cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 28-06-2016
Executado por Admin (2016-06-29 13:29:45)
Executando a partir de C:\Users\Admin\Desktop
Microsoft Windows 7 Professional (X86) (2014-08-08 00:43:07)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Admin (S-1-5-21-4156198900-4181324601-1252614729-1000 - Administrator - Enabled) => C:\Users\Admin
Administrador (S-1-5-21-4156198900-4181324601-1252614729-500 - Administrator - Disabled)
Convidado (S-1-5-21-4156198900-4181324601-1252614729-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4156198900-4181324601-1252614729-1002 - Limited - Enabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11380 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11380 - MEIXIAN XIE) <==== ATENÇÃO
Advanced-System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~4A5BE654_is1) (Version: 2.1.1000.14138 - Systweak Software) <==== ATENÇÃO
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Baidu Antivirus (HKLM\...\Baidu Antivirus) (Version: 5.6.3.186847 - Baidu, Inc.)
Baidu Browser (HKLM\...\Spark) (Version: 43.23 Preview - Baidu Inc.)
Buzzdock (HKLM\...\{cfd32d46-7d3f-483f-bace-7172aec5592d}) (Version: - Alactro LLC) <==== ATENÇÃO
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Digital More (HKLM\...\Digital More) (Version: 2.0.5584.37129 - Digital More) <==== ATENÇÃO
Dominó Master 3.3.1 (HKLM\...\Dominó Master_is1) (Version: - RkSoft Softwares)
Donkey Kong Country 3: Dixie Kong's Double Trouble! (HKLM\...\Donkey Kong Country 3: Dixie Kong's Double Trouble!_is1) (Version: - GameFabrique)
Download & Install Packages (HKU\S-1-5-21-4156198900-4181324601-1252614729-1000\...\Download & Install Packages) (Version: - ) <==== ATENÇÃO
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKU\S-1-5-21-4156198900-4181324601-1252614729-1000\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
LiveUpdateWPP (HKLM\...\LiveUpdateWPP) (Version: - Anti-phishing database updater for Web Protector Plus. This service keeps your computer updated with the newest database of known Internet threats.) <==== ATENÇÃO
Max HD versão 3.2 (HKLM\...\{D8EBC18C-B610-452D-A8CC-2250CBD28EDB}_is1) (Version: 3.2 - Max Company)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{C6115A28-F277-4E82-B067-84D28BF21046}) (Version: 7.03.1357 - Nero AG)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PriceFountain (HKU\S-1-5-21-4156198900-4181324601-1252614729-1000\...\EsteemsTemporalities) (Version: - ) <==== ATENÇÃO
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Safe Web (HKLM\...\SafeWeb) (Version: 2.7.45 - Acute Angle Solutions Ltd)
Salus (HKLM\...\Salus) (Version: 2.02.11.0 - Salus) <==== ATENÇÃO
Skype™ 7.22 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Softonic Assistant (HKU\S-1-5-21-4156198900-4181324601-1252614729-1000\...\SoftonicAssistant) (Version: 0.2.3 - Softonic International S.A.) <==== ATENÇÃO
Tuneup Pro (HKLM\...\Tuneup Pro_is1) (Version: 1.08 - tuneuppro.com)
Unity Web Player (HKU\S-1-5-21-4156198900-4181324601-1252614729-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
Update for PriceFountain (HKU\S-1-5-21-4156198900-4181324601-1252614729-1000\...\{00D82B89-4DF7-AABF-60A1-2C9A98372E83}) (Version: - Update for PriceFountain) <==== ATENÇÃO
Update for PriceFountain (HKU\S-1-5-21-4156198900-4181324601-1252614729-1000\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATENÇÃO
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.30.3\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Admin\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.29.5\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Admin\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.29.1\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.28.15\psuser.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4156198900-4181324601-1252614729-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.30.3\psuser.dll (Google Inc.)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {00CB9191-097B-4921-89CF-6ED504A776A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {0501291B-3224-42D7-A0A9-49FEED70681C} - System32\Tasks\Voo Update => C:\Users\Admin\AppData\Roaming\VOOUPD~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {16264937-F85E-4158-A056-EE5F765CA965} - System32\Tasks\Price Fountain => C:\Users\Admin\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {1D72DDFD-AF3D-4E0A-B54D-11AC70E8C3F6} - System32\Tasks\{83D2B398-3A88-4664-8573-A09A4E17773A} => pcalua.exe -a C:\Users\Admin\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATENÇÃO
Task: {2833A71B-C9F1-41B0-B98C-FE5FC0FC6B14} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATENÇÃO
Task: {347661C8-FE45-4A7A-9438-52E785B9DFEA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4156198900-4181324601-1252614729-1000UA => C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-13] (Facebook Inc.)
Task: {3660DD24-2732-4F57-B9F9-49A4B333CD4D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4156198900-4181324601-1252614729-1000Core => C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-13] (Facebook Inc.)
Task: {3BB77237-A2AE-4AA4-A664-369A66A84498} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATENÇÃO
Task: {42EEE3F7-BF95-437D-B0AE-2FC75C43B758} - System32\Tasks\{337F9C91-A315-465A-B5F1-57FC0F65D856} => pcalua.exe -a C:\Users\Admin\Downloads\UstreamProducer-2.0.2.exe -d C:\Users\Admin\Downloads
Task: {4460263D-57A2-4137-B0AD-3B2CC679E045} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4156198900-4181324601-1252614729-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {54FB341C-DA6B-49E7-8777-7BB9B086F627} - System32\Tasks\Tuneup Pro_UPDATES => C:\Program Files\Tuneup Pro\TuneupPro.exe [2014-10-29] (Tuneup Pro)
Task: {71EE5DA4-0CDF-4AB9-B609-E278D77AE804} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js" <==== ATENÇÃO
Task: {875774DC-CBD6-4D1E-9F8A-CF3FD3ED1DB3} - System32\Tasks\AdminEsteemsTemporalitiesV2 => Rundll32.exe UnopenedCornstalks.dll,main 7 1 <==== ATENÇÃO
Task: {8DD451E4-20CF-4AAB-992B-528E30AFED8B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4156198900-4181324601-1252614729-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {966899BA-7C1C-40EA-BA7F-161260937EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-21] (Google Inc.)
Task: {98AB32B8-70D8-4EB6-803A-12C72FCCF3C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-21] (Google Inc.)
Task: {A2C2598D-ECC0-4AC1-81C0-F446AFD00C4C} - System32\Tasks\Tuneup Pro_DEFAULT => C:\Program Files\Tuneup Pro\TuneupPro.exe [2014-10-29] (Tuneup Pro)
Task: {B4DF4406-3D93-40C0-9EA9-4C48EC20B673} - System32\Tasks\Baidu Antivirus Update => C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\BavUpdater.exe [2015-08-04] (Baidu, Inc.) <==== ATENÇÃO
Task: {D3EDA57F-9177-490F-B4C6-AC054E58A65D} - System32\Tasks\SparkUpdater => C:\Program Files\baidu\Baidu Browser\SparkUpdate.exe [2016-01-15] (Baidu.com, Inc.)
Task: {D7DC84D2-E7C5-443F-A7AE-1CB0453EB7DE} - System32\Tasks\{00D82B89-4DF7-AABF-60A1-2C9A98372E83} => C:\Users\Admin\AppData\Roaming\{00D82~1\updater.exe [2013-05-02] () <==== ATENÇÃO
Task: {EF7EAC37-96D7-455C-9072-F1EF0214350F} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATENÇÃO
Task: {F9FF7E83-EFE5-4F6C-9EFC-479C562ADA8A} - System32\Tasks\{7D209498-AF15-4D64-9CB4-504EEFA4DC55} => pcalua.exe -a C:\PROGRA~1\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATENÇÃO

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4156198900-4181324601-1252614729-1000Core.job => C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4156198900-4181324601-1252614729-1000UA.job => C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4156198900-4181324601-1252614729-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4156198900-4181324601-1252614729-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\Admin\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: C:\Windows\Tasks\Tuneup Pro_DEFAULT.job => C:\Program Files\Tuneup Pro\TuneupPro.exe
Task: C:\Windows\Tasks\Tuneup Pro_UPDATES.job => C:\Program Files\Tuneup Pro\TuneupPro.exe
Task: C:\Windows\Tasks\Voo Update.job => C:\Users\Admin\AppData\Roaming\VOOUPD~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: C:\Windows\Tasks\{00D82B89-4DF7-AABF-60A1-2C9A98372E83}.job => C:\Users\Admin\AppData\Roaming\{00D82~1\updater.exe <==== ATENÇÃO

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\Admin\Desktop\Google.lnk -> hxxp://www.google.comJC:\Program Files\baidu\Baidu Browser\resource\application\Image\google.ico? (Nenhum Arquivo)
Shortcut: C:\Users\Public\Desktop\Facebook.lnk -> hxxp://www.facebook.comLC:\Program Files\baidu\Baidu Browser\resource\application\Image\facebook.ico? (Nenhum Arquivo)
Shortcut: C:\Users\Public\Desktop\Google.lnk -> hxxp://www.google.comJC:\Program Files\baidu\Baidu Browser\resource\application\Image\google.ico? (Nenhum Arquivo)

==================== Módulos Carregados (Whitelisted) ==============

2016-05-10 09:23 - 2016-06-29 10:07 - 00536168 _____ () C:\Windows\vonetframeHelp.dll
2016-05-19 06:06 - 2016-05-19 06:06 - 00128624 _____ () C:\Program Files\CalendarTool\2.0.0.11380\CalendarEntry.dll
2015-08-04 08:51 - 2015-08-04 08:51 - 00298480 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\HipsLogger.dll
2015-08-04 08:51 - 2015-07-14 01:09 - 00176112 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\dark.dll
2015-08-04 08:51 - 2015-08-04 08:51 - 00540656 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\sqlite.dll
2015-08-04 08:51 - 2015-08-04 08:51 - 00197944 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\TinyIPC32.dll
2015-08-04 08:51 - 2015-08-04 08:51 - 00370672 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\BNetOp.dll
2016-05-19 06:11 - 2016-05-19 06:11 - 00153200 _____ () C:\Program Files\CalendarTool\2.0.0.11380\CalendarServ.exe
2014-08-07 22:01 - 2009-08-03 02:35 - 00413936 _____ () c:\windows\system32\mirovirtual.dll
2016-05-19 06:06 - 2016-05-19 06:06 - 02249328 _____ () C:\Program Files\CalendarTool\2.0.0.11380\Calendar.exe
2015-08-04 08:51 - 2015-08-04 08:51 - 00167920 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\Plugins\Plugin_Hips_TipsCtl\HipsTipControl.dll
2015-08-04 08:51 - 2015-08-04 08:51 - 00277488 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\Pulgin_Dark_DeleteFileTip.dll
2015-08-04 08:51 - 2015-08-04 08:51 - 00147952 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\Plugins\Plugin_User_Mon\HUMHandler\HUMAnalyzeHandler.dll
2015-08-04 08:51 - 2015-08-04 08:51 - 00158704 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\Plugins\Plugin_User_Mon\HUMHandler\HUMSupplementHandler.dll
2015-08-04 08:51 - 2015-08-04 08:51 - 00120304 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.6.3.186847.0\Plugins\Plugin_User_Mon\HUMHandler\HUMUSBHandler.dll
2015-05-08 15:50 - 2015-05-08 15:50 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2016-06-06 15:02 - 2008-08-29 09:12 - 00932864 _____ () C:\Users\Admin\Desktop\Xpadder.exe
2007-01-24 17:22 - 2016-06-06 16:09 - 00594432 _____ () C:\Users\Admin\Desktop\super nintendo\zsnesw.exe
2015-01-08 22:57 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Admin\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-01-08 22:57 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Admin\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:04 - 2009-06-10 18:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-4156198900-4181324601-1252614729-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{2311822C-D202-4B4A-8F9E-5CB905B6D137}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [UDP Query User{785996B5-AE33-4032-8863-BE67A0C17614}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [{8613D453-7043-4CE7-8617-FC034E8532C7}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{F014B3CB-54C8-4A25-94BC-ECE1069C6B92}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{BB7CF05D-9B68-4FD2-A1B7-80DBF7CC6752}] => (Allow) C:\Program Files\ManyCam\ManyCam.exe
FirewallRules: [{BD4C0272-63BF-497B-B3BA-68625D4F8B80}] => (Allow) C:\Program Files\ManyCam\ManyCam.exe
FirewallRules: [TCP Query User{3DF72EFA-FC6A-410D-AE80-CFBD768BE288}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [UDP Query User{B20E9CF9-7CE1-490A-9BC9-E6AC4B14E11B}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [{1B66063A-5144-4D29-981A-DE6A3CB67028}] => (Allow) C:\Users\Admin\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{EB81A748-5E2B-45DE-AE43-AF8B3EA15438}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{8E032EC0-8F1C-478C-A763-7CB07B46BACB}] => (Allow) C:\Program Files\baidu\Spark\Spark.exe
FirewallRules: [{C4AAE2FC-76E9-49F8-83EE-0A0666716445}] => (Allow) C:\Program Files\baidu\Spark\Spark.exe
FirewallRules: [{57474B68-D7D7-46B6-A07E-C72107EC5FFA}] => (Allow) C:\Program Files\baidu\Spark\bdtray.exe
FirewallRules: [{322E5420-6D89-41AD-8A34-33E3F304F546}] => (Allow) C:\Program Files\baidu\Spark\bdtray.exe
FirewallRules: [{EFAE1532-A8BE-4913-97B1-C73576175D89}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{314D7AA0-AF9D-4622-8D7E-4CBA36973728}C:\windows\temp\db14.exe] => (Block) C:\windows\temp\db14.exe
FirewallRules: [UDP Query User{E9A0DD38-2B8F-453E-9043-F7FA76D71375}C:\windows\temp\db14.exe] => (Block) C:\windows\temp\db14.exe
FirewallRules: [TCP Query User{18B67CEC-9797-4F98-9521-6D11EC0D6385}C:\windows\temp\db15.exe] => (Block) C:\windows\temp\db15.exe
FirewallRules: [UDP Query User{EB479EED-3A3F-4DAB-A42F-E60037A7A474}C:\windows\temp\db15.exe] => (Block) C:\windows\temp\db15.exe
FirewallRules: [{B8760D6A-BF5C-4C3A-99A6-3893AAD94BAC}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{D22D17D2-1B89-46AE-9729-89D1EA325754}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{4C59D5A8-FEA6-446D-A1A3-974BC430E387}] => (Allow) C:\Program Files\baidu\Baidu Browser\Spark.exe
FirewallRules: [{53924572-E5EE-44DF-BA82-9A5007C73A3B}] => (Allow) C:\Program Files\baidu\Baidu Browser\Spark.exe
FirewallRules: [{BD8152EC-48C9-4D59-B9E9-A09C3BF6DD15}] => (Allow) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

29-05-2016 20:09:21 Backup do Windows
05-06-2016 19:00:15 Backup do Windows
07-06-2016 19:20:00 Windows Defender Checkpoint
12-06-2016 19:30:55 Backup do Windows
13-06-2016 07:34:37 Windows Update
19-06-2016 19:41:14 Backup do Windows
26-06-2016 20:04:56 Backup do Windows
29-06-2016 09:58:12 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
29-06-2016 13:07:43 DirectX instalado

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: ccnfd_1_10_0_4
Description: ccnfd_1_10_0_4
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ccnfd_1_10_0_4
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ccnfd_1_10_0_5
Description: ccnfd_1_10_0_5
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ccnfd_1_10_0_5
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: badriver
Description: badriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: badriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: wpnfd_1_10_0_5
Description: wpnfd_1_10_0_5
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wpnfd_1_10_0_5
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (06/29/2016 01:26:34 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Não foi possível inicializar o processo de host do filtro. Encerrando.

Detalhes:
Esta operação foi retornada porque o tempo limite expirou. (HRESULT : 0x800705b4) (0x800705b4)

Error: (06/29/2016 01:22:32 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Não foi possível inicializar o processo de host do filtro. Encerrando.

Detalhes:
Esta operação foi retornada porque o tempo limite expirou. (HRESULT : 0x800705b4) (0x800705b4)

Error: (06/29/2016 01:18:30 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Não foi possível inicializar o processo de host do filtro. Encerrando.

Detalhes:
Esta operação foi retornada porque o tempo limite expirou. (HRESULT : 0x800705b4) (0x800705b4)

Error: (06/29/2016 01:14:19 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Não foi possível inicializar o processo de host do filtro. Encerrando.

Detalhes:
Esta operação foi retornada porque o tempo limite expirou. (HRESULT : 0x800705b4) (0x800705b4)

Error: (06/29/2016 01:10:17 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Não foi possível inicializar o processo de host do filtro. Encerrando.

Detalhes:
Esta operação foi retornada porque o tempo limite expirou. (HRESULT : 0x800705b4) (0x800705b4)

Error: (06/29/2016 01:07:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Parâmetro incorreto.
.

Error: (06/29/2016 01:07:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.


Operação:
Obtendo Dados do Gravador

Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {353b141d-4d4f-4fb0-955a-089b390e6707}

Error: (06/29/2016 01:06:07 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Não foi possível inicializar o processo de host do filtro. Encerrando.

Detalhes:
Esta operação foi retornada porque o tempo limite expirou. (HRESULT : 0x800705b4) (0x800705b4)

Error: (06/29/2016 01:02:06 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Não foi possível inicializar o processo de host do filtro. Encerrando.

Detalhes:
Esta operação foi retornada porque o tempo limite expirou. (HRESULT : 0x800705b4) (0x800705b4)

Error: (06/29/2016 12:58:04 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Não foi possível inicializar o processo de host do filtro. Encerrando.

Detalhes:
Esta operação foi retornada porque o tempo limite expirou. (HRESULT : 0x800705b4) (0x800705b4)


Erros de Sistema:
=============
Error: (06/29/2016 10:43:56 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (06/29/2016 10:43:55 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (06/29/2016 10:12:05 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (06/29/2016 10:12:05 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (06/29/2016 10:09:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (60000 milissegundos) ao aguardar a conexão do serviço Microsoft .NET Framework NGEN v4.0.30319_X86.

Error: (06/29/2016 10:07:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
badriver
ccnfd_1_10_0_4
ccnfd_1_10_0_5
wpnfd_1_10_0_5

Error: (06/29/2016 10:07:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Update Mgr DigitalMore devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/29/2016 10:07:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Service Mgr DigitalMore devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/29/2016 10:07:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço rcores devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/29/2016 10:06:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (60000 milissegundos) ao aguardar a conexão do serviço Microsoft .NET Framework NGEN v4.0.30319_X86.


==================== Informações da Memória ===========================

Processador: Celeron(R) Dual-Core CPU T3500 @ 2.10GHz
Percentagem de memória em uso: 67%
RAM física total: 2008.61 MB
RAM física disponível: 643.55 MB
Virtual Total: 4017.22 MB
Virtual disponível: 2381.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:188.35 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 48CED053)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité