Addition.txt

Document joint : FGltogA8iyw_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 10-07-2016 01
Executado por Yeshua (2016-07-11 15:54:01)
Executando a partir de C:\Users\Yeshua\Downloads
Windows 10 Pro Versão 1511 (X64) (2016-06-30 19:16:34)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

Administrador (S-1-5-21-655074763-3298216413-123103994-500 - Administrator - Disabled)
Convidado (S-1-5-21-655074763-3298216413-123103994-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-655074763-3298216413-123103994-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-655074763-3298216413-123103994-1014 - Limited - Enabled)
Yeshua (S-1-5-21-655074763-3298216413-123103994-1000 - Administrator - Enabled) => C:\Users\Yeshua

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: Firewall pessoal da ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-655074763-3298216413-123103994-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 16.02 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1602-000001000000}) (Version: 16.02.00.0 - Igor Pavlov)
ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (Version: 21.0.52.0 - Autodesk) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{9204C155-00EA-6388-9362-01D16FFA114C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Aplicativo da área de trabalho Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.1.0.272 - Autodesk)
Aplicativos da Autodesk em destaque 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros)
AutoCAD 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Dell System Detect (HKU\S-1-5-21-655074763-3298216413-123103994-1000\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version: - SEIKO EPSON Corporation)
ESET Smart Security (HKLM\...\{0237498F-BC8E-442E-BC7E-30AA60CBAF46}) (Version: 9.0.381.1 - ESET, spol. s r.o.)
Importação do SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 Language Pack (KB2817427) 64-Bit Edition (Version: - Microsoft) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-655074763-3298216413-123103994-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-655074763-3298216413-123103994-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Yeshua\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-655074763-3298216413-123103994-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-655074763-3298216413-123103994-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc.)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {2A58340A-FDDB-4E43-A615-679A2200E2F9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {2F723898-1467-4090-B128-58CBE044C60E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {391A4093-543B-48AB-A2CD-3E66BA3FACE3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {39793CFA-6F57-4588-BCF2-9BE3C6630182} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {40D2068E-4DE8-4E7A-B4EC-E621FD1C2C94} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {48FA6D95-ED92-4433-8ABF-CF6A95956AB7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {4BD7D5A3-03A3-4FAC-9ECF-EBB440D8CF33} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {5A004081-19E1-4609-B21C-D5B2B26AA517} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {5C03DF47-03E7-425F-9FE8-2BE884FC423B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {7E9E336A-3551-4B29-94A3-5A1BE3369058} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Yeshua-PC-Yeshua Yeshua-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-01-23] (Microsoft Corporation)
Task: {80E74C97-D9CE-4600-8128-F9ED41AAEAC0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {8474605F-5E5C-4AB2-9212-263F45BBC339} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {899994D5-17A3-4ADE-A81B-F15964D84F47} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {97982558-3667-4039-865A-E8EF22AED711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {9C95E6EF-99E6-437E-A3C1-93BD581D012B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A921520C-2EA2-4881-8AF8-59C2F1BAF8E3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {ABABF677-E50B-4BD1-B97F-CA85D20BC11C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B6814D8B-49DA-4CE8-B2F5-6447EB7F6933} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {B6D4E2AC-CB5A-4A3C-82D3-D2EE90298930} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {BA04E042-E961-4905-BA0D-B9E6C5EDE1F2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BC03704E-DD3E-498D-A4AC-8C3B67820CDC} - System32\Tasks\EPSON XP-410 Series Update {FDD84D49-DD10-4241-A35C-BD8F7110F481} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2014-11-20] (SEIKO EPSON CORPORATION)
Task: {D6B2243D-CA1F-446C-9DB7-285E1F818ABD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {D6FD3568-7C2A-4208-8828-15D3B9A38EE3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DAB3BFB2-5CF1-46AD-8541-FDF50348683C} - System32\Tasks\EPSON XP-410 Series Invitation {FDD84D49-DD10-4241-A35C-BD8F7110F481} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2014-11-20] (SEIKO EPSON CORPORATION)
Task: {DC22A27E-7BD4-4337-A741-0009F9320F2D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {E00808F8-33D3-48A1-B022-E56450667543} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {EF4102E5-B2D0-49E2-8FB1-45BF0A556B5F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F86D1705-9B53-4CE0-B1D5-A687969174F6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {F98C5DDB-864E-40D9-B5B3-8AA1379D89D1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {FDD84D49-DD10-4241-A35C-BD8F7110F481}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {FDD84D49-DD10-4241-A35C-BD8F7110F481}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE:/EXE:{FDD84D49-DD10-4241-A35C-BD8F7110F481} /F:UpdateWORKGROUP\YESHUA-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-30 15:58 - 2016-06-30 15:58 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-30 17:28 - 2016-06-30 17:30 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-30 15:58 - 2016-06-30 15:58 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-30 19:16 - 2016-06-30 19:16 - 00959168 _____ () C:\Users\Yeshua\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-06-30 15:58 - 2016-06-30 15:58 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2012-10-01 20:36 - 2012-10-01 20:36 - 01408624 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2016-06-30 15:58 - 2016-06-30 15:58 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-30 15:58 - 2016-06-30 15:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-30 15:58 - 2016-06-30 15:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-30 15:58 - 2016-06-30 15:58 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 22:29 - 2016-05-25 06:34 - 00061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-06-30 22:29 - 2016-05-25 06:34 - 00110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2016-06-30 17:28 - 2016-06-30 17:30 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-06-30 17:28 - 2016-06-30 17:30 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-06-30 19:16 - 2016-06-30 19:16 - 00679624 _____ () C:\Users\Yeshua\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

HKU\S-1-5-21-655074763-3298216413-123103994-1000\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-655074763-3298216413-123103994-1000\...\dell.com -> dell.com

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-655074763-3298216413-123103994-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\...\StartupApproved\Run32: => "ADSKAppManager"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{CE4EAF29-DCF2-4A11-BAA2-09503BEEC4BF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9A54C728-C7B5-4398-A926-A56116F5B01F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B8F9FC94-7A49-4C88-B488-01750B13701D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CD525940-8A28-4AAF-AD6B-A0BC63422B24}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C740C31D-3DC5-4153-8DA2-5E7DE5D76555}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2012D80D-562E-4990-BB92-9A8E3165BC49}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{EB090A39-73EE-41BC-83C6-8AED1DCFC016}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4EA89222-8296-4224-9277-77ED3CA74EDA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{228A016F-56A0-4A93-9B18-285105C143E7}] => (Allow) C:\Users\Yeshua\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{09443640-30ED-4B9B-8D3E-8CABD653FB9D}] => (Allow) C:\Users\Yeshua\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC43FBC2-1E95-477D-9D1E-ABA83436555C}] => (Allow) C:\Users\Yeshua\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{50AB423C-01A7-4E13-BBC8-46ACF14A348E}] => (Allow) C:\Users\Yeshua\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{49972D39-0D83-4B86-B70F-9531EE04EC59}] => (Allow) C:\Users\Yeshua\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D44FFA9B-B314-4836-9C04-FE631EC6D6C6}] => (Allow) C:\Users\Yeshua\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E68C3885-FF67-4D70-8D56-41A2D77076CC}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{A250FDED-0F68-4D28-9C55-32E1BB1AAC60}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{748BC1CF-C7D5-4C1C-AA62-4F6406265D0F}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{F1448571-14CB-4B9F-AD87-386126F8EEBF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe

==================== Pontos de Restauração =========================

ATENÇÃO: A Restauração do Sistema está desabilitada

==================== Dispositivos Apresentando Falhas No Gerenciador =============

==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/11/2016 12:49:21 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: O processo de logon do Windows foi encerrado inesperadamente.

Error: (07/09/2016 04:21:23 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: O processo de logon do Windows foi encerrado inesperadamente.

Error: (07/08/2016 07:45:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.10586.20, carimbo de data/hora: 0x56540c35
Nome do módulo com falha: msvcrt.dll, versão: 7.0.10586.0, carimbo de data/hora: 0x5632d79e
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000073c9a
ID do processo com falha: 0xbc4
Hora de início do aplicativo com falha: 0xmicrosoftedgecp.exe0
Caminho do aplicativo com falha: microsoftedgecp.exe1
Caminho do módulo com falha: microsoftedgecp.exe2
ID do Relatório: microsoftedgecp.exe3
Nome completo do pacote com falha: microsoftedgecp.exe4
ID do aplicativo relativo ao pacote com falha: microsoftedgecp.exe5

Error: (07/08/2016 10:07:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.10586.20, carimbo de data/hora: 0x56540c35
Nome do módulo com falha: msvcrt.dll, versão: 7.0.10586.0, carimbo de data/hora: 0x5632d79e
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000073cc6
ID do processo com falha: 0x2588
Hora de início do aplicativo com falha: 0xmicrosoftedgecp.exe0
Caminho do aplicativo com falha: microsoftedgecp.exe1
Caminho do módulo com falha: microsoftedgecp.exe2
ID do Relatório: microsoftedgecp.exe3
Nome completo do pacote com falha: microsoftedgecp.exe4
ID do aplicativo relativo ao pacote com falha: microsoftedgecp.exe5

Error: (07/06/2016 06:55:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.10586.20, carimbo de data/hora: 0x56540c35
Nome do módulo com falha: iertutil.dll, versão: 11.0.10586.420, carimbo de data/hora: 0x574916a8
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000029f6c
ID do processo com falha: 0x2e8
Hora de início do aplicativo com falha: 0xmicrosoftedgecp.exe0
Caminho do aplicativo com falha: microsoftedgecp.exe1
Caminho do módulo com falha: microsoftedgecp.exe2
ID do Relatório: microsoftedgecp.exe3
Nome completo do pacote com falha: microsoftedgecp.exe4
ID do aplicativo relativo ao pacote com falha: microsoftedgecp.exe5

Error: (07/06/2016 06:47:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.10586.20, carimbo de data/hora: 0x56540c35
Nome do módulo com falha: msvcrt.dll, versão: 7.0.10586.0, carimbo de data/hora: 0x5632d79e
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000073c9a
ID do processo com falha: 0x278
Hora de início do aplicativo com falha: 0xmicrosoftedgecp.exe0
Caminho do aplicativo com falha: microsoftedgecp.exe1
Caminho do módulo com falha: microsoftedgecp.exe2
ID do Relatório: microsoftedgecp.exe3
Nome completo do pacote com falha: microsoftedgecp.exe4
ID do aplicativo relativo ao pacote com falha: microsoftedgecp.exe5

Error: (07/04/2016 10:16:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.10586.20, carimbo de data/hora: 0x56540c35
Nome do módulo com falha: msvcrt.dll, versão: 7.0.10586.0, carimbo de data/hora: 0x5632d79e
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000073b20
ID do processo com falha: 0x20bc
Hora de início do aplicativo com falha: 0xmicrosoftedgecp.exe0
Caminho do aplicativo com falha: microsoftedgecp.exe1
Caminho do módulo com falha: microsoftedgecp.exe2
ID do Relatório: microsoftedgecp.exe3
Nome completo do pacote com falha: microsoftedgecp.exe4
ID do aplicativo relativo ao pacote com falha: microsoftedgecp.exe5

Error: (07/03/2016 03:17:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.10586.20, carimbo de data/hora: 0x56540c35
Nome do módulo com falha: msvcrt.dll, versão: 7.0.10586.0, carimbo de data/hora: 0x5632d79e
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000073c9a
ID do processo com falha: 0x2e68
Hora de início do aplicativo com falha: 0xmicrosoftedgecp.exe0
Caminho do aplicativo com falha: microsoftedgecp.exe1
Caminho do módulo com falha: microsoftedgecp.exe2
ID do Relatório: microsoftedgecp.exe3
Nome completo do pacote com falha: microsoftedgecp.exe4
ID do aplicativo relativo ao pacote com falha: microsoftedgecp.exe5

Error: (07/03/2016 02:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.10586.20, carimbo de data/hora: 0x56540c35
Nome do módulo com falha: msvcrt.dll, versão: 7.0.10586.0, carimbo de data/hora: 0x5632d79e
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000073b25
ID do processo com falha: 0x278
Hora de início do aplicativo com falha: 0xmicrosoftedgecp.exe0
Caminho do aplicativo com falha: microsoftedgecp.exe1
Caminho do módulo com falha: microsoftedgecp.exe2
ID do Relatório: microsoftedgecp.exe3
Nome completo do pacote com falha: microsoftedgecp.exe4
ID do aplicativo relativo ao pacote com falha: microsoftedgecp.exe5

Error: (07/03/2016 01:30:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.10586.20, carimbo de data/hora: 0x56540c35
Nome do módulo com falha: iertutil.dll, versão: 11.0.10586.420, carimbo de data/hora: 0x574916a8
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000029f6c
ID do processo com falha: 0x16ec
Hora de início do aplicativo com falha: 0xmicrosoftedgecp.exe0
Caminho do aplicativo com falha: microsoftedgecp.exe1
Caminho do módulo com falha: microsoftedgecp.exe2
ID do Relatório: microsoftedgecp.exe3
Nome completo do pacote com falha: microsoftedgecp.exe4
ID do aplicativo relativo ao pacote com falha: microsoftedgecp.exe5

Erros de Sistema:
=============
Error: (07/11/2016 03:25:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058 = O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.

Error: (07/11/2016 03:25:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 12:42:45 do dia ‎11/‎07/‎2016 não era esperado.

Error: (07/11/2016 03:23:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_521948c foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (07/11/2016 12:49:21 PM) (Source: DCOM) (EventID: 10010) (User: Yeshua-PC)
Description: {0002DF02-0000-0000-C000-000000000046}

Error: (07/11/2016 12:49:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_419371d foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (07/10/2016 10:34:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_3940318 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (07/10/2016 09:13:40 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (07/10/2016 04:27:20 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (07/10/2016 04:07:06 PM) (Source: DCOM) (EventID: 10016) (User: Yeshua-PC)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Yeshua-PCYeshuaS-1-5-21-655074763-3298216413-123103994-1000LocalHost (Usando LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

Error: (07/09/2016 04:21:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_378818e foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

CodeIntegrity:
===================================
Date: 2016-07-07 19:26:26.517
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-07-05 11:03:47.876
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthCopyHook.dll that did not meet the Store signing level requirements.

Date: 2016-07-02 11:04:38.342
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-07-02 11:04:38.313
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

Date: 2016-07-02 11:04:38.278
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.

Date: 2016-07-02 11:04:38.226
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-07-02 11:04:38.181
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

Date: 2016-07-02 11:04:38.130
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.

Date: 2016-07-02 11:04:37.230
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2016-07-02 11:04:37.066
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
Percentagem de memória em uso: 36%
RAM física total: 8152.91 MB
RAM física disponível: 5174.89 MB
Virtual Total: 16344.91 MB
Virtual disponível: 13133.15 MB

==================== Drives ================================

Drive c: (Windows 10) (Fixed) (Total:96.73 GB) (Free:34.09 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive j: (DVD) (Removable) (Total:3.65 GB) (Free:0.42 GB) NTFS
Drive k: (Informática) (Fixed) (Total:488.28 GB) (Free:485.4 GB) NTFS
Drive p: (Profissional) (Fixed) (Total:488.28 GB) (Free:284.96 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1311F1E9)
Partition 1: (Active) - (Size=96.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1277.1 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 7E5EFADE)
Partition 1: (Active) - (Size=3.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=32 KB) - (Type=21)

==================== Fim de Addition.txt ============================

Signaler le contenu de ce document