cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01
Executado por Lorena (2016-03-10 11:33:50)
Executando a partir de C:\Users\Lorena\Downloads
Windows 8.1 Single Language (X64) (2015-12-11 15:39:19)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-336744401-1680014940-2877073537-500 - Administrator - Disabled)
Convidado (S-1-5-21-336744401-1680014940-2877073537-501 - Limited - Disabled)
Lorena (S-1-5-21-336744401-1680014940-2877073537-1001 - Administrator - Enabled) => C:\Users\Lorena

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

7-Zip 15.12 (HKLM-x32\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.14 - Adobe Systems)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATENÇÃO
Atualizações da NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Portuguese/Português (Brasil) (HKLM\...\Office15.OMUI.pt-br) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pt-BR)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
NVIDIA Áudio Virtual Miracast 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Driver de áudio HD 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Driver de gráficos 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Painel de controle da NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0416-1000-0000000FF1CE}_Office15.OMUI.pt-br_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.OMUI.pt-br_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.OMUI.pt-br_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {014F01A4-CAD2-4A50-AB78-720C6BCB9514} - \AutoKMS -> Nenhum Arquivo <==== ATENÇÃO
Task: {02A9499E-B4F9-4C9D-8552-7D6D2CD18116} - System32\Tasks\AdobeAAMUpdater-1.0-SUPRED_009-Lorena => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)
Task: {0A01B89C-A1A9-473F-AACE-9DD022DC0962} - System32\Tasks\{38069D6D-A7C2-4869-A110-264151926A64} => pcalua.exe -a C:\Users\Lorena\AppData\Local\8F221260-1457602989-11D5-8A59-1C872CC4924F\Uninstall.exe
Task: {0AD27229-0CDC-49CE-9216-5F6A0455DEF2} - System32\Tasks\LorenaTwineMisconductV2 => Rundll32.exe QuarrierTackiness.dll,main 7 1 <==== ATENÇÃO
Task: {3BF70D48-ADD5-4CED-BEEE-2C59A0F24CBC} - System32\Tasks\PriceFountainUpdateVer => C:\Users\Lorena\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {4702B83E-0BAB-4D8E-A203-B58D06A54CE6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5004D6EF-1673-45CC-A4C3-B8BBA4CDC5B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
Task: {5F69F794-776F-41E9-A21F-D28D114D3F1B} - System32\Tasks\Sagrot => C:\PROGRA~1\SHOPPE~1\Cuikgi.bat
Task: {6AF2503F-430C-449F-B506-27823077A530} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-17] (Adobe Systems Incorporated)
Task: {9D5BA6EC-3CA4-4109-8BF3-22AABBED4C21} - System32\Tasks\Aloetlebsix => C:\ProgramData\Aloetlebsix\1.0.7.1\adriwlex.exe [2016-03-10] ()
Task: {A64B573D-1CED-4859-A594-660F328A125F} - System32\Tasks\gameo_update => C:\Users\Lorena\AppData\Roaming\Gameo\gameo.exe [2015-07-04] () <==== ATENÇÃO
Task: {A955EBE4-EE9E-4659-ADAA-9ABFB7033680} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {B082E6F7-531B-4721-A820-D335EE5B975F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BC282D48-800E-4F2A-BA2D-E3D7A4754C77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
Task: {C477B05F-DB7F-4D4D-9529-75F73C63FBDA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D04D1C1B-37E0-4DBC-A152-6577BDEB5AE6} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe
Task: {D39A56D3-7356-4F28-9468-955CBB47F51F} - System32\Tasks\{1FDCF91D-50F2-4099-BCE8-020C86AC7131} => pcalua.exe -a "C:\Program Files (x86)\CleanBrowser\uninstall.exe" -c /uninstall
Task: {FF60A1F0-1375-49B2-A01D-21FBD8168864} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PriceFountainUpdateVer.job => C:\Users\Lorena\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Lorena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Lorena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/

==================== Módulos Carregados (Whitelisted) ==============

2016-03-10 09:41 - 2016-03-10 09:42 - 00284160 _____ () C:\Program Files (x86)\8F221260-1457613682-11D5-8A59-1C872CC4924F\jnssE9AC.tmp
2016-03-10 10:15 - 2016-03-10 10:15 - 00263360 _____ () C:\Program Files (x86)\SFK\SSFK.exe
2015-12-25 05:42 - 2015-12-25 05:42 - 00141960 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
2016-03-10 09:42 - 2016-03-10 09:42 - 00416256 _____ () C:\Program Files (x86)\8F221260-1457613682-11D5-8A59-1C872CC4924F\hnsn77A5.tmp
2016-03-10 09:41 - 2016-03-10 09:41 - 00156160 _____ () C:\ProgramData\Aloetlebsix\1.0.7.1\adriwlex.exe
2015-12-11 14:04 - 2015-03-13 13:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 03934344 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\Calendar.exe
2015-12-25 05:42 - 2015-12-25 05:42 - 00148104 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarEntry.dll
2016-02-29 15:17 - 2016-02-29 15:17 - 01402880 _____ () C:\Users\Lorena\AppData\Roaming\cpuminer\cpm.exe
2016-03-10 09:34 - 2016-02-09 12:30 - 02036224 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2016-03-10 10:13 - 2016-03-02 13:36 - 01888256 _____ () C:\ProgramData\mspop.exe
2015-12-25 05:42 - 2015-12-25 05:42 - 00543368 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPTask.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 00406664 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPNet.dll
2015-12-25 05:41 - 2015-12-25 05:41 - 00428680 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPDR.dll
2016-01-11 09:36 - 2016-01-11 09:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2012-09-23 19:44 - 2012-09-23 19:44 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\pt_br\acrotray.ptb
2016-02-20 09:01 - 2016-02-18 01:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-20 09:01 - 2016-02-18 01:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2016-03-10 09:40 - 00000997 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-336744401-1680014940-2877073537-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.13 - 10.0.0.16
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\...\StartupApproved\Run: => "NvBackend"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1E7D79F7-EFDA-4B29-A0D0-AB398694B6C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{58BCC51F-5C2A-4573-9F5E-29F1FB2BDB7B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9109A96C-DD11-4866-9B3F-892BDE12D77C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{118AE730-DE09-48F4-BD1E-71F882143BF0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{278233AC-5C4D-4200-B91A-F430D6ECE159}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BD974381-1606-4891-953A-55CDF4D02C6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{38DF73B1-C72A-438B-80F5-9B94148FFE6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5877B74D-9684-471F-80D1-D4BD10BC05E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{42849B8C-FCFC-4AFA-885E-DE591778E66D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CFBD3278-F702-4A4B-A4DD-DAB61190E2FB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{BF5B9DF1-DEBA-4A32-A099-7E6E6F8A4310}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{27F3BC86-1C97-4845-A68C-E630EB2CCD59}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CAFABC4E-E54C-460D-91FA-2D43080C9BBA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B9AF5D80-9943-4EFA-BB1D-E7811912939E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5F8805DC-4CE1-420F-A423-62182BBAFCB2}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{75F159B0-9DE9-4A4D-A9BC-140E583B4831}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [TCP Query User{E6F3C27F-4B27-4138-ABFA-A5784AAE7753}C:\program files\adobe\adobe dreamweaver cc 2015\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2015\node\node.exe
FirewallRules: [UDP Query User{0E8C8443-A8B4-476E-8414-3244DFE78691}C:\program files\adobe\adobe dreamweaver cc 2015\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2015\node\node.exe
FirewallRules: [{9EFC1BDD-9494-49F4-8B7C-56F3A7A37FCC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

19-02-2016 08:55:26 Ponto de Verificação Agendado
26-02-2016 09:19:50 Windows Update
05-03-2016 08:43:03 Ponto de Verificação Agendado
09-03-2016 09:19:53 Windows Update
10-03-2016 09:37:30 Uniblue DriverScanner installation

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (03/10/2016 10:41:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Explorer.Exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: combase.dll, versão: 6.3.9600.18202, carimbo de data/hora: 0x569e6ee3
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000062a9f
ID do processo com falha: 0x10f4
Hora de início do aplicativo com falha: 0xExplorer.Exe0
Caminho do aplicativo com falha: Explorer.Exe1
Caminho do módulo com falha: Explorer.Exe2
ID do Relatório: Explorer.Exe3
Nome completo do pacote com falha: Explorer.Exe4
ID do aplicativo relativo ao pacote com falha: Explorer.Exe5

Error: (03/10/2016 10:36:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x17d4
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (03/10/2016 10:36:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x169c
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (03/10/2016 10:36:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x1554
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (03/10/2016 10:36:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x1540
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (03/10/2016 10:36:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x148c
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (03/10/2016 10:36:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x13a4
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (03/10/2016 10:36:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x1404
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (03/10/2016 10:36:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x17dc
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5

Error: (03/10/2016 10:36:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 6.3.9600.17667, carimbo de data/hora: 0x54c6f7c2
Nome do módulo com falha: twinui.appcore.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503801
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000cc650
ID do processo com falha: 0x1760
Hora de início do aplicativo com falha: 0xexplorer.exe0
Caminho do aplicativo com falha: explorer.exe1
Caminho do módulo com falha: explorer.exe2
ID do Relatório: explorer.exe3
Nome completo do pacote com falha: explorer.exe4
ID do aplicativo relativo ao pacote com falha: explorer.exe5


Erros de Sistema:
=============
Error: (03/10/2016 10:48:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço MPC Core Protect Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (03/10/2016 10:46:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço RTYYUgUkDs foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (03/10/2016 10:44:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Winsere devido ao seguinte erro:
%%2

Error: (03/10/2016 10:44:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ggbugreport devido ao seguinte erro:
%%2

Error: (03/10/2016 10:39:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Winsere devido ao seguinte erro:
%%2

Error: (03/10/2016 10:39:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ggbugreport devido ao seguinte erro:
%%2

Error: (03/10/2016 10:37:11 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 10:32:25 do dia ‎10/‎03/‎2016 não era esperado.

Error: (03/10/2016 10:34:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Winsere devido ao seguinte erro:
%%2

Error: (03/10/2016 10:34:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ggbugreport devido ao seguinte erro:
%%2

Error: (03/10/2016 10:32:32 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007a (0xfffff6fc00b4f600, 0xffffffffc000003f, 0x000000006f912860, 0xfffff80169ec09c8)C:\Windows\MEMORY.DMP031016-21187-01


CodeIntegrity:
===================================
Date: 2016-03-08 08:47:30.893
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-07 08:28:49.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-05 08:31:15.544
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-04 08:46:36.611
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-03 09:12:19.107
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-02 08:42:04.179
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-01 08:42:07.545
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-29 08:58:00.419
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-27 09:43:59.827
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-26 08:58:45.889
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Informações da Memória ===========================

Processador: AMD FX(tm)-4300 Quad-Core Processor
Percentagem de memória em uso: 21%
RAM física total: 8174.11 MB
RAM física disponível: 6390.41 MB
Virtual Total: 16366.11 MB
Virtual disponível: 14399.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:859.67 GB) NTFS
Drive j: () (Removable) (Total:3.73 GB) (Free:2.55 GB) FAT32

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A67BA0AE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité