Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:05-03-2016 01
Executado por Alice Mota (2016-03-05 17:25:04)
Executando a partir de C:\Users\Alice Mota\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2016-01-14 20:00:22)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2328873562-1806874857-566758227-500 - Administrator - Disabled)
Alice Mota (S-1-5-21-2328873562-1806874857-566758227-1000 - Administrator - Enabled) => C:\Users\Alice Mota
Convidado (S-1-5-21-2328873562-1806874857-566758227-501 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2567 - Intel Corporation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 44.0.2 (x86 pt-BR) (HKLM\...\Mozilla Firefox 44.0.2 (x86 pt-BR)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MTA: Race for San Andreas 1.1.1 (HKLM\...\MTA: Race for San Andreas) (Version: 1.1.1 - Multi Theft Auto)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7484 - Realtek Semiconductor Corp.)
Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated)
Tweaks.com Logon Changer (HKLM\...\{12F8EFF0-5C16-473B-99AD-67AB866C3E07}) (Version: 2.0.0 - Advanced PC Media LLC)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2328873562-1806874857-566758227-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Alice Mota\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx => Nenhum Arquivo
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {04DB0FC4-53F4-441A-80A2-CD03B97DE467} - System32\Tasks\Zuajtaut => C:\PROGRA~1\GROOVE~1\Olydset.bat
Task: {4570DF28-A877-4E04-B545-602E4F0C4629} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-25] (Google Inc.)
Task: {75BA4BC8-FFD8-43FF-B37C-CE9B2E091EBC} - System32\Tasks\ttwifi => C:\Program Files\ttwifi\tiantianwifi.exe
Task: {8D5E9CBA-18B9-44D9-9826-6EEE52EE47B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-25] (Google Inc.)
Task: {C4210118-DA41-4717-A71F-2D12A64978EF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D1F229B8-5D62-4AF2-AA75-A46FFD31D742} - System32\Tasks\Nonaji => C:\PROGRA~1\SHOPPE~1\Farifi.bat
Task: {FCC34F04-705E-41CA-BFD1-070990EDEC6E} - System32\Tasks\Tosmuel => C:\PROGRA~1\SHOPPE~2\Eebupuny.bat
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 ____C () C:\Windows\system32\slc.dll
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 ____C () C:\Windows\System32\slc.dll
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 ____C () c:\windows\system32\slc.dll
2016-01-14 23:41 - 2014-02-10 11:44 - 04592128 ____C () C:\Users\Alice Mota\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2016-01-14 23:41 - 2014-02-10 11:44 - 00112128 ____C () C:\Users\Alice Mota\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2016-02-24 19:00 - 00001110 ___AC C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2328873562-1806874857-566758227-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alice Mota\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 177.222.229.251 - 177.222.229.252
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\startupreg: Adobe ARM => "c:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{EA700852-FC75-449F-A129-5511CB434666}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{0861B400-6A54-4EB2-8F68-CE17CAFC8D05}C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9743235D-3574-45B0-AE5A-5ED2461F8FCA}C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{3FDC2F1B-F047-44F3-A8A2-20631B351131}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5896EB96-2AE7-4C78-951A-768E273AE17F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{048B406D-59A9-4F8B-85CC-5204447AD8A9}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CC93169E-A0FB-49C5-A3C0-FEAC32C5294D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BD4214F6-384A-4F69-BB7E-709B5BA72998}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EB8499B8-ACE4-406F-9304-157ABF679D94}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DE297A2A-84CA-45D5-81EE-B2D776B70A4F}] => (Allow) C:\Program Files\SprgFiles\SprgFiles.exe
FirewallRules: [{97346896-675D-4064-94A7-46A851712F9F}] => (Allow) C:\Program Files\SprgFiles\SprgFiles.exe
FirewallRules: [{2CD0B02F-ED71-4F55-90DD-90EFC400A161}] => (Allow) C:\Program Files\SprgFiles\downloader.exe
FirewallRules: [{578B6430-137C-41AA-86D1-E5EA78347A34}] => (Allow) C:\Program Files\SprgFiles\downloader.exe
FirewallRules: [{858B1EFD-79F8-4D5D-B00D-5667636A3ED8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
26-02-2016 09:20:16 JRT Pre-Junkware Removal
27-02-2016 17:06:18 Windows Update
28-02-2016 11:50:19 zoek.exe restore point
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: MpKsl0d640d57
Description: MpKsl0d640d57
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl0d640d57
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/01/2016 11:52:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Nome do módulo de falhas: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00346929
Identificação do processo com falha: 0x8fa0
Hora de início do aplicativo com falha: 0xgta_sa.exe0
Caminho do aplicativo com falha: gta_sa.exe1
FCaminho do módulo de falhas: gta_sa.exe2
Identificação do Relatório: gta_sa.exe3
Error: (02/27/2016 05:03:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/26/2016 10:12:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Nome do módulo de falhas: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00346929
Identificação do processo com falha: 0xf54
Hora de início do aplicativo com falha: 0xgta_sa.exe0
Caminho do aplicativo com falha: gta_sa.exe1
FCaminho do módulo de falhas: gta_sa.exe2
Identificação do Relatório: gta_sa.exe3
Error: (02/26/2016 10:11:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Nome do módulo de falhas: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00346929
Identificação do processo com falha: 0xcd0
Hora de início do aplicativo com falha: 0xgta_sa.exe0
Caminho do aplicativo com falha: gta_sa.exe1
FCaminho do módulo de falhas: gta_sa.exe2
Identificação do Relatório: gta_sa.exe3
Error: (02/26/2016 09:19:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/25/2016 09:37:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/25/2016 08:33:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/25/2016 11:35:18 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\Users\ALICEM~1\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Descrição = JRT Pre-Junkware Removal; Erro = 0x81000101).
Error: (02/25/2016 11:12:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/25/2016 09:44:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Erros de Sistema:
=============
Error: (03/05/2016 05:19:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
Error: (03/05/2016 05:19:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço RIP de Escuta suspenso ao iniciar.
Error: (03/05/2016 05:17:53 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: O serviço SNMP encontrou um erro ao acessar a chave do Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (03/05/2016 05:17:50 PM) (Source: IPRIP) (EventID: 29048) (User: )
Description: Falha do serviço 'RIP de escuta' durante a inicialização
Error: (03/05/2016 05:17:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 01:21:50 às 05/03/2016 não era esperado.
Error: (03/01/2016 10:49:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
Error: (03/01/2016 10:49:49 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço RIP de Escuta suspenso ao iniciar.
Error: (03/01/2016 10:48:25 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: O serviço SNMP encontrou um erro ao acessar a chave do Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (03/01/2016 10:48:20 AM) (Source: IPRIP) (EventID: 29048) (User: )
Description: Falha do serviço 'RIP de escuta' durante a inicialização
Error: (02/29/2016 09:09:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
==================== Informações da Memória ===========================
Processador: Intel(R) Atom(TM) CPU N455 @ 1.66GHz
Percentagem de memória em uso: 75%
RAM física total: 2037.3 MB
RAM física disponível: 503.7 MB
Virtual Total: 3061.3 MB
Virtual disponível: 1583.84 MB
==================== Drives ================================
Drive c: (Windows 7 OS) (Fixed) (Total:112 GB) (Free:78.08 GB) NTFS
Drive d: () (Fixed) (Total:165.99 GB) (Free:108.57 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 3F0D3FC8)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=166 GB) - (Type=OF Extended)
==================== Fim de Addition.txt ============================
Executado por Alice Mota (2016-03-05 17:25:04)
Executando a partir de C:\Users\Alice Mota\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2016-01-14 20:00:22)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2328873562-1806874857-566758227-500 - Administrator - Disabled)
Alice Mota (S-1-5-21-2328873562-1806874857-566758227-1000 - Administrator - Enabled) => C:\Users\Alice Mota
Convidado (S-1-5-21-2328873562-1806874857-566758227-501 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2567 - Intel Corporation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 44.0.2 (x86 pt-BR) (HKLM\...\Mozilla Firefox 44.0.2 (x86 pt-BR)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MTA: Race for San Andreas 1.1.1 (HKLM\...\MTA: Race for San Andreas) (Version: 1.1.1 - Multi Theft Auto)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7484 - Realtek Semiconductor Corp.)
Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated)
Tweaks.com Logon Changer (HKLM\...\{12F8EFF0-5C16-473B-99AD-67AB866C3E07}) (Version: 2.0.0 - Advanced PC Media LLC)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2328873562-1806874857-566758227-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Alice Mota\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx => Nenhum Arquivo
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {04DB0FC4-53F4-441A-80A2-CD03B97DE467} - System32\Tasks\Zuajtaut => C:\PROGRA~1\GROOVE~1\Olydset.bat
Task: {4570DF28-A877-4E04-B545-602E4F0C4629} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-25] (Google Inc.)
Task: {75BA4BC8-FFD8-43FF-B37C-CE9B2E091EBC} - System32\Tasks\ttwifi => C:\Program Files\ttwifi\tiantianwifi.exe
Task: {8D5E9CBA-18B9-44D9-9826-6EEE52EE47B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-25] (Google Inc.)
Task: {C4210118-DA41-4717-A71F-2D12A64978EF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D1F229B8-5D62-4AF2-AA75-A46FFD31D742} - System32\Tasks\Nonaji => C:\PROGRA~1\SHOPPE~1\Farifi.bat
Task: {FCC34F04-705E-41CA-BFD1-070990EDEC6E} - System32\Tasks\Tosmuel => C:\PROGRA~1\SHOPPE~2\Eebupuny.bat
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 ____C () C:\Windows\system32\slc.dll
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 ____C () C:\Windows\System32\slc.dll
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 ____C () c:\windows\system32\slc.dll
2016-01-14 23:41 - 2014-02-10 11:44 - 04592128 ____C () C:\Users\Alice Mota\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2016-01-14 23:41 - 2014-02-10 11:44 - 00112128 ____C () C:\Users\Alice Mota\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2016-02-24 19:00 - 00001110 ___AC C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2328873562-1806874857-566758227-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alice Mota\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 177.222.229.251 - 177.222.229.252
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\startupreg: Adobe ARM => "c:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{EA700852-FC75-449F-A129-5511CB434666}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{0861B400-6A54-4EB2-8F68-CE17CAFC8D05}C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9743235D-3574-45B0-AE5A-5ED2461F8FCA}C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\alice mota\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{3FDC2F1B-F047-44F3-A8A2-20631B351131}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5896EB96-2AE7-4C78-951A-768E273AE17F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{048B406D-59A9-4F8B-85CC-5204447AD8A9}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CC93169E-A0FB-49C5-A3C0-FEAC32C5294D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BD4214F6-384A-4F69-BB7E-709B5BA72998}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EB8499B8-ACE4-406F-9304-157ABF679D94}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DE297A2A-84CA-45D5-81EE-B2D776B70A4F}] => (Allow) C:\Program Files\SprgFiles\SprgFiles.exe
FirewallRules: [{97346896-675D-4064-94A7-46A851712F9F}] => (Allow) C:\Program Files\SprgFiles\SprgFiles.exe
FirewallRules: [{2CD0B02F-ED71-4F55-90DD-90EFC400A161}] => (Allow) C:\Program Files\SprgFiles\downloader.exe
FirewallRules: [{578B6430-137C-41AA-86D1-E5EA78347A34}] => (Allow) C:\Program Files\SprgFiles\downloader.exe
FirewallRules: [{858B1EFD-79F8-4D5D-B00D-5667636A3ED8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
26-02-2016 09:20:16 JRT Pre-Junkware Removal
27-02-2016 17:06:18 Windows Update
28-02-2016 11:50:19 zoek.exe restore point
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: MpKsl0d640d57
Description: MpKsl0d640d57
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl0d640d57
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/01/2016 11:52:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Nome do módulo de falhas: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00346929
Identificação do processo com falha: 0x8fa0
Hora de início do aplicativo com falha: 0xgta_sa.exe0
Caminho do aplicativo com falha: gta_sa.exe1
FCaminho do módulo de falhas: gta_sa.exe2
Identificação do Relatório: gta_sa.exe3
Error: (02/27/2016 05:03:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/26/2016 10:12:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Nome do módulo de falhas: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00346929
Identificação do processo com falha: 0xf54
Hora de início do aplicativo com falha: 0xgta_sa.exe0
Caminho do aplicativo com falha: gta_sa.exe1
FCaminho do módulo de falhas: gta_sa.exe2
Identificação do Relatório: gta_sa.exe3
Error: (02/26/2016 10:11:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Nome do módulo de falhas: gta_sa.exe, versão: 0.0.0.0, carimbo de hora: 0x427101ca
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00346929
Identificação do processo com falha: 0xcd0
Hora de início do aplicativo com falha: 0xgta_sa.exe0
Caminho do aplicativo com falha: gta_sa.exe1
FCaminho do módulo de falhas: gta_sa.exe2
Identificação do Relatório: gta_sa.exe3
Error: (02/26/2016 09:19:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/25/2016 09:37:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/25/2016 08:33:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/25/2016 11:35:18 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\Users\ALICEM~1\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Descrição = JRT Pre-Junkware Removal; Erro = 0x81000101).
Error: (02/25/2016 11:12:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/25/2016 09:44:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Erros de Sistema:
=============
Error: (03/05/2016 05:19:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
Error: (03/05/2016 05:19:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço RIP de Escuta suspenso ao iniciar.
Error: (03/05/2016 05:17:53 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: O serviço SNMP encontrou um erro ao acessar a chave do Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (03/05/2016 05:17:50 PM) (Source: IPRIP) (EventID: 29048) (User: )
Description: Falha do serviço 'RIP de escuta' durante a inicialização
Error: (03/05/2016 05:17:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 01:21:50 às 05/03/2016 não era esperado.
Error: (03/01/2016 10:49:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
Error: (03/01/2016 10:49:49 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço RIP de Escuta suspenso ao iniciar.
Error: (03/01/2016 10:48:25 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: O serviço SNMP encontrou um erro ao acessar a chave do Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (03/01/2016 10:48:20 AM) (Source: IPRIP) (EventID: 29048) (User: )
Description: Falha do serviço 'RIP de escuta' durante a inicialização
Error: (02/29/2016 09:09:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
==================== Informações da Memória ===========================
Processador: Intel(R) Atom(TM) CPU N455 @ 1.66GHz
Percentagem de memória em uso: 75%
RAM física total: 2037.3 MB
RAM física disponível: 503.7 MB
Virtual Total: 3061.3 MB
Virtual disponível: 1583.84 MB
==================== Drives ================================
Drive c: (Windows 7 OS) (Fixed) (Total:112 GB) (Free:78.08 GB) NTFS
Drive d: () (Fixed) (Total:165.99 GB) (Free:108.57 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 3F0D3FC8)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=166 GB) - (Type=OF Extended)
==================== Fim de Addition.txt ============================