Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016
Executado por NEWUSU (2016-03-05 10:49:34)
Executando a partir de C:\Users\NEWUSU\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-08-16 18:56:06)
Modo da Inicialização: Safe Mode (with Networking)
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-4220064015-3225715080-1381729876-500 - Administrator - Disabled)
Convidado (S-1-5-21-4220064015-3225715080-1381729876-501 - Limited - Enabled) => C:\Users\Convidado.SERVIDOR
NEWUSU (S-1-5-21-4220064015-3225715080-1381729876-1001 - Administrator - Enabled) => C:\Users\NEWUSU
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
µTorrent (HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
BB Token Admin Tool (HKLM-x32\...\{95A34656-CD4A-45A0-BAB8-AB950EFCBEBF}) (Version: 1.1.1 - Watchdata Technologies Pte., Ltd.)
CALL - Vs5 (HKLM-x32\...\CALL_VS5) (Version: 5 - CCAA)
CALL Vs.5 (x32 Version: 5 - CCAA) Hidden
Camtasia Studio 8 (HKLM-x32\...\{904AC0F0-F69E-467E-A719-B083940F608A}) (Version: 8.5.2.1999 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Cobian Backup 10 (HKLM-x32\...\CobBackup10) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Firebird 2.5.1.26351 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.1.26351 - Firebird Project)
FormatFactory 3.7.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.5.0 - Free Time)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
hppLaserJetService (x32 Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (x32 Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (x32 Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
LiveUpdate 3.2 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.2.0.68 - Symantec Corporation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
Norton Ghost (HKLM-x32\...\{B0255743-165B-4BD5-8DA8-37DFB9930015}) (Version: 15.0.0.35659 - Symantec Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{503D2C42-D698-43BC-97FE-3610F4E8CDDC}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 34.0.2036.36 (HKLM-x32\...\Opera 34.0.2036.36) (Version: 34.0.2036.36 - Opera Software)
PostgreSQL 9.4 (HKLM\...\PostgreSQL 9.4) (Version: 9.4 - PostgreSQL Global Development Group)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{6BF729A5-756B-4AA5-8721-E3B3972FEB96}) (Version: 1.00.0198 - REALTEK Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
Warsaw 1.11.0.42826 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.42826 - GAS Tecnologia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {15E150B3-C332-4243-B762-BAB14D26BFB5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {3A2ABBE0-DFA1-43C7-BE46-A6B808A15090} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-28] (Google Inc.)
Task: {4AEF115C-F925-45B3-9AF5-A7070B0669A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-08] (AVAST Software)
Task: {4E99460F-4068-434B-8441-77CE3A843D9A} - System32\Tasks\{D177F85E-92BF-4032-9D06-25950E7DBECA} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E13AD42C-9660-4975-982B-F573DF9BE9FB}\setup.exe" -c -runfromtemp -l0x0416 -removeonly
Task: {61207551-F8D7-44B0-B69B-4AEC3CDAECBA} - System32\Tasks\Opera scheduled Autoupdate 1452009237 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-14] (Opera Software)
Task: {8076EAD0-621C-41AF-940A-B838D96DE3D5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {83C6205E-ECA8-4E86-93E9-EF19E0C30AC6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {8E16FF4D-7F30-422E-9745-8DCFD674396A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {92D54C99-1872-46BD-8785-4073F446044A} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {9666D65E-98A6-4BDE-8180-F69856E00CF8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {A038321A-F518-493A-ABE1-1CDBEF99B7BD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C4B3538C-A1D1-4CA9-BA7B-031BD572705B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-28] (Google Inc.)
Task: {C9F1F270-1A4E-4B2A-8720-1192A6B3DFDE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\.DEFAULT\...\bb.com.br -> hxxps://seg.bb.com.br
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Existem ainda 7871 sites a mais.
IE trusted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\123simsen.com -> www.123simsen.com
Existem ainda 7871 sites a mais.
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-02-04 08:53 - 2016-02-18 16:33 - 00450165 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Existem ainda 15470 mais linhas.
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\startupfolder: C:^Users^servidor^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TeamViewer 9.lnk => C:\Windows\pss\TeamViewer 9.lnk.Startup
MSCONFIG\startupreg: Cobian Backup 10 => "C:\Arquivos de programas\Cobian Backup 10\Cobian.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\NEWUSU\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{8828089B-CD53-457E-AA89-BA9EEF8495B8}C:\logtec\ltagentserver\ltagentserver.exe] => (Allow) C:\logtec\ltagentserver\ltagentserver.exe
FirewallRules: [UDP Query User{EDC1FFAE-B14A-4368-961D-002701F2C002}C:\logtec\ltagentserver\ltagentserver.exe] => (Allow) C:\logtec\ltagentserver\ltagentserver.exe
FirewallRules: [TCP Query User{8EE80626-85F6-4980-87E2-23F9C9CE2534}C:\logtec\ltconcserver\ltconcserver.exe] => (Allow) C:\logtec\ltconcserver\ltconcserver.exe
FirewallRules: [UDP Query User{FA55BC9C-E1E1-4367-831B-7A26216B4716}C:\logtec\ltconcserver\ltconcserver.exe] => (Allow) C:\logtec\ltconcserver\ltconcserver.exe
FirewallRules: [{95E846EB-BE2D-4DEB-81EC-2EE45DD24FB1}] => (Allow) C:\Users\servidor\Desktop\FormatFactory\FFModules\Package\PFInstOnline.exe
FirewallRules: [{00699359-C049-4BF5-A0DE-3E1CCDE6A9B6}] => (Allow) C:\Users\servidor\Desktop\FormatFactory\FormatFactory.exe
FirewallRules: [TCP Query User{E21A230C-BA17-4500-93A3-1581327DDCE1}C:\users\newusu\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\newusu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{B64C7551-7D25-4C7D-AFC3-4AA367F93D91}C:\users\newusu\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\newusu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{E936BFCB-7844-4DA2-8FA1-705D447044EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Pontos de Restauração =========================
01-03-2016 12:41:12 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: avast! Revert
Description: avast! Revert
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: avast! VM Monitor
Description: avast! VM Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/05/2016 09:02:38 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: Tempo de espera esgotado para início do servidor
Error: (03/05/2016 09:00:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1572) WebCacheLocal: Erro -1811 ao abrir o arquivo de log C:\Users\NEWUSU\AppData\Local\Microsoft\Windows\WebCache\V010062E.log.
Erros de Sistema:
=============
Error: (03/05/2016 10:42:58 AM) (Source: Disk) (EventID: 11) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.
Error: (03/05/2016 10:37:43 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}
Error: (03/05/2016 10:36:02 AM) (Source: Disk) (EventID: 11) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR1.
Error: (03/05/2016 10:24:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Provedor do Grupo Doméstico depende do serviço Host de Provedor da Descoberta de Função, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (03/05/2016 10:24:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Pesquisador de Computadores depende do serviço Server, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (03/05/2016 10:24:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Pesquisador de Computadores depende do serviço Server, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (03/05/2016 10:24:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Pesquisador de Computadores depende do serviço Server, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (03/05/2016 10:24:26 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (03/05/2016 10:24:26 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (03/05/2016 10:24:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Pesquisador de Computadores depende do serviço Server, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
CodeIntegrity:
===================================
Date: 2015-08-26 09:58:52.315
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:52.268
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:52.222
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:52.175
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:50.849
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:50.802
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:50.755
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:50.708
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:49.258
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:49.211
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU G2030 @ 3.00GHz
Percentagem de memória em uso: 26%
RAM física total: 3989.46 MB
RAM física disponível: 2948.95 MB
Virtual Total: 7977.13 MB
Virtual disponível: 6976.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:412.9 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F0146396)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por NEWUSU (2016-03-05 10:49:34)
Executando a partir de C:\Users\NEWUSU\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-08-16 18:56:06)
Modo da Inicialização: Safe Mode (with Networking)
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-4220064015-3225715080-1381729876-500 - Administrator - Disabled)
Convidado (S-1-5-21-4220064015-3225715080-1381729876-501 - Limited - Enabled) => C:\Users\Convidado.SERVIDOR
NEWUSU (S-1-5-21-4220064015-3225715080-1381729876-1001 - Administrator - Enabled) => C:\Users\NEWUSU
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
µTorrent (HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
BB Token Admin Tool (HKLM-x32\...\{95A34656-CD4A-45A0-BAB8-AB950EFCBEBF}) (Version: 1.1.1 - Watchdata Technologies Pte., Ltd.)
CALL - Vs5 (HKLM-x32\...\CALL_VS5) (Version: 5 - CCAA)
CALL Vs.5 (x32 Version: 5 - CCAA) Hidden
Camtasia Studio 8 (HKLM-x32\...\{904AC0F0-F69E-467E-A719-B083940F608A}) (Version: 8.5.2.1999 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Cobian Backup 10 (HKLM-x32\...\CobBackup10) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Firebird 2.5.1.26351 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.1.26351 - Firebird Project)
FormatFactory 3.7.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.5.0 - Free Time)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
hppLaserJetService (x32 Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (x32 Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (x32 Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
LiveUpdate 3.2 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.2.0.68 - Symantec Corporation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
Norton Ghost (HKLM-x32\...\{B0255743-165B-4BD5-8DA8-37DFB9930015}) (Version: 15.0.0.35659 - Symantec Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{503D2C42-D698-43BC-97FE-3610F4E8CDDC}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 34.0.2036.36 (HKLM-x32\...\Opera 34.0.2036.36) (Version: 34.0.2036.36 - Opera Software)
PostgreSQL 9.4 (HKLM\...\PostgreSQL 9.4) (Version: 9.4 - PostgreSQL Global Development Group)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{6BF729A5-756B-4AA5-8721-E3B3972FEB96}) (Version: 1.00.0198 - REALTEK Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
Warsaw 1.11.0.42826 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.42826 - GAS Tecnologia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {15E150B3-C332-4243-B762-BAB14D26BFB5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {3A2ABBE0-DFA1-43C7-BE46-A6B808A15090} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-28] (Google Inc.)
Task: {4AEF115C-F925-45B3-9AF5-A7070B0669A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-08] (AVAST Software)
Task: {4E99460F-4068-434B-8441-77CE3A843D9A} - System32\Tasks\{D177F85E-92BF-4032-9D06-25950E7DBECA} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E13AD42C-9660-4975-982B-F573DF9BE9FB}\setup.exe" -c -runfromtemp -l0x0416 -removeonly
Task: {61207551-F8D7-44B0-B69B-4AEC3CDAECBA} - System32\Tasks\Opera scheduled Autoupdate 1452009237 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-14] (Opera Software)
Task: {8076EAD0-621C-41AF-940A-B838D96DE3D5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {83C6205E-ECA8-4E86-93E9-EF19E0C30AC6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {8E16FF4D-7F30-422E-9745-8DCFD674396A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {92D54C99-1872-46BD-8785-4073F446044A} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {9666D65E-98A6-4BDE-8180-F69856E00CF8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {A038321A-F518-493A-ABE1-1CDBEF99B7BD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C4B3538C-A1D1-4CA9-BA7B-031BD572705B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-28] (Google Inc.)
Task: {C9F1F270-1A4E-4B2A-8720-1192A6B3DFDE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\.DEFAULT\...\bb.com.br -> hxxps://seg.bb.com.br
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Existem ainda 7871 sites a mais.
IE trusted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\...\123simsen.com -> www.123simsen.com
Existem ainda 7871 sites a mais.
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-02-04 08:53 - 2016-02-18 16:33 - 00450165 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Existem ainda 15470 mais linhas.
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\startupfolder: C:^Users^servidor^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TeamViewer 9.lnk => C:\Windows\pss\TeamViewer 9.lnk.Startup
MSCONFIG\startupreg: Cobian Backup 10 => "C:\Arquivos de programas\Cobian Backup 10\Cobian.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\NEWUSU\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{8828089B-CD53-457E-AA89-BA9EEF8495B8}C:\logtec\ltagentserver\ltagentserver.exe] => (Allow) C:\logtec\ltagentserver\ltagentserver.exe
FirewallRules: [UDP Query User{EDC1FFAE-B14A-4368-961D-002701F2C002}C:\logtec\ltagentserver\ltagentserver.exe] => (Allow) C:\logtec\ltagentserver\ltagentserver.exe
FirewallRules: [TCP Query User{8EE80626-85F6-4980-87E2-23F9C9CE2534}C:\logtec\ltconcserver\ltconcserver.exe] => (Allow) C:\logtec\ltconcserver\ltconcserver.exe
FirewallRules: [UDP Query User{FA55BC9C-E1E1-4367-831B-7A26216B4716}C:\logtec\ltconcserver\ltconcserver.exe] => (Allow) C:\logtec\ltconcserver\ltconcserver.exe
FirewallRules: [{95E846EB-BE2D-4DEB-81EC-2EE45DD24FB1}] => (Allow) C:\Users\servidor\Desktop\FormatFactory\FFModules\Package\PFInstOnline.exe
FirewallRules: [{00699359-C049-4BF5-A0DE-3E1CCDE6A9B6}] => (Allow) C:\Users\servidor\Desktop\FormatFactory\FormatFactory.exe
FirewallRules: [TCP Query User{E21A230C-BA17-4500-93A3-1581327DDCE1}C:\users\newusu\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\newusu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{B64C7551-7D25-4C7D-AFC3-4AA367F93D91}C:\users\newusu\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\newusu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{E936BFCB-7844-4DA2-8FA1-705D447044EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Pontos de Restauração =========================
01-03-2016 12:41:12 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: avast! Revert
Description: avast! Revert
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: avast! VM Monitor
Description: avast! VM Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/05/2016 09:02:38 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: Tempo de espera esgotado para início do servidor
Error: (03/05/2016 09:00:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1572) WebCacheLocal: Erro -1811 ao abrir o arquivo de log C:\Users\NEWUSU\AppData\Local\Microsoft\Windows\WebCache\V010062E.log.
Erros de Sistema:
=============
Error: (03/05/2016 10:42:58 AM) (Source: Disk) (EventID: 11) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.
Error: (03/05/2016 10:37:43 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}
Error: (03/05/2016 10:36:02 AM) (Source: Disk) (EventID: 11) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR1.
Error: (03/05/2016 10:24:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Provedor do Grupo Doméstico depende do serviço Host de Provedor da Descoberta de Função, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (03/05/2016 10:24:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Pesquisador de Computadores depende do serviço Server, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (03/05/2016 10:24:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Pesquisador de Computadores depende do serviço Server, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (03/05/2016 10:24:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Pesquisador de Computadores depende do serviço Server, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
Error: (03/05/2016 10:24:26 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (03/05/2016 10:24:26 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (03/05/2016 10:24:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Pesquisador de Computadores depende do serviço Server, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1068
CodeIntegrity:
===================================
Date: 2015-08-26 09:58:52.315
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:52.268
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:52.222
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:52.175
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:50.849
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:50.802
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:50.755
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:50.708
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:49.258
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-26 09:58:49.211
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\NEWUSU\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU G2030 @ 3.00GHz
Percentagem de memória em uso: 26%
RAM física total: 3989.46 MB
RAM física disponível: 2948.95 MB
Virtual Total: 7977.13 MB
Virtual disponível: 6976.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:412.9 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F0146396)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================