Addition.txt

Document joint : EKxmj3BUunn_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:22-11-2015
Executado por Joao (2015-11-23 10:04:05)
Executando a partir de C:\Users\Joao\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-03-07 16:05:23)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

Administrador (S-1-5-21-48089091-2623837105-114055649-500 - Administrator - Disabled)
Convidado (S-1-5-21-48089091-2623837105-114055649-501 - Limited - Disabled)
Joao (S-1-5-21-48089091-2623837105-114055649-1001 - Administrator - Enabled) => C:\Users\Joao
UpdatusUser (S-1-5-21-48089091-2623837105-114055649-1002 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-48089091-2623837105-114055649-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
Atualizações da NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
AutoCAD 2010 - English (HKLM\...\AutoCAD 2010 - English) (Version: 18.0.55.0 - Autodesk)
AutoCAD 2010 - English (Version: 18.0.55.0 - Autodesk) Hidden
AutoCAD 2010 Language Pack - English (Version: 18.0.55.0 - Autodesk) Hidden
Autodesk DWF Viewer (HKLM\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.7 - Autodesk, Inc.)
Compiled Driver Disk(Motorola) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811202}_is1) (Version: 1.0.8.0 - COMPELSON Labs)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
DriverEasy 4.9.3 (HKLM\...\DriverEasy_is1) (Version: 4.9.3.0 - Easeware)
ESET NOD32 Antivirus (HKLM\...\{A1A01D26-AF53-42C0-9DAE-1BC2FCC68812}) (Version: 8.0.304.0 - ESET, spol s r. o.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Drive (HKLM\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google SketchUp 8 (HKLM\...\{6B5F92BB-4272-4A69-B39B-EED000BC6192}) (Version: 3.0.14372 - Google, Inc.)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Ajuda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{D63C6E54-882C-478B-91AB-53D1E89C80BA}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{6A653EE1-F8B9-4885-BB4A-E9D9481F626C}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 9.8.0 (HKLM\...\KLiteCodecPack_is1) (Version: 9.8.0 - )
MCESimplificado (HKLM\...\ST6UNST #1) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Motorola Device Manager (HKLM\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{BA562260-B4FA-4D87-ADC5-963783028C68}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 42.0 (x86 pt-BR) (HKLM\...\Mozilla Firefox 42.0 (x86 pt-BR)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Driver de gráficos 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
OLYMPUS CAMEDIA Master 4.2 (HKLM\...\{30BB4D60-81DB-11D5-BB77-00400536ABAC}) (Version: - )
Painel de controle da NVIDIA 309.08 (Version: 309.08 - NVIDIA Corporation) Hidden
Platform (Version: 1.39 - VIA Technologies, Inc.) Hidden
QuickTime (HKLM\...\QuickTime) (Version: - )
SketchUp 2015 (HKLM\...\{989CF309-4CB7-49F9-8B77-2CD9E9EE5BF2}) (Version: 15.0.9351 - Trimble Navigation Limited)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIA Gerenciador de dispositivo de plataforma (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1002_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1002_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.)

==================== Pontos de Restauração =========================

18-03-2015 10:42:33 Windows Update
18-11-2015 07:59:58 Instalado Motorola Device Manager

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:04 - 2009-06-10 19:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {008430B3-D086-47D9-92BB-21EFD94AAE69} - System32\Tasks\Hybrid2 => C:\Trial\IR7\IR7.vbs [2014-12-16] ()
Task: {08D1D224-627E-4211-B0AB-82EFA6F13757} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-03-07] ()
Task: {24E8D136-5727-404E-B93F-15A151D4FDB6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)
Task: {3A3C7100-E016-42DE-B9BE-F5699D39563E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {44F65EF8-4472-4367-99E0-9EB0272A8DBB} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2015-06-19] (Easeware)
Task: {50DAA95C-5C4C-4EF1-ABCD-15393B2DAD5E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {50F32F48-9A8F-4733-B585-A4DEA176289D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bfbc4ad17430 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {6203F625-5062-4992-9047-13DC8EA05AA3} - System32\Tasks\GoogleUpdateTaskMachineCore1d08fdd1e7a5b40 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {68BC9CC0-6BDC-4D8F-95A2-A4D74DDD3536} - System32\Tasks\GoogleUpdateTaskMachineUA1d08fdd1ea16b40 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {7F3D8344-C222-40C6-BE77-DDA2CF135FCA} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f09b10362f40 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {8C5F58AC-C031-4A1D-8FC3-56E930BE42CF} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {8D3C6B4B-79A9-4599-BDA0-AEBBD0F36CBD} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {AE58C562-7E73-4A47-AD96-07AD48C4636B} - System32\Tasks\Hybrid4 => taskkill
Task: {B2CF3318-EFA3-4A3D-943B-FA2FF153CB37} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [2012-11-07] (ASUSTek Computer INC.)
Task: {CB1CA67F-52BE-4DA0-B755-2DE7980FB2FC} - System32\Tasks\Motorola Device Manager Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {DDE36FFE-FE46-4D3C-BBD3-841E0149CB58} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 8.0\upgrade.exe [2015-11-23] (ESET)
Task: {E4EA9C9D-A9A6-45E9-B357-0AD62752FF41} - System32\Tasks\IR7 => cmd.exe /c cscript.exe /b C:\Windows\System32\slmgr.vbs /rearm && net stop sppsvc && net start sppsvc
Task: {E51D5FE9-2109-4C90-84DE-71FD9E457877} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfbc4aa43a10 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {E801D3BB-B9BC-4AE5-B43B-62C4F07F22B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {EF1E7C0D-79F7-46EC-B78C-3D332D7D605C} - System32\Tasks\Hybrid3 => taskkill
Task: {FF53552A-D679-46C0-9F0E-851F6FBAB2E2} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e4316e25e4e0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fdd1e7a5b40.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfbc4aa43a10.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fdd1ea16b40.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bfbc4ad17430.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e4316e25e4e0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f09b10362f40.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2015-03-07 14:37 - 2015-01-30 22:48 - 00078480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-03-07 14:28 - 2013-10-23 16:23 - 00089136 _____ () C:\Windows\System32\cpwmon2k.dll
2014-04-07 12:31 - 2014-04-07 12:31 - 00172032 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-06-26 14:12 - 2012-11-30 18:55 - 00080504 ____R () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
2015-06-26 14:12 - 2012-11-30 18:55 - 00113272 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
2015-11-23 08:50 - 2015-11-23 08:50 - 00098816 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32api.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00110080 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\pywintypes27.dll
2015-11-23 08:50 - 2015-11-23 08:50 - 00364544 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\pythoncom27.dll
2015-11-23 08:50 - 2015-11-23 08:50 - 00046080 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_socket.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 01208320 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_ssl.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00320512 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32com.shell.shell.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00776704 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_hashlib.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 01176576 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._core_.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00806400 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._gdi_.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00816128 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._windows_.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 01067008 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._controls_.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00733184 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._misc_.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00682496 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\pysqlite2._sqlite.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00088064 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_ctypes.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00119808 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32file.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00108544 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32security.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00007168 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\hashobjs_ext.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00070144 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\usb_ext.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00167936 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32gui.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00018432 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32event.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00128512 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_elementtree.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00127488 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\pyexpat.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00013824 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\common.time34.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00036864 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_psutil_windows.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00038912 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32inet.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00011264 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32crypt.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00077312 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._html2.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00027136 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_multiprocessing.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00020480 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_yappi.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00035840 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32process.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00686080 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\unicodedata.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00123392 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._wizard.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00024064 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32pipe.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00010240 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\select.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00025600 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32pdh.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00525640 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\windows._lib_cacheinvalidation.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00017408 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32profile.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00022528 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32ts.pyd
2015-11-23 08:50 - 2015-11-23 08:50 - 00078848 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._animate.pyd
2015-07-14 19:20 - 2015-07-14 19:20 - 00756376 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-48089091-2623837105-114055649-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Joao\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 189.7.152.31 - 189.7.152.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DBD0B6DC-49F0-4324-A90F-0F3EF8AB359D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{FA390469-8A4E-424A-B519-C31BAEECAF52}] => (Allow) C:\Users\Joao\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{469C854E-73A9-4E33-BE9A-1CB9D63C7019}] => (Allow) C:\Users\Joao\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DF6142EE-0FB6-4590-A4B8-8F8ED4772F2B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6168941D-A323-44B6-AFC7-17FB702558DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BF315A00-69E9-4CF5-99B9-E689940A4D94}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{29B8FBB8-D293-4E05-B8F5-42BEBE04BA96}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{4806AB59-946E-4B48-B1F5-AAA9946F8BB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{87233FF3-4309-451F-A57A-A0D827D5C687}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{85CCBD93-7770-4913-894A-82E304577B69}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{6A2CE696-3493-44C9-B83B-7FFB7D571D76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6008F17E-65A9-49EA-BB42-EC6D86C694BD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5495DB25-2526-484B-99CB-72393B679A88}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Dispositivos Apresentando Falhas No Gerenciador =============

==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (11/23/2015 08:52:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/23/2015 08:50:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: AutoKMS.exe, versão: 2.5.2.0, carimbo de hora: 0x53c9a9a0
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.18847, carimbo de hora: 0x554d7b00
Código de exceção: 0xe0434352
Deslocamento com falha: 0x0000812f
Identificação do processo com falha: 0x650
Hora de início do aplicativo com falha: 0xAutoKMS.exe0
Caminho do aplicativo com falha: AutoKMS.exe1
FCaminho do módulo de falhas: AutoKMS.exe2
Identificação do Relatório: AutoKMS.exe3

Error: (11/23/2015 08:50:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: AutoKMS.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: System.ComponentModel.Win32Exception
Pilha:
em System.Diagnostics.EventLogInternal.get_EntryCount()
em System.Diagnostics.EventLogInternal.GetEntryAtNoThrow(Int32)
em System.Diagnostics.EventLogEntryCollection+EntriesEnumerator.MoveNext()
em ..(.)
em ..(.)
em ..()

Error: (11/23/2015 07:55:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2015 11:59:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2015 05:12:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2015 00:19:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (11/20/2015 00:18:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (11/20/2015 10:56:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2015 05:06:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Erros de Sistema:
=============
Error: (11/23/2015 08:50:16 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000000a (0x898c3000, 0x00000000, 0x00000000, 0x82cd21a1)C:\Windows\MEMORY.DMP112315-9344-01

Error: (11/23/2015 08:50:15 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 07:57:43 às ‎23/‎11/‎2015 não era esperado.

Error: (11/20/2015 05:14:43 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: D@01010004

Error: (11/20/2015 05:14:43 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: D@01010004

Error: (11/20/2015 05:14:43 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: D@01010004

Error: (11/19/2015 07:54:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 07:38:20 às ‎19/‎11/‎2015 não era esperado.

Error: (11/16/2015 08:08:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 07:58:11 às ‎16/‎11/‎2015 não era esperado.

Error: (11/12/2015 00:05:41 PM) (Source: volsnap) (EventID: 36) (User: )
Description: As cópias de sombra do volume C: foram anuladas porque o armazenamento de cópia de sombra não pôde crescer devido a um limite imposto pelo usuário.

Error: (11/10/2015 03:35:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 15:32:35 às ‎10/‎11/‎2015 não era esperado.

Error: (11/09/2015 08:14:31 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 08:06:09 às ‎09/‎11/‎2015 não era esperado.

CodeIntegrity:
===================================
Date: 2015-03-18 13:14:47.187
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-03-18 13:14:47.150
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-03-18 13:14:47.113
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-03-18 13:14:47.076
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-03-18 13:14:45.534
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-18 13:14:45.498
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-18 13:14:45.461
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-18 13:14:45.424
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-08 17:45:04.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-03-08 17:45:04.679
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system.

==================== Informações da Memória ===========================

Processador: AMD Athlon(tm) II X4 620 Processor
Percentagem de memória em uso: 68%
RAM física total: 1791.43 MB
RAM física disponível: 567.75 MB
Virtual Total: 3582.86 MB
Virtual disponível: 1845.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.56 GB) (Free:23.97 GB) NTFS
Drive d: () (Fixed) (Total:443.23 GB) (Free:433.95 GB) NTFS
Drive e: () (Fixed) (Total:488.18 GB) (Free:424.11 GB) NTFS
Drive g: (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: AC659FBA)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=55.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1C98BFAE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Signaler le contenu de ce document