cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:03-06-2016
Executado por Nilson (2016-06-04 07:43:04)
Executando a partir de C:\Users\Nilson\Downloads
Windows 10 Pro (X64) (2016-05-18 09:02:15)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-805666459-2153562022-660727754-500 - Administrator - Disabled)
Convidado (S-1-5-21-805666459-2153562022-660727754-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-805666459-2153562022-660727754-503 - Limited - Disabled)
Nilson (S-1-5-21-805666459-2153562022-660727754-1000 - Administrator - Enabled) => C:\Users\Nilson

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

ArcSoft TotalMedia 3.5 (x32 Version: - ArcSoft) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
BlueStacks App Player (HKLM-x32\...\{AA655366-D323-404D-AA9B-AD562CAE1DD0}) (Version: 2.2.21.6212 - BlueStack Systems, Inc.)
Connectify 2016 (HKLM\...\Connectify) (Version: 2016.0.4.37248 - Connectify)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HSPA USB Modem (HKLM-x32\...\HSPA USB Modem) (Version: 1.0.0.1 - HSPA USB Modem)
Kodi (HKU\S-1-5-21-805666459-2153562022-660727754-1000\...\Kodi) (Version: - XBMC-Foundation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM-x32\...\{714692fa-709b-4925-8170-821d51135f42}) (Version: 14.0.22816.0 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)
Plugin Car (HKU\S-1-5-21-805666459-2153562022-660727754-1000\...\{6F8D269A-0C60-70F5-73AC-81BF148C7180}) (Version: 1.3.1 - Pool Component corp) <==== ATENÇÃO
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.02 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Remote Mouse version 2.804 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.804 - Remote Mouse)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.21 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.50527 A - TeamViewer)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.3.4 - Unified Intents AB)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsaw 1.12.3.5 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.3.5 - GAS Tecnologia)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-805666459-2153562022-660727754-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nilson\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0273DCD8-9946-4C3C-9DC3-BD86ECB2E0BA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {059E7109-5D12-4CD2-B04D-B2D855CAC945} - System32\Tasks\{83774A85-39B7-4D20-ABEC-55DBC9CFB4C6} => pcalua.exe -a "C:\Program Files (x86)\FreeTime\FormatFactory\FFInst.exe" -d "C:\Program Files (x86)\FreeTime\FormatFactory" -c /Codec /AVISynth /MenuContext
Task: {07B5839B-C941-4FBB-A7C5-55D60C961F66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-28] (Google Inc.)
Task: {0C7BF3DD-B01D-4667-AF5F-8992087A12B4} - System32\Tasks\{E3A4F904-A2C4-4497-9131-C8A802911ECB} => C:\Users\Nilson\Documents\futebol\we9.exe [2012-07-17] (KONAMI)
Task: {193B5527-DC16-443C-B46E-4960AE90BB27} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {1CCE173E-8F5E-4B43-BF9E-D3C2C1BFE6E1} - System32\Tasks\Plugin Car => Rundll32.exe "C:\Users\Nilson\AppData\Local\Plugin Car\{C0798914-591B-234B-BC5C-075E751CAAF4}\PluginCar.dll",#1 <==== ATENÇÃO
Task: {2DF5D37F-69E5-47E6-910C-6A9F4196D554} - System32\Tasks\{B73A70F7-27DF-473E-AFBA-A6A94708EF00} => pcalua.exe -a C:\Users\Nilson\Downloads\IN12STW05WW3.exe -d C:\Users\Nilson\Downloads
Task: {33681408-D67C-4831-BD3C-D16A41201E69} - System32\Tasks\SafeZone scheduled Autoupdate 1462020485 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {3AF6973F-43E4-486D-B193-F4396C309EA6} - System32\Tasks\NilsonBudgetBigheadV2 => Rundll32.exe ChorionForgers.dll,main 7 1 <==== ATENÇÃO
Task: {4C9AA51E-F468-429E-B045-8B70C99247E6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {4F062448-BEED-45C1-8791-5E6A12A445EA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-04-30] (AVAST Software)
Task: {51C08CF8-18DE-4FFD-9318-4E2AECB32A9D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {5657C16F-988D-4A80-BA04-EDA3CE7A60DC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {63347B58-732E-474C-913B-7B941046ECF5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {75786AF9-56D2-43F3-9C0A-52C483731ADB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {805221FB-3FCC-4BA2-AF2B-C010442698B2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {867AE98D-92C7-4BD3-8BD0-6C2360802012} - System32\Tasks\Plugin Car2 => Rundll32.exe "C:\Users\Nilson\AppData\Local\Plugin Car\{C0798914-591B-234B-BC5C-075E751CAAF4}\sva.dll",#1 <==== ATENÇÃO
Task: {98BB6042-573D-45CC-B0BC-2E767E615D92} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A0B4C20E-1CB5-42F9-B706-D17F8ECFA4F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {A67B8B01-60F7-47A9-8A95-0B9472EED12F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {A7E72F2C-8C76-4836-83DF-0E22F93A9A5D} - System32\Tasks\{03949533-2A8E-4D0A-8D8B-7B10ED9928BD} => pcalua.exe -a "C:\Users\Nilson\Desktop\Drivers\Lenovo TV Player\setup.exe" -d "C:\Users\Nilson\Desktop\Drivers\Lenovo TV Player"
Task: {A8AEAE24-0DB7-439E-909C-ABA70182C808} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {ABC68384-6E94-471D-BC13-56EC717888D7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {AED3F07E-048D-484E-9A0E-FB00CC37E80F} - System32\Tasks\{533BC16B-38AE-452B-8255-EB8569FB37B2} => pcalua.exe -a C:\Users\Nilson\AppData\Roaming\yoursearching\UninstallManager.exe -c -ptid=face
Task: {AFC6C273-D6C1-4935-8BD2-BA75131D457F} - System32\Tasks\Nimeckreelule Log => C:\Program Files (x86)\Nimeckreelule\Nmclogtask.exe <==== ATENÇÃO
Task: {B04AB50B-1AB1-4BE6-938F-C73808BB19FA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {C6701356-1EAA-4F19-A5A5-513A6408DA0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-28] (Google Inc.)
Task: {CB3A2255-5B30-4617-8CBF-33AF724CB81D} - System32\Tasks\{B3FCADAD-084B-4BB0-BE04-4594BBF3FCEB} => pcalua.exe -a "C:\Users\Nilson\Desktop\Drivers\Lenovo TV Player\instmsiw.exe" -d "C:\Users\Nilson\Desktop\Drivers\Lenovo TV Player"
Task: {D25963DC-331D-4DED-A743-3B7F9BD489F9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {D556F408-5D92-435D-8139-28D861CECB16} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {EDEFCF1B-95BB-4C63-B581-66C02BF8119B} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-08-19] (SlimWare Utilities, Inc.)
Task: {F52E8BD8-F960-4E0F-8DBD-F4A9F6032E48} - System32\Tasks\{004CC968-FA9B-425E-9914-CA48CDD39250} => pcalua.exe -a "C:\Users\Nilson\Downloads\total media full\driver\driver.exe" -d "C:\Users\Nilson\Downloads\total media full\driver"

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Nilson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Nilson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

==================== Módulos Carregados (Whitelisted) ==============

2015-09-10 02:07 - 2015-09-10 02:07 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2016-05-19 21:11 - 2016-03-16 01:55 - 02495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-19 21:11 - 2016-03-16 01:55 - 02495768 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-18 06:13 - 2016-05-18 06:13 - 00959168 _____ () C:\Users\Nilson\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-19 21:09 - 2015-09-17 02:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-19 21:12 - 2015-11-25 01:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-19 21:11 - 2015-11-25 01:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-19 21:12 - 2015-11-25 01:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-19 21:12 - 2015-09-17 02:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-18 06:11 - 2016-05-18 06:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-05-28 15:23 - 2016-05-24 20:24 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.63\libglesv2.dll
2016-05-28 15:23 - 2016-05-24 20:24 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.63\libegl.dll
2016-04-30 09:39 - 2016-04-30 09:39 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-04-30 09:39 - 2016-04-30 09:39 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-04 07:10 - 2016-06-04 07:10 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\16060400\algo.dll
2016-04-30 09:39 - 2016-04-30 09:39 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-04-30 09:39 - 2016-04-30 09:39 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-22 00:20 - 2016-05-20 10:38 - 00898616 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2016-04-26 15:40 - 2016-05-14 18:23 - 03306496 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll
2016-05-18 06:13 - 2016-05-18 06:13 - 00679624 _____ () C:\Users\Nilson\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-04-30 09:39 - 2016-04-30 09:39 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-05-21 11:05 - 2016-03-18 08:32 - 02160128 _____ () C:\Users\Nilson\AppData\Local\Chromium\Application\51.0.2683.0\libglesv2.dll
2016-05-21 11:05 - 2016-03-18 08:32 - 00075776 _____ () C:\Users\Nilson\AppData\Local\Chromium\Application\51.0.2683.0\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-805666459-2153562022-660727754-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-805666459-2153562022-660727754-1000\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-805666459-2153562022-660727754-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-805666459-2153562022-660727754-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-805666459-2153562022-660727754-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2016-05-21 17:18 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-805666459-2153562022-660727754-1000\Control Panel\Desktop\\Wallpaper -> c:\users\nilson\pictures\ronald e emanoel.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\Windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
MSCONFIG\startupreg: Diebold - Warsaw => C:\Program Files\Diebold\Warsaw\core.exe
MSCONFIG\startupreg: PLFSetL => C:\Windows\\PLFSetL.exe
MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{ABB0098E-B17F-46E7-9089-BDA5AE7E9E4F}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{A70ADF5B-3D33-4457-A3E2-44C7021B3BD7}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [UDP Query User{A2B480E8-D650-4C32-9E54-6CAA12BF2AB4}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{7E276317-F9A4-4701-82A7-C42EE4C9DF51}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{DC787200-7DF6-458E-BD71-E21582C4841B}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{21992590-2566-452C-8BF4-F6B72F04D359}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{146F6840-47D8-4315-8991-3E897A8C29F4}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{0557D820-A66C-4CDE-8AB2-1228B5B9BB8B}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [{2A3242D6-7297-4686-91FA-4FDE8B6DBA95}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{4E3861EB-8970-4868-BB5A-7109EB3241E7}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{AA742E5A-4A27-4B71-B5EE-0B573DA28602}] => (Allow) C:\Program Files (x86)\Lenovo\ArcSoft TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{477B6EE1-83BC-4613-99DB-6B700E1A738A}] => (Allow) C:\Program Files (x86)\Lenovo\ArcSoft TotalMedia 3.5\TotalMedia.exe
FirewallRules: [UDP Query User{031D8B08-34E5-4C9F-B4C5-B0EC14C3F578}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [TCP Query User{0854D22E-D7E3-4796-AA23-A1CB58A2B020}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [{9DE63343-EFE2-4612-B5F0-BA78435B6BFD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{0454FE42-4832-4181-A5D3-E7AE773638A3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{D600612E-5352-437F-8DD0-351F49D69A1A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{9F320897-17FA-4EBC-9D58-D17A23BF8160}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{62D769CF-51B6-40F6-97BB-7547AE476BC9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{9772AA81-9404-4E1D-9123-7ECD2439995B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{7574E6B1-89C3-4118-87A5-B23C7195FE66}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{315B2298-2AA9-4A31-81E8-6A52C20B70AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6A6B6DB1-4F72-46C1-AC34-3D96729349E6}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{0E3FA3E3-2091-4C2D-A9F4-B7FF0C738572}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{9833CDC3-2FB5-4249-B91D-903FA644C472}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{9879CF19-056F-4282-B0ED-BD0B980370F2}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{31272D94-8322-479A-9614-8E10E9655014}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2C488848-572A-4764-82FF-EA30414ADA7D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FB4E4C6D-A3DD-41AF-B77A-754E6C39571E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1A8E547F-59AE-4FB6-9465-D45433C3F7C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{44A388E3-7966-49A9-9173-9957A05666E9}C:\users\nilson\documents\futebol\we9.exe] => (Block) C:\users\nilson\documents\futebol\we9.exe
FirewallRules: [TCP Query User{22F17A92-D7E1-4B36-AB21-3637949FD50F}C:\users\nilson\documents\futebol\we9.exe] => (Block) C:\users\nilson\documents\futebol\we9.exe
FirewallRules: [UDP Query User{523B9578-243F-4F87-B1CB-19FE2D078001}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{D23EA3EF-B6F0-46C4-BBFA-8F9D56CD1749}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{2C783485-AC76-4EC4-9587-0069AADEBE5D}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{E2E5C867-D9F2-431D-99DD-02526928BC83}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{B4BB9AF8-1291-469D-901E-6F16AAEC42A6}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{7ED889C4-E99A-4887-987F-28ED45F12F0A}] => (Allow) C:\Users\Nilson\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{A323098E-5AD8-4FCD-92B3-27798AA159F5}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{0F8E993C-FF43-49CA-96EF-1CB08CC32DA6}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{52EFF44E-2CAD-4194-A355-B2689FE5F7E7}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll
FirewallRules: [{73EA13C0-9DE1-4382-893C-1162DB52262F}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll
FirewallRules: [{90369B1C-3645-4AC6-AAAD-116939620471}] => (Allow) C:\Program Files (x86)\Connectify\Connectify.exe
FirewallRules: [{2FE6BA5C-0885-4EA7-B70E-3D060589E163}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{A26632F5-96E6-4FBC-9167-512673F5053A}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{A32D2FB7-04C5-4C5D-B398-B450B94F7F42}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{EA4EB588-FCC8-4963-B92F-904216C55533}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{014E9156-8F8C-4E14-B5EB-EBC931919C83}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{C1F4FD60-DD20-41B3-9847-DE6457CFB5C3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B401A2ED-A3D9-4533-8B71-50E194F5DBAF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

18-05-2016 22:42:22 Removido TotalMedia
21-05-2016 17:19:11 Removido Acer Crystal Eye Webcam Video Class Camera
25-05-2016 21:00:59 Instalador de Módulos do Windows
28-05-2016 10:50:58 SlimDrivers Installing Drivers

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (06/04/2016 07:28:24 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (06/04/2016 07:28:22 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (06/04/2016 07:28:21 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (06/04/2016 07:28:21 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (06/04/2016 07:28:19 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (06/04/2016 07:28:19 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (06/04/2016 07:28:18 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/04/2016 07:10:08 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (06/04/2016 07:10:06 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (06/04/2016 07:10:06 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description:


Erros de Sistema:
=============
Error: (06/04/2016 07:28:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (06/04/2016 07:28:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (06/04/2016 07:28:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%193

Error: (06/04/2016 07:28:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%193

Error: (06/04/2016 07:28:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%193

Error: (06/04/2016 07:28:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%193

Error: (06/04/2016 07:26:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (06/04/2016 07:26:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (06/04/2016 07:25:46 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Listener Adapter Net.Tcp depende do serviço Serviço de Compartilhamento de Porta Net.Tcp, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058

Error: (06/04/2016 07:24:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.


CodeIntegrity:
===================================
Date: 2016-05-21 17:21:30.203
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Users\Nilson\AppData\Local\{1B5E2D02-3FF6-41BA-526E-6452760698CA}\uninstall.exe that did not meet the Microsoft signing level requirements.

Date: 2016-05-21 17:21:17.524
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Users\Nilson\AppData\Local\{1B5E2D02-3FF6-41BA-526E-6452760698CA}\uninstall.exe that did not meet the Microsoft signing level requirements.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3 CPU M 390 @ 2.67GHz
Percentagem de memória em uso: 45%
RAM física total: 3766.81 MB
RAM física disponível: 2051.17 MB
Virtual Total: 7814.81 MB
Virtual disponível: 5936.24 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.3 GB) (Free:194.39 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 6125D62E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=497 MB) - (Type=27)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité