cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:21-05-2016
Executado por Rbn (2016-05-21 13:55:53)
Executando a partir de C:\Users\Rbn\Downloads
Windows 10 Pro Versão 1511 (X64) (2016-02-19 10:07:16)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-458733514-2886881631-2279637334-500 - Administrator - Disabled)
Convidado (S-1-5-21-458733514-2886881631-2279637334-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-458733514-2886881631-2279637334-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-458733514-2886881631-2279637334-1004 - Limited - Enabled)
Rbn (S-1-5-21-458733514-2886881631-2279637334-1001 - Administrator - Enabled) => C:\Users\Rbn
UpdatusUser (S-1-5-21-458733514-2886881631-2279637334-1002 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Reader 9.3 - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11356 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11356 - MEIXIAN XIE) <==== ATENÇÃO
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Atualizações da NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATENÇÃO
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.1510.58 - CyberLink Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{57A79409-9C79-4080-9FFA-09D4DAECC26B}) (Version: 12.4.18.7 - HP)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
K-Lite Mega Codec Pack 9.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
KMSpico v9.0.6.20131120 (HKLM\...\KMSpico_is1) (Version: 9.0.6.20131120 - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)
NVIDIA Driver de gráficos 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.11.9713 - NVIDIA Corporation)
Painel de controle da NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft)
VirtualDJ 8 (HKLM-x32\...\{68A952A1-F666-4A5F-98C9-03EE9625B2E2}) (Version: 8.1.2857.0 - Atomix Productions)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-458733514-2886881631-2279637334-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Rbn\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0C03CCB4-0CBD-4601-90CF-BB47FDEEC385} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {122EB65C-9C8E-4289-97D1-066E1AB2CDAE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {13289902-BC54-4E30-AAC0-E4B4FAE8431B} - \Dregacult Manager -> Nenhum Arquivo <==== ATENÇÃO
Task: {16DE8679-B0D2-4E3B-8157-9E5E7815D832} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATENÇÃO
Task: {1CBC2E5E-97B1-4E63-9812-2E33F99F71BA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {50600828-C3C3-4DC3-B855-2982B5136E5C} - \svchost -> Nenhum Arquivo <==== ATENÇÃO
Task: {54162C66-71C8-4A14-917B-D6ED3A1178F9} - \Shakoph Nodifier -> Nenhum Arquivo <==== ATENÇÃO
Task: {5E11462F-7A97-4E9B-BC2E-A8D44C7C918C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5F1B4A2F-0272-40A0-8DA9-9D2AE58484C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {77F114AD-2144-4210-950D-41F1B51D83D5} - System32\Tasks\PFExe => C:\Users\Rbn\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO
Task: {7CE60151-91AC-40E0-A8E5-0E7D60EE92B9} - \AutoPico Daily Restart -> Nenhum Arquivo <==== ATENÇÃO
Task: {831F6BEE-8746-4550-9B64-A70307289B15} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ENZO-Rbn Enzo => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {895F2BB9-14D7-4CA7-97FF-985E8A375726} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {9065B2FA-750C-4B2F-B7DE-A542366AAD18} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-18] (Google Inc.)
Task: {A62693F1-9DE8-43EC-956A-0D7E16E6AEBD} - System32\Tasks\HPCeeScheduleForRbn => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B35F52ED-A59B-4604-A742-895E3F17DCE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {B7A0A505-C282-43D3-B4E0-8A0B721462B6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {E59E033E-91FB-47A5-B10B-A1B7495DD771} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-18] (Google Inc.)
Task: {F05C7376-F6EA-4BCF-8BD5-15F654E0A53A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-12] (Microsoft Corporation)
Task: {FA3B8931-13E7-420B-A978-1CF0EC290A4C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRbn.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Rbn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%

==================== Módulos Carregados (Whitelisted) ==============

2016-03-14 04:59 - 2009-10-23 11:19 - 00289792 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2016-03-14 04:59 - 2009-10-23 11:19 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2016-04-07 05:02 - 2016-04-07 05:02 - 00124928 _____ () C:\Users\Rbn\AppData\Local\Apps\2.0\abril.exe
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-18 23:53 - 2015-10-13 14:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-11 20:32 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-11 20:32 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-20 18:33 - 2016-05-20 18:33 - 00959168 _____ () C:\Users\Rbn\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-11 02:13 - 2016-04-23 01:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 02:13 - 2016-04-23 00:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 02:13 - 2016-04-23 00:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 02:13 - 2016-04-23 01:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-15 12:15 - 2016-05-09 03:45 - 01920000 _____ () C:\ProgramData\msiql.exe
2016-04-24 02:09 - 2016-04-24 02:10 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-28 19:16 - 2016-04-28 19:16 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-02-19 20:22 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 02:11 - 2016-04-23 01:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-20 18:32 - 2016-05-20 18:32 - 00679624 _____ () C:\Users\Rbn\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-05-15 12:23 - 2016-05-20 19:03 - 01896960 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll
2016-04-24 02:09 - 2016-04-24 02:10 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-24 02:09 - 2016-04-24 02:10 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-12 00:09 - 2016-05-11 08:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-12 00:09 - 2016-05-11 08:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2016-05-12 00:09 - 2016-05-11 08:48 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData\CLDShowX.ini:Update.CL [5122]
AlternateDataStreams: C:\Users\Todos os Usuários\CLDShowX.ini:Update.CL [5122]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-458733514-2886881631-2279637334-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-458733514-2886881631-2279637334-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-458733514-2886881631-2279637334-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-458733514-2886881631-2279637334-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-458733514-2886881631-2279637334-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2016-05-15 12:17 - 00001188 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-458733514-2886881631-2279637334-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rbn\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-458733514-2886881631-2279637334-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 201.10.128.3 - 201.10.120.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{533DC08C-2000-403A-9C83-80C0151CBC82}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{6774830B-5419-4D86-A77F-FBF216D7C1D4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe
FirewallRules: [{F1446988-B754-4818-A4C4-A96ED05C05EE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
FirewallRules: [{924A96A6-1107-45A8-B4AF-3FF87D984E1B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe
FirewallRules: [{66F442DE-C139-4C5C-9422-13DA94187BFF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe
FirewallRules: [{AC1D07C2-5086-4EA5-8134-2DCF5ED3639B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{02EF5B50-1205-404D-9FB9-50D7C94E44DA}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{224AF087-21C7-4D93-9D1E-F8BA985AFF60}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{08A4E677-A4DA-4BE2-8840-9A1C13D6F830}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{30B9AD25-EF8A-47EB-B555-FCD4AE2610DF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{7A1C7F74-86F0-4BC0-A2BB-D1200E78297D}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{34F6FBE1-878A-4DC3-9F6F-1BE37942D71C}] => (Allow) C:\Program Files\KMSpico\KMSServer.exe
FirewallRules: [{807BBD63-D820-4457-8427-3F529D52CBAC}] => (Allow) C:\Program Files\KMSpico\KMSServer.exe
FirewallRules: [{74908252-DD9E-451B-9D56-24709904FF82}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{9EA8D322-A640-4FE3-B8C3-CE82E4CF7276}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{BF713BA9-9DDE-4C2B-9CD0-415B0242AE19}] => (Allow) LPort=1688
FirewallRules: [{EFAB813D-DE05-4D70-A4C6-243057561B5C}] => (Allow) LPort=1688
FirewallRules: [{CFDABF90-F1D1-4C4F-A848-342A36AA4521}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3F34CCBE-8273-46D0-93A3-F94A84C4F4CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{932AEAC2-7618-462D-B80E-6D6769B2FB02}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B1BACFAA-258F-4FF8-9C68-305E2C4B03A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{23159A76-896F-4925-A0C4-D4764C634C3D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B2B7039D-34E1-469E-BC97-2F2B607FAFED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CA49C1E2-4A1C-427D-9B74-D99822878FB1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0C43A069-2EB8-4BB8-8FD8-DCA588F4CEC4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AC5795F0-5958-478E-8519-5B4BC3166EB7}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{300210D0-7405-4FEC-BBB3-9E2AF85DC543}] => (Allow) C:\Users\Rbn\AppData\Local\Temp\7zS18B4\EasyInst64.exe
FirewallRules: [{58371647-AD08-4597-A152-BDE2E27B106A}] => (Allow) C:\Users\Rbn\AppData\Local\Temp\7zS18B4\EasyInst64.exe
FirewallRules: [{9E9CCBB2-324B-4CBC-921A-C168E2B86CFD}] => (Allow) LPort=9100
FirewallRules: [{145795FD-B43E-4773-B8C6-B4076623E0D0}] => (Allow) LPort=427
FirewallRules: [{F59B9F6F-46C6-4098-B3DD-6890355731D9}] => (Allow) LPort=161
FirewallRules: [{F0BA27CA-993B-4A14-B2FA-B43FC1D43820}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F4714C14-F88E-4AD9-88FF-4EAD9B48A28A}] => (Allow) C:\Users\Rbn\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{03C84A68-591E-4493-8BAC-8208483F50BC}] => (Allow) C:\Users\Rbn\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{F746B1E2-373C-474E-A0C6-ABAE3A3B51A9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{BC714CF6-D82D-4CAF-B719-1C84B3DD4BFF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F1AD2116-CC06-4885-A72E-CD242E01F430}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A1720734-6D4A-4AE1-AF28-7E502BEF68C0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

==================== Pontos de Restauração =========================

09-05-2016 09:40:23 Ponto de Verificação Agendado
15-05-2016 06:07:58 Windows Update
21-05-2016 02:22:35 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Dispositivo USB Desconhecido (Falha na Solicitação de Descritor de Dispositivo)
Description: Dispositivo USB Desconhecido (Falha na Solicitação de Descritor de Dispositivo)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (05/21/2016 09:06:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ENZO)
Description: O pacote Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App foi terminado porque levou muito tempo para ser suspenso.

Error: (05/21/2016 02:22:47 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.

System Error:
Acesso negado.
.

Error: (05/21/2016 01:00:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENZO)
Description: Falha na ativação do aplicativo Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (05/20/2016 06:53:49 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (05/20/2016 06:53:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (05/19/2016 06:09:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: rundll32.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d69c
Nome do módulo com falha: jscript9.dll, versão: 11.0.10586.306, carimbo de data/hora: 0x571af587
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000d4ee2
ID do processo com falha: 0x1ac8
Hora de início do aplicativo com falha: 0xrundll32.exe0
Caminho do aplicativo com falha: rundll32.exe1
Caminho do módulo com falha: rundll32.exe2
ID do Relatório: rundll32.exe3
Nome completo do pacote com falha: rundll32.exe4
ID do aplicativo relativo ao pacote com falha: rundll32.exe5

Error: (05/19/2016 05:09:58 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (05/19/2016 04:43:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: spoolsv.exe, versão: 10.0.10586.122, carimbo de data/hora: 0x56cc1211
Nome do módulo com falha: HP1100LM.DLL, versão: 2009.1023.1.12658, carimbo de data/hora: 0x4ae120db
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000002370
ID do processo com falha: 0x770
Hora de início do aplicativo com falha: 0xspoolsv.exe0
Caminho do aplicativo com falha: spoolsv.exe1
Caminho do módulo com falha: spoolsv.exe2
ID do Relatório: spoolsv.exe3
Nome completo do pacote com falha: spoolsv.exe4
ID do aplicativo relativo ao pacote com falha: spoolsv.exe5

Error: (05/18/2016 10:17:43 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (05/15/2016 05:22:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ENZO)
Description: O pacote Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App foi terminado porque levou muito tempo para ser suspenso.


Erros de Sistema:
=============
Error: (05/21/2016 01:11:20 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (05/21/2016 08:38:01 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um setor defeituoso.

Error: (05/21/2016 08:37:53 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um setor defeituoso.

Error: (05/21/2016 08:37:46 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um setor defeituoso.

Error: (05/21/2016 07:42:47 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (05/21/2016 05:31:49 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um setor defeituoso.

Error: (05/21/2016 05:31:42 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um setor defeituoso.

Error: (05/21/2016 05:31:34 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um setor defeituoso.

Error: (05/21/2016 05:31:27 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um setor defeituoso.

Error: (05/21/2016 05:31:19 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um setor defeituoso.


CodeIntegrity:
===================================
Date: 2016-05-21 13:55:53.382
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-21 13:55:53.355
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-21 13:55:52.950
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-21 13:55:52.918
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-21 12:48:08.678
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-21 12:48:08.580
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-21 07:42:45.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-21 03:25:45.382
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-21 03:25:45.341
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-21 02:48:03.000
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
Percentagem de memória em uso: 80%
RAM física total: 2815.23 MB
RAM física disponível: 548.44 MB
Virtual Total: 3711.23 MB
Virtual disponível: 818.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.19 GB) (Free:224.18 GB) NTFS
Drive d: () (Fixed) (Total:1104.29 GB) (Free:1.89 GB) NTFS
Drive e: (NEW) (CDROM) (Total:4.35 GB) (Free:0 GB) UDF
Drive f: (Reservado pelo Sistema) (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS
Drive g: () (Fixed) (Total:576.64 GB) (Free:26.26 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 5A8DE30C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=1104.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 84248424)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=576.6 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité