Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:27-02-2016
Executado por vinicius (2016-02-27 19:31:37)
Executando a partir de C:\Users\vinicius\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-10-01 01:32:39)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-462682576-571085668-2278026942-500 - Administrator - Disabled)
Convidado (S-1-5-21-462682576-571085668-2278026942-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-462682576-571085668-2278026942-1002 - Limited - Enabled)
vinicius (S-1-5-21-462682576-571085668-2278026942-1000 - Administrator - Enabled) => C:\Users\vinicius
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Ace Stream Media 3.1.0 (HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\AceStream) (Version: 3.1.0 - Ace Stream Media) <==== ATENÇÃO
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6 (HKLM\...\{94A631D5-B30A-3DD8-B65C-1117C09DA73E}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (PTB) (HKLM\...\{12EFB522-416F-383C-9DB6-5FFDFBBA35CD}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pt-BR)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
Popcorn Time (HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\Popcorn Time) (Version: - Popcorn Official)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7464 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.10.0909 - REALTEK Semiconductor Corp.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-462682576-571085668-2278026942-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1907FA3C-9EE8-44DB-B292-E0042118C212} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-30] (Google Inc.)
Task: {1C082509-8B9E-4640-A2B0-0EE176982F31} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-30] (Google Inc.)
Task: {291FE8BE-0496-4C00-B515-014C039F22B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-14] (Adobe Systems Incorporated)
Task: {33DFE328-11D9-438E-8535-CD0D0DB3AE48} - System32\Tasks\{2E2086A1-9C7D-4974-AD3C-F48BF469E9B1} => pcalua.exe -a "C:\Users\vinicius\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\utility\uninst.exe"
Task: {3E39BFFA-3B10-4BE1-A7C0-E5404C893835} - System32\Tasks\svchost => C:\Users\vinicius\AppData\Local\Temp\61LVDKAVI\61LVDKAVI.exe <==== ATENÇÃO
Task: {42DD8D05-6FF2-4826-BC5F-2F82715EFCDB} - \DailyPCClean Schedule -> Nenhum Arquivo <==== ATENÇÃO
Task: {5F12F519-5EEF-49C2-AD1D-1FF5799D7486} - System32\Tasks\Cipraa => C:\PROGRA~1\SHOPPE~1\Iiraibn.bat
Task: {699C84F7-0BFB-4125-BA88-4FF5A94ED70A} - System32\Tasks\Rifazy => C:\PROGRA~1\SHOPPE~2\Witdigs.bat
Task: {797EB65F-D8C5-4609-A089-22D5EB369670} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-08-19] (SlimWare Utilities, Inc.)
Task: {7FF6E7BB-9075-4ADD-B0CA-3DFF318A84D8} - System32\Tasks\{9CD50BDD-C14C-43ED-B0C6-AE3EA8C3BD05} => pcalua.exe -a C:\Users\vinicius\AppData\Local\PPTAssist\utility\uninst.exe
Task: {BA1D3885-DDA8-4E9F-A70A-FE5312330F4E} - System32\Tasks\{93A4C8D9-B672-4317-9E6F-0C11CC18DD96} => pcalua.exe -a "C:\Users\vinicius\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\utility\uninst.exe"
Task: {D72EA43F-7F5F-4F9E-B76E-5815BC46BAA9} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe
Task: {E295B853-6A22-4DA2-B577-412DC8273B66} - \MixVideoPlayer Update -> Nenhum Arquivo <==== ATENÇÃO
Task: {E4CA8E34-ECDE-43CE-B81C-9F267804F4DC} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-02-09] ()
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\vinicius\Desktop\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\vinicius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\vinicius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\vinicius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\vinicius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
==================== Módulos Carregados (Whitelisted) ==============
2014-05-01 11:13 - 2014-05-01 11:13 - 00470016 _____ () C:\Users\vinicius\AppData\Local\MEGAsync\ShellExtX64.dll
2016-02-16 18:43 - 2016-02-09 11:30 - 02036224 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2014-10-01 13:37 - 2015-11-10 09:31 - 00027000 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\ace_update.exe
2015-09-24 07:34 - 2015-12-25 14:04 - 00027000 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\ace_engine.exe
2011-06-12 10:09 - 2011-06-12 10:09 - 00038400 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
2011-06-12 10:09 - 2011-06-12 10:09 - 00720896 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
2011-07-15 16:37 - 2011-07-15 16:37 - 00981504 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00746496 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00670720 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00966144 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00674816 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00287232 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
2011-01-18 18:56 - 2011-01-18 18:56 - 00334336 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00011776 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\select.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00152576 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
2012-02-07 13:37 - 2012-02-07 13:37 - 00098816 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
2012-02-07 13:35 - 2012-02-07 13:35 - 00110080 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
2012-02-07 13:38 - 2012-02-07 13:38 - 00358912 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
2012-02-07 13:36 - 2012-02-07 13:36 - 00111616 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
2012-02-07 13:36 - 2012-02-07 13:36 - 00024064 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
2015-09-30 23:19 - 1999-12-31 21:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-24 07:35 - 2015-12-25 14:04 - 00309248 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd
2011-06-12 10:09 - 2011-06-12 10:09 - 00038400 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_socket.pyd
2011-06-12 10:09 - 2011-06-12 10:09 - 00720896 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00287232 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd
2015-04-16 09:27 - 2015-04-16 09:27 - 00018944 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd
2014-01-23 08:37 - 2014-01-23 08:37 - 00036352 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd
2012-02-07 13:37 - 2012-02-07 13:37 - 00098816 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\win32api.pyd
2012-02-07 13:35 - 2012-02-07 13:35 - 00110080 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll
2012-02-07 13:38 - 2012-02-07 13:38 - 00358912 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll
2012-02-07 13:36 - 2012-02-07 13:36 - 00111616 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\win32file.pyd
2012-02-07 13:36 - 2012-02-07 13:36 - 00024064 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd
2015-04-16 09:27 - 2015-04-16 09:27 - 02386432 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pywebrtc.pyd
2015-09-24 07:31 - 2015-12-25 14:04 - 02997760 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd
2013-12-21 10:20 - 2013-12-21 10:20 - 00053248 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_blist.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00106496 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd
2013-12-21 10:20 - 2013-12-21 10:20 - 00040448 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00011776 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\select.pyd
2015-09-07 12:23 - 2015-12-25 14:04 - 00240232 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pysegmenter.pyd
2015-04-16 09:29 - 2015-04-16 09:29 - 00112142 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\libgcc_s_dw2-1.dll
2011-01-18 18:56 - 2011-01-18 18:56 - 00334336 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00152576 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd
2011-02-13 12:02 - 2011-02-13 12:02 - 00031232 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd
2015-09-24 07:52 - 2015-12-25 14:04 - 04100608 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd
2010-10-10 19:23 - 2010-10-10 19:23 - 00723968 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\apsw.pyd
2013-01-29 13:20 - 2013-01-29 13:20 - 00082944 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd
2011-07-15 16:37 - 2011-07-15 16:37 - 00981504 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00746496 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00670720 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00966144 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00674816 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd
2012-02-07 13:37 - 2012-02-07 13:37 - 00167424 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\win32gui.pyd
2012-02-07 13:36 - 2012-02-07 13:36 - 00035840 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\win32process.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00688128 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd
2015-04-16 09:29 - 2015-04-16 09:29 - 00061952 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd
2013-01-29 13:20 - 2013-01-29 13:20 - 00066048 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd
2014-05-01 11:15 - 2014-05-01 11:15 - 00463360 _____ () C:\Users\vinicius\AppData\Local\MEGAsync\ShellExtX32.dll
2016-02-19 19:25 - 2016-02-18 01:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-19 19:25 - 2016-02-18 01:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2016-02-19 19:25 - 2016-02-18 01:15 - 16808600 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2016-02-16 18:40 - 00001253 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-462682576-571085668-2278026942-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\vinicius\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{C87F64C3-0D95-421F-9FAB-0450C8A1D4C0}C:\users\vinicius\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\vinicius\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{3A2DFFF1-A66C-44CD-822D-99088E60C730}C:\users\vinicius\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\vinicius\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{DD3B7969-CDFD-4FCD-A664-479D769120BA}C:\users\vinicius\desktop\age of empires ii c\the conqueror sem patch.exe] => (Allow) C:\users\vinicius\desktop\age of empires ii c\the conqueror sem patch.exe
FirewallRules: [UDP Query User{DB8889C2-D874-445A-BD73-9807CE17DE42}C:\users\vinicius\desktop\age of empires ii c\the conqueror sem patch.exe] => (Allow) C:\users\vinicius\desktop\age of empires ii c\the conqueror sem patch.exe
FirewallRules: [{D61BA94C-28DD-49E2-8BF7-09D804D14AB6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4BE64625-F546-4F22-982B-E3B779A809CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{124E0794-11DB-4865-A2BC-638A75375415}C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{D160D73C-7A89-45E3-846F-E5F85916DD3A}C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{CCEE26FB-5746-4A62-BC16-450CB3ACC4F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{125C959D-4808-4C79-8041-82BB93D45BD9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{62FCB87D-80D1-4B2F-A4E7-B643B9A7F88F}C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{65381F03-FDD4-448E-87DC-D710FA7438F6}C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{15D6CA4E-6877-4AC8-B1FA-38264CD95892}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{ACD91D34-5FC1-4C08-8BDE-28B7B216CA7B}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [TCP Query User{C7856C83-5E38-470F-8430-3386A2B330B5}C:\users\vinicius\desktop\age of empires ii c\jogar.exe] => (Allow) C:\users\vinicius\desktop\age of empires ii c\jogar.exe
FirewallRules: [UDP Query User{230D4770-E714-4008-92EF-558F19D938D1}C:\users\vinicius\desktop\age of empires ii c\jogar.exe] => (Allow) C:\users\vinicius\desktop\age of empires ii c\jogar.exe
FirewallRules: [TCP Query User{E530B138-C31F-4368-B456-A3BB00DEA3C9}C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8ACC896C-5ACA-4DD4-AE63-15789675629D}C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{95D3E4B0-AFFE-4A38-A044-ABF378A453A6}C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{5C705028-61AF-4616-A06C-418A97B6532C}C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{52605B92-4226-4510-A403-99376049F5BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
01-02-2016 23:00:01 Ponto de Verificação Agendado
09-02-2016 23:00:00 Ponto de Verificação Agendado
17-02-2016 15:00:59 Ponto de Verificação Agendado
25-02-2016 00:00:01 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Dispositivo do sistema básico
Description: Dispositivo do sistema básico
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo do sistema básico
Description: Dispositivo do sistema básico
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/20/2016 06:38:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: ace_engine.exe, versão: 0.0.0.0, carimbo de hora: 0x547c2acc
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.18933, carimbo de hora: 0x55a69e20
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0003d968
Identificação do processo com falha: 0x9d8
Hora de início do aplicativo com falha: 0xace_engine.exe0
Caminho do aplicativo com falha: ace_engine.exe1
FCaminho do módulo de falhas: ace_engine.exe2
Identificação do Relatório: ace_engine.exe3
Error: (02/17/2016 02:29:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2016 02:05:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2016 01:39:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2016 01:29:59 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3352) WindowsMail0: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente.
Error: (02/17/2016 01:29:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2016 01:16:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: ktpcntr.exe, versão: 9.1.0.5248, carimbo de hora: 0x565ed70e
Nome do módulo de falhas: msvcrt.dll, versão: 7.0.7601.17744, carimbo de hora: 0x4eeaf722
Código de exceção: 0x40000015
Deslocamento com falha: 0x0005620a
Identificação do processo com falha: 0x17a8
Hora de início do aplicativo com falha: 0xktpcntr.exe0
Caminho do aplicativo com falha: ktpcntr.exe1
FCaminho do módulo de falhas: ktpcntr.exe2
Identificação do Relatório: ktpcntr.exe3
Error: (02/17/2016 01:14:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa mbot_en_037050240.exe versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 19c0
Hora de Início: 01d1699ceb308b7b
Hora de Término: 0
Caminho do Aplicativo: C:\Program Files (x86)\mbot_en_037050240\mbot_en_037050240.exe
Id do Relatório: 6ad54dff-d591-11e5-9fa2-2089840c5f02
Error: (02/17/2016 12:44:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2016 12:27:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa ynseB689.exe versão 1.0.0.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 1f98
Hora de Início: 01d1690f1fde8aa9
Hora de Término: 4020
Caminho do Aplicativo: C:\Program Files (x86)\8333F190-1455478810-E211-A7B8-2089840C5F02\ynseB689.exe
Id do Relatório: daa810b9-d58a-11e5-91b9-2089840c5f02
Erros de Sistema:
=============
Error: (02/27/2016 03:21:06 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/27/2016 03:20:53 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:38:57 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:38:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:38:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:38:49 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:37:43 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:37:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:37:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:37:39 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
CodeIntegrity:
===================================
Date: 2016-02-16 19:53:21.633
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:21.603
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:19.442
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:19.422
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:19.172
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:19.152
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:18.541
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:18.511
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:18.221
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:18.201
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentagem de memória em uso: 53%
RAM física total: 3914.36 MB
RAM física disponível: 1814.93 MB
Virtual Total: 7826.91 MB
Virtual disponível: 5322.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:117.09 GB) (Free:78.34 GB) NTFS
Drive d: () (Fixed) (Total:348.57 GB) (Free:298.83 GB) NTFS
Drive e: (MeuDisco) (CDROM) (Total:4.28 GB) (Free:0 GB) CDFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7049F2E9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348.6 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por vinicius (2016-02-27 19:31:37)
Executando a partir de C:\Users\vinicius\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-10-01 01:32:39)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-462682576-571085668-2278026942-500 - Administrator - Disabled)
Convidado (S-1-5-21-462682576-571085668-2278026942-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-462682576-571085668-2278026942-1002 - Limited - Enabled)
vinicius (S-1-5-21-462682576-571085668-2278026942-1000 - Administrator - Enabled) => C:\Users\vinicius
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Ace Stream Media 3.1.0 (HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\AceStream) (Version: 3.1.0 - Ace Stream Media) <==== ATENÇÃO
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6 (HKLM\...\{94A631D5-B30A-3DD8-B65C-1117C09DA73E}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (PTB) (HKLM\...\{12EFB522-416F-383C-9DB6-5FFDFBBA35CD}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pt-BR)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
Popcorn Time (HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\Popcorn Time) (Version: - Popcorn Official)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7464 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.10.0909 - REALTEK Semiconductor Corp.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-462682576-571085668-2278026942-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1907FA3C-9EE8-44DB-B292-E0042118C212} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-30] (Google Inc.)
Task: {1C082509-8B9E-4640-A2B0-0EE176982F31} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-30] (Google Inc.)
Task: {291FE8BE-0496-4C00-B515-014C039F22B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-14] (Adobe Systems Incorporated)
Task: {33DFE328-11D9-438E-8535-CD0D0DB3AE48} - System32\Tasks\{2E2086A1-9C7D-4974-AD3C-F48BF469E9B1} => pcalua.exe -a "C:\Users\vinicius\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\utility\uninst.exe"
Task: {3E39BFFA-3B10-4BE1-A7C0-E5404C893835} - System32\Tasks\svchost => C:\Users\vinicius\AppData\Local\Temp\61LVDKAVI\61LVDKAVI.exe <==== ATENÇÃO
Task: {42DD8D05-6FF2-4826-BC5F-2F82715EFCDB} - \DailyPCClean Schedule -> Nenhum Arquivo <==== ATENÇÃO
Task: {5F12F519-5EEF-49C2-AD1D-1FF5799D7486} - System32\Tasks\Cipraa => C:\PROGRA~1\SHOPPE~1\Iiraibn.bat
Task: {699C84F7-0BFB-4125-BA88-4FF5A94ED70A} - System32\Tasks\Rifazy => C:\PROGRA~1\SHOPPE~2\Witdigs.bat
Task: {797EB65F-D8C5-4609-A089-22D5EB369670} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-08-19] (SlimWare Utilities, Inc.)
Task: {7FF6E7BB-9075-4ADD-B0CA-3DFF318A84D8} - System32\Tasks\{9CD50BDD-C14C-43ED-B0C6-AE3EA8C3BD05} => pcalua.exe -a C:\Users\vinicius\AppData\Local\PPTAssist\utility\uninst.exe
Task: {BA1D3885-DDA8-4E9F-A70A-FE5312330F4E} - System32\Tasks\{93A4C8D9-B672-4317-9E6F-0C11CC18DD96} => pcalua.exe -a "C:\Users\vinicius\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\utility\uninst.exe"
Task: {D72EA43F-7F5F-4F9E-B76E-5815BC46BAA9} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe
Task: {E295B853-6A22-4DA2-B577-412DC8273B66} - \MixVideoPlayer Update -> Nenhum Arquivo <==== ATENÇÃO
Task: {E4CA8E34-ECDE-43CE-B81C-9F267804F4DC} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-02-09] ()
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\vinicius\Desktop\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\vinicius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\vinicius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\vinicius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\vinicius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/
==================== Módulos Carregados (Whitelisted) ==============
2014-05-01 11:13 - 2014-05-01 11:13 - 00470016 _____ () C:\Users\vinicius\AppData\Local\MEGAsync\ShellExtX64.dll
2016-02-16 18:43 - 2016-02-09 11:30 - 02036224 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2014-10-01 13:37 - 2015-11-10 09:31 - 00027000 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\ace_update.exe
2015-09-24 07:34 - 2015-12-25 14:04 - 00027000 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\ace_engine.exe
2011-06-12 10:09 - 2011-06-12 10:09 - 00038400 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
2011-06-12 10:09 - 2011-06-12 10:09 - 00720896 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
2011-07-15 16:37 - 2011-07-15 16:37 - 00981504 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00746496 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00670720 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00966144 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00674816 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00287232 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
2011-01-18 18:56 - 2011-01-18 18:56 - 00334336 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00011776 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\select.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00152576 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
2012-02-07 13:37 - 2012-02-07 13:37 - 00098816 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
2012-02-07 13:35 - 2012-02-07 13:35 - 00110080 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
2012-02-07 13:38 - 2012-02-07 13:38 - 00358912 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
2012-02-07 13:36 - 2012-02-07 13:36 - 00111616 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
2012-02-07 13:36 - 2012-02-07 13:36 - 00024064 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
2015-09-30 23:19 - 1999-12-31 21:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-24 07:35 - 2015-12-25 14:04 - 00309248 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd
2011-06-12 10:09 - 2011-06-12 10:09 - 00038400 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_socket.pyd
2011-06-12 10:09 - 2011-06-12 10:09 - 00720896 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00287232 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd
2015-04-16 09:27 - 2015-04-16 09:27 - 00018944 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd
2014-01-23 08:37 - 2014-01-23 08:37 - 00036352 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd
2012-02-07 13:37 - 2012-02-07 13:37 - 00098816 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\win32api.pyd
2012-02-07 13:35 - 2012-02-07 13:35 - 00110080 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll
2012-02-07 13:38 - 2012-02-07 13:38 - 00358912 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll
2012-02-07 13:36 - 2012-02-07 13:36 - 00111616 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\win32file.pyd
2012-02-07 13:36 - 2012-02-07 13:36 - 00024064 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd
2015-04-16 09:27 - 2015-04-16 09:27 - 02386432 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pywebrtc.pyd
2015-09-24 07:31 - 2015-12-25 14:04 - 02997760 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd
2013-12-21 10:20 - 2013-12-21 10:20 - 00053248 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_blist.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00106496 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd
2013-12-21 10:20 - 2013-12-21 10:20 - 00040448 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00011776 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\select.pyd
2015-09-07 12:23 - 2015-12-25 14:04 - 00240232 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pysegmenter.pyd
2015-04-16 09:29 - 2015-04-16 09:29 - 00112142 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\libgcc_s_dw2-1.dll
2011-01-18 18:56 - 2011-01-18 18:56 - 00334336 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00152576 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd
2011-02-13 12:02 - 2011-02-13 12:02 - 00031232 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd
2015-09-24 07:52 - 2015-12-25 14:04 - 04100608 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd
2010-10-10 19:23 - 2010-10-10 19:23 - 00723968 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\apsw.pyd
2013-01-29 13:20 - 2013-01-29 13:20 - 00082944 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd
2011-07-15 16:37 - 2011-07-15 16:37 - 00981504 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00746496 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00670720 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00966144 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd
2011-07-15 16:38 - 2011-07-15 16:38 - 00674816 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd
2012-02-07 13:37 - 2012-02-07 13:37 - 00167424 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\win32gui.pyd
2012-02-07 13:36 - 2012-02-07 13:36 - 00035840 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\win32process.pyd
2011-06-12 10:06 - 2011-06-12 10:06 - 00688128 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd
2015-04-16 09:29 - 2015-04-16 09:29 - 00061952 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd
2013-01-29 13:20 - 2013-01-29 13:20 - 00066048 _____ () C:\Users\vinicius\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd
2014-05-01 11:15 - 2014-05-01 11:15 - 00463360 _____ () C:\Users\vinicius\AppData\Local\MEGAsync\ShellExtX32.dll
2016-02-19 19:25 - 2016-02-18 01:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-19 19:25 - 2016-02-18 01:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2016-02-19 19:25 - 2016-02-18 01:15 - 16808600 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2016-02-16 18:40 - 00001253 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-462682576-571085668-2278026942-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\vinicius\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{C87F64C3-0D95-421F-9FAB-0450C8A1D4C0}C:\users\vinicius\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\vinicius\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{3A2DFFF1-A66C-44CD-822D-99088E60C730}C:\users\vinicius\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\vinicius\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{DD3B7969-CDFD-4FCD-A664-479D769120BA}C:\users\vinicius\desktop\age of empires ii c\the conqueror sem patch.exe] => (Allow) C:\users\vinicius\desktop\age of empires ii c\the conqueror sem patch.exe
FirewallRules: [UDP Query User{DB8889C2-D874-445A-BD73-9807CE17DE42}C:\users\vinicius\desktop\age of empires ii c\the conqueror sem patch.exe] => (Allow) C:\users\vinicius\desktop\age of empires ii c\the conqueror sem patch.exe
FirewallRules: [{D61BA94C-28DD-49E2-8BF7-09D804D14AB6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4BE64625-F546-4F22-982B-E3B779A809CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{124E0794-11DB-4865-A2BC-638A75375415}C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{D160D73C-7A89-45E3-846F-E5F85916DD3A}C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{CCEE26FB-5746-4A62-BC16-450CB3ACC4F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{125C959D-4808-4C79-8041-82BB93D45BD9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{62FCB87D-80D1-4B2F-A4E7-B643B9A7F88F}C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{65381F03-FDD4-448E-87DC-D710FA7438F6}C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{15D6CA4E-6877-4AC8-B1FA-38264CD95892}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{ACD91D34-5FC1-4C08-8BDE-28B7B216CA7B}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [TCP Query User{C7856C83-5E38-470F-8430-3386A2B330B5}C:\users\vinicius\desktop\age of empires ii c\jogar.exe] => (Allow) C:\users\vinicius\desktop\age of empires ii c\jogar.exe
FirewallRules: [UDP Query User{230D4770-E714-4008-92EF-558F19D938D1}C:\users\vinicius\desktop\age of empires ii c\jogar.exe] => (Allow) C:\users\vinicius\desktop\age of empires ii c\jogar.exe
FirewallRules: [TCP Query User{E530B138-C31F-4368-B456-A3BB00DEA3C9}C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8ACC896C-5ACA-4DD4-AE63-15789675629D}C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vinicius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{95D3E4B0-AFFE-4A38-A044-ABF378A453A6}C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{5C705028-61AF-4616-A06C-418A97B6532C}C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\vinicius\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{52605B92-4226-4510-A403-99376049F5BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
01-02-2016 23:00:01 Ponto de Verificação Agendado
09-02-2016 23:00:00 Ponto de Verificação Agendado
17-02-2016 15:00:59 Ponto de Verificação Agendado
25-02-2016 00:00:01 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Dispositivo do sistema básico
Description: Dispositivo do sistema básico
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo do sistema básico
Description: Dispositivo do sistema básico
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/20/2016 06:38:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: ace_engine.exe, versão: 0.0.0.0, carimbo de hora: 0x547c2acc
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.18933, carimbo de hora: 0x55a69e20
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0003d968
Identificação do processo com falha: 0x9d8
Hora de início do aplicativo com falha: 0xace_engine.exe0
Caminho do aplicativo com falha: ace_engine.exe1
FCaminho do módulo de falhas: ace_engine.exe2
Identificação do Relatório: ace_engine.exe3
Error: (02/17/2016 02:29:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2016 02:05:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2016 01:39:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2016 01:29:59 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3352) WindowsMail0: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente.
Error: (02/17/2016 01:29:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2016 01:16:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: ktpcntr.exe, versão: 9.1.0.5248, carimbo de hora: 0x565ed70e
Nome do módulo de falhas: msvcrt.dll, versão: 7.0.7601.17744, carimbo de hora: 0x4eeaf722
Código de exceção: 0x40000015
Deslocamento com falha: 0x0005620a
Identificação do processo com falha: 0x17a8
Hora de início do aplicativo com falha: 0xktpcntr.exe0
Caminho do aplicativo com falha: ktpcntr.exe1
FCaminho do módulo de falhas: ktpcntr.exe2
Identificação do Relatório: ktpcntr.exe3
Error: (02/17/2016 01:14:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa mbot_en_037050240.exe versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 19c0
Hora de Início: 01d1699ceb308b7b
Hora de Término: 0
Caminho do Aplicativo: C:\Program Files (x86)\mbot_en_037050240\mbot_en_037050240.exe
Id do Relatório: 6ad54dff-d591-11e5-9fa2-2089840c5f02
Error: (02/17/2016 12:44:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2016 12:27:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa ynseB689.exe versão 1.0.0.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 1f98
Hora de Início: 01d1690f1fde8aa9
Hora de Término: 4020
Caminho do Aplicativo: C:\Program Files (x86)\8333F190-1455478810-E211-A7B8-2089840C5F02\ynseB689.exe
Id do Relatório: daa810b9-d58a-11e5-91b9-2089840c5f02
Erros de Sistema:
=============
Error: (02/27/2016 03:21:06 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/27/2016 03:20:53 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:38:57 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:38:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:38:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:38:49 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:37:43 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:37:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:37:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
Error: (02/26/2016 04:37:39 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.
CodeIntegrity:
===================================
Date: 2016-02-16 19:53:21.633
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:21.603
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:19.442
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:19.422
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:19.172
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:19.152
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:18.541
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:18.511
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:18.221
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 19:53:18.201
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentagem de memória em uso: 53%
RAM física total: 3914.36 MB
RAM física disponível: 1814.93 MB
Virtual Total: 7826.91 MB
Virtual disponível: 5322.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:117.09 GB) (Free:78.34 GB) NTFS
Drive d: () (Fixed) (Total:348.57 GB) (Free:298.83 GB) NTFS
Drive e: (MeuDisco) (CDROM) (Total:4.28 GB) (Free:0 GB) CDFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7049F2E9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348.6 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================