cjoint

Publicité


Publicité

Commentaire : http://www.cjoint.com/c/FHumScHRelG

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 19-08-2016
Executado por Usuario (20-08-2016 09:35:49)
Executando a partir de C:\Users\Usuario\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-02-25 19:41:42)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-612379544-3706749691-2850370343-500 - Administrator - Disabled)
Convidado (S-1-5-21-612379544-3706749691-2850370343-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-612379544-3706749691-2850370343-1002 - Limited - Enabled)
Usuario (S-1-5-21-612379544-3706749691-2850370343-1000 - Administrator - Enabled) => C:\Users\Usuario

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-612379544-3706749691-2850370343-1000\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.2.152.26 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
AVG (HKLM\...\AvgZen) (Version: 1.81.2.29057 - AVG Technologies)
AVG (Version: 16.101.7752 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4335 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4647 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 19.4.0.518 - AVG Technologies)
AVG Zen (Version: 1.81.13 - AVG Technologies) Hidden
Baidu Browser (HKLM-x32\...\Spark) (Version: 43.18 Preview - Baidu Inc.)
ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 2.3.0.23 - Byte Technologies LLC) <==== ATENÇÃO
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver 1.3 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.3 - OEM)
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{2DCBB45E-AA03-4089-87E7-EC17E606D738}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
IHMC CmapTools v5.05.01 (HKLM-x32\...\IHMC CmapTools v5.05.01) (Version: 5.0.5.1 - Institute for Human & Machine Cognition)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
IPM 1.8 (HKLM-x32\...\{AADF4228-0772-4D43-92EB-B245E3A17B00}) (Version: 1.8 - OEM)
I-PowerGate v1.0 (HKLM-x32\...\{6855D62A-B38C-4A3C-B047-B5C362DF0665}) (Version: 1.0 - OEM)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.24.7 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.53.5 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 4.1.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 4.1.6 - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MetaFrame Presentation Server Web Client for Win32 (HKLM-x32\...\MetaFrame Presentation Server Web Client for Win32) (Version: - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MPC-HC 1.7.10.252 (e91b41e) Nightly (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10.252 - MPC-HC Team)
NTRU TCG Software Stack (Version: 2.1.28 - NTRU Cryptosystems) Hidden
Nuvoton SafeKeeper(TM) TPM Software (HKLM-x32\...\{87EE1E0B-809C-4B52-B1A7-AE59706D0C7B}) (Version: 6.0.4803.0003 - Nuvoton Technology Corporation)
OSD 1.10 (HKLM-x32\...\{5A9C96FE-1376-45E1-8556-C81255F0B5A7}) (Version: 1.10 - OEM)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PrtScr 1.5 (HKLM-x32\...\PrtScr_is1) (Version: - FireStarter)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.12.0 - Ralink)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0157 - REALTEK Semiconductor Corp.)
Secure Download Manager (HKLM-x32\...\{F0858165-B8DB-4347-89B8-6D9F882B9BF3}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Suplemento Microsoft Salvar como PDF para programas do Microsoft Office 2007 (HKLM-x32\...\{90120000-00B0-0416-0000-0000000FF1CE}) (Version: 12.0.4518.1019 - Microsoft Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
The Desktop Weather 2.0.1.11389 (HKLM\...\WeatherTool) (Version: 2.0.1.11389 - ShenZhen Enode Techology co,.Ltd) <==== ATENÇÃO
TweakBit FixMyPC (HKLM-x32\...\{CA7C4C80-24B8-4027-8849-0C302333C427}_is1) (Version: 1.7.1.3 - Auslogics Labs Pty Ltd)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visualizador do Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-0416-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Warsaw 1.12.4.14 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.4.14 - GAS Tecnologia)
Webcam 1.5 (HKLM-x32\...\{39B78651-6FD2-4752-BE68-C3BDB6F2D9EE}) (Version: 1.5 - OEM)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {1C7F543B-0F52-4728-9951-D8DD63744B14} - System32\Tasks\{5DBCE3DF-6B31-4295-A7CC-867868E1AB74} => pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2NVPW3Y\iGBPCEFgb.exe" -d C:\Users\Usuario\Desktop
Task: {33E8D48E-9481-423F-9F49-D5F06B576DC2} - System32\Tasks\Open Chrome => Chrome.exe --new-window hxxp://toolbar.avg.com/almost-done?pid=safeguard&lang=pt-br
Task: {488313F3-FB70-4ED5-BBB0-747ACDBB1A40} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-10] ()
Task: {4A76CF37-BBB4-4FE4-B541-777B615DAEBC} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2016-06-20] (Byte Technologies LLC) <==== ATENÇÃO
Task: {52C53128-085D-42F4-B325-5838CBB029E1} - System32\Tasks\{1E7D9296-57FB-4225-BD5E-60203A00D867} => C:\Users\Usuario\Downloads\iTunesSetup.exe [2016-05-21] ()
Task: {62FCAB35-49AD-4A2A-825F-ED59A41FE88C} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2016-06-20] (Byte Technologies LLC) <==== ATENÇÃO
Task: {8E168BA1-EAC1-4B9E-8BD9-A4B13C8DCC8F} - System32\Tasks\TweakBit\FixMyPC\Start FixMyPC оn logon => C:\Program Files (x86)\TweakBit\FixMyPC\FixMyPC.exe [2016-07-12] (TweakBit) <==== ATENÇÃO
Task: {9C4D315C-D06C-4418-9355-2A50156F56CC} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [2016-06-05] (Baidu.com, Inc.)
Task: {AE93307C-9643-4BF9-B60C-D6D63397CE81} - System32\Tasks\TweakBit\FixMyPC\Time for deal => C:\Program Files (x86)\TweakBit\FixMyPC\FixMyPC.exe [2016-07-12] (TweakBit) <==== ATENÇÃO
Task: {C3809594-F95F-4C14-AB21-82B17B2F0CF2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {D71DA433-10F6-47D9-A21B-3610CD58A073} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exeI--new-window hxxp:/toolbar.avg.com/

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Usuario\Desktop\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=1508&aff_id=1034&source=1&click_id=d2feaadf60467c7a88866eb164605160282fd945 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=1508&aff_id=1034&source=1&click_id=d2feaadf60467c7a88866eb164605160282fd945 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=1508&aff_id=1034&source=1&click_id=d2feaadf60467c7a88866eb164605160282fd945 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Public\Desktop\Facebook.lnk -> C:\Program Files (x86)\baidu\Baidu Browser\spark.exe () -> --useraction=facebook hxxp://www.facebook.com
ShortcutWithArgument: C:\Users\Public\Desktop\Google.lnk -> C:\Program Files (x86)\baidu\Baidu Browser\spark.exe () -> --useraction=google hxxp://www.google.com

==================== Módulos Carregados (Whitelisted) ==============

2013-03-19 11:38 - 2012-10-04 18:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2016-07-25 20:18 - 2016-07-25 20:18 - 00254264 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
2016-07-25 20:18 - 2016-07-25 20:18 - 00564024 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
2016-05-30 03:24 - 2016-05-30 03:24 - 00150640 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\WeatherService.exe
2016-05-30 03:30 - 2016-05-30 03:30 - 01049712 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\WeatherEntryDll.dll
2011-04-10 10:40 - 2011-04-10 10:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-01-14 10:03 - 2011-01-14 10:03 - 01108480 _____ () C:\Program Files (x86)\OEM\IPM 1.8\IPM.exe
2010-10-12 16:35 - 2010-10-12 16:35 - 00549376 _____ () C:\Program Files (x86)\OEM\OSD 1.10\SunflowerOSD.exe
2015-05-07 20:12 - 2016-07-01 20:22 - 02662472 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2016-05-29 11:36 - 2016-06-05 10:13 - 00983352 _____ () C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
2016-05-30 03:21 - 2016-05-30 03:21 - 00543344 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPTask.dll
2016-05-30 03:20 - 2016-05-30 03:20 - 00406640 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPNet.dll
2016-05-30 03:19 - 2016-05-30 03:19 - 00428656 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPDR.dll
2016-05-30 03:20 - 2016-05-30 03:20 - 00747120 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPKernel.dll
2016-05-30 03:20 - 2016-05-30 03:20 - 00327280 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPHelp.dll
2009-11-17 17:21 - 2009-11-17 17:21 - 00092160 _____ () C:\Program Files (x86)\OEM\IPM 1.8\SoilIO.dll
2011-01-14 10:04 - 2011-01-14 10:04 - 00207360 _____ () C:\Program Files (x86)\OEM\IPM 1.8\vista.dll
2009-11-17 17:21 - 2009-11-17 17:21 - 00092160 _____ () C:\Program Files (x86)\OEM\OSD 1.10\SoilIO.dll
2010-09-24 09:49 - 2010-09-24 09:49 - 16138240 _____ () C:\Program Files (x86)\OEM\OSD 1.10\Media.dll
2016-05-18 20:37 - 2016-05-18 20:37 - 00527944 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\log4cplusU.dll
2016-01-04 19:29 - 2016-04-17 08:35 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2013-03-12 10:47 - 2013-03-12 10:47 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9a6476e0725c79a5e8787d0d2f83c458\IsdiInterop.ni.dll
2011-06-28 16:48 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 01018168 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdxui.dll
2016-08-17 19:14 - 2016-08-02 21:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-17 19:14 - 2016-08-02 21:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 00430904 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdminiopenssl.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 00219448 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdbrowsertray.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 00410936 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdxctrl.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 00521016 _____ () C:\Program Files (x86)\baidu\Baidu Browser\xnet.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 00276792 _____ () C:\Program Files (x86)\baidu\Baidu Browser\p2squery.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 00321848 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdaccount.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 00581432 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdstatreport.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 00116024 _____ () C:\Program Files (x86)\baidu\Baidu Browser\SparkSafe.dll
2016-05-29 11:37 - 2016-05-29 11:37 - 00083088 _____ () C:\Users\Usuario\AppData\Roaming\baidu\Spark\sysdata\ExtApp\SnapImg\SnapImg.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 01281848 _____ () C:\Program Files (x86)\baidu\Baidu Browser\libglesv2.dll
2016-05-29 11:36 - 2016-06-05 10:13 - 00080696 _____ () C:\Program Files (x86)\baidu\Baidu Browser\libegl.dll
2016-05-29 11:36 - 2015-06-19 01:38 - 14965064 _____ () C:\Program Files (x86)\baidu\Baidu Browser\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:A2D5F572_Bb.gbp [2]
AlternateDataStreams: C:\Windows\System32:A2D5F572_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2770]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-612379544-3706749691-2850370343-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-612379544-3706749691-2850370343-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-612379544-3706749691-2850370343-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-612379544-3706749691-2850370343-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2016-08-19 10:45 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Existem ainda 4 mais linhas.


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-612379544-3706749691-2850370343-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{78C0DCF3-FD4D-4CA5-AEDD-DF852ECFEB18}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{91850521-3058-4DDA-A45A-568250E3987F}] => (Allow) LPort=2869
FirewallRules: [{85F25A7F-EA79-4837-811D-F0AC25994163}] => (Allow) LPort=1900
FirewallRules: [{7122E6BD-8824-4591-87B0-F37729503E14}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{129B24A6-574D-4DE4-A2B0-173AD91B7042}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{9D6F96C3-E261-4389-B76B-A4A6D8B158D4}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{A6955C27-AA02-432D-BCCA-DA979653BCB3}C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe
FirewallRules: [UDP Query User{150D0F55-A150-4A82-AE0A-28CEC4EC1D73}C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe
FirewallRules: [{9F6495F6-9DBA-4335-84E0-AD33AFA88B7F}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6D87519B-BA52-4B32-80A7-1B1D2C82057C}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4FA63CE9-F43B-4EB3-BCDF-A4320AD2DE85}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{25487145-1FA5-4542-8493-88AD253B4CF4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{E3BED237-B1A6-4F31-9840-49A7554D105A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BA6492DC-B4BF-4029-A6B6-69FC2E86765F}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{99AF8B39-04F9-4C96-81FA-B0FFBDC5EF0F}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{E87D053C-1954-442B-B0A2-4A9E27BA8DFC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{10FDAE9E-B062-49DD-9055-37FBA412BEE6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{9AD570F3-AEF7-4AE7-8B57-5A2083247D8A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{2A973628-0A13-41AF-9F53-720CEA9F0F60}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{5D063A80-FF2F-4806-B6D3-6E98884DB5C7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{3E71CA74-CF46-4A41-9E1C-5836CC5872DC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{60ED44F0-86FC-467F-AC4E-8F49E45BC084}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

10-07-2016 15:28:49 Windows Update
22-07-2016 11:24:19 Ponto de Verificação Agendado
18-08-2016 16:44:44 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
18-08-2016 17:30:16 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
19-08-2016 19:54:08 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
19-08-2016 19:59:19 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
19-08-2016 20:02:20 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Warsaw - Driver (PP)
Description: Warsaw - Driver (PP)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wsddpp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (08/20/2016 09:26:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a
Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ce3b
Identificação do processo com falha: 0x1b54
Hora de início do aplicativo com falha: 0xcore.exe0
Caminho do aplicativo com falha: core.exe1
FCaminho do módulo de falhas: core.exe2
Identificação do Relatório: core.exe3

Error: (08/20/2016 01:04:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a
Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ce3b
Identificação do processo com falha: 0x1990
Hora de início do aplicativo com falha: 0xcore.exe0
Caminho do aplicativo com falha: core.exe1
FCaminho do módulo de falhas: core.exe2
Identificação do Relatório: core.exe3

Error: (08/19/2016 11:04:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a
Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ce3b
Identificação do processo com falha: 0x1e7c
Hora de início do aplicativo com falha: 0xcore.exe0
Caminho do aplicativo com falha: core.exe1
FCaminho do módulo de falhas: core.exe2
Identificação do Relatório: core.exe3

Error: (08/19/2016 09:04:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a
Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ce3b
Identificação do processo com falha: 0x125c
Hora de início do aplicativo com falha: 0xcore.exe0
Caminho do aplicativo com falha: core.exe1
FCaminho do módulo de falhas: core.exe2
Identificação do Relatório: core.exe3

Error: (08/19/2016 07:04:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a
Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ce3b
Identificação do processo com falha: 0x18bc
Hora de início do aplicativo com falha: 0xcore.exe0
Caminho do aplicativo com falha: core.exe1
FCaminho do módulo de falhas: core.exe2
Identificação do Relatório: core.exe3

Error: (08/19/2016 05:04:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a
Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ce3b
Identificação do processo com falha: 0x16d0
Hora de início do aplicativo com falha: 0xcore.exe0
Caminho do aplicativo com falha: core.exe1
FCaminho do módulo de falhas: core.exe2
Identificação do Relatório: core.exe3

Error: (08/19/2016 12:45:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a
Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ce3b
Identificação do processo com falha: 0xae0
Hora de início do aplicativo com falha: 0xcore.exe0
Caminho do aplicativo com falha: core.exe1
FCaminho do módulo de falhas: core.exe2
Identificação do Relatório: core.exe3

Error: (08/18/2016 04:26:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a
Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ce3b
Identificação do processo com falha: 0xbf8
Hora de início do aplicativo com falha: 0xcore.exe0
Caminho do aplicativo com falha: core.exe1
FCaminho do módulo de falhas: core.exe2
Identificação do Relatório: core.exe3

Error: (08/17/2016 08:20:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: core.exe, versão: 2.8.3.15131, carimbo de hora: 0x576a791a
Nome do módulo de falhas: wsbrmu.dll, versão: 1.12.1.15176, carimbo de hora: 0x576aee6b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ce3b
Identificação do processo com falha: 0xc24
Hora de início do aplicativo com falha: 0xcore.exe0
Caminho do aplicativo com falha: core.exe1
FCaminho do módulo de falhas: core.exe2
Identificação do Relatório: core.exe3

Error: (08/17/2016 06:56:28 PM) (Source: MsiInstaller) (EventID: 11706) (User: AUTORIDADE NT)
Description: SA_Error1709: StandardAction(0xC00706AD): Produto: AVG 2014 -- Erro 1706. SA_Error1706: StandardAction(0xC00706AA): Não é possível encontrar um pacote de instalação para o produto AVG 2014. Experimente a instalação novamente utilizando uma cópia válida do pacote de instalação 'Avgx64.msi'.


Erros de Sistema:
=============
Error: (08/20/2016 09:27:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 7 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (08/20/2016 01:04:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 6 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (08/20/2016 12:44:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço de Notificação da SPP terminou com o erro:
%%5 = Acesso negado.

Error: (08/19/2016 11:44:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço de Notificação da SPP terminou com o erro:
%%5 = Acesso negado.

Error: (08/19/2016 11:04:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 5 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (08/19/2016 10:44:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço de Notificação da SPP terminou com o erro:
%%5 = Acesso negado.

Error: (08/19/2016 09:44:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço de Notificação da SPP terminou com o erro:
%%5 = Acesso negado.

Error: (08/19/2016 09:04:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 4 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (08/19/2016 08:44:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço de Notificação da SPP terminou com o erro:
%%5 = Acesso negado.

Error: (08/19/2016 07:44:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço de Notificação da SPP terminou com o erro:
%%5 = Acesso negado.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentagem de memória em uso: 73%
RAM física total: 3557.7 MB
RAM física disponível: 937.08 MB
Virtual Total: 7113.58 MB
Virtual disponível: 2497.96 MB

==================== Drives ================================

Drive c: (Sistema) (Fixed) (Total:457.95 GB) (Free:415.04 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Not Active) - (Size=7.8 GB) - (Type=DE)
Partition 2: (Active) - (Size=457.9 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité