cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 16-11-2016
Executado por DAYMY (18-11-2016 13:21:27)
Executando a partir de C:\Users\DAYMY\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-10-30 03:14:40)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-3648842567-3664319679-3152308526-500 - Administrator - Disabled)
Convidado (S-1-5-21-3648842567-3664319679-3152308526-501 - Limited - Disabled)
DAYMY (S-1-5-21-3648842567-3664319679-3152308526-1000 - Administrator - Enabled) => C:\Users\DAYMY
HomeGroupUser$ (S-1-5-21-3648842567-3664319679-3152308526-1002 - Limited - Enabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

7-Data Recovery Suite version 3.6.0 (HKLM-x32\...\{02386A56-080B-485c-941D-AF96B29140DD}_is1) (Version: 3.6.0 - SharpNight Co,Ltd)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11382 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11382 - MEIXIAN XIE) <==== ATENÇÃO
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AVG (HKLM\...\AvgZen) (Version: 1.111.2.45832 - AVG Technologies)
AVG (Version: 16.121.7859 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4664 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.121.7859 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
AVG Zen (Version: 1.111.9 - AVG Technologies) Hidden
BingProvidedSearch (HKLM-x32\...\{47AAAF6A-172A-7EEA-A6AA-0E6A762ADDEA}) (Version: - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.56 - Atheros Communications)
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATENÇÃO
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.235.19 - Broadcom Corporation)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
cleaner 1.0.1 (HKLM-x32\...\cleaner) (Version: - cleaner)
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.1.661 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM T (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.1 - Corel Corporation) Hidden
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
IPM_Installer (Version: 2.2 - Your Company Name) Hidden
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.4266.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3648842567-3664319679-3152308526-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Pacote de Driver do Windows - Intel (NETwLv64) net (10/07/2010 13.4.0.139) (HKLM\...\EA1C8ECD4E416637C38F0079F98C8C7B0A112265) (Version: 10/07/2010 13.4.0.139 - Intel)
Pacote de Driver do Windows - Intel (NETwNs64) net (12/21/2010 14.0.1.2) (HKLM\...\1375ECB1EA968F5600A8606ED32CFC24D51A6054) (Version: 12/21/2010 14.0.1.2 - Intel)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {1170A234-94C2-4442-BCDA-AC518FB67EBD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-05] (Microsoft Corporation)
Task: {12C0204B-3707-46EB-9B1E-3988ACEDA049} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-06-24] (Corel Corporation)
Task: {155E8304-AFA8-4089-B0C0-892AA823574F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {17843ECD-ED1C-420B-A95D-37E38C2CF37E} - System32\Tasks\PPI Update => "hxxp://insightlk.com/download/index.php?mn=9995" <==== ATENÇÃO
Task: {1DA7B739-297D-4C0A-8AF1-C6145A24EAA9} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {20AF474F-24E5-4BFF-B56E-76F0AF335576} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {20FFD196-9DB4-4E9B-ADD3-A48FE9AA4007} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-02] (Google Inc.)
Task: {33AF6924-318D-47D6-AE94-75932FF9C7A9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {34AAD148-AC06-4119-BBD0-67D6425A2374} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {34C0BC6A-4AC4-4B48-81AC-CE44AB6F8F03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-02] (Google Inc.)
Task: {3DD7CBB2-D90C-4F53-BD12-ED729AC15179} - System32\Tasks\{2AB3466B-B25F-D645-62F1-6140D9F9ECF1} => C:\Users\DAYMY\AppData\Local\2AB346~1\SyncTask.exe <==== ATENÇÃO
Task: {44DA1E42-0658-45DC-B843-349AD669F578} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation)
Task: {4FCAEEB3-8600-45C8-92C9-236BF055A3AE} - System32\Tasks\ChelfNotify Task => C:\ProgramData\ChelfNotify\BrowserUpdate.exe [2016-06-29] (Tencent) <==== ATENÇÃO
Task: {57F0710E-7525-470D-B974-9AA42AA8CBB3} - System32\Tasks\{E3278695-75BD-4E07-882B-04B2F8060F0A} => pcalua.exe -a "C:\Users\DAYMY\Desktop\RECUPERADOS\1 NTFS\FicheirosPerdidos\Users\DAYMY\Documents\DRIVERS ACER 5750\Audio_Realtek_6.0.1.6339_W7x64_A\Audio_Realtek_6.0.1.6339_W7x64\Setup.exe" -d "C:\Users\DAYMY\Desktop\RECUPERADOS\1 NTFS\FicheirosPerdidos\Users\DAYMY\Documents\DRIVERS ACER 5750\Audio_Realtek_6.0 (a entrada de dados tem 47 mais caracteres).
Task: {59360C94-DB68-4820-BE02-EB7CFCE7D133} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation)
Task: {65C69DC2-70E9-4504-8CE3-820EA654EE1D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-05] (Microsoft Corporation)
Task: {70C01AD3-43BE-453A-8F37-711AD53342DC} - System32\Tasks\{806A2031-D809-4893-B71F-CCA87F78ECF5} => pcalua.exe -a "C:\Program Files (x86)\sunnyday\uninstaller.exe"
Task: {84657F93-2037-4267-BB74-DB7506D229F0} - System32\Tasks\edd2563489cbb90cb69a57d7497f2e4b => Rundll32.exe "C:\Program Files (x86)\Microsoft Silverlight\n4hdxy.dll",e62dc6c6547f46bda862da2d05af6862 <==== ATENÇÃO
Task: {A05C5B68-C89E-4B8F-A8BE-6EA18FFC5193} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {CE3FB8A4-EA48-4557-A209-59C1C32BCD91} - System32\Tasks\updengine => C:\Program Files (x86)\OtherSearch\updengine.exe <==== ATENÇÃO
Task: {D9529A2B-A724-4279-953A-61F9ABC9BA9B} - System32\Tasks\{FBD88A0B-9D12-44F2-893F-D56411FE1A0A} => pcalua.exe -a "C:\Users\DAYMY\Desktop\RECUPERADOS\1 NTFS\FicheirosPerdidos\Users\DAYMY\Documents\DRIVERS ACER 5750\TouchPad_ELANTECH_11.6.2.1_W7x64W7x86_A\TouchPad_Elantech_11.6.2.1_W8x86x64\Setup.exe" -d "C:\Users\DAYMY\Desktop\RECUPERADOS\1 NTFS\FicheirosPerdidos\Users\DAYMY\Documents\DRIVERS ACER 5750\Touch (a entrada de dados tem 71 mais caracteres).
Task: {D9AB2AAD-B449-48F2-A552-2C4EDF7B57B1} - System32\Tasks\Phimeledrgacult Host => C:\Program Files (x86)\Pherfecult\atemient.exe [2016-11-05] (Glarysoft Ltd)
Task: {EBCEE225-7448-4CDC-8FB3-58726BA2C0B3} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\{2AB3466B-B25F-D645-62F1-6140D9F9ECF1}.job => C:\Users\DAYMY\AppData\Local\2AB346~1\SyncTask.exe <==== ATENÇÃO

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\DAYMY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\DAYMY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

==================== Módulos Carregados (Whitelisted) ==============

2016-11-05 19:49 - 2016-10-18 15:57 - 00753152 _____ () C:\Windows\system32\chtbrkg.dll
2016-11-03 02:14 - 2016-11-03 02:12 - 00980552 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-05-20 00:02 - 2016-05-20 00:02 - 00152688 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11382\CalendarEntry.dll
2016-11-05 19:49 - 2016-10-18 15:57 - 00753152 _____ () C:\Windows\System32\chtbrkg.dll
2016-11-05 17:58 - 2015-08-16 00:21 - 00162880 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2016-11-01 11:25 - 2011-03-25 22:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2016-11-03 02:14 - 2016-11-03 02:12 - 02180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-05-20 00:02 - 2016-05-20 00:02 - 00151152 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11382\CalendarServ.exe
2016-05-20 00:02 - 2016-05-20 00:02 - 03933296 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11382\Calendar.exe
2016-11-14 23:40 - 2016-11-08 19:03 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-14 23:40 - 2016-11-08 19:03 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-11-03 01:56 - 2016-11-03 01:55 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-11-05 19:43 - 2016-11-05 19:43 - 00277504 _____ () c:\program files (x86)\pherfecult\rrglog.dll
2016-11-18 12:47 - 2016-11-18 12:47 - 01993508 _____ () C:\Program Files (x86)\ivfe0fdq\{56D918D3-3F6C-488A-9EED-C3C88EEBE3FF}\752oyi4d.6kv
2016-05-20 00:02 - 2016-05-20 00:02 - 00543344 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11382\EVPTask.dll
2016-05-20 00:02 - 2016-05-20 00:02 - 00406640 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11382\EVPNet.dll
2016-05-20 00:02 - 2016-05-20 00:02 - 00428656 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11382\EVPDR.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bsdpf64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bsdpr64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bsdpf64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bsdpr64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine => ""="service"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:34 - 2016-11-11 15:55 - 00001103 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3648842567-3664319679-3152308526-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DAYMY\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{8B44F08D-6255-437E-A0F9-A579DBC08337}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{0E001D55-0DA1-49B7-8D69-224FC88DEF4F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
FirewallRules: [{E5D2E4D1-C729-4031-B3E9-A581F2B3A41C}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
FirewallRules: [{0E6A6D74-0D0C-49F6-9C16-1159D84280E0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{B3FD28C9-8C1F-4D49-9B78-BC84945177D5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{2E245E4C-764D-4C1C-A968-A71752C648B2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{78BC7FB7-5C35-49F1-96A7-B7FFBE29572E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{81C53763-60E3-495B-A7F7-DE1D8858F0E2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{046C0903-EFC4-4135-AE98-A38A48C26B71}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{25DB85F9-97BA-4DD7-8458-3C0BD1EA7C58}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C2B1A453-37AC-4652-9359-C2B1CFCABDE7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2266A440-9A16-46EA-9108-2920A7EF7523}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{EADEDDED-C933-4A82-9EBB-60F2E6520184}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{508AFEB0-A29B-4737-BDF9-19F01E243245}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B3864825-E59B-4BD7-B3ED-2F5F445A630A}] => (Allow) C:\Users\DAYMY\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{B09ABF37-5F85-42CE-BFDC-49F8332B700D}C:\users\daymy\appdata\local\temp\is-fs08h.tmp\download\minithunderplatform.exe] => (Block) C:\users\daymy\appdata\local\temp\is-fs08h.tmp\download\minithunderplatform.exe
FirewallRules: [UDP Query User{9D7C3418-12C9-4D8A-A6BA-6A81CDED29F2}C:\users\daymy\appdata\local\temp\is-fs08h.tmp\download\minithunderplatform.exe] => (Block) C:\users\daymy\appdata\local\temp\is-fs08h.tmp\download\minithunderplatform.exe
FirewallRules: [{9F0861F3-B043-4F45-B8AA-2F588116C0B2}] => (Allow) C:\Users\DAYMY\AppData\Local\Temp\is-FS08H.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{5958C3BA-9FA4-4E3E-91BC-21DC645BC093}] => (Allow) C:\Users\DAYMY\AppData\Local\Temp\00000480\inst_buychannel_07.exe
FirewallRules: [{64FAD1E1-B16F-4306-A9AC-F32E9B4ED2BE}] => (Allow) C:\Users\DAYMY\AppData\Local\Temp\00000480\inst_buychannel_07.exe
FirewallRules: [{FDF4B68A-864C-4434-AD1C-CC51FCE181F3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

02-11-2016 08:32:18 Windows Update
02-11-2016 14:57:03 Backup do Windows
02-11-2016 18:05:01 Backup do Windows
02-11-2016 20:43:09 Windows Update
02-11-2016 23:22:30 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
02-11-2016 23:23:25 Windows Update
02-11-2016 23:29:57 Microsoft Visual Studio Tools for Applications 2015
02-11-2016 23:53:51 Removed Skype™ 7.3
02-11-2016 23:56:33 Installed Intel(R) PROSet/Wireless WiFi Software.
03-11-2016 02:04:34 Installed AVG 2016
03-11-2016 02:05:06 Installed AVG
03-11-2016 02:35:31 Windows Update
03-11-2016 18:43:33 Windows Update
05-11-2016 17:35:05 Removed Microsoft Office Enterprise 2007
05-11-2016 17:39:27 Removed Microsoft Office Enterprise 2007

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Controlador de barramento SM
Description: Controlador de barramento SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controlador de comunicação PCI simples
Description: Controlador de comunicação PCI simples
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (11/18/2016 12:46:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\DAYMY\AppData\Local\chromium\Application\chrome.exe".
Assembly dependente 51.0.2672.0,language="*",type="win32",version="51.0.2672.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (11/16/2016 01:21:52 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\DAYMY\AppData\Local\chromium\Application\chrome.exe".
Assembly dependente 51.0.2672.0,language="*",type="win32",version="51.0.2672.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (11/13/2016 11:02:10 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: O backup não foi concluído devido a um erro ao gravar no local de backup E:\. Erro: O local de backup não foi encontrado ou não é válido. Examine as configurações de backup e verifique o local de backup. (0x81000006).

Error: (11/13/2016 10:51:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\DAYMY\AppData\Local\chromium\Application\chrome.exe".
Assembly dependente 51.0.2672.0,language="*",type="win32",version="51.0.2672.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (11/12/2016 12:53:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\DAYMY\AppData\Local\chromium\Application\chrome.exe".
Assembly dependente 51.0.2672.0,language="*",type="win32",version="51.0.2672.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (11/11/2016 04:04:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\System32\systemcpl.dll".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (11/11/2016 04:01:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\DAYMY\AppData\Local\chromium\Application\chrome.exe".
Assembly dependente 51.0.2672.0,language="*",type="win32",version="51.0.2672.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (11/11/2016 03:48:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\DAYMY\AppData\Local\chromium\Application\chrome.exe".
Assembly dependente 51.0.2672.0,language="*",type="win32",version="51.0.2672.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (11/09/2016 02:11:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\DAYMY\AppData\Local\chromium\Application\chrome.exe".
Assembly dependente 51.0.2672.0,language="*",type="win32",version="51.0.2672.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (11/09/2016 12:05:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\DAYMY\AppData\Local\chromium\Application\chrome.exe".
Assembly dependente 51.0.2672.0,language="*",type="win32",version="51.0.2672.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.


Erros de Sistema:
=============
Error: (11/18/2016 12:53:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "DAYMY-1 :20" não pôde ser registrado na interface com o endereço IP 192.168.1.16.
O computador de endereço IP 192.168.1.11 não permitiu que o nome fosse reivindicado por
este computador.

Error: (11/18/2016 12:53:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "DAYMY-1 :0" não pôde ser registrado na interface com o endereço IP 192.168.1.16.
O computador de endereço IP 192.168.1.11 não permitiu que o nome fosse reivindicado por
este computador.

Error: (11/18/2016 12:53:21 PM) (Source: Server) (EventID: 2505) (User: )
Description: O servidor não pôde ligar-se com o transporte \Device\NetBT_Tcpip_{7D8D1DA6-7870-4D8F-A968-953C6D18CCA6} porque outro computador na rede tem o mesmo nome. Não foi possível iniciar o servidor.

Error: (11/18/2016 12:49:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço iThemes5 está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.

Error: (11/18/2016 12:47:02 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "DAYMY-1 :20" não pôde ser registrado na interface com o endereço IP 192.168.1.16.
O computador de endereço IP 192.168.1.11 não permitiu que o nome fosse reivindicado por
este computador.

Error: (11/18/2016 12:47:02 PM) (Source: Server) (EventID: 2505) (User: )
Description: O servidor não pôde ligar-se com o transporte \Device\NetBT_Tcpip_{7D8D1DA6-7870-4D8F-A968-953C6D18CCA6} porque outro computador na rede tem o mesmo nome. Não foi possível iniciar o servidor.

Error: (11/18/2016 12:46:25 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para FailureActions com o seguinte erro:
Acesso negado.

Error: (11/18/2016 12:46:17 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "DAYMY-1 :0" não pôde ser registrado na interface com o endereço IP 192.168.1.16.
O computador de endereço IP 192.168.1.11 não permitiu que o nome fosse reivindicado por
este computador.

Error: (11/18/2016 12:46:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para FailureActions com o seguinte erro:
Acesso negado.

Error: (11/18/2016 12:46:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço 13505997eefd5c48fc2da5dc4dec00a4 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.


CodeIntegrity:
===================================
Date: 2016-11-18 13:21:24.676
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-18 13:14:47.516
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-18 12:55:54.209
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-18 12:46:09.123
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-16 02:16:24.465
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-16 01:38:41.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-16 01:21:17.688
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-13 23:01:35.175
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-13 22:51:22.793
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-12 00:59:52.437
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentagem de memória em uso: 65%
RAM física total: 8043.86 MB
RAM física disponível: 2784.02 MB
Virtual Total: 16085.91 MB
Virtual disponível: 11514.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:290.47 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8DB38DB3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité