cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 29-06-2016
Executado por Vitor (2016-07-01 19:07:11)
Executando a partir de D:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-03-30 01:07:37)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-4079962982-582898089-2468463420-500 - Administrator - Disabled)
Convidado (S-1-5-21-4079962982-582898089-2468463420-501 - Limited - Disabled)
Vitor (S-1-5-21-4079962982-582898089-2468463420-1000 - Administrator - Enabled) => C:\Users\Vitor

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AMCap (HKLM-x32\...\AMCap) (Version: 9.21.156.3 - Noël Danjou)
Ares 2.2.4 (HKLM-x32\...\Ares) (Version: 2.2.4-Build#3048 - Ares Development Group)
Ashampoo Burning Studio 2013 v.11.0.5 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.5 - Ashampoo GmbH & Co. KG)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Diagnóstico da impressora Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
Exibir Manual do Usuário (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
ffdshow v1.1.3572 [2010-09-13] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3572.0 - )
FormatFactory 3.9.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.9.0.1 - Free Time)
Freemake Video Converter versão 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GRID 2 Update v1.0.85.8679 Incl. DLC (HKLM-x32\...\R1JJRDI=_is1) (Version: 1 - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x64 pt-BR) (HKLM\...\Mozilla Firefox 47.0 (x64 pt-BR)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NVIDIA Driver de gráficos 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
oCam versão 212.0 (HKLM-x32\...\oCam_is1) (Version: 212.0 - hxxp://ohsoft.net/)
Opera Stable 38.0.2220.29 (HKLM-x32\...\Opera 38.0.2220.29) (Version: 38.0.2220.29 - Opera Software)
Opti Drive Control 1.70 (HKLM-x32\...\{80157B54-DB3E-4EE9-8AD8-63A905765FF4}_is1) (Version: - Erik Deppe)
Painel de controle da NVIDIA 364.72 (Version: 364.72 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7767 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Samsung M2020 Series (HKLM-x32\...\Samsung M2020 Series) (Version: 1.23 (24/12/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sib Icon Editor (HKLM-x32\...\Sib Icon Editor) (Version: - )
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Sync Breeze 6.5.32 (HKLM-x32\...\Sync Breeze) (Version: 6.5.32 - Flexense Computing Systems Ltd.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Warsaw 1.12.3.5 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.3.5 - GAS Tecnologia)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {1E08F2B6-2FF4-4F50-B0A0-C3D664EAA029} - System32\Tasks\JetCleanLoginCheckUpdate => D:\Programas\Manutenção\JetClean\AutoUpdate.exe
Task: {2FD0EFF7-D192-4A0B-BA30-5DA0F941F2F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-30] (Google Inc.)
Task: {509F6740-30A8-48C7-968B-A836995ACB81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-30] (Google Inc.)
Task: {510A078B-8CB7-4CD6-9642-4A851F5C8DE9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-01] (AVAST Software)
Task: {614CD05B-4EFC-4C9C-AF43-DB69BD974A0C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: {64FBD3F0-942C-4676-A899-7BB063687A9B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {74B48148-F5B9-4623-AB0D-ABE1183E8113} - System32\Tasks\SafeZone scheduled Autoupdate 1459377964 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {B77892A4-5A1C-45DC-B868-8091FB445C03} - System32\Tasks\SmartDefrag3_Update => D:\Downloads\Smart Defrag 3\AutoUpdate.exe
Task: {CEAC3CDD-A470-4E5F-A0C5-C9B1464BFF4B} - System32\Tasks\Opera scheduled Autoupdate 1459434041 => C:\Program Files (x86)\Opera\launcher.exe [2016-06-07] (Opera Software)
Task: {D4515D26-F0CF-44E4-A2F9-24F3CA0270DE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Vitor\AppData\Local\Google\Chrome\User Data\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Vitor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

==================== Módulos Carregados (Whitelisted) ==============

2016-03-29 22:32 - 2016-03-21 23:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-30 17:41 - 2014-10-30 09:18 - 00029184 _____ () C:\Windows\System32\ssj2mlm.dll
2016-03-30 18:43 - 2016-03-30 18:43 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2016-03-30 18:43 - 2016-03-30 18:43 - 00077824 _____ () C:\Windows\KMService.exe
2016-06-30 19:31 - 2016-06-30 13:53 - 00075776 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-05-09 17:45 - 2016-05-09 17:45 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-09 17:45 - 2016-05-09 17:45 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-30 19:00 - 2016-06-30 19:00 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16063000\algo.dll
2016-07-01 17:13 - 2016-07-01 17:13 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070102\algo.dll
2016-05-09 17:45 - 2016-05-09 17:45 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-03-30 18:55 - 2016-03-30 18:55 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-07-01 17:13 - 2016-07-01 17:13 - 00098816 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32api.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00110080 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\pywintypes27.dll
2016-07-01 17:13 - 2016-07-01 17:13 - 00364544 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\pythoncom27.dll
2016-07-01 17:13 - 2016-07-01 17:13 - 00320512 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32com.shell.shell.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00776704 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\_hashlib.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 01176576 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\wx._core_.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00806400 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\wx._gdi_.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00816128 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\wx._windows_.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 01067008 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\wx._controls_.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00733184 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\wx._misc_.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00682496 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\pysqlite2._sqlite.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00088064 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\_ctypes.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00119808 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32file.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00108544 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32security.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00007168 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\hashobjs_ext.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00017920 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\thumbnails_ext.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00088064 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\usb_ext.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00012288 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\common.time34.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00018432 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32event.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00167936 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32gui.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00046080 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\_socket.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 01208320 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\_ssl.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00128512 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\_elementtree.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00127488 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\pyexpat.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00038912 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32inet.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00036864 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\_psutil_windows.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00525208 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\windows._lib_cacheinvalidation.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00011264 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32crypt.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00077312 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\wx._html2.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00027136 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\_multiprocessing.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00020480 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\_yappi.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00035840 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32process.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00686080 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\unicodedata.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00078848 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\wx._animate.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00123392 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\wx._wizard.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00024064 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32pipe.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00010240 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\select.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00025600 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32pdh.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00017408 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32profile.pyd
2016-07-01 17:13 - 2016-07-01 17:13 - 00022528 ____R () C:\Users\Vitor\AppData\Local\Temp\_MEI39082\win32ts.pyd
2016-06-21 20:18 - 2016-06-15 06:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-21 20:18 - 2016-06-15 06:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\System32:FE79D366_Cef.gbp [2]
AlternateDataStreams: C:\Windows\System32:FE79D366_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1778]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\.DEFAULT\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\.DEFAULT\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-4079962982-582898089-2468463420-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-4079962982-582898089-2468463420-1000\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-4079962982-582898089-2468463420-1000\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-4079962982-582898089-2468463420-1000\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-4079962982-582898089-2468463420-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-4079962982-582898089-2468463420-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-4079962982-582898089-2468463420-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-4079962982-582898089-2468463420-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2016-06-21 11:34 - 2016-06-21 12:08 - 00000000 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-4079962982-582898089-2468463420-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Vitor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 201.17.1.82 - 201.17.0.42
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{65AF5AE9-E466-4705-AD5B-B3CDBC23C26A}] => (Block) %ProgramFiles%\Ashampoo\Ashampoo Burning Studio 2013\burningstudio2013.exe
FirewallRules: [{10DB2685-9D78-43CF-BB57-C619FBD22C4E}] => (Block) %ProgramFiles%\Ashampoo\Ashampoo Burning Studio 2013\burningstudio2013.exe
FirewallRules: [{9437B26C-CE52-4282-B872-F328AC61D6D1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D1D6D29D-96BD-4F99-AE16-EECB8838A088}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4D0428B6-66B8-484B-B4C2-FD15D8795BF3}] => (Block) C:\Program Files (x86)\oCam\oCam.exe
FirewallRules: [{F8AB8CE4-B366-4B6A-A343-6CA5745B9E4A}] => (Block) C:\Program Files (x86)\oCam\oCam.exe
FirewallRules: [{9E6302D6-4226-4852-AB97-7F762071911D}] => (Block) D:\Programas\Identificação de Hardware\AIDA64\aida64.exe
FirewallRules: [{944051F9-57DA-4D7F-A5FA-F7EFEEC57C66}] => (Block) D:\Programas\Identificação de Hardware\AIDA64\aida64.exe
FirewallRules: [{4A5EB63E-EB03-4B5D-9FD0-9678927BBA12}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8C80A016-A7CB-44CE-AE08-2BA9882273DC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{2D35F002-B9AE-495D-9725-8ABE721BCF37}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [UDP Query User{495F95E0-E511-493E-BB5B-B5CB11B48BAF}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [{BDD4D384-4143-4CAF-B141-11E233EEC472}] => (Allow) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{06FF4C5A-4597-46D9-9084-4677C81E0B22}] => (Allow) C:\Program Files\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4107A43C-6EB5-43F1-B7A8-CAEB1C63646C}] => (Allow) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{461E060E-E619-42EC-BA6A-AF18D96D0E36}] => (Allow) C:\Program Files\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{E9B650DF-DBB3-433E-A6FA-F7FC3E0123C7}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{914CDD8D-D940-4B09-B91E-10E9F92D729A}] => (Block) C:\Program Files\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe
FirewallRules: [{99B2FE93-4BEA-4DD0-98E1-D13EE9847ABA}] => (Block) C:\Program Files\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe

==================== Pontos de Restauração =========================

28-06-2016 20:06:04 Ponto de Verificação Agendado
01-07-2016 18:44:25 paint.net v4.0.9

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/01/2016 06:44:25 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.


Operação:
Obtendo Dados do Gravador

Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {ddd893bd-4b6a-488a-81e3-4643bfdb62ee}

Error: (06/22/2016 11:04:25 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Falha do Windows Search Service ao processar a lista de locais incluídos e excluídos com o erro <30, 0x80040d07, "iehistory://{S-1-5-21-4079962982-582898089-2468463420-1000}/">.

Error: (06/22/2016 10:57:50 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.


Operação:
Obtendo Dados do Gravador

Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {276a1126-0407-4738-89c5-96af4963d789}

Error: (06/22/2016 09:55:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (06/21/2016 09:01:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (06/21/2016 01:36:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (06/21/2016 01:16:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (06/21/2016 12:54:31 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Falha do Windows Search Service ao processar a lista de locais incluídos e excluídos com o erro <30, 0x80040d07, "iehistory://{S-1-5-21-4079962982-582898089-2468463420-1000}/">.

Error: (06/21/2016 12:33:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (06/21/2016 11:38:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.


Erros de Sistema:
=============
Error: (07/01/2016 05:15:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (07/01/2016 05:13:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (07/01/2016 05:13:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
gbpddreg

Error: (06/30/2016 11:01:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/30/2016 08:52:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Freemake Improver foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (06/30/2016 06:59:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/30/2016 06:58:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (06/30/2016 06:58:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2 = O sistema não pode encontrar o arquivo especificado.


Error: (06/30/2016 06:58:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (06/30/2016 06:58:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
gbpddreg


CodeIntegrity:
===================================
Date: 2016-06-22 21:32:21.791
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Programas\Identificação de Hardware\AIDA64\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-22 21:32:21.778
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Programas\Identificação de Hardware\AIDA64\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-06 19:27:17.822
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Programas\Identificação de Hardware\AIDA64\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-06 19:27:17.810
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Programas\Identificação de Hardware\AIDA64\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-05-08 10:50:03.396
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Programas\Identificação de Hardware\AIDA64\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-05-08 10:50:03.384
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Programas\Identificação de Hardware\AIDA64\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-05-05 20:01:04.832
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Programas\Identificação de Hardware\AIDA64\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-05-05 20:01:04.820
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Programas\Identificação de Hardware\AIDA64\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 15:43:09.953
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Programas\Identificação de Hardware\AIDA64\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 15:43:09.939
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Programas\Identificação de Hardware\AIDA64\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Informações da Memória ===========================

Processador: AMD FX(tm)-4100 Quad-Core Processor
Percentagem de memória em uso: 37%
RAM física total: 8189.55 MB
RAM física disponível: 5132.44 MB
Virtual Total: 16377.31 MB
Virtual disponível: 12969.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:409.22 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:374.83 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 68E9426C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 43A87525)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité