cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:17-04-2016
Executado por Jordan (2016-04-17 09:24:15)
Executando a partir de C:\Users\Jordan\Downloads
Windows 10 Home Single Language Versão 1511 (X64) (2016-01-17 07:43:21)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2870796944-1756498243-3620526939-500 - Administrator - Disabled)
Convidado (S-1-5-21-2870796944-1756498243-3620526939-501 - Limited - Disabled) => C:\Users\Convidado
DefaultAccount (S-1-5-21-2870796944-1756498243-3620526939-503 - Limited - Disabled)
Jordan (S-1-5-21-2870796944-1756498243-3620526939-1001 - Administrator - Enabled) => C:\Users\Jordan
Luiz capoeira (S-1-5-21-2870796944-1756498243-3620526939-1008 - Limited - Enabled) => C:\Users\Luiz capoeira
pedro (S-1-5-21-2870796944-1756498243-3620526939-1006 - Limited - Enabled) => C:\Users\pedro
Valmir (S-1-5-21-2870796944-1756498243-3620526939-1005 - Limited - Enabled) => C:\Users\Valmir

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\uTorrent) (Version: 3.4.2.37951 - BitTorrent Inc.)
18 Wheels of Steel: American Long Haul (HKLM-x32\...\18 Wheels of Steel: American Long Haul) (Version: - ValuSoft)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
AnyFlix (HKLM-x32\...\AnyFlix.ns) (Version: - )
Aplicativo Itaú (HKLM-x32\...\{DB13E590-A006-4556-8DF4-67EB5F1B2EB5}) (Version: 1.0.57 - Banco Itaú)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS S200 Product Demo (HKLM-x32\...\{5E396FE4-6110-41C9-9B1F-2F30A4A13715}) (Version: 1.0.0 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.26 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.12.7303 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7303 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Baidu Browser (HKLM-x32\...\Spark) (Version: 43.22 Preview - Baidu Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Connectify 2015 (HKLM\...\Connectify) (Version: 2015.1.0.35473 - Connectify)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Despertador (HKLM-x32\...\ST6UNST #1) (Version: - )
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
FoneLab 8.0.70 (HKLM-x32\...\{CA7ED0B0-3CD4-4254-A9D2-2D7F78C5E3C5}_is1) (Version: 8.0.70 - Aiseesoft Studio)
Free WiFi Hotspot 3.6.1 (HKLM-x32\...\Free WiFi Hotspot_is1) (Version: - FreeWiFiHotspot Co., Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.10.0.1 - )
Hard Truck 18 Wheels of Steel (HKLM-x32\...\InstallShield_{1096C4FA-CC07-4BE1-B73F-77BDFF4916B8}) (Version: 1.00.0000 - ValueSoft)
Hard Truck 18 Wheels of Steel (x32 Version: 1.00.0000 - ValueSoft) Hidden
iExplorer 3.6.9.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iSkysoft iPhone Data Recovery(Build 2.6.0.6) (HKLM-x32\...\{10B4DAB2-9F85-483e-BF03-31771821E060}_is1) (Version: 2.6.0.6 - iSkysoft Software Co.,Ltd.)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Flight Simulator 2004 A Century of Flight (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version: - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1041 - Microsoft Corporation) Hidden
PhoneBrowse 3.2.0 (HKLM-x32\...\{6A4F3A46-FC4A-4B5C-917C-B9BAAB99FE01}}_is1) (Version: 3.2.0 - iMobie Inc.)
PhoneRescue 1.8.1 (HKLM-x32\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 1.8.1 - iMobie Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapport (x32 Version: 3.5.1507.113 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6798 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Syncios versão 4.2.3 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.2.3 - Anvsoft, Inc.)
Tenorshare ReiBoot (HKLM-x32\...\Tenorshare ReiBoot) (Version: - Tenorshare, Inc.)
TinyUmbrella 8.2.0.60 (HKLM-x32\...\4851-8548-9863-1993) (Version: 8.2.0.60 - )
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
Unity Web Player (HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Virtual Router v1.0 (HKLM-x32\...\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}) (Version: 1.0 - Chris Pietschmann)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIVO INTERNET (HKLM-x32\...\VIVO INTERNET) (Version: 11.302.06.05.149 - Huawei Technologies Co.,Ltd)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
WinAVI iPhone Data Recovery (HKLM-x32\...\WinAVI iPhone Data Recovery) (Version: 1.2.0.1085 - WinAVI Software Ltd.)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WindowsAndroid version 4.0.3 (HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\{7E07052F-A4CE-4932-B066-B9203888439F}_is1) (Version: 4.0.3 - SocketeQ, Inc.)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Jordan\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Jordan\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Jordan\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Jordan\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2870796944-1756498243-3620526939-1005_classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Valmir\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2870796944-1756498243-3620526939-1006_classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\pedro\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2870796944-1756498243-3620526939-1008_classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Luiz capoeira\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {06F8D366-C44A-4AF6-8DEA-A1E347375BDC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {102B65A1-25F6-4516-A945-7DAB74012F7C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {13927F5D-D29F-4A2F-B890-EE90CF8B7F52} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {19D17436-B4E8-4CEA-B361-BE1658D2F0F7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {1AE20B4B-6A57-45B9-A373-02C67E53BD3F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] ()
Task: {1C893008-5831-40E3-8152-509FD18027EB} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
Task: {1FB88F2C-201C-4CDE-A1E0-9E180B161ACA} - System32\Tasks\{5B2F3DAC-34C5-4211-94DB-6826CB12D7C3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.16.0.105&LastError=2
Task: {3AEECAA9-4473-47CE-A563-414FECB52F71} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {42F640FF-4268-4693-BA45-6C193690149C} - System32\Tasks\DNSLOMETA => dnslometa.exe <==== ATENÇÃO
Task: {4FD83D28-BC78-4D01-AB6F-637005D59BC3} - \Advanced-System Protector_startup -> Nenhum Arquivo <==== ATENÇÃO
Task: {5435402B-D461-4AB6-840A-8C937D2E6011} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {5C3EDE2A-158A-43AF-93F5-CE81343B520B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {610646A4-2BE6-4C9C-9BC6-3F2D6FA77725} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-16] (Microsoft Corporation)
Task: {6B8BD67B-AD73-4BA8-8584-F1102B63573C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {769C7768-F683-439A-8A33-8FEE59F11DE5} - System32\Tasks\{8F015E0F-0EB7-4061-A136-BF75CAF1A693} => pcalua.exe -a "C:\Program Files (x86)\iTunes\iTunes.exe" -d C:\Users\Jordan\Desktop
Task: {825F08E4-4EBB-46AE-A741-1C5949C9D545} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {84B184DD-1582-430C-862A-6DF7E9BC5EF8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {8664D858-D5E4-4402-AE82-0CEB30B83FFC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {88DC42B2-33D6-4FE6-936D-89EB25A27DE0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {89D053EE-4D25-4E25-8C44-49DCBB3DB3D8} - System32\Tasks\0715avUpdateInfo => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: {89FBDFA4-75AA-4222-9B13-D9C6428929FE} - System32\Tasks\Pritc => C:\Users\Jordan\AppData\Local\Temp\00011350\casrss.exe [2016-02-20] (VLOME) <==== ATENÇÃO
Task: {8FC2406F-CB39-40CE-899E-B3F9B2AC1D1A} - System32\Tasks\{F5057EF1-234E-494C-AC6F-492923F59E60} => pcalua.exe -a "F:\Jogos\Hard Truck 18 Wheels Of Steel (ISO) ~~~~{A{M{I}}T}1248\hard.truck.18.wheels.of.steel\DirectX81\dxsetup.exe" -d "F:\Jogos\Hard Truck 18 Wheels Of Steel (ISO) ~~~~{A{M{I}}T}1248\hard.truck.18.wheels.of.steel\DirectX81"
Task: {962E9C93-75F1-415A-8866-1BD371C81C4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A788B762-64CC-4733-922F-0B49E25249F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B3D5A19B-84C2-4290-8B3D-D8B729B5E45F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C165AD3B-6857-4160-8175-3665FD6A1421} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {C609D32C-3EA6-46EC-89C0-FA1968E7378B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS)
Task: {E41BC771-554D-4E43-9211-E164C206A0A6} - System32\Tasks\ASUS VivoBook => C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe [2012-12-25] (ASUSTeK Computer Inc.)
Task: {E6B55897-75E3-481F-B77F-73FCE47CC5D0} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {E9DB67F6-1005-4568-9D2A-1702CE0BD852} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {E9F8EC1A-F0FD-4230-BB75-6F5DEA5D6AB9} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {EA0807EE-E65A-4F70-B209-6206DF82CCF7} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [2016-03-04] (Baidu.com, Inc.)
Task: {EBE081FE-B7ED-437A-931E-4F7B0768002D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {F69C1654-248E-4A8C-9563-3F60CAF66C67} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-15] (Microsoft Corporation)
Task: {FCC609DC-88BC-4425-9E6A-DB7F5A2B9002} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\0215avUpdateInfo.job => C:\ProgramData\Avg_Update_0215av\0215av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\0415avUpdateInfo.job => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\0915avUpdateInfo.job => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\1214avUpdateInfo.job => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Public\Desktop\Google.lnk -> C:\Program Files (x86)\baidu\Baidu Browser\spark.exe () -> --useraction=google hxxp://www.google.com

==================== Módulos Carregados (Whitelisted) ==============

2015-01-23 03:59 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-19 12:14 - 2012-05-02 16:24 - 00064512 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll
2012-12-19 12:14 - 2012-05-02 16:27 - 00049664 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-02 02:06 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 02:06 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-18 23:18 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 02:05 - 2016-02-23 05:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-18 23:21 - 2016-01-04 22:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-18 23:19 - 2016-01-04 22:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 10:22 - 2016-01-16 02:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 10:23 - 2016-01-16 02:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-04-07 17:43 - 2015-02-13 09:31 - 00079624 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\WINDOWS\system32\IccLibDll_x64.dll
2015-04-06 19:24 - 2015-03-06 14:39 - 00778752 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2012-08-24 21:26 - 2012-08-24 21:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-11-29 21:15 - 2012-11-29 21:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2016-04-14 11:25 - 2016-03-01 09:45 - 00678912 _____ () C:\Program Files (x86)\AnyFlix\dnslometa.exe
2016-04-17 00:10 - 2016-04-17 00:12 - 00574432 _____ () c:\users\jordan\appdata\local\temp\00607\skype.exe
2016-04-17 00:20 - 2016-04-17 00:23 - 00574440 _____ () c:\users\jordan\appdata\local\temp\02674\setup.exe
2016-01-18 23:21 - 2015-12-07 01:59 - 03081568 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-12-09 02:02 - 2016-03-04 02:13 - 00897848 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdutil.exe
2013-04-13 02:34 - 2012-06-25 14:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-10-09 23:45 - 2015-07-21 13:13 - 00715000 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2015-04-07 17:43 - 2015-02-05 12:35 - 00743936 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\Framework.dll
2015-04-07 17:43 - 2015-02-02 02:57 - 02823168 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\IosDevice.dll
2015-04-07 17:43 - 2011-03-24 08:42 - 00334848 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\QtXml4.dll
2015-04-07 17:43 - 2011-03-24 08:56 - 07981056 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\QtGui4.dll
2015-04-07 17:43 - 2011-03-24 08:42 - 02145792 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\QtCore4.dll
2015-04-07 17:43 - 2011-03-24 08:43 - 00934912 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\QtNetwork4.dll
2015-04-07 17:43 - 2014-09-15 01:51 - 00987136 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\libxml2.dll
2015-04-07 17:43 - 2011-03-24 10:25 - 09843200 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\QtWebKit4.dll
2015-04-07 17:43 - 2014-09-15 01:51 - 00077824 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\zlib1.dll
2015-04-07 17:43 - 2011-03-24 09:06 - 00232960 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\phonon4.dll
2015-04-07 17:43 - 2011-03-24 09:06 - 02530816 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\QtXmlPatterns4.dll
2015-04-07 17:43 - 2014-09-12 03:11 - 00562072 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\SQLite3.dll
2015-04-07 17:43 - 2011-03-24 10:37 - 00025600 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\imageformats\qgif4.dll
2015-04-07 17:43 - 2011-03-24 10:37 - 00027648 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\imageformats\qico4.dll
2015-04-07 17:43 - 2011-03-24 10:37 - 00119808 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\imageformats\qjpeg4.dll
2015-04-07 17:43 - 2011-03-24 10:37 - 00220672 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\imageformats\qmng4.dll
2015-04-07 17:43 - 2011-03-24 10:37 - 00278528 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\imageformats\qtiff4.dll
2015-04-06 19:24 - 2015-03-06 14:39 - 00386560 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2015-04-06 19:24 - 2013-03-01 10:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll
2015-04-06 19:24 - 2013-03-01 10:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-06 19:24 - 2014-01-06 11:24 - 00671744 _____ () C:\Program Files (x86)\Syncios\hashab.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-04-11 23:49 - 2016-04-06 07:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 23:49 - 2016-04-06 07:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2016-04-14 11:19 - 2016-04-08 13:53 - 17532096 _____ () C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\System32:D83A5DD0_Cef.gbp [2]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1005\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1005\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1005\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1006\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1006\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1006\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1008\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1008\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-1008\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-501\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2870796944-1756498243-3620526939-501\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2014-03-17 16:06 - 2016-03-18 23:27 - 00001193 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2870796944-1756498243-3620526939-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jordan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\credo.jpg
HKU\S-1-5-21-2870796944-1756498243-3620526939-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2870796944-1756498243-3620526939-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2870796944-1756498243-3620526939-1008\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2870796944-1756498243-3620526939-501\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 82.163.143.189 - 82.163.142.189
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Virtual Router => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk => C:\WINDOWS\pss\Virtual Router Manager.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: Baidu Antivirus => "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.124234.0\BavTray.exe" -auto
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Connectify Hotspot => C:\Program Files (x86)\Connectify\Connectify.exe autorun
MSCONFIG\startupreg: Diebold - Warsaw => C:\Program Files\Diebold\Warsaw\core.exe
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: FoneLabAppService => C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Persistence => "C:\WINDOWS\system32\igfxpers.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B27E4D07-FE42-4A92-8485-FEBECA81801D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{CD1B44B5-1190-415F-A571-A379A2318789}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{F152D54C-11D9-48E2-9A4B-2C0957010D4A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{A4297801-D50E-45C3-9C82-F198BF210C11}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{400FB2B6-911D-4332-9AD3-295739D83245}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{1D129FFF-6D7F-4F8A-8186-E65F3E2B016E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{E06F7751-5507-40EC-8877-2E359BEF6C04}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{B8961DD8-2030-4FD1-AD38-887FDF206399}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{C685246D-37C1-4E63-B30A-7F4E1FC41D87}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{17AF2459-6389-4B9F-B72B-C1D0AFE47C70}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{585CACF6-E161-4B96-BFC3-D39F3F683569}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C23238BA-9969-4C78-B486-21B59A373613}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{88EF73DC-A5E6-46C5-AF0D-9283892CBE8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{1B24B907-4CF5-4F03-B49C-2BAD24E96957}C:\users\jordan\desktop\drone\windows ar.drone.exe] => (Allow) C:\users\jordan\desktop\drone\windows ar.drone.exe
FirewallRules: [TCP Query User{C08CC18F-E107-48C8-9F2E-6C3DD7A2DE46}C:\users\jordan\desktop\drone\windows ar.drone.exe] => (Allow) C:\users\jordan\desktop\drone\windows ar.drone.exe
FirewallRules: [{87B05162-2925-4E51-A092-2C62A35CFE2B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B3DC8AF3-20A2-42E0-A67E-E06ADE422FC6}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{0D6D5991-88B4-4662-ADAC-A51A6F0FEE83}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{92363E24-A008-425E-A69E-A38F2C9B83F6}] => (Allow) LPort=1900
FirewallRules: [{2792A0DC-C63A-4316-9429-9486B0B1AC97}] => (Allow) LPort=2869
FirewallRules: [{EC09CD54-8260-47B3-9568-329B696B1B5F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{016B2B78-DFD2-4607-B629-2DE7CCAEBAF9}] => (Allow) C:\Users\Jordan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ADD82EB6-2626-4B76-893D-AF10B767B64A}] => (Allow) C:\Users\Jordan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{15BFD6E9-495F-40FD-B7F4-6BE662E734F9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D081932B-FC1C-45A0-8BF1-286F159DBFC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{61E9DEA6-A880-4578-94DA-AB98773F0108}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3004F3B0-1DDC-4C00-95FB-A0C0B48B75F0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{25841B3A-4595-469F-A50F-D51FAF83239D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2EDCE7B2-8F64-47CD-89E2-FF46E768F50F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{08EDB643-54FE-42D5-8AC3-04FEC97E3E93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FFF54FC6-BA1B-419E-8722-FCB40B0FD00F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7F836F72-F159-4941-A4D0-475F3C7E6A7A}C:\program files (x86)\connectify\connectify.exe] => (Block) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{EDF60276-C627-41EA-BE43-9121B8DB8731}C:\program files (x86)\connectify\connectify.exe] => (Block) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{3C275C94-9E9C-4E58-AE3D-E194D22E6DAD}] => (Allow) C:\Program Files (x86)\Connectify\Connectify.exe
FirewallRules: [{9041F3B6-70D2-46AD-8E3F-ECBFD615E1AC}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{8CCF2DBF-F0E6-484C-AB11-A7D35C673EB7}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{3C53A993-6C30-4085-A6FB-DC32DCDB31CB}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{367F243E-FC47-42A7-BBB5-7922E7769246}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{7D7BFD58-DF88-41BE-8D68-0615559AA586}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [TCP Query User{216A4D0E-BE50-469E-AE24-69C06D620039}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{8093A3DD-7F02-4D7F-A15E-5091D565FDD9}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [{41F1A69E-32B4-43FB-85A3-01BFE250291F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EC6CD39D-625C-4B36-94FF-BE0E26F77839}] => (Allow) %systemroot%\system32\alg.exe

==================== Pontos de Restauração =========================

23-03-2016 23:10:41 Windows Update
14-04-2016 11:19:01 Uniblue SpeedUpMyPC installation

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
Description: Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (04/17/2016 09:31:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JORDAN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/17/2016 09:26:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JORDAN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/17/2016 09:24:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JORDAN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/17/2016 06:07:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JORDAN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/17/2016 02:07:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JORDAN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/17/2016 12:34:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JORDAN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/17/2016 12:32:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa SUPERANTISPYWARE.EXE versão 6.0.0.1216 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 480

Hora de Início: 01d198559f7715db

Hora de Término: 56

Caminho do Aplicativo: C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

ID do Relatório: f9bd440f-044c-11e6-bf27-ce58966b3f63

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (04/17/2016 12:32:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JORDAN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/17/2016 12:30:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JORDAN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/17/2016 12:07:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JORDAN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.


Erros de Sistema:
=============
Error: (04/17/2016 09:31:35 AM) (Source: DCOM) (EventID: 10010) (User: JORDAN)
Description: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca

Error: (04/17/2016 09:26:12 AM) (Source: DCOM) (EventID: 10010) (User: JORDAN)
Description: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca

Error: (04/17/2016 09:24:12 AM) (Source: DCOM) (EventID: 10010) (User: JORDAN)
Description: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca

Error: (04/17/2016 07:49:09 AM) (Source: bowser) (EventID: 8003) (User: )
Description: O localizador mestre recebeu uma notificação de servidor do computador NETO-PC
que acredita ser o localizador mestre do domínio no transporte NetBT_Tcpip_{1C4EA6FA-373A-4559-BC05-DF71BDD22FAC}.
O localizador mestre está parando ou está sendo forçada uma eleição.

Error: (04/17/2016 06:07:02 AM) (Source: DCOM) (EventID: 10010) (User: JORDAN)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (04/17/2016 02:07:02 AM) (Source: DCOM) (EventID: 10010) (User: JORDAN)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (04/17/2016 12:34:16 AM) (Source: DCOM) (EventID: 10010) (User: JORDAN)
Description: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca

Error: (04/17/2016 12:32:16 AM) (Source: DCOM) (EventID: 10010) (User: JORDAN)
Description: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca

Error: (04/17/2016 12:30:16 AM) (Source: DCOM) (EventID: 10010) (User: JORDAN)
Description: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca

Error: (04/17/2016 12:13:30 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível


CodeIntegrity:
===================================
Date: 2016-04-17 09:30:48.171
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-17 09:30:47.606
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-17 01:29:49.039
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-17 01:29:48.575
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-15 10:02:29.479
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-15 00:01:24.022
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-08 15:01:33.681
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-31 00:50:37.554
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-30 02:08:45.367
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-29 15:32:54.775
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3-2365M CPU @ 1.40GHz
Percentagem de memória em uso: 83%
RAM física total: 3979.6 MB
RAM física disponível: 648.84 MB
Virtual Total: 15755.6 MB
Virtual disponível: 11507 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.86 GB) (Free:108.68 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:257.08 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 04A53D1B)

Partition: GPT.

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité