente\AppData\Local\{02433~1\UNINST~1.EXE [2015-07-31] ()
Task: {7EB796BC-F560-4D8D-8309-94979D306F90} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe [2015-07-02] () <==== ATENÇÃO
Task: {8F766D31-879A-4EF2-8E25-40DF652A5099} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe [2015-07-02] () <==== ATENÇÃO
Task: {90756012-6108-4000-A500-E2475E2786F5} - System32\Tasks\svchost => C:\Users\Cliente\AppData\Local\Temp\JF1JJ7OFD\HYBEL4BNG.exe [2016-03-24] (TZ) <==== ATENÇÃO
Task: {95DC2A21-9088-4823-B440-B16DE075968D} - System32\Tasks\Advanced System Protector_startup
Task: {AB04777C-427F-4382-BD29-53901EB3D659} - System32\Tasks\Seqcu => C:\PROGRA~1\FIIOIF~1\Mudwheb.bat
Task: {AB93027D-ECD9-4C56-AC0A-BF1E211AC993} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js" <==== ATENÇÃO
Task: {C2509D0F-FFC0-4CD7-9A42-6A9F9E09ACB5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-07-31] (AVAST Software)
Task: {D0FFE6FD-2E86-43DA-8CD9-A59321F85AD0} - System32\Tasks\{0D080547-787E-0B04-0D11-78090E7A110F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ADsAIAAgADsAOwA7ADsAIAAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEAcgBuAGkAbgBnAFAAcgBlAGYAZQByAGUAbgBjAGUA (a entrada de dados tem 9396 mais caracteres).
Task: {D6520117-A84F-4474-8BDE-FC5F4DB8CAF1} - System32\Tasks\Caalei => C:\PROGRA~1\Damhhbyf\Seozbhmi.bat
Task: {DBA7D609-E42F-4C6D-A586-0A387AA27A66} - System32\Tasks\Niujrhbe => C:\Program Files\Dhuavesecoaddi\Noepzu.bat [2016-03-25] ()
Task: {DDEA00A5-7D00-4AE7-B4DF-C5CE371A8592} - System32\Tasks\PhraseProfessor Auto Updater 1.10.0.21 Pending Update => C:\Program Files\PhraseProfessor_1.10.0.21\Update\PhraseProfessorAutoUpdateClient.exe <==== ATENÇÃO
Task: {E2C68A4B-C9DD-4DBD-8F02-72A299504981} - System32\Tasks\Yahoo! Search Updater => Wscript.exe //B "C:\Users\Cliente\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\..\updt.js" <==== ATENÇÃO
Task: {EDC9BDEE-81F2-4DBE-86D2-3FB2318A903A} - System32\Tasks\{F500B50B-C55A-4268-A937-443681E85DA0} => pcalua.exe -a "C:\Program Files\Common Files\Zumtone\uninstall.exe" -c shuz -f "C:\Program Files\Common Files\Zumtone\uninstall.dat" -a uninstallme 7B32CEB8-6A74-4466-A13C-67E7D71D541A DeviceId=7b10ff92-7a6b-3ae2-fb4c-ae28311d007f BarcodeId=51107003 ChannelId=3 DistributerName=APSFClickMeIn
Task: {F6F755CA-1F1E-487B-9751-D332CD27492E} - System32\Tasks\ToolsUpdatePlatform_ScheduledTask => C:\Program Files\ToolsUpdatePlatform\UpdatePlatform.exe [2015-06-04] () <==== ATENÇÃO
Task: {FC8D9BBA-1CCD-4653-B67F-1B5570E5C2A0} - System32\Tasks\ttwifi => C:\Program Files\ttwifi\tiantianwifi.exe
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job => C:\Program Files\ToolsUpdatePlatform\UpdatePlatform.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\UpdateTask.job => C:\Users\Cliente\AppData\Local\{02433~1\UNINST~1.EXE
Task: C:\Windows\Tasks\{3B7FD029-D932-411b-AF15-C96CF8EF0C18}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job => C:\Program Files\WeatherTool\1.2.2.10256\InstallHelper.exei-RunCloudOPTClient C:\Program Files\WeatherTool\1.2.2.10256\CloudOPTClient\CloudOPTClient.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9a3d4bd15569db7\Google Chrome.lnk -> C:\Users\Cliente\AppData\Local\Temp\Rar$EXa0.642\Chrome-bin\chrome.exe (Google Inc.)
==================== Módulos Carregados (Whitelisted) ==============
2015-01-08 15:12 - 2015-01-08 15:12 - 02095104 _____ () C:\Program Files\BubbleSound\BubbleSound.dll
2014-06-12 15:26 - 2014-05-28 07:56 - 00208744 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll
2014-06-12 15:26 - 2014-05-28 07:54 - 00541032 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll
2016-03-24 23:30 - 2016-03-24 23:23 - 00952320 _____ () C:\ProgramData\CloudPrinter\CloudPrinter.exe
2016-01-31 19:01 - 2016-01-31 19:01 - 00254464 _____ () C:\Program Files\03000200-1453137062-0500-0006-000700080009\knss3390.tmp
2016-03-24 22:09 - 2016-03-24 22:09 - 00125784 _____ () C:\Users\Cliente\AppData\Roaming\DhicedOenovf\Oruuu.exe
2016-03-24 22:09 - 2016-03-24 23:54 - 00183640 _____ () C:\Users\Cliente\AppData\Roaming\DhicedOenovf\Guhar.din
2016-03-24 22:09 - 2016-03-24 22:09 - 00174424 _____ () C:\Users\Cliente\AppData\Roaming\Eoticu\Eoticu.exe
2016-03-24 09:13 - 2016-03-24 09:13 - 00174448 _____ () C:\Users\Cliente\AppData\Roaming\Lecleebn\Lecleebn.exe
2010-11-16 10:37 - 2010-11-16 10:37 - 00264704 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2016-03-24 23:46 - 2016-03-24 23:46 - 00294912 _____ () C:\Program Files\NewExt\nssm.exe
2014-11-14 14:29 - 2016-01-10 17:19 - 00128200 _____ () C:\ProgramData\398c0b96-ebd3-4f67-a5c7-1899a15c12be\maintainer.exe
2015-07-31 18:00 - 2015-07-08 22:26 - 00173088 _____ () C:\Users\Cliente\AppData\Roaming\NetService\netservice.exe
2016-01-18 14:13 - 2016-01-18 14:13 - 00225792 _____ () C:\Users\Cliente\AppData\Local\03000200-1453129980-0500-0006-000700080009\snskAEF6.tmp
2016-03-24 23:46 - 2016-03-24 23:53 - 07556203 _____ () C:\Program Files\NewExt\jsinjector.exe
2015-06-14 23:19 - 2015-06-14 23:19 - 00143848 _____ () C:\Program Files\WeatherTool\1.2.2.10256\WeatherService.exe
2015-06-14 23:19 - 2015-06-14 23:19 - 00543720 _____ () C:\Program Files\WeatherTool\1.2.2.10256\EVPTask.dll
2015-06-14 23:19 - 2015-06-14 23:19 - 00407016 _____ () C:\Program Files\WeatherTool\1.2.2.10256\EVPNet.dll
2015-06-14 23:19 - 2015-06-14 23:19 - 00429032 _____ () C:\Program Files\WeatherTool\1.2.2.10256\EVPDR.dll
2016-01-10 17:04 - 2015-12-16 06:21 - 04845408 _____ () C:\Users\Cliente\AppData\Roaming\WinNetSvc\WinNetSvc.exe
2016-01-10 17:04 - 2015-11-28 06:45 - 00083456 _____ () C:\Users\Cliente\AppData\Roaming\WinNetSvc\Interface.dll
2016-03-24 22:53 - 2016-03-15 03:40 - 04984448 _____ () C:\Users\Cliente\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
2016-03-24 22:53 - 2015-11-28 06:45 - 00083456 _____ () C:\Users\Cliente\AppData\Roaming\WMPNetworkAcSvc\Interface.dll
2016-01-18 14:11 - 2016-01-18 14:11 - 00416256 _____ () C:\Program Files\03000200-1453137062-0500-0006-000700080009\hnse5ADE.tmp
2016-01-18 14:11 - 2016-01-18 14:11 - 00307712 _____ () C:\Program Files\03000200-1453137062-0500-0006-000700080009\jnst2A79.tmp
2016-03-24 09:13 - 2016-03-24 09:13 - 00262000 _____ () C:\Users\Cliente\AppData\Roaming\Lecleebn\Cevjhe.dll
2016-03-24 22:09 - 2016-03-24 22:09 - 00261976 _____ () C:\Users\Cliente\AppData\Roaming\Eoticu\Lonrh.dll
2016-03-25 20:11 - 2016-03-25 20:11 - 00261992 _____ () C:\Users\Cliente\AppData\Roaming\Pejjatmej\Utyrkegzau.dll
2016-01-10 17:25 - 2015-07-02 13:14 - 08732952 _____ () C:\Program Files\RegClean Pro\RegCleanPro.exe
2015-06-04 05:52 - 2015-06-04 05:52 - 00576456 _____ () C:\Program Files\ToolsUpdatePlatform\UpdatePlatform.exe
2016-03-24 22:09 - 2016-03-24 22:09 - 00115544 _____ () C:\Users\Cliente\AppData\Roaming\Eoticu\Lonrh.exe
2016-03-24 09:13 - 2016-03-24 09:13 - 00115568 _____ () C:\Users\Cliente\AppData\Roaming\Lecleebn\Cevjhe.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00295272 _____ () C:\Program Files\Dhuavesecoaddi\Ponuec.DLL
2016-01-18 14:30 - 2016-01-18 10:37 - 03274928 _____ () C:\Users\Cliente\AppData\Local\gmsd_br_005010211\upgmsd_br_005010211.exe
2015-07-31 17:59 - 2015-07-31 18:32 - 03976848 _____ () C:\Program Files\gmsd_br_002030047\gmsd_br_002030047.exe
2016-01-11 16:52 - 2016-01-11 10:09 - 03973296 _____ () C:\Program Files\rec_br_164\rec_br_164.exe
2016-01-18 14:30 - 2016-01-18 10:37 - 03954352 _____ () C:\Program Files\gmsd_br_005010211\gmsd_br_005010211.exe
2016-03-24 22:28 - 2016-03-24 10:30 - 04054192 _____ () C:\Program Files\mbot_en_037050277\mbot_en_037050277.exe
2016-03-24 22:42 - 2016-03-22 13:53 - 03965616 _____ () C:\Program Files\rec_en_235\rec_en_235.exe
2016-03-25 21:50 - 2016-03-02 10:49 - 01888256 _____ () C:\ProgramData\Windows Update\tmp\msiql.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00250216 _____ () C:\Program Files\Dhuavesecoaddi\Ecedobu.DLL
2016-03-25 20:12 - 2016-03-25 23:11 - 00297472 _____ () C:\Program Files\Dhuavesecoaddi\Utaoubz.DLL
2016-03-25 20:12 - 2016-03-25 23:11 - 00610664 _____ () C:\Program Files\Dhuavesecoaddi\Gavonewf.DLL
2016-03-24 23:25 - 2016-03-23 14:49 - 02036736 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2016-03-24 21:58 - 2015-12-11 00:54 - 01583432 _____ () C:\Users\Cliente\AppData\Local\Temp\Rar$EXa0.642\Chrome-bin\47.0.2526.106\libglesv2.dll
2016-03-24 21:58 - 2015-12-11 00:54 - 00081224 _____ () C:\Users\Cliente\AppData\Local\Temp\Rar$EXa0.642\Chrome-bin\47.0.2526.106\libegl.dll
2016-03-24 23:54 - 2016-03-23 15:21 - 04055256 _____ () C:\Program Files\win_en_77\win_en_77.exe
2016-03-25 20:11 - 2016-03-25 20:11 - 00125800 _____ () C:\Users\Cliente\AppData\Roaming\SeexaiAvo\Acewpoen.exe
2016-03-25 20:11 - 2016-03-25 23:11 - 00183656 _____ () C:\Users\Cliente\AppData\Roaming\SeexaiAvo\Bacdagig.din
2016-03-25 20:11 - 2016-03-25 20:11 - 00174440 _____ () C:\Users\Cliente\AppData\Roaming\Pejjatmej\Pejjatmej.exe
2016-03-25 20:11 - 2016-03-25 20:11 - 00115560 _____ () C:\Users\Cliente\AppData\Roaming\Pejjatmej\Utyrkegzau.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00169832 _____ () C:\Program Files\Dhuavesecoaddi\Nusdoy.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00235880 _____ () C:\Program Files\Dhuavesecoaddi\Bueyrxud.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00411648 _____ () C:\Program Files\Dhuavesecoaddi\Iesumbo.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00428904 _____ () C:\Program Files\Dhuavesecoaddi\KalMatkys.exe
2016-03-01 09:39 - 2016-03-01 09:39 - 00513536 _____ () C:\Program Files\DNS Unlocker\DnsMonitoring.dll
2016-03-25 23:08 - 2016-03-01 09:45 - 00677888 _____ () C:\Program Files\DNS Unlocker\dnswilliston.exe
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2016-01-18 14:09 - 00000967 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2997136290-654796359-1393769141-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 82.163.143.177 - 82.163.142.179
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{91EEE2F8-A491-46C9-8804-65F0999B42F5}] => (Allow) C:\Users\Cliente\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A388962B-D7B5-47CB-8A69-C64C775E7AD2}] => (Allow) C:\Users\Cliente\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BCB72AFC-0CA0-4322-A7BC-5856F3913CBA}] => (Allow) C:\Program Files\Greener Web\bin\GreenerWeb.BRT.Helper.exe
FirewallRules: [{F6F7A6F8-9D4A-4A2E-BA08-7EA7A3DCBFB3}] => (Allow) C:\Program Files\Greener Web\bin\GreenerWeb.BRT.Helper.exe
FirewallRules: [{5AAF39E7-D693-41C0-A92B-E7A0E1F6EFCA}] => (Allow) C:\Program Files\Greener Web\bin\GreenerWeb.BRT.Helper.exe
FirewallRules: [{1A2B98EF-33B7-42EC-B540-4F26C9675A9B}] => (Allow) C:\Program Files\Greener Web\bin\GreenerWeb.BRT.Helper.exe
FirewallRules: [{48C49A57-E8F0-483A-9B30-45FD6BDE1046}] => (Allow) C:\Users\Cliente\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{BE2E4F08-B7FC-4D1E-9508-3BBDFFD117EC}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{8B9ECA7F-1C08-47E5-B286-0FDB9C527F7C}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{C0CD9B9A-A928-483E-9BC3-4443576BB7FF}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{CFF616BA-1648-416E-9789-F3C014A81C6E}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{C0E4C6E4-AE02-4907-96F0-C423D1351422}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{2CE932BA-0103-4AED-8291-35EAB478E02D}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{AB25F87C-70A0-4515-AAAE-053728E6FCDD}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{490302CE-A46F-4AB1-9078-7F07A5EE38ED}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{F71A6513-D87C-4F82-AE64-FAF1C534D694}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{72FCA96E-06F5-43D1-97A8-C53B5A7B64B1}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{881C6B7A-9B82-4AF7-8D90-F997223E2F68}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{936747EB-9F31-4892-8914-B124D6FD9610}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{648A05EB-E8C3-4596-AF70-8256766D8A99}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{58115CA5-3446-4489-84C1-A5A51C26BFEC}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
==================== Pontos de Restauração =========================
10-01-2016 17:29:59 Installed Java 7 Update 79
10-01-2016 18:53:52 Installed Java(TM) 6 Update 20
10-01-2016 18:55:01 Installed Java(TM) SE Development Kit 6 Update 20
10-01-2016 18:58:18 Installed JavaFX(TM) 1.3 SDK
11-01-2016 16:02:14 Backup do Windows
14-01-2016 13:36:52 Operação de restauração
14-01-2016 13:54:52 Instalador de Módulos do Windows
18-01-2016 14:14:37 Backup do Windows
27-01-2016 17:29:59 Backup do Windows
31-01-2016 12:40:51 Backup do Windows
24-03-2016 22:57:41 Removed Skype™ 6.2
25-03-2016 12:13:53 Operação de restauração
25-03-2016 20:50:07 Removido Claro 3G
25-03-2016 20:53:36 Removed Music Chow.
25-03-2016 22:48:43 Instalador de Módulos do Windows
25-03-2016 23:04:56 Removed Music Chow.
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: ppfd_vt_1_10_0_21
Description: ppfd_vt_1_10_0_21
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ppfd_vt_1_10_0_21
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:14 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:14 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:14 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:14 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Erros de Sistema:
=============
Error: (03/25/2016 10:54:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
aswSnx
ppfd_vt_1_10_0_21
Error: (03/25/2016 10:54:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Reimage Real Time Protector devido ao seguinte erro:
%%2
Error: (03/25/2016 10:54:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Fiswihao devido ao seguinte erro:
%%2
Error: (03/25/2016 10:54:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço avast! Antivirus depende do serviço aswMonFlt, mas não foi possível iniciá-lo devido ao seguinte erro:
%%193
Error: (03/25/2016 10:53:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço aswMonFlt devido ao seguinte erro:
%%193
Error: (03/25/2016 10:53:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 22:51:49 às 25/03/2016 não era esperado.
Error: (03/25/2016 10:52:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Central de Segurança foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 300000 milissegundos: Reiniciar o serviço.
Error: (03/25/2016 10:52:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Auxiliar NetBIOS TCP/IP foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 100 milissegundos: Reiniciar o serviço.
Error: (03/25/2016 10:52:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Log de Eventos do Windows foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.
Error: (03/25/2016 10:52:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Cliente DHCP foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 300000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-03-25 23:19:43.719
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-25 22:53:50.680
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 22:53:50.680
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 22:40:48.006
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 22:40:47.991
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 21:40:12.819
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 21:40:12.819
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 21:30:08.443
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 21:30:08.428
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 20:27:47.382
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Informações da Memória ===========================
Processador: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentagem de memória em uso: 91%
RAM física total: 2013.18 MB
RAM física disponível: 176.37 MB
Virtual Total: 4026.35 MB
Virtual disponível: 857.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:252.56 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F13842CC)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Cliente (2016-03-25 23:31:52)
Executando a partir de C:\Users\Cliente\Downloads
Microsoft Windows 7 Professional (X86) (2014-03-25 19:22:44)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2997136290-654796359-1393769141-500 - Administrator - Disabled)
Cliente (S-1-5-21-2997136290-654796359-1393769141-1000 - Administrator - Enabled) => C:\Users\Cliente
Convidado (S-1-5-21-2997136290-654796359-1393769141-501 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Baidu Antivirus (Enabled - Up to date) {10616E6C-0E20-8594-D377-A7D03F6128A6}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Advanced System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.13591 - Systweak Software) <==== ATENÇÃO
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Baidu Antivirus (HKLM\...\Baidu Antivirus) (Version: 4.4.4.71380 - Baidu, Inc.)
BoBrowser (HKU\S-1-5-21-2997136290-654796359-1393769141-1000\...\BoBrowser) (Version: 36.0.1985.142 - BoBrowser) <==== ATENÇÃO
Body Text Feathering (HKLM\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATENÇÃO
BubbleSound (HKLM\...\BubbleSound) (Version: 1.0 - BubbleSound) <==== ATENÇÃO
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATENÇÃO
CCE+SABER - v1.0 (HKLM\...\{D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1) (Version: - CCE+SABER)
Chromium (HKU\S-1-5-21-2997136290-654796359-1393769141-1000\...\Chromium) (Version: 46.0.2461.0 - Chromium)
comowin_otut_20160325 version 1.0 (HKLM\...\comowin_otut_20160325_is1) (Version: 1.0 - azec)
DNS Unlocker (HKLM\...\DNSUnlocker.ns) (Version: - ) <==== ATENÇÃO
Dropbox (HKU\S-1-5-21-2997136290-654796359-1393769141-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
GamesDesktop 020.002030047 (HKLM\...\gmsd_br_002030047_is1) (Version: - GAMESDESKTOP) <==== ATENÇÃO
Greener Web (HKLM\...\Greener Web) (Version: 2014.06.12.140946 - Greener Web) <==== ATENÇÃO
groover (HKLM\...\{0B4D9AF2-D703-4ECD-8E9C-95A355C944F5}) (Version: 2.0.0.477 - groover)
Hostify version 1.1 (HKLM\...\Hostify_is1) (Version: 1.1 - Wizzlabs)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
istartsurf uninstall (HKLM\...\istartsurf uninstall) (Version: - istartsurf) <==== ATENÇÃO
Java 7 Update 79 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java(TM) 6 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 20 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160200}) (Version: 1.6.0.200 - Sun Microsystems, Inc.)
JavaFX(TM) 1.3 SDK (HKLM\...\{5aa47dba-b584-4d47-a626-76e53f010300}) (Version: 1.3.0 - Sun Microsystems, Inc.)
K-Lite Codec Pack 4.8.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 4.8.0 - )
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.101 - LSI Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Music Chow (HKLM\...\{4EF29379-4068-42AC-AB24-745CED5FADFE}) (Version: 1.0.2 - Breakthru Limited)
NewExt (HKLM\...\{629529fb-edaf-4033-89cc-5ef7b43f021a}) (Version: 1.0 - NewExt)
RegClean-Pro (HKLM\...\RegClean-Pro_is1) (Version: 6.21 - sys tweak) <==== ATENÇÃO
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATENÇÃO
Satellite Comma (HKLM\...\SoftwareUpdater) (Version: 1.0.0.0 - Satellite Comma) <==== ATENÇÃO
seekmx (HKLM\...\seekmx) (Version: - Navigation)
Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
sunnyday version 1.1 (HKLM\...\sunnyday_is1) (Version: 1.1 - sunnyday)
The Desktop Weather 1.2 (HKLM\...\WeatherTool) (Version: 1.2.2.10256 - ShenZhen Enode Techology co,.Ltd) <==== ATENÇÃO
Tools Update Platform (HKLM\...\{6A128791-4857-4484-9BB2-71D4C1257200}) (Version: 1.1.0.15707 - Beijing Zhihuimen Techology co,.Ltd) <==== ATENÇÃO
VIVO INTERNET (HKLM\...\VIVO INTERNET) (Version: 16.002.10.02.149 - Huawei Technologies Co.,Ltd)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIN (HKLM\...\win_en_77_is1) (Version: - ) <==== ATENÇÃO
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Cliente\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{19041B6B-8F97-4669-BA21-C17572737ED2}\localserver32 -> "C:\Users\Cliente\AppData\Local\BoBrowser\Application\36.0.1985.142\delegate_execute.exe" => Nenhum (a entrada de dados tem 7 mais caracteres).
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Users\Cliente\AppData\Local\Chromium\Application\46.0.2461.0\delegate_execute.exe (The Chromium Authors) <==== ATENÇÃO
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cliente\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cliente\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cliente\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997136290-654796359-1393769141-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cliente\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0040EC63-AC79-4E58-8CD6-264761FFD1AA} - System32\Tasks\{3B7FD029-D932-411b-AF15-C96CF8EF0C18}{19F8DB95-4D78-4ddb-AC71-C610654FE37F} => C:\Program Files\WeatherTool\1.2.2.10256\InstallHelper.exe [2015-06-14] () <==== ATENÇÃO
Task: {06DBC2DF-B0DC-44F8-90B2-2C002DCF7A0B} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe [2015-07-02] () <==== ATENÇÃO
Task: {074EB462-5D10-4EEA-8C00-FE99A68E1CDF} - System32\Tasks\Berkorn => C:\PROGRA~1\SHOPPE~1\Fyfem.bat
Task: {2626313D-A75A-4733-ABEF-A2639FDEAAA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-21] (Adobe Systems Incorporated)
Task: {33C82073-F794-4861-ADD7-9F3CF887463E} - System32\Tasks\Baidu Antivirus Update => C:\Program Files\Baidu Security\Baidu Antivirus\BavUpdater.exe [2014-05-28] (Baidu, Inc.)
Task: {33D82BEA-B4B4-4365-8281-70378110D82E} - System32\Tasks\DNS Monitoring => C:\Windows\system32\regsvr32.exe [2009-07-13] (Microsoft Corporation)
Task: {357E800B-8E8E-4EB0-BDC6-37BC5D2849B6} - System32\Tasks\DNSWILLISTON => dnswilliston.exe <==== ATENÇÃO
Task: {5ED2C54D-825A-427D-8F3E-2D75DCB28515} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-03-23] ()
Task: {6039C079-DE06-4D71-B236-58F97C68DC4F} - System32\Tasks\PhraseProfessor Auto Updater 1.10.0.21 Core => C:\Program Files\PhraseProfessor_1.10.0.21\Update\PhraseProfessorAutoUpdateClient.exe <==== ATENÇÃO
Task: {610AB27A-4DF5-428E-B7CF-05DB12B96248} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-15] (Avast Software s.r.o.)
Task: {6D8097EA-0F20-4BB6-8F2E-E69A03594312} - System32\Tasks\UpdateTask => C:\Users\Cliente\AppData\Local\{02433~1\UNINST~1.EXE [2015-07-31] ()
Task: {7EB796BC-F560-4D8D-8309-94979D306F90} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe [2015-07-02] () <==== ATENÇÃO
Task: {8F766D31-879A-4EF2-8E25-40DF652A5099} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe [2015-07-02] () <==== ATENÇÃO
Task: {90756012-6108-4000-A500-E2475E2786F5} - System32\Tasks\svchost => C:\Users\Cliente\AppData\Local\Temp\JF1JJ7OFD\HYBEL4BNG.exe [2016-03-24] (TZ) <==== ATENÇÃO
Task: {95DC2A21-9088-4823-B440-B16DE075968D} - System32\Tasks\Advanced System Protector_startup
Task: {AB04777C-427F-4382-BD29-53901EB3D659} - System32\Tasks\Seqcu => C:\PROGRA~1\FIIOIF~1\Mudwheb.bat
Task: {AB93027D-ECD9-4C56-AC0A-BF1E211AC993} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js" <==== ATENÇÃO
Task: {C2509D0F-FFC0-4CD7-9A42-6A9F9E09ACB5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-07-31] (AVAST Software)
Task: {D0FFE6FD-2E86-43DA-8CD9-A59321F85AD0} - System32\Tasks\{0D080547-787E-0B04-0D11-78090E7A110F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ADsAIAAgADsAOwA7ADsAIAAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEAcgBuAGkAbgBnAFAAcgBlAGYAZQByAGUAbgBjAGUA (a entrada de dados tem 9396 mais caracteres).
Task: {D6520117-A84F-4474-8BDE-FC5F4DB8CAF1} - System32\Tasks\Caalei => C:\PROGRA~1\Damhhbyf\Seozbhmi.bat
Task: {DBA7D609-E42F-4C6D-A586-0A387AA27A66} - System32\Tasks\Niujrhbe => C:\Program Files\Dhuavesecoaddi\Noepzu.bat [2016-03-25] ()
Task: {DDEA00A5-7D00-4AE7-B4DF-C5CE371A8592} - System32\Tasks\PhraseProfessor Auto Updater 1.10.0.21 Pending Update => C:\Program Files\PhraseProfessor_1.10.0.21\Update\PhraseProfessorAutoUpdateClient.exe <==== ATENÇÃO
Task: {E2C68A4B-C9DD-4DBD-8F02-72A299504981} - System32\Tasks\Yahoo! Search Updater => Wscript.exe //B "C:\Users\Cliente\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\..\updt.js" <==== ATENÇÃO
Task: {EDC9BDEE-81F2-4DBE-86D2-3FB2318A903A} - System32\Tasks\{F500B50B-C55A-4268-A937-443681E85DA0} => pcalua.exe -a "C:\Program Files\Common Files\Zumtone\uninstall.exe" -c shuz -f "C:\Program Files\Common Files\Zumtone\uninstall.dat" -a uninstallme 7B32CEB8-6A74-4466-A13C-67E7D71D541A DeviceId=7b10ff92-7a6b-3ae2-fb4c-ae28311d007f BarcodeId=51107003 ChannelId=3 DistributerName=APSFClickMeIn
Task: {F6F755CA-1F1E-487B-9751-D332CD27492E} - System32\Tasks\ToolsUpdatePlatform_ScheduledTask => C:\Program Files\ToolsUpdatePlatform\UpdatePlatform.exe [2015-06-04] () <==== ATENÇÃO
Task: {FC8D9BBA-1CCD-4653-B67F-1B5570E5C2A0} - System32\Tasks\ttwifi => C:\Program Files\ttwifi\tiantianwifi.exe
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job => C:\Program Files\ToolsUpdatePlatform\UpdatePlatform.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\UpdateTask.job => C:\Users\Cliente\AppData\Local\{02433~1\UNINST~1.EXE
Task: C:\Windows\Tasks\{3B7FD029-D932-411b-AF15-C96CF8EF0C18}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job => C:\Program Files\WeatherTool\1.2.2.10256\InstallHelper.exei-RunCloudOPTClient C:\Program Files\WeatherTool\1.2.2.10256\CloudOPTClient\CloudOPTClient.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9a3d4bd15569db7\Google Chrome.lnk -> C:\Users\Cliente\AppData\Local\Temp\Rar$EXa0.642\Chrome-bin\chrome.exe (Google Inc.)
==================== Módulos Carregados (Whitelisted) ==============
2015-01-08 15:12 - 2015-01-08 15:12 - 02095104 _____ () C:\Program Files\BubbleSound\BubbleSound.dll
2014-06-12 15:26 - 2014-05-28 07:56 - 00208744 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll
2014-06-12 15:26 - 2014-05-28 07:54 - 00541032 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll
2016-03-24 23:30 - 2016-03-24 23:23 - 00952320 _____ () C:\ProgramData\CloudPrinter\CloudPrinter.exe
2016-01-31 19:01 - 2016-01-31 19:01 - 00254464 _____ () C:\Program Files\03000200-1453137062-0500-0006-000700080009\knss3390.tmp
2016-03-24 22:09 - 2016-03-24 22:09 - 00125784 _____ () C:\Users\Cliente\AppData\Roaming\DhicedOenovf\Oruuu.exe
2016-03-24 22:09 - 2016-03-24 23:54 - 00183640 _____ () C:\Users\Cliente\AppData\Roaming\DhicedOenovf\Guhar.din
2016-03-24 22:09 - 2016-03-24 22:09 - 00174424 _____ () C:\Users\Cliente\AppData\Roaming\Eoticu\Eoticu.exe
2016-03-24 09:13 - 2016-03-24 09:13 - 00174448 _____ () C:\Users\Cliente\AppData\Roaming\Lecleebn\Lecleebn.exe
2010-11-16 10:37 - 2010-11-16 10:37 - 00264704 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2016-03-24 23:46 - 2016-03-24 23:46 - 00294912 _____ () C:\Program Files\NewExt\nssm.exe
2014-11-14 14:29 - 2016-01-10 17:19 - 00128200 _____ () C:\ProgramData\398c0b96-ebd3-4f67-a5c7-1899a15c12be\maintainer.exe
2015-07-31 18:00 - 2015-07-08 22:26 - 00173088 _____ () C:\Users\Cliente\AppData\Roaming\NetService\netservice.exe
2016-01-18 14:13 - 2016-01-18 14:13 - 00225792 _____ () C:\Users\Cliente\AppData\Local\03000200-1453129980-0500-0006-000700080009\snskAEF6.tmp
2016-03-24 23:46 - 2016-03-24 23:53 - 07556203 _____ () C:\Program Files\NewExt\jsinjector.exe
2015-06-14 23:19 - 2015-06-14 23:19 - 00143848 _____ () C:\Program Files\WeatherTool\1.2.2.10256\WeatherService.exe
2015-06-14 23:19 - 2015-06-14 23:19 - 00543720 _____ () C:\Program Files\WeatherTool\1.2.2.10256\EVPTask.dll
2015-06-14 23:19 - 2015-06-14 23:19 - 00407016 _____ () C:\Program Files\WeatherTool\1.2.2.10256\EVPNet.dll
2015-06-14 23:19 - 2015-06-14 23:19 - 00429032 _____ () C:\Program Files\WeatherTool\1.2.2.10256\EVPDR.dll
2016-01-10 17:04 - 2015-12-16 06:21 - 04845408 _____ () C:\Users\Cliente\AppData\Roaming\WinNetSvc\WinNetSvc.exe
2016-01-10 17:04 - 2015-11-28 06:45 - 00083456 _____ () C:\Users\Cliente\AppData\Roaming\WinNetSvc\Interface.dll
2016-03-24 22:53 - 2016-03-15 03:40 - 04984448 _____ () C:\Users\Cliente\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
2016-03-24 22:53 - 2015-11-28 06:45 - 00083456 _____ () C:\Users\Cliente\AppData\Roaming\WMPNetworkAcSvc\Interface.dll
2016-01-18 14:11 - 2016-01-18 14:11 - 00416256 _____ () C:\Program Files\03000200-1453137062-0500-0006-000700080009\hnse5ADE.tmp
2016-01-18 14:11 - 2016-01-18 14:11 - 00307712 _____ () C:\Program Files\03000200-1453137062-0500-0006-000700080009\jnst2A79.tmp
2016-03-24 09:13 - 2016-03-24 09:13 - 00262000 _____ () C:\Users\Cliente\AppData\Roaming\Lecleebn\Cevjhe.dll
2016-03-24 22:09 - 2016-03-24 22:09 - 00261976 _____ () C:\Users\Cliente\AppData\Roaming\Eoticu\Lonrh.dll
2016-03-25 20:11 - 2016-03-25 20:11 - 00261992 _____ () C:\Users\Cliente\AppData\Roaming\Pejjatmej\Utyrkegzau.dll
2016-01-10 17:25 - 2015-07-02 13:14 - 08732952 _____ () C:\Program Files\RegClean Pro\RegCleanPro.exe
2015-06-04 05:52 - 2015-06-04 05:52 - 00576456 _____ () C:\Program Files\ToolsUpdatePlatform\UpdatePlatform.exe
2016-03-24 22:09 - 2016-03-24 22:09 - 00115544 _____ () C:\Users\Cliente\AppData\Roaming\Eoticu\Lonrh.exe
2016-03-24 09:13 - 2016-03-24 09:13 - 00115568 _____ () C:\Users\Cliente\AppData\Roaming\Lecleebn\Cevjhe.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00295272 _____ () C:\Program Files\Dhuavesecoaddi\Ponuec.DLL
2016-01-18 14:30 - 2016-01-18 10:37 - 03274928 _____ () C:\Users\Cliente\AppData\Local\gmsd_br_005010211\upgmsd_br_005010211.exe
2015-07-31 17:59 - 2015-07-31 18:32 - 03976848 _____ () C:\Program Files\gmsd_br_002030047\gmsd_br_002030047.exe
2016-01-11 16:52 - 2016-01-11 10:09 - 03973296 _____ () C:\Program Files\rec_br_164\rec_br_164.exe
2016-01-18 14:30 - 2016-01-18 10:37 - 03954352 _____ () C:\Program Files\gmsd_br_005010211\gmsd_br_005010211.exe
2016-03-24 22:28 - 2016-03-24 10:30 - 04054192 _____ () C:\Program Files\mbot_en_037050277\mbot_en_037050277.exe
2016-03-24 22:42 - 2016-03-22 13:53 - 03965616 _____ () C:\Program Files\rec_en_235\rec_en_235.exe
2016-03-25 21:50 - 2016-03-02 10:49 - 01888256 _____ () C:\ProgramData\Windows Update\tmp\msiql.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00250216 _____ () C:\Program Files\Dhuavesecoaddi\Ecedobu.DLL
2016-03-25 20:12 - 2016-03-25 23:11 - 00297472 _____ () C:\Program Files\Dhuavesecoaddi\Utaoubz.DLL
2016-03-25 20:12 - 2016-03-25 23:11 - 00610664 _____ () C:\Program Files\Dhuavesecoaddi\Gavonewf.DLL
2016-03-24 23:25 - 2016-03-23 14:49 - 02036736 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2016-03-24 21:58 - 2015-12-11 00:54 - 01583432 _____ () C:\Users\Cliente\AppData\Local\Temp\Rar$EXa0.642\Chrome-bin\47.0.2526.106\libglesv2.dll
2016-03-24 21:58 - 2015-12-11 00:54 - 00081224 _____ () C:\Users\Cliente\AppData\Local\Temp\Rar$EXa0.642\Chrome-bin\47.0.2526.106\libegl.dll
2016-03-24 23:54 - 2016-03-23 15:21 - 04055256 _____ () C:\Program Files\win_en_77\win_en_77.exe
2016-03-25 20:11 - 2016-03-25 20:11 - 00125800 _____ () C:\Users\Cliente\AppData\Roaming\SeexaiAvo\Acewpoen.exe
2016-03-25 20:11 - 2016-03-25 23:11 - 00183656 _____ () C:\Users\Cliente\AppData\Roaming\SeexaiAvo\Bacdagig.din
2016-03-25 20:11 - 2016-03-25 20:11 - 00174440 _____ () C:\Users\Cliente\AppData\Roaming\Pejjatmej\Pejjatmej.exe
2016-03-25 20:11 - 2016-03-25 20:11 - 00115560 _____ () C:\Users\Cliente\AppData\Roaming\Pejjatmej\Utyrkegzau.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00169832 _____ () C:\Program Files\Dhuavesecoaddi\Nusdoy.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00235880 _____ () C:\Program Files\Dhuavesecoaddi\Bueyrxud.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00411648 _____ () C:\Program Files\Dhuavesecoaddi\Iesumbo.exe
2016-03-25 20:12 - 2016-03-25 23:11 - 00428904 _____ () C:\Program Files\Dhuavesecoaddi\KalMatkys.exe
2016-03-01 09:39 - 2016-03-01 09:39 - 00513536 _____ () C:\Program Files\DNS Unlocker\DnsMonitoring.dll
2016-03-25 23:08 - 2016-03-01 09:45 - 00677888 _____ () C:\Program Files\DNS Unlocker\dnswilliston.exe
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2016-01-18 14:09 - 00000967 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2997136290-654796359-1393769141-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 82.163.143.177 - 82.163.142.179
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{91EEE2F8-A491-46C9-8804-65F0999B42F5}] => (Allow) C:\Users\Cliente\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A388962B-D7B5-47CB-8A69-C64C775E7AD2}] => (Allow) C:\Users\Cliente\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BCB72AFC-0CA0-4322-A7BC-5856F3913CBA}] => (Allow) C:\Program Files\Greener Web\bin\GreenerWeb.BRT.Helper.exe
FirewallRules: [{F6F7A6F8-9D4A-4A2E-BA08-7EA7A3DCBFB3}] => (Allow) C:\Program Files\Greener Web\bin\GreenerWeb.BRT.Helper.exe
FirewallRules: [{5AAF39E7-D693-41C0-A92B-E7A0E1F6EFCA}] => (Allow) C:\Program Files\Greener Web\bin\GreenerWeb.BRT.Helper.exe
FirewallRules: [{1A2B98EF-33B7-42EC-B540-4F26C9675A9B}] => (Allow) C:\Program Files\Greener Web\bin\GreenerWeb.BRT.Helper.exe
FirewallRules: [{48C49A57-E8F0-483A-9B30-45FD6BDE1046}] => (Allow) C:\Users\Cliente\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{BE2E4F08-B7FC-4D1E-9508-3BBDFFD117EC}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{8B9ECA7F-1C08-47E5-B286-0FDB9C527F7C}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{C0CD9B9A-A928-483E-9BC3-4443576BB7FF}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{CFF616BA-1648-416E-9789-F3C014A81C6E}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{C0E4C6E4-AE02-4907-96F0-C423D1351422}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{2CE932BA-0103-4AED-8291-35EAB478E02D}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{AB25F87C-70A0-4515-AAAE-053728E6FCDD}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{490302CE-A46F-4AB1-9078-7F07A5EE38ED}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{F71A6513-D87C-4F82-AE64-FAF1C534D694}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{72FCA96E-06F5-43D1-97A8-C53B5A7B64B1}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{881C6B7A-9B82-4AF7-8D90-F997223E2F68}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{936747EB-9F31-4892-8914-B124D6FD9610}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{648A05EB-E8C3-4596-AF70-8256766D8A99}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{58115CA5-3446-4489-84C1-A5A51C26BFEC}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
==================== Pontos de Restauração =========================
10-01-2016 17:29:59 Installed Java 7 Update 79
10-01-2016 18:53:52 Installed Java(TM) 6 Update 20
10-01-2016 18:55:01 Installed Java(TM) SE Development Kit 6 Update 20
10-01-2016 18:58:18 Installed JavaFX(TM) 1.3 SDK
11-01-2016 16:02:14 Backup do Windows
14-01-2016 13:36:52 Operação de restauração
14-01-2016 13:54:52 Instalador de Módulos do Windows
18-01-2016 14:14:37 Backup do Windows
27-01-2016 17:29:59 Backup do Windows
31-01-2016 12:40:51 Backup do Windows
24-03-2016 22:57:41 Removed Skype™ 6.2
25-03-2016 12:13:53 Operação de restauração
25-03-2016 20:50:07 Removido Claro 3G
25-03-2016 20:53:36 Removed Music Chow.
25-03-2016 22:48:43 Instalador de Módulos do Windows
25-03-2016 23:04:56 Removed Music Chow.
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: ppfd_vt_1_10_0_21
Description: ppfd_vt_1_10_0_21
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ppfd_vt_1_10_0_21
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:20 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:14 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:14 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:14 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (03/25/2016 10:58:14 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Erros de Sistema:
=============
Error: (03/25/2016 10:54:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
aswSnx
ppfd_vt_1_10_0_21
Error: (03/25/2016 10:54:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Reimage Real Time Protector devido ao seguinte erro:
%%2
Error: (03/25/2016 10:54:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Fiswihao devido ao seguinte erro:
%%2
Error: (03/25/2016 10:54:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço avast! Antivirus depende do serviço aswMonFlt, mas não foi possível iniciá-lo devido ao seguinte erro:
%%193
Error: (03/25/2016 10:53:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço aswMonFlt devido ao seguinte erro:
%%193
Error: (03/25/2016 10:53:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 22:51:49 às 25/03/2016 não era esperado.
Error: (03/25/2016 10:52:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Central de Segurança foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 300000 milissegundos: Reiniciar o serviço.
Error: (03/25/2016 10:52:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Auxiliar NetBIOS TCP/IP foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 100 milissegundos: Reiniciar o serviço.
Error: (03/25/2016 10:52:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Log de Eventos do Windows foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.
Error: (03/25/2016 10:52:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Cliente DHCP foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 300000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-03-25 23:19:43.719
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-25 22:53:50.680
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 22:53:50.680
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 22:40:48.006
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 22:40:47.991
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 21:40:12.819
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 21:40:12.819
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 21:30:08.443
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 21:30:08.428
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-25 20:27:47.382
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswsnx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Informações da Memória ===========================
Processador: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentagem de memória em uso: 91%
RAM física total: 2013.18 MB
RAM física disponível: 176.37 MB
Virtual Total: 4026.35 MB
Virtual disponível: 857.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:252.56 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F13842CC)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================