cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 20-07-2016
Executado por mario (2016-07-22 18:35:27)
Executando a partir de C:\Users\mario\Desktop
Windows 7 Professional (X64) (2015-09-10 16:54:42)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-206710319-2657337602-3132182100-500 - Administrator - Disabled)
Convidado (S-1-5-21-206710319-2657337602-3132182100-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-206710319-2657337602-3132182100-1002 - Limited - Enabled)
mario (S-1-5-21-206710319-2657337602-3132182100-1000 - Administrator - Enabled) => C:\Users\mario

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader 9.1 - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Advanced SystemCare 5 (HKLM-x32\...\Advanced SystemCare 5_is1) (Version: 5.0.0 - IObit)
Andy OS (HKLM\...\Andy OS) (Version: 46.1.249.0 - Andy OS, Inc)
Atualizações da NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1312.54 - CyberLink Corp.)
DriverIdentifier 5.1 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.4.1 - SCS Software)
Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: - )
Genymotion version 2.6.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.6.0 - Genymobile)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Kingo ROOT version 1.4.5.2663 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.4.5.2663 - Kingosoft Technology Ltd.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.1 (HKLM-x32\...\{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 47.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 pt-BR)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Nero 7 Essentials (HKLM-x32\...\{F87DA817-8D53-42CC-AA45-93A100341046}) (Version: 7.02.3907 - Nero AG)
NewProduct 1.00 (HKLM-x32\...\NewProduct 1.00) (Version: 1.00 - Company)
NVIDIA Driver de gráficos 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation)
Painel de controle da NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
SMPlayer 0.6.9 (HKLM-x32\...\SMPlayer) (Version: 0.6.9 - RVM)
SpyHunter (HKLM-x32\...\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}) (Version: 4.1.11 - Enigma Software Group USA, LLC)
Tomb Raider: Legend 1.0 (HKLM-x32\...\Tomb Raider: Legend) (Version: - )
Unity Web Player (HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\UnityWebPlayer) (Version: 5.2.5f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
VMware Player (HKLM\...\{57AA4E8A-E2C9-4F1C-B3F1-762C36E34472}) (Version: 12.1.0 - VMware, Inc.)
VMware VIX (HKLM-x32\...\{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}) (Version: 1.15.2.00000 - VMware, Inc.)
WhatsApp (HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\WhatsApp) (Version: 0.2.936 - WhatsApp)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {BD1E2BFB-4A20-439D-BE18-D60D72A47026} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe [2010-06-28] (Enigma Software Group USA, LLC.)
Task: {D1C3A91C-9049-4F26-BCD4-2FD07824BE28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-11] (Google Inc.)
Task: {E126B896-2E91-4C6C-A3E0-50F258308BFB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {FB108AE5-AB54-49DC-B52E-D4A76C75670A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-11] (Google Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\mario\AppData\Local\Microsoft\Windows\GameExplorer\{9A2D0C7E-23C0-428C-A78A-53CDDFF39328}\SupportTasks\0\Mais Jogos da Microsoft.lnk -> hxxp://www.tombraider.com/

==================== Módulos Carregados (Whitelisted) ==============

2015-09-10 14:24 - 2015-02-03 23:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-02-04 06:33 - 2016-01-19 19:38 - 00984776 _____ () C:\Program Files\Andy\HandyAndy.exe
2016-02-04 06:33 - 2016-01-15 17:38 - 00868552 _____ () C:\Program Files\Andy\AndyADB.exe
2015-09-13 12:13 - 2011-04-21 16:54 - 00347024 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 5\madExcept_.bpl
2015-09-13 12:13 - 2011-04-21 16:54 - 00179088 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 5\madBasic_.bpl
2015-09-13 12:13 - 2011-04-21 16:54 - 00046480 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 5\madDisAsm_.bpl
2010-05-18 16:54 - 2010-05-18 16:54 - 00395776 _____ () C:\Program Files (x86)\Enigma Software Group\SpyHunter\ExecutionGuard.dll
2015-09-10 14:37 - 2012-01-01 23:21 - 00374056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll
2015-09-10 14:37 - 2011-08-23 23:39 - 00081920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\koan\_ctypes.pyd
2015-09-10 14:37 - 2011-08-23 23:39 - 00053248 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd
2015-09-10 14:37 - 2011-08-23 23:39 - 00655360 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd
2015-09-10 14:37 - 2012-01-12 09:55 - 00075048 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd
2015-11-25 17:10 - 2015-11-25 17:10 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-09-10 14:38 - 2012-01-09 00:48 - 00541683 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\100sexlinks.com -> 100sexlinks.com

Existem ainda 4791 sites a mais.


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2016-07-22 17:51 - 00001070 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 act.eut2.online.scssoft.com
127.0.0.1 http://act.eut2.online.scssoft.com/eut2/act
127.0.0.1 act.eut2.online.scssoft.com:80
127.0.0.1 online.scssoft.com
127.0.0.1 act2.eut2.online.scssoft.com
0.0.0.1 mssplus.mcafee.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-206710319-2657337602-3132182100-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{B4E7D7B6-F2F3-430A-A9D1-E52D36E836FC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{1459ED1A-3707-4FBB-8110-1EADF51C68A6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{60447018-913C-4C9F-BF97-743F39DC4DD3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{08EC048F-8D07-473F-B6E5-2F6DE953A239}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{55B88E65-5177-4591-B7E6-75615FE07E27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{02A4724F-8129-4B14-A8B1-37966A68AB2D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{74023A2E-84E6-49B4-AD77-08D29BA581B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8A033232-1D43-4EE4-8E9A-89FB7E720658}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D9BDB7E-C297-4E64-B944-E76B6D18B032}] => (Allow) C:\Users\mario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FAD563EF-B2FB-4A7B-96D0-B03D33B7FEA0}] => (Allow) C:\Users\mario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FF4B1E8B-0E9B-4752-9489-42B6DE317D9E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{897CE383-D96F-46A2-813B-2E7ADFE71E4C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F3D4879-E7AE-423E-BDAE-59436F672D3A}] => (Allow) D:\Jogos\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{D4779678-7B7C-4E7E-93CD-101C422C31D7}] => (Allow) D:\Jogos\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{81AD9A28-4575-4F0A-A7D0-A4BA7C92CD08}] => (Allow) D:\Jogos\GTA 4\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{40CC4E64-1299-403B-BA0C-0D70BB76EAF1}] => (Allow) D:\Jogos\GTA 4\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{6CFA59EC-2557-4907-875F-8B740B597012}D:\jogos\farming simulator 15 jogo instalado\farming simulator 15\x64\farmingsimulator2015game.exe] => (Allow) D:\jogos\farming simulator 15 jogo instalado\farming simulator 15\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{CE7A92C1-331F-4861-BDE2-994CBD987BF0}D:\jogos\farming simulator 15 jogo instalado\farming simulator 15\x64\farmingsimulator2015game.exe] => (Allow) D:\jogos\farming simulator 15 jogo instalado\farming simulator 15\x64\farmingsimulator2015game.exe
FirewallRules: [{264DE9FD-E0EC-44F5-B033-5756D2DE864B}] => (Allow) C:\Users\mario\AppData\Local\Temp\Andy_46.2_x64\Setup.exe
FirewallRules: [{D4331A59-37A9-4A04-A4B0-A1F7BDBC2C73}] => (Allow) C:\Users\mario\AppData\Local\Temp\Andy_46.2_x64\Setup.exe
FirewallRules: [{1FC70537-2AE1-4CAF-97C1-8D254EACDD4A}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{35D7A2D4-30A1-4457-995E-4D06F58CD6CD}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{B70D6A53-2730-471B-AB6D-A644CFD0EB05}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{AB11D159-9048-4A73-8A29-5D5B4DDCC593}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{7F2231CD-B502-4916-94A7-CD97FD164E03}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{FFFB1055-F226-439F-9DF3-AF8E355B00D2}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{EB88964F-742B-4C8C-95D6-9EDD82E156AD}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{83D8588B-E51F-4D4F-98C5-1F93070B91AC}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [TCP Query User{9507DFA9-51BF-47FB-8B48-CB04121E450E}D:\jogos\diablo iii\diablo iii.exe] => (Allow) D:\jogos\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{229078B0-DFB2-4B6E-BD8D-4195EF99D377}D:\jogos\diablo iii\diablo iii.exe] => (Allow) D:\jogos\diablo iii\diablo iii.exe
FirewallRules: [{02357D2B-7796-42BD-9AAD-04C5B1E60453}] => (Block) D:\jogos\diablo iii\diablo iii.exe
FirewallRules: [{FBEBD3C6-5A1F-4683-86B2-363EB5D6F0EE}] => (Block) D:\jogos\diablo iii\diablo iii.exe
FirewallRules: [{A6C4916A-D55F-44C4-BCDC-B2485F7BC8C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{2CE70AB6-9FEE-4439-8B22-44F81F44FEF5}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{D5EFAA1D-99DB-42FE-B6BC-AEE84797D58A}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe

==================== Pontos de Restauração =========================

13-07-2016 07:57:13 Windows Update
14-07-2016 14:53:16 Windows Update
18-07-2016 21:35:16 Windows Update
20-07-2016 23:08:30 Windows Update
22-07-2016 18:01:58 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/19/2016 06:24:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Spyhunter4.exe versão 4.1.11.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: c54

Hora de Início: 01d1e20390a458a0

Hora de Término: 2166

Caminho do Aplicativo: C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe

Id do Relatório: 2dda9761-4df7-11e6-ab31-005056c00008

Error: (06/30/2016 12:28:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Kingo Root.exe versão 1.4.5.2663 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 9b4

Hora de Início: 01d1d2dffc4ffad8

Hora de Término: 5

Caminho do Aplicativo: C:\Program Files (x86)\Kingo ROOT\Kingo Root.exe

Id do Relatório: 6988f2c9-3ed6-11e6-9e88-005056c00008

Error: (06/28/2016 06:45:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa uTorrent.exe versão 3.3.1.30017 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 734

Hora de Início: 01d1d18397375d60

Hora de Término: 5

Caminho do Aplicativo: C:\Users\mario\AppData\Roaming\uTorrent\uTorrent.exe

Id do Relatório: a6790141-3d79-11e6-80b7-005056c00008

Error: (06/28/2016 02:41:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: plugin-container.exe, versão: 47.0.0.5999, carimbo de hora: 0x5753660e
Nome do módulo de falhas: mozglue.dll, versão: 47.0.0.5999, carimbo de hora: 0x57535438
Código de exceção: 0x80000003
Deslocamento com falha: 0x0000f3ad
Identificação do processo com falha: 0x590
Hora de início do aplicativo com falha: 0xplugin-container.exe0
Caminho do aplicativo com falha: plugin-container.exe1
FCaminho do módulo de falhas: plugin-container.exe2
Identificação do Relatório: plugin-container.exe3

Error: (06/09/2016 03:04:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: plugin-container.exe, versão: 46.0.1.5966, carimbo de hora: 0x572818c9
Nome do módulo de falhas: xul.dll, versão: 46.0.1.5966, carimbo de hora: 0x57281880
Código de exceção: 0x80000003
Deslocamento com falha: 0x006a4d4d
Identificação do processo com falha: 0x1338
Hora de início do aplicativo com falha: 0xplugin-container.exe0
Caminho do aplicativo com falha: plugin-container.exe1
FCaminho do módulo de falhas: plugin-container.exe2
Identificação do Relatório: plugin-container.exe3

Error: (06/09/2016 12:25:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: plugin-container.exe, versão: 46.0.1.5966, carimbo de hora: 0x572818c9
Nome do módulo de falhas: xul.dll, versão: 46.0.1.5966, carimbo de hora: 0x57281880
Código de exceção: 0x80000003
Deslocamento com falha: 0x006a4d4d
Identificação do processo com falha: 0xe0c
Hora de início do aplicativo com falha: 0xplugin-container.exe0
Caminho do aplicativo com falha: plugin-container.exe1
FCaminho do módulo de falhas: plugin-container.exe2
Identificação do Relatório: plugin-container.exe3

Error: (05/27/2016 03:49:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa CMS.exe versão 3.1.0.3 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 13fc

Hora de Início: 01d1b847ba064180

Hora de Término: 68

Caminho do Aplicativo: C:\Program Files (x86)\CMS\CMS.exe

Id do Relatório: cc977071-243b-11e6-b63b-005056c00008

Error: (05/26/2016 09:47:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa CMS.exe versão 3.1.0.3 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: f8c

Hora de Início: 01d1b7acfe8862c0

Hora de Término: 117

Caminho do Aplicativo: C:\Program Files (x86)\CMS\CMS.exe

Id do Relatório: 96b91ef1-23a4-11e6-b8cc-005056c00008

Error: (05/26/2016 09:13:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa CMS.exe versão 3.1.0.3 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 14c

Hora de Início: 01d1b7a8e9b52a80

Hora de Término: 87

Caminho do Aplicativo: C:\Program Files (x86)\CMS\CMS.exe

Id do Relatório: dee700c1-239f-11e6-b8cc-005056c00008

Error: (05/26/2016 08:47:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa CMS.exe versão 3.1.0.3 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 115c

Hora de Início: 01d1b79fd126a1a0

Hora de Término: 107

Caminho do Aplicativo: C:\Program Files (x86)\CMS\CMS.exe

Id do Relatório: 224d7231-239c-11e6-b8cc-005056c00008


Erros de Sistema:
=============
Error: (07/22/2016 05:50:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BlueStacks Log Rotator Service devido ao seguinte erro:
%%1053 = O serviço não respondeu à requisição de início ou controle em tempo hábil.


Error: (07/22/2016 05:50:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço BlueStacks Log Rotator Service.

Error: (07/20/2016 10:57:34 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 70.

Error: (07/18/2016 10:19:57 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 116.12.0.0

Update Source: %AUTORIDADE NT51

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %AUTORIDADE NT602

Update Type: %AUTORIDADE NT604

User: AUTORIDADE NT\SERVIÇO DE REDE

Current Engine Version: %AUTORIDADE NT605

Previous Engine Version: %AUTORIDADE NT606

Error code: %AUTORIDADE NT607

Error description: %AUTORIDADE NT608

Error: (07/18/2016 10:19:48 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.225.1644.0

Update Source: %AUTORIDADE NT51

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %AUTORIDADE NT602

Update Type: %AUTORIDADE NT604

User: AUTORIDADE NT\SERVIÇO DE REDE

Current Engine Version: %AUTORIDADE NT605

Previous Engine Version: %AUTORIDADE NT606

Error code: %AUTORIDADE NT607

Error description: %AUTORIDADE NT608

Error: (07/18/2016 10:19:48 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.225.1644.0

Update Source: %AUTORIDADE NT51

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %AUTORIDADE NT602

Update Type: %AUTORIDADE NT604

User: AUTORIDADE NT\SERVIÇO DE REDE

Current Engine Version: %AUTORIDADE NT605

Previous Engine Version: %AUTORIDADE NT606

Error code: %AUTORIDADE NT607

Error description: %AUTORIDADE NT608

Error: (07/18/2016 10:19:39 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.225.1644.0

Update Source: %AUTORIDADE NT59

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %AUTORIDADE NT602

Update Type: %AUTORIDADE NT604

User: AUTORIDADE NT\SISTEMA

Current Engine Version: %AUTORIDADE NT605

Previous Engine Version: %AUTORIDADE NT606

Error code: %AUTORIDADE NT607

Error description: %AUTORIDADE NT608

Error: (07/18/2016 10:09:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço VMware Authorization Service devido ao seguinte erro:
%%1053 = O serviço não respondeu à requisição de início ou controle em tempo hábil.


Error: (07/18/2016 10:09:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço VMware Authorization Service.

Error: (07/17/2016 12:10:52 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORIDADE NT60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 116.12.0.0

Update Source: %AUTORIDADE NT51

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %AUTORIDADE NT602

Update Type: %AUTORIDADE NT604

User: AUTORIDADE NT\SERVIÇO DE REDE

Current Engine Version: %AUTORIDADE NT605

Previous Engine Version: %AUTORIDADE NT606

Error code: %AUTORIDADE NT607

Error description: %AUTORIDADE NT608


CodeIntegrity:
===================================
Date: 2016-05-30 12:14:35.594
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-05-30 12:14:35.591
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-26 12:26:11.270
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-26 12:26:11.259
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-26 12:26:01.645
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-26 12:26:01.640
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-26 12:07:15.799
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-26 12:07:15.795
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-26 12:07:04.377
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-26 12:07:04.374
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Informações da Memória ===========================

Processador: AMD Athlon(tm) II X2 240 Processor
Percentagem de memória em uso: 38%
RAM física total: 4094.49 MB
RAM física disponível: 2535.08 MB
Virtual Total: 8187.13 MB
Virtual disponível: 6352.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:31.3 GB) NTFS
Drive d: () (Fixed) (Total:833.85 GB) (Free:203.8 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E1A4D796)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité