cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01
Executado por Intel (2016-03-27 12:16:03)
Executando a partir de C:\Users\Intel\Desktop
Windows 7 Home Premium (X64) (2016-02-12 12:10:35)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-455878060-1618394087-3157549068-500 - Administrator - Disabled)
Convidado (S-1-5-21-455878060-1618394087-3157549068-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-455878060-1618394087-3157549068-1003 - Limited - Enabled)
Intel (S-1-5-21-455878060-1618394087-3157549068-1000 - Administrator - Enabled) => C:\Users\Intel

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.37 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Harry Potter(TM) e o Prisioneiro de Azkaban (HKLM-x32\...\{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}) (Version: - )
HP Deskjet 1510 series Software básico do dispositivo (HKLM\...\{06FD25AF-70F0-4CA9-88EA-490799567F11}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{57A79409-9C79-4080-9FFA-09D4DAECC26B}) (Version: 12.2.8.17 - HP)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.6.101 - IObit)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.1 - Receita Federal do Brasil)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
MiPony 2.3.3 (HKLM-x32\...\MiPony) (Version: 2.3.3 - )
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 45.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 pt-BR)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.47.0.0 - Goversoft LLC)
qBittorrent 3.3.3 (HKLM-x32\...\qBittorrent) (Version: 3.3.3 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6299 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Warsaw 1.11.1.24 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.1.24 - GAS Tecnologia)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {00729D3C-65F3-4C98-944C-3CE04D0E88CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-02] (Google Inc.)
Task: {1144AD0E-7659-47DA-B5D4-C5D08EBE3ED2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {1515D38A-DE70-4AC1-B001-820915BC5760} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {193BD3CF-21A1-478C-871B-3AB507B67299} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {3F0B6791-5A8D-4BA0-AA8C-1EC8C9965E23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {75114E57-E61E-4922-B5E5-B6DFF4519445} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [2016-03-02] (Goversoft LLC)
Task: {7F9BC677-BB55-40BB-914B-B2F8D3AFC0C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {8E23CA10-2BE4-45BD-A176-E582D3C9EC0D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {92EDAC9D-CFD2-40D1-B37F-0111A51C0790} - System32\Tasks\Uninstaller_SkipUac_Intel => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-03-04] (IObit)
Task: {9AE5FB80-CC82-4254-AB25-D02D15FC6D80} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {9C2094F3-9C0E-4BE4-8C36-008E96CF2273} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-02] (Google Inc.)
Task: {A53FEFB8-6522-4156-B539-EE4EE21C0803} - System32\Tasks\HPCeeScheduleForIntel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {AD1BEB4B-7FD5-4C11-A5CA-593BB37B3ADC} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {DB6803E6-9E4F-4CA8-957A-C91FBEC49583} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {F779A390-D915-48AD-AC08-5903729D6B54} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIntel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Intel\Desktop\firefox.exe.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://hao.169x.cn/?v=108
ShortcutWithArgument: C:\Users\Intel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://hao.169x.cn/?v=108
ShortcutWithArgument: C:\Users\Intel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://hao.169x.cn/?v=108
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://hao.169x.cn/?v=108
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://hao.169x.cn/?v=108

==================== Módulos Carregados (Whitelisted) ==============

2016-03-12 23:59 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-03-12 23:59 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]
AlternateDataStreams: C:\Users\Intel\Desktop\aswMBR.exe:BDU [0]
AlternateDataStreams: C:\Users\Intel\Desktop\ComboFix.exe:BDU [0]
AlternateDataStreams: C:\Users\Intel\Desktop\MbrScan.exe:BDU [0]
AlternateDataStreams: C:\Users\Intel\Downloads\aswMBR (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Intel\Downloads\BootkitRemoval_x86.exe:BDU [0]
AlternateDataStreams: C:\Users\Intel\Downloads\herdProtectScan_Portable.exe:BDU [0]
AlternateDataStreams: C:\Users\Intel\Downloads\MPC-HC.1.7.10.x64 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Intel\Downloads\MPC-HC.1.7.10.x64.exe:BDU [0]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-455878060-1618394087-3157549068-1000\...\100sexlinks.com -> 100sexlinks.com

Existem ainda 4788 sites a mais.


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2016-03-24 19:44 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-455878060-1618394087-3157549068-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 201.46.240.49 - 201.46.240.41
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{B0FFED88-1C4D-4CA2-9BB6-7AC75E6625C3}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{32998549-761B-417D-A35B-E5BABE5E45CA}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{BAEBA468-2AC3-4CBE-A0A8-8DA221D173F5}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{3762563F-5A57-4D85-8C62-9F7521D6A9F9}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{1B153D4D-F9D4-4416-917E-24010BE91C5C}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{939E5D18-9171-411D-A687-F663D10940FD}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{496FE6E0-39F4-4359-AD2B-085A275D0AC7}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [{94D830CE-9E82-4345-BFE3-692597AD77A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{32DF7FB4-6F62-438A-BACC-765235573D47}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5D1C8B9B-E493-4D51-A14D-4B04E8E0B976}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

14-03-2016 08:51:58 Restore Point Created by FRST
18-03-2016 21:02:44 Restore Point Created by FRST
22-03-2016 18:23:56 ComboFix created restore point
24-03-2016 18:46:08 ComboFix created restore point

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (03/27/2016 12:07:29 PM) (Source: HP Active Health) (EventID: 2800) (User: )
Description: Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.
at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)
at System.Diagnostics.PerformanceCounterLib.get_NameTable()
at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()
at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)
at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)
at System.Diagnostics.PerformanceCounter.InitializeImpl()
at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)
at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)
at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()
at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()
at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (03/27/2016 11:24:53 AM) (Source: HP Active Health) (EventID: 2800) (User: )
Description: Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.
at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)
at System.Diagnostics.PerformanceCounterLib.get_NameTable()
at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()
at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)
at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)
at System.Diagnostics.PerformanceCounter.InitializeImpl()
at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)
at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)
at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()
at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()
at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (03/26/2016 12:03:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: Explorer.EXE, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc9bb
Nome do módulo de falhas: mswsock.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdfc4
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000001235
Identificação do processo com falha: 0xb64
Hora de início do aplicativo com falha: 0xExplorer.EXE0
Caminho do aplicativo com falha: Explorer.EXE1
FCaminho do módulo de falhas: Explorer.EXE2
Identificação do Relatório: Explorer.EXE3

Error: (03/26/2016 09:25:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: mbam.exe, versão: 1.0.1.922, carimbo de hora: 0x55010546
Nome do módulo de falhas: QtCore4.dll, versão: 4.8.5.0, carimbo de hora: 0x53f601c7
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000f4c6
Identificação do processo com falha: 0x794
Hora de início do aplicativo com falha: 0xmbam.exe0
Caminho do aplicativo com falha: mbam.exe1
FCaminho do módulo de falhas: mbam.exe2
Identificação do Relatório: mbam.exe3

Error: (03/26/2016 09:07:53 AM) (Source: HP Active Health) (EventID: 2800) (User: )
Description: Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.
at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)
at System.Diagnostics.PerformanceCounterLib.get_NameTable()
at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()
at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)
at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)
at System.Diagnostics.PerformanceCounter.InitializeImpl()
at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)
at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)
at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()
at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()
at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (03/26/2016 12:41:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.

Error: (03/26/2016 12:41:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (03/26/2016 12:41:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (03/25/2016 10:47:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.

Error: (03/25/2016 10:47:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.


Erros de Sistema:
=============
Error: (03/27/2016 12:02:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (03/27/2016 12:02:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (03/27/2016 12:02:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (03/27/2016 12:01:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (03/27/2016 12:01:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (03/27/2016 12:01:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
gbpddfac
gbpddreg

Error: (03/27/2016 11:59:18 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para DeleteFlag com o seguinte erro:
%%5

Error: (03/27/2016 11:59:10 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para FailureActions com o seguinte erro:
%%5

Error: (03/27/2016 11:15:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (03/27/2016 11:15:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2


CodeIntegrity:
===================================
Date: 2016-03-24 19:30:11.971
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-03-24 19:30:11.955
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-03-24 19:30:11.924
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-03-24 19:30:11.908
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-03-22 19:06:25.540
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-03-22 19:06:25.525
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-03-22 19:06:25.494
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-03-22 19:06:25.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-03-20 20:39:53.032
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-03-20 20:39:53.017
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Informações da Memória ===========================

Processador: Intel(R) Atom(TM) CPU D425 @ 1.80GHz
Percentagem de memória em uso: 37%
RAM física total: 2038.3 MB
RAM física disponível: 1271.63 MB
Virtual Total: 4076.61 MB
Virtual disponível: 2939.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:78.79 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 64F4FE95)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité