cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:09-05-2016
Executado por PC (2016-05-09 15:34:10)
Executando a partir de C:\Users\PC\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-13 03:14:55)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2760107221-826286760-2741309303-500 - Administrator - Disabled)
Convidado (S-1-5-21-2760107221-826286760-2741309303-501 - Limited - Disabled)
PC (S-1-5-21-2760107221-826286760-2741309303-1000 - Administrator - Enabled) => C:\Users\PC

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2760107221-826286760-2741309303-1000\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATENÇÃO
Arquivos de Suporte à Instalação do Microsoft SQL Server 2008 (HKLM\...\{D1EB7FFB-2C4E-4BF6-80B6-09ABB1A3FEFC}) (Version: 10.1.2731.0 - Microsoft Corporation)
AtualizacaoLedCommerce (HKLM-x32\...\AtualizacaoLedCommerce_is1) (Version: - Ledware Tecnologia em Software - LTDA)
Bematool 3.0.5 Pro (HKLM-x32\...\{72D8693C-2D14-4760-8C3F-C8CD27444A6A}) (Version: 3.0.5 - Newtech)
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATENÇÃO
Caster (HKLM\...\{d35e5e88-e5b8-447f-b6f4-66bc7aa638d1}) (Version: 1.0 - Caster)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
CleanBrowser (HKLM-x32\...\CleanBrowser) (Version: - ) <==== ATENÇÃO
comoBoss version 1.1 (HKLM-x32\...\comoBoss_is1) (Version: 1.1 - aze) <==== ATENÇÃO
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.12.0 - Conexant)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
ImageCropResize (HKU\S-1-5-21-2760107221-826286760-2741309303-1000\...\ImageCropResize) (Version: - )
Instalação do Microsoft SQL Server 2008 R2 (Inglês) (HKLM\...\{645B7CE5-6464-4A3C-BE5D-9DFED7E651E9}) (Version: 10.52.4000.0 - Microsoft Corporation)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3062 - Intel Corporation)
LedCommerce (HKLM-x32\...\LedCommerce_is1) (Version: - Ledware Tecnologia em Informática - LTDA)
Ledwin - Gerador de Relatórios (HKLM-x32\...\Gerador de Relatórios - Versão 1.0.1_is1) (Version: Ledwin - Gerador de Relatórios - Ledware Informática)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64 bits) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{CCE7419E-68A9-4A6E-B916-575B33D48F25}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{336FEB35-3257-4467-BC8B-2F5CF432BCF8}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{5FDC08C3-F54B-4A82-8257-00F54C73C7B7}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
mobilepcstarterkit version 1.1 (HKLM-x32\...\mobilepcstarterkit_is1) (Version: 1.1 - mobilepcstarterkit) <==== ATENÇÃO
Mozilla Firefox 44.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 pt-BR)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MPC Cleaner (HKLM-x32\...\MPC) (Version: - DotC United Inc)
Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Reezaa MP3 Tag Editor V1.0 (HKLM-x32\...\Reezaa MP3 Tag Editor_is1) (Version: - Reezaa MP3 Tag Editor, Inc.)
SafeFinder (HKLM-x32\...\{9FFD3793-F020-439A-B929-7DF1C17FDEA0}) (Version: 1.0.0.0 - Linkury) <==== ATENÇÃO
Service Pack 2 para o SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SunnyDay (HKLM-x32\...\SunnyDay21_is1) (Version: - SUNNYDAY)
sunnyday version 1.1 (HKLM-x32\...\sunnyday_is1) (Version: 1.1 - sunnyday) <==== ATENÇÃO
TagScanner 6.0.8 (HKLM-x32\...\TagScanner_is1) (Version: - Sergey Serkov)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
TED versão 4.3.8 (HKLM-x32\...\{D9589AD9-1908-45AF-ACEE-40E056C22DDA}_is1) (Version: - Secretaria da Fazenda do Estado do Rio Grande do Sul)
TP-LINK TL-WN725N_TL-WN723N Controlador (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
TSearch (HKLM-x32\...\Torrent Search) (Version: 1.0.0.72 - Company Inc.) <==== ATENÇÃO
Utilitário de Configuração de Rede Sem Fios TP-LINK (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Validador Sintegra 5.3.0 (HKLM-x32\...\{169CEB91-BD47-46C1-A0EA-7943B0E667DA}_is1) (Version: - Secretaria da Fazenda do Estado do Rio Grande do Sul)
Video and Audio Plugin UBar (HKLM\...\UBar) (Version: 1.1.36.1 - UBar Plugin Soft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {062ABF02-1AA6-495A-A1DE-0E549AF7E817} - System32\Tasks\Update Service for Torrent Search => C:\Program Files (x86)\Torrent Search\emYdFg1.exe [2016-05-09] () <==== ATENÇÃO
Task: {18A5C095-C8AD-4DF4-9A99-B2C20770847A} - System32\Tasks\Update Service for Torrent Search2 => C:\Program Files (x86)\Torrent Search\emYdFg1.exe [2016-05-09] () <==== ATENÇÃO
Task: {2836E299-6D6C-4E57-857F-AD428819C55B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-13] (Google Inc.)
Task: {4C51EB86-25A3-425E-8E91-0DE9CBD536D7} - System32\Tasks\osTip => Rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /AUTORUN
Task: {4DE52B37-935B-4205-A85C-8DE8FEA12061} - System32\Tasks\{9B691715-6EC9-40DD-86D7-0C0BCCB9305D} => C:\Users\PC\Downloads\RemotePlayInstaller.exe [2016-04-08] (Sony Interactive Entertainment Inc.)
Task: {56095893-D477-41A5-ACCC-E1A333E05A6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-13] (Google Inc.)
Task: {726D40E3-D56F-4BA6-9DDC-47515600BB50} - System32\Tasks\Lorckphsary Reports => C:\Program Files (x86)\Lorckphsary\lrcReportsTask.exe [2016-05-06] ()
Task: {A25FDF12-63B0-4E30-9CBB-580688D7B16B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-13] (Adobe Systems Incorporated)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Update Service for Torrent Search.job => C:\Program Files (x86)\Torrent Search\emYdFg1.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\Update Service for Torrent Search2.job => C:\Program Files (x86)\Torrent Search\emYdFg1.exe <==== ATENÇÃO

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

WMI_ActiveScriptEventConsumer_ASEC: <===== ATENÇÃO (yeabests)

ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%

==================== Módulos Carregados (Whitelisted) ==============

2016-05-09 15:11 - 2016-05-09 15:10 - 00948736 _____ () C:\ProgramData\CloudPrinter\CloudPrinter.exe
2016-05-09 15:11 - 2016-05-09 15:11 - 00097792 _____ () C:\Program Files (x86)\4C4C4544-1462817460-3610-8033-C6C04F535231\jnsb1FB.tmp
2016-05-09 15:20 - 2016-05-09 15:16 - 00948736 _____ () C:\ProgramData\Lamzap\Lamzap.exe
2016-05-09 15:11 - 2016-05-09 15:11 - 00138240 _____ () C:\Program Files (x86)\4C4C4544-1462817460-3610-8033-C6C04F535231\hnsg2046.tmp
2016-05-09 14:23 - 2016-05-09 14:23 - 00416256 _____ () C:\Program Files (x86)\4C4C4544-1462817460-3610-8033-C6C04F535231\knslE0AF.tmpfs
2015-12-26 05:59 - 2015-12-26 05:59 - 00158720 _____ () C:\Users\PC\AppData\Local\4C4C4544-1462806956-3610-8033-C6C04F535231\qnsgB7BC.tmp
2010-01-30 01:40 - 2010-01-30 01:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-25 05:42 - 2015-12-25 05:42 - 00148104 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarEntry.dll
2016-05-09 15:09 - 2016-05-09 09:23 - 03294720 _____ () C:\Users\PC\AppData\Local\SunnyDay21\usun.exe
2016-05-09 15:07 - 2016-05-09 15:09 - 04325888 _____ () C:\Program Files (x86)\sunnyday\wincom_K5T.exe
2016-03-31 14:24 - 2016-03-31 14:24 - 01417216 _____ () C:\Users\PC\AppData\Roaming\cpuminer\cpm.exe
2016-05-09 15:16 - 2016-05-09 15:19 - 04325888 _____ () C:\Program Files (x86)\mobilepcstarterkit\wincom_0LT.exe
2016-05-09 15:16 - 2016-05-09 03:45 - 01920000 _____ () C:\ProgramData\msiql.exe
2016-01-15 16:23 - 2015-08-27 10:38 - 00752640 _____ () C:\LedCommerce\Utilitarios\Backup_Automatico.exe
2016-05-09 15:09 - 2016-05-09 09:23 - 04332032 _____ () C:\Program Files (x86)\SunnyDay21\SunnyDay.exe
2016-05-09 15:10 - 2016-05-08 16:50 - 04325888 _____ () C:\Program Files (x86)\comoBoss\comowin.exe
2016-05-09 15:16 - 2016-05-08 23:22 - 00307290 ____H () C:\Program Files (x86)\badu\uc.exe
2016-05-09 15:14 - 2016-05-09 03:45 - 01920000 _____ () c:\users\pc\appdata\roaming\msiql.exe
2016-05-09 15:26 - 2016-05-09 15:26 - 00571880 _____ () c:\users\pc\appdata\local\temp\30269\setup.exe
2016-05-09 15:08 - 2016-05-09 15:08 - 00417048 _____ () C:\Program Files (x86)\Torrent Search\IEEF\INFoanSeSFZQ.exe
2015-12-25 05:42 - 2015-12-25 05:42 - 00141960 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
2015-12-25 05:42 - 2015-12-25 05:42 - 03934344 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\Calendar.exe
2016-05-09 15:07 - 2016-05-09 15:07 - 00096264 _____ () C:\Program Files\UBar\UbarService.exe
2016-05-09 15:21 - 2016-04-07 11:30 - 02027520 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll
2016-05-09 15:08 - 2016-05-09 15:08 - 00300696 _____ () C:\Program Files (x86)\Torrent Search\IEEF\qcZtGKqHlUOe.dll
2016-05-09 15:08 - 2016-05-09 15:08 - 00203472 _____ () C:\Program Files (x86)\Torrent Search\IEEF\0HpBDfsazwtr.dll
2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-05-09 15:08 - 2016-05-09 15:07 - 00559256 _____ () C:\Program Files (x86)\Torrent Search\IEEF\sqlite3.dll
2016-05-09 15:20 - 2016-05-09 15:20 - 00257536 _____ () C:\ProgramData\Lamzap\Homestrong.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 00543368 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPTask.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 00406664 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPNet.dll
2015-12-25 05:41 - 2015-12-25 05:41 - 00428680 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPDR.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 00747144 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPKernel.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 00327304 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPHelp.dll
2016-05-02 18:19 - 2016-04-27 20:25 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libglesv2.dll
2016-05-02 18:19 - 2016-04-27 20:25 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\System32:FB3A5DFC_Cef.gbp [2]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-2760107221-826286760-2741309303-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-2760107221-826286760-2741309303-1000\...\caixa.gov.br -> imagem.caixa.gov.br

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2016-05-09 15:08 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2760107221-826286760-2741309303-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 189.45.16.18 - 189.45.16.19
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Utilitário de Configuração de Rede Sem Fios TP-LINK.lnk => C:\Windows\pss\Utilitário de Configuração de Rede Sem Fios TP-LINK.lnk.CommonStartup
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Spotify => "C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{4C4E7E38-10B9-473F-B0B6-9A322FA4E76C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EB063D3D-2F34-4C1E-89EE-D50BB7D54643}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{78D119E2-F944-4411-BFD2-D764D6CD1657}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2AF9F9BB-1CB6-4CDC-9A7C-69B3FB9502DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AD26643C-F500-4380-8AE9-0E411FD67797}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AE3A9169-0EE7-48F5-80B0-FBD7CA05BB67}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AAA6FCE4-46ED-4F7C-9B9A-823B46693B91}C:\users\pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D694F6C0-65EE-42F7-A359-92BA96D84DE1}C:\users\pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EF7C874D-22ED-4AE2-A6F8-BC84FAE0F439}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
FirewallRules: [{292E17ED-11AA-4FDC-A81F-3CDE8B99B7FE}] => (Allow) LPort=1433
FirewallRules: [{08705EA6-B376-4184-BFDC-313862EB90E2}] => (Allow) LPort=1434
FirewallRules: [{EE1601C3-44AA-4624-94DD-5E3172B24806}] => (Allow) LPort=1433
FirewallRules: [{9866C62A-660E-4A77-A46B-E3E3A3B7ECF5}] => (Allow) LPort=1434
FirewallRules: [{EDE52627-B0C0-415F-B7EC-D93D4F81974C}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
FirewallRules: [{5B5EFEB0-4138-4FEB-909B-9B1AE343EC7F}] => (Allow) LPort=1433
FirewallRules: [{BC8CD0CB-504C-49A8-A622-73C9654F64CC}] => (Allow) LPort=1434
FirewallRules: [{3832C252-3597-4BBD-89D5-C8DDD4B94014}] => (Allow) LPort=1433
FirewallRules: [{A22EC423-CCBB-4BAD-A474-A1D397A9679A}] => (Allow) LPort=1434
FirewallRules: [{867B7248-B2EC-47BD-B85F-B4833798B94D}] => (Allow) LPort=80
FirewallRules: [{44D664A2-2D1B-4D4C-B56A-3C2C8ABA0376}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{10DD96CD-DE7F-46DF-AEB9-DB61A0221672}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2D26D68C-D6ED-4638-949B-AC81EDBBA793}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2522C125-98E3-439D-8BC1-47B23AE47408}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{336F9BD2-A314-4581-8B1F-3908AB537C9B}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{950B0077-6127-42F0-8155-0ADED817FD91}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6EFE3D31-CE3C-4179-9B12-1583E66CC54A}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6623362D-A04B-4AA4-8291-FEE66F37C0A1}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8A607442-695B-4B56-AAA5-327C4203ED53}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8D59AE98-B3EB-466F-BDA8-E1F71CF56D03}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BB6485E9-ACC2-42DA-80E0-17555475F487}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{EEE58FBB-5BC2-4568-B4D8-3537BF0DAE15}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{C259418E-B6D2-4481-A20C-4DAA79D98B06}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
FirewallRules: [{AD595458-2ABF-4FF6-A591-9529B1773F87}] => (Allow) LPort=1433
FirewallRules: [{F9B84D7E-3307-4089-AACE-823DE1584D14}] => (Allow) LPort=1434
FirewallRules: [{9ADE3D7A-9FF7-4BFA-B19D-37EDD1001ECF}] => (Allow) LPort=1433
FirewallRules: [{E9F2092D-0F04-494B-856C-AD12F4D4090F}] => (Allow) LPort=1434
FirewallRules: [{1630B0D7-47D7-444E-8619-72BF35BF243C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E7B6DACE-AC95-42C6-883F-4D34902186B1}] => (Allow) C:\Program Files\UBar\ubar.exe
FirewallRules: [{09815ADA-EC21-4604-B44F-038F85C8226E}] => (Allow) C:\Users\PC\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{D7F9619B-A3C2-44CE-A0D3-E7C71E39FCBD}] => (Allow) C:\Users\PC\AppData\Local\Temp\MPCOnline\MPCDownload.exe

==================== Pontos de Restauração =========================

20-04-2016 08:38:50 Ponto de Verificação Agendado
27-04-2016 09:26:51 Ponto de Verificação Agendado
04-05-2016 09:41:15 Ponto de Verificação Agendado

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (05/09/2016 03:31:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.

Error: (05/09/2016 03:31:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (05/09/2016 03:31:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (05/09/2016 03:26:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: chrome.exe, versão: 50.0.2661.94, carimbo de hora: 0x57213125
Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento com falha: 0xffffffff
Identificação do processo com falha: 0xf2c
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
FCaminho do módulo de falhas: chrome.exe2
Identificação do Relatório: chrome.exe3

Error: (05/09/2016 03:25:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/09/2016 03:22:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa fsd6F65.exe versão 1.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: dbc

Hora de Início: 01d1aa1f4210c411

Hora de Término: 2

Caminho do Aplicativo: C:\Users\PC\AppData\Local\Temp\fsd6F65.exe

Id do Relatório: 0a58cab2-1613-11e6-ac32-f04da2e1c080

Error: (05/09/2016 03:20:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.

Error: (05/09/2016 03:20:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (05/09/2016 03:20:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (05/09/2016 03:14:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Erros de Sistema:
=============
Error: (05/09/2016 03:26:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (05/09/2016 03:26:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (05/09/2016 03:26:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (05/09/2016 03:25:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (05/09/2016 03:25:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (05/09/2016 03:25:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
gbpddfac
gbpddreg

Error: (05/09/2016 03:19:07 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço GoogleChromeUpSvc está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.

Error: (05/09/2016 03:14:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (05/09/2016 03:14:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (05/09/2016 03:14:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2


CodeIntegrity:
===================================
Date: 2016-01-18 19:54:48.715
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP66.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-18 19:54:29.338
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP66.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-18 19:54:29.207
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP66.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-15 18:57:13.626
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP66.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-15 18:56:55.994
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP66.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-15 18:54:12.537
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP66.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-15 18:46:51.962
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP66.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-15 18:45:09.618
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP66.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-15 18:44:12.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP66.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-15 18:44:12.599
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP66.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentagem de memória em uso: 55%
RAM física total: 4008.63 MB
RAM física disponível: 1787.43 MB
Virtual Total: 8102.82 MB
Virtual disponível: 5322.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:42.53 GB) NTFS
Drive d: (dados) (Fixed) (Total:200.43 GB) (Free:148.85 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1ACFF26E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité