cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-03-2017
Executado por ranking (12-04-2017 19:25:05)
Executando a partir de C:\Users\ranking\Downloads
Windows 8 Pro (X64) (2016-11-29 23:17:24)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-218769943-847287720-2363422663-500 - Administrator - Disabled)
Convidado (S-1-5-21-218769943-847287720-2363422663-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-218769943-847287720-2363422663-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-218769943-847287720-2363422663-1000 - Limited - Disabled) => C:\Users\defaultuser0
ranking (S-1-5-21-218769943-847287720-2363422663-1001 - Administrator - Enabled) => C:\Users\ranking

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1202.1711.103 - Alps Electric)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software)
BitTorrent (HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\BitTorrent) (Version: 7.9.9.42974 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
IMVU Avatar Chat Software (HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\IMVU Avatar chat client software BETA) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.20 - IObit)
IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Maltego CE 4.0.11 (HKLM-x32\...\MaltegoCE 4.0.11) (Version: 4.0.11 - Paterva)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Nmap 5.21 (HKLM-x32\...\Nmap) (Version: 7.31 - )
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7830.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.10 (HKLM\...\{57682F33-488A-4065-8255-C3681A2B6F4E}) (Version: 5.1.10 - Oracle Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8018 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)
WhatsApp (HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\WhatsApp) (Version: 0.2.3699 - WhatsApp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {13FC188A-DF70-4FB8-A618-F7F12E580815} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-26] (Microsoft Corporation)
Task: {1766D154-DE86-4C75-8FB8-9D29842D91B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.)
Task: {34DA9C17-84CA-4B85-843D-A08A644AD7F0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-04] (AVAST Software)
Task: {3E084C19-5960-42E8-9099-C7F0A333014B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {66DDF2DE-A59F-4973-A80F-C2A7507C5BC8} - System32\Tasks\Uninstaller_SkipUac_ranking => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-01] (IObit)
Task: {6E9E6871-1791-4DD8-89A3-8B544A59E864} - System32\Tasks\SafeZone scheduled Autoupdate 1480465034 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {70CAC826-4286-40E7-A07F-8D80C149E17B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {736422C0-F327-47A2-9E68-E25A98EA8E14} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-21] (IObit)
Task: {777D7100-29D6-4FE8-B173-43798A88AAC0} - System32\Tasks\update-S-1-5-21-218769943-847287720-2363422663-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {8572E7F9-6CAA-4851-9E50-CCBA2AF75F5D} - System32\Tasks\{F55A1F8B-16F2-48EB-BCA3-1C62E6D23C13} => pcalua.exe -a F:\setup.exe -d F:\
Task: {92B2A313-9ACD-4524-BE46-D4F4250725C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.)
Task: {BE06283A-9873-48A3-A4D1-3509421471FE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-03-11] (AVAST Software)
Task: {C2B0992B-5618-4D35-ADD7-F1D2B6F28328} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {DD9D3D5B-B2A1-4C4C-8C4E-BB60B50578D2} - System32\Tasks\Driver Booster SkipUAC (ranking) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-25] (IObit)
Task: {EB2F9EB9-BC00-483A-93F8-B2401E7C7E81} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_ranking.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-218769943-847287720-2363422663-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-11 15:47 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-11 15:47 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-26 16:10 - 2016-11-26 16:10 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 16:02 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 16:02 - 2017-03-04 03:30 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-03-25 15:09 - 2017-03-09 16:31 - 02259968 _____ () C:\Users\ranking\AppData\Local\WhatsApp\app-0.2.3699\ffmpeg.dll
2017-03-25 15:09 - 2017-03-09 16:31 - 02917376 _____ () C:\Users\ranking\AppData\Local\WhatsApp\app-0.2.3699\libglesv2.dll
2017-03-25 15:09 - 2017-03-09 16:31 - 00095232 _____ () C:\Users\ranking\AppData\Local\WhatsApp\app-0.2.3699\libegl.dll
2017-04-12 15:25 - 2017-04-12 15:25 - 00486912 _____ () \\?\C:\Users\ranking\AppData\Local\Temp\4AB.tmp.node
2017-04-12 16:22 - 2017-04-12 16:22 - 00221184 _____ () \\?\C:\Users\ranking\AppData\Local\Temp\C2C4.tmp.node
2017-03-15 16:04 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 16:04 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 16:04 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-11 15:46 - 2017-03-28 02:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-11 15:46 - 2017-03-28 02:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-11 15:47 - 2017-03-28 02:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-18 20:45 - 2017-02-01 06:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-18 20:45 - 2017-02-01 06:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-04-04 19:22 - 2017-04-04 19:28 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-04-04 19:22 - 2017-04-04 19:28 - 22723584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-04-04 19:22 - 2017-04-04 19:28 - 00448512 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-04-04 19:21 - 2017-04-04 19:28 - 05427200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-11-30 05:32 - 2016-11-30 05:33 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-04-04 19:22 - 2017-04-04 19:28 - 00435712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-04-04 19:22 - 2017-04-04 19:28 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-04-04 19:22 - 2017-04-04 19:28 - 00547840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.dll
2017-04-04 23:37 - 2017-04-04 23:37 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-29 21:12 - 2016-11-29 21:12 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-04 23:37 - 2017-04-04 23:37 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-04 23:36 - 2017-04-04 23:36 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-04-04 23:37 - 2017-04-04 23:37 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-12-01 10:54 - 2016-12-01 10:54 - 05967872 ____N () C:\Users\ranking\AppData\Local\Temp\DESKTOP-OTGDFLL_ranking_ttheok.dll
2017-04-11 15:47 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2016-11-29 14:48 - 2016-11-29 14:45 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-218769943-847287720-2363422663-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ranking\Pictures\Saved Pictures\72007.jpg
DNS Servers: 191.242.104.146 - 191.242.105.146
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: ApHidMonitorService => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NoIPDUCService4 => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\StartupFolder: => "MegaBackup.lnk"
HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\StartupApproved\StartupFolder: => "IMVU.lnk"
HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-218769943-847287720-2363422663-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D0560404-0432-4A01-93EE-6E55758351EC}] => (Allow) C:\Users\ranking\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BDE99A4B-1E94-49A0-BC36-6B581A00475D}] => (Allow) C:\Users\ranking\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7E6485EF-8A0C-433B-9098-3EF644FB7F93}] => (Allow) C:\Users\ranking\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{196C89DD-C3D0-4D0F-8715-999BA5B607EF}] => (Allow) C:\Users\ranking\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5637D10F-71D9-47EC-8177-325D17178E4C}] => (Allow) C:\Users\ranking\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B9EB159-38D1-4461-A129-4F4A746AFAD7}] => (Allow) C:\Users\ranking\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6BE15213-A18B-44C5-95DA-2D5264997922}] => (Allow) C:\Users\ranking\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1C6B4DA3-BAD6-4F53-9748-CB9DC0A045AB}] => (Allow) C:\Users\ranking\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C9116EA2-3925-4025-ADB9-95B2E8746B9E}] => (Allow) C:\Users\ranking\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{96200E2C-CE0C-4A2A-8C1B-EF99F36065C2}] => (Allow) C:\Users\ranking\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{17F6CCBF-3699-4F6F-B576-AB17795224E7}] => (Allow) C:\Users\ranking\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{D7C3C988-E70E-4E84-B37F-67FA7A09D6A3}] => (Allow) C:\Users\ranking\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1AD9B60F-6BB3-4A5D-8B52-0C627CAE5274}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F1F918A2-77DB-4A0A-AB0D-13F52E51A083}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3324CE2E-219D-4A17-85D0-376BC6E92079}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{A7B86141-68DD-436E-AC6F-00B1796FB335}C:\users\ranking\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ranking\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{33EAB849-E428-4350-9186-A4ACBA502702}C:\users\ranking\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ranking\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DC0A5DAD-6FEC-494B-8BB3-A0347CA5CCF6}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{4A7110F4-F109-46C7-A8B7-6549D0B115B9}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{0A470FE0-90AC-4081-A3FD-0B456BA08CA6}C:\users\ranking\appdata\local\temp\rar$exb0.398\njrat-v0.7d_trojanoriginal.blogspot.com 2016\arquivos\njrat v0.7d.exe] => (Allow) C:\users\ranking\appdata\local\temp\rar$exb0.398\njrat-v0.7d_trojanoriginal.blogspot.com 2016\arquivos\njrat v0.7d.exe
FirewallRules: [UDP Query User{5200F37C-9435-4B84-89EE-6965EF5A8653}C:\users\ranking\appdata\local\temp\rar$exb0.398\njrat-v0.7d_trojanoriginal.blogspot.com 2016\arquivos\njrat v0.7d.exe] => (Allow) C:\users\ranking\appdata\local\temp\rar$exb0.398\njrat-v0.7d_trojanoriginal.blogspot.com 2016\arquivos\njrat v0.7d.exe
FirewallRules: [TCP Query User{7753BF47-64D1-4DEF-BCB0-EB0337054908}C:\users\ranking\desktop\njrat v0.7d.exe] => (Allow) C:\users\ranking\desktop\njrat v0.7d.exe
FirewallRules: [UDP Query User{F09690C7-B7F8-4F92-9889-D90ED60FCCDD}C:\users\ranking\desktop\njrat v0.7d.exe] => (Allow) C:\users\ranking\desktop\njrat v0.7d.exe
FirewallRules: [TCP Query User{08C0514C-5704-403B-9C08-BC3F93752E05}C:\program files (x86)\paterva\maltegoce\v4.0.11\bin\maltego.exe] => (Allow) C:\program files (x86)\paterva\maltegoce\v4.0.11\bin\maltego.exe
FirewallRules: [UDP Query User{A2961694-D9D1-46BD-AD46-F921B6C538BC}C:\program files (x86)\paterva\maltegoce\v4.0.11\bin\maltego.exe] => (Allow) C:\program files (x86)\paterva\maltegoce\v4.0.11\bin\maltego.exe
FirewallRules: [{B6CE2332-0D63-43BE-9D4C-79CFB527E40D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{DDA079D5-8F26-470A-86FD-23AC42B4B0AF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{5D9D76DF-A5C7-4AEE-8E08-CD3134967445}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{EC937C3D-F38F-4B64-BE0F-5F2F447C77B1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{72416078-F3A2-4D68-9120-1E16274A3419}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{B8192DA5-A237-496E-B8AA-6148E348B7D3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{6653E60D-73A9-4F2F-AD0A-6C6E5E80DF2A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{1059E2CA-02B4-4BDD-8CEE-71248245DE46}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{608EE6BD-C0E4-40A6-B2B6-52296D06A763}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{905D8A3E-6511-4D24-9791-E4354BB6D8DE}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{282C235C-145E-4A76-B188-90AD06F9EE7A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9606D38D-23BC-4574-9C1D-7004D32DFAF8}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
FirewallRules: [TCP Query User{6107513E-3D40-4226-BBC6-64E0ACA0FBE2}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [UDP Query User{F6CB5418-D3C3-445F-81D6-8FC3354BD324}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [{5EC0102B-4389-4C3D-A52F-C1443CBF92E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{50E385A3-72FF-4655-BC21-987B6F70F775}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe

==================== Pontos de Restauração =========================

02-04-2017 18:51:47 Ponto de Verificação Agendado
11-04-2017 15:58:38 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (04/12/2017 03:11:56 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação do Comprovante da Compra. 0xC004F069
Pkey Parcial=QPFDW
ACID=?
Erro Detalhado[?]

Error: (04/12/2017 12:32:42 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/11/2017 04:13:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: MRT.exe, versão: 5.47.13703.0, carimbo de data/hora: 0x58dec9f9
Nome do módulo com falha: combase.dll, versão: 10.0.14393.953, carimbo de data/hora: 0x58ba5954
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000000b071c
ID do processo com falha: 0x18e58
Hora de início do aplicativo com falha: 0x01d2b2f7526aa851
Caminho do aplicativo com falha: C:\WINDOWS\system32\MRT.exe
Caminho do módulo com falha: C:\WINDOWS\System32\combase.dll
ID do Relatório: e54d8fd3-dc81-46b4-8f7a-90922303e55c
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (04/11/2017 04:13:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (04/11/2017 03:58:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.

System Error:
Acesso negado.
.

Error: (04/11/2017 03:04:29 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/10/2017 02:16:57 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/08/2017 12:58:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/07/2017 05:58:51 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/06/2017 12:56:48 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


Erros de Sistema:
=============
Error: (04/12/2017 01:10:57 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (04/11/2017 07:51:43 PM) (Source: DCOM) (EventID: 10010) (User: RANKING4)
Description: O servidor Windows.Media.Capture.Internal.AppCaptureShell não se registrou no DCOM dentro do tempo limite necessário.

Error: (04/11/2017 07:51:29 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (04/11/2017 05:32:24 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (04/11/2017 05:01:20 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (04/10/2017 05:14:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (04/10/2017 02:13:23 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (04/09/2017 04:42:18 AM) (Source: DCOM) (EventID: 10010) (User: RANKING4)
Description: O servidor Windows.Media.Capture.Internal.AppCaptureShell não se registrou no DCOM dentro do tempo limite necessário.

Error: (04/09/2017 04:42:12 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (04/09/2017 01:56:52 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentagem de memória em uso: 84%
RAM física total: 4027.84 MB
RAM física disponível: 618.71 MB
Virtual Total: 6587.84 MB
Virtual disponível: 1515.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.81 GB) (Free:398.27 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.93 GB) (Free:4.28 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 21A7B885)

Partition: GPT.

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité