cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 25-06-2017 01
Executado por Nildemar (26-06-2017 23:22:03)
Executando a partir de D:\Dowloads\FRST64
Windows 7 Ultimate Service Pack 1 (X64) (2017-01-18 01:51:29)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-4100489265-4132513187-709566353-500 - Administrator - Disabled)
Convidado (S-1-5-21-4100489265-4132513187-709566353-501 - Limited - Disabled)
Nildemar (S-1-5-21-4100489265-4132513187-709566353-1000 - Administrator - Enabled) => C:\Users\Nildemar

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-4100489265-4132513187-709566353-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
Aplicativos da Autodesk em destaque (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 - Português - Brasil (Brazilian Portuguese) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - Português - Brasil (Brazilian Portuguese) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD 2015 Language Pack - Português - Brasil (Brazilian Portuguese) (HKLM\...\AutoCAD 2015 Language Pack - Português - Brasil (Brazilian Portuguese)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.130.0.62 - Conexant)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2311 - CyberLink Corp.)
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.3.90 - Dll-Files.com)
Driver Booster 4.0 (HKLM-x32\...\Driver Booster_is1) (Version: 4.0.3 - IObit)
Email Extractor Outlook N Express (HKLM-x32\...\{6EA58564-16AA-4DB9-8534-5D08FFB1AFFA}) (Version: 6.4.2.23 - TechnoComSolutions)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Glary Utilities PRO 5.76 (HKLM-x32\...\Glary Utilities 5) (Version: 5.76.0.97 - Glarysoft Ltd)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
iCare Data Recovery Pro Free Edition (HKLM-x32\...\{F7EAB243-4D0C-47F5-A4F1-74D350E45489}_is1) (Version: 8.0.0 - iCareAll Inc.)
Importação do SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.4.6.400 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.4.0.2119 - IObit)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kingo ROOT version 1.5.3.3086 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.5.3.3086 - Kingosoft Technology Ltd.)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.100 - Broadcom Corporation)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM\...\Lenovo EasyCamera) (Version: 5.38.3.3 - Silicon Motion)
Lenovo ReadyComm 5.0 Service (HKLM-x32\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
Malwarebytes Anti-Malware versão 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB}) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4100489265-4132513187-709566353-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mobile Broadband drivers (HKLM\...\{5B67ABCE-A18A-4334-B728-A15665CB173E}) (Version: 6.1.9.5 - Ericsson AB)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Thunderbird 45.8.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 pt-BR)) (Version: 45.8.0 - Mozilla)
Pacote de Compatibilidade para o sistema Office 2007 (HKLM-x32\...\{90120000-0020-0416-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.3.12085_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.3.12085_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
Warsaw 1.16.1.45 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.16.1.45 - GAS Tecnologia)
Web Companion (HKLM-x32\...\{75463442-42a2-48d3-a9d5-4994bc385ad4}) (Version: 3.1.1602.3093 - Lavasoft)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Data Recovery(Build 6.0.1.9) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 6.0.1.9 - Wondershare Software Co.,Ltd.)
Wondershare Filmora(Build 8.0.0) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare MobileGo(Version 8.2.3) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.3 - Wondershare)
Wondershare PDFelement OCR (HKU\S-1-5-21-4100489265-4132513187-709566353-1000\...\{E44D5676-361F-475C-AE0A-B3213D79DDD0}_is1) (Version: 5.11.0.1051 - Wondershare Software Co.,Ltd.)
Wondershare PDFelement(Build 5.10.0) (HKLM-x32\...\{5CA0183F-6D90-4615-91A5-F1A8A2014E83}_is1) (Version: 5.10.0.9 - Wondershare Software Co.,Ltd.)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-4100489265-4132513187-709566353-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4100489265-4132513187-709566353-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4100489265-4132513187-709566353-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Nildemar\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4100489265-4132513187-709566353-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Nildemar\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4100489265-4132513187-709566353-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Nildemar\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4100489265-4132513187-709566353-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4100489265-4132513187-709566353-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Nildemar\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4100489265-4132513187-709566353-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Nildemar\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0F20DB5E-255E-4C6D-822D-79F39EC6AC00} - System32\Tasks\Cerberie Bit CD Burner => Rundll32.exe "C:\Program Files\Cerberie Bit CD Burner\Cerberie Bit CD Burner.dll",MGektwLxWQQy <==== ATENÇÃO
Task: {189E4B84-077A-4F1F-B695-7EE4596B1744} - System32\Tasks\iSpringes => Rundll32.exe "C:\Program Files\iSpringes\iSpringes.dll",EVPNGxl <==== ATENÇÃO
Task: {1F7BB724-CEF0-4777-B536-2E613779CD40} - \Updater_Online_Application -> Nenhum Arquivo <==== ATENÇÃO
Task: {1FA98FF8-5EFA-420F-B3B5-603ED1552F58} - System32\Tasks\Uninstaller_SkipUac_Nildemar => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-05-26] (IObit)
Task: {25B4AA8C-320B-4312-B038-0313C2F1F1AF} - System32\Tasks\QR Data Recovery => Rundll32.exe "C:\Program Files\QR Data Recovery\QR Data Recovery.dll",CbysfiKp <==== ATENÇÃO
Task: {267D1382-18D9-4B6E-9C5E-5268392B9B85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {3376B98E-0331-46E2-BEF1-42D03724D94A} - System32\Tasks\Ad TonerCalendar => Rundll32.exe "C:\Program Files\Ad TonerCalendar\Ad TonerCalendar.dll",YqiwnWMPN <==== ATENÇÃO
Task: {46139275-A560-4EAB-A4F0-971E90A2531C} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.0.3\Scheduler.exe [2016-09-20] (IObit)
Task: {46DA9CC6-3AD1-4378-8FE6-D770F232F3AE} - \top9blogcomqazsm -> Nenhum Arquivo <==== ATENÇÃO
Task: {4B921033-5F38-4BAA-9C3A-E1D00F9E48FA} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2015-10-30] (Dll-FIles.Com)
Task: {4CC0AE75-4396-492D-A69A-59C8FF1F48BA} - \Online Application V2G2 -> Nenhum Arquivo <==== ATENÇÃO
Task: {57E78657-DB30-48E2-BA48-92C6C3B86428} - \SpyHunter4Startup -> Nenhum Arquivo <==== ATENÇÃO
Task: {5BD3F818-78BF-4D8D-8B8F-B5047090EFE8} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {5D38FE76-8EB6-45A7-8C3D-6693D39D3C86} - System32\Tasks\{CBEE8AE4-7AA7-470C-9754-3B7B2E934D30} => C:\Users\Nildemar\Documents\CD\ODIS-S_3.0.3 (1).exe
Task: {5DF96210-A4C9-418E-8780-13FD20699EAA} - \Pritc -> Nenhum Arquivo <==== ATENÇÃO
Task: {5EC3332F-274B-4D9A-BA21-D2C9726F8AD2} - System32\Tasks\Driver Booster SkipUAC (Nildemar) => C:\Program Files (x86)\IObit\Driver Booster\4.0.3\DriverBooster.exe [2016-09-22] (IObit)
Task: {698AC109-8614-4EB3-BC35-123758C1797E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {71B8E4CB-07C3-4E26-8934-7D03872C5EAC} - \Hijerly Builder -> Nenhum Arquivo <==== ATENÇÃO
Task: {75FB169F-3F3D-4B22-8D0C-0D57D169108D} - \Online Application V2G3 -> Nenhum Arquivo <==== ATENÇÃO
Task: {929F2511-62BE-4315-AAAC-FB869CCA23E4} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2017-06-21] ()
Task: {92DC8E9A-7215-44FD-B52D-DDC9F6CDD3BB} - \Microsoft\Windows\MemoryDiagnostic\VideoMemoryDiagnostic -> Nenhum Arquivo <==== ATENÇÃO
Task: {95579028-93C9-498B-B510-F778E4AF7840} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {9C775253-C6BF-41A1-8DF5-C65F97735975} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-01] (Google Inc.)
Task: {A440DF15-6CCF-4B7F-919D-3BD44905CF83} - System32\Tasks\GoogleUpdateTaskMachineCore1d2e47b8e892c72 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-01] (Google Inc.)
Task: {A4D9AA9C-0E33-4ABE-AC18-8EC3EC76A7B3} - \Microsoft\Windows\Multimedia\Manager -> Nenhum Arquivo <==== ATENÇÃO
Task: {A8155DA9-F600-4A54-BC19-27ED65AF1E96} - \Windows_Antimalware_System_Host -> Nenhum Arquivo <==== ATENÇÃO
Task: {AA5D6AD7-3BD1-41E1-957B-FF2FE4C6E4E6} - System32\Tasks\GoogleUpdateTaskMachineUA1d2e47b8f1b23b3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-01] (Google Inc.)
Task: {AB25EF21-C16D-47E4-AE56-C05F33F5BFA7} - System32\Tasks\Windows_Antimalware_Host => powershell -WindowStyle Hidden -ExecutionPolicy Bypass -NoP -file C:\ProgramData\u3bO8YL0WR.ps1
Task: {ADE95832-A3F2-44D9-B6EC-1D2BAD63C62D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-01] (Google Inc.)
Task: {B48BA7F8-9847-48A2-992E-9953782E72AA} - \Aruqishefuy -> Nenhum Arquivo <==== ATENÇÃO
Task: {C1036E21-71D1-44F3-8BD4-F20F46B5C89C} - System32\Tasks\X ArcWis => Rundll32.exe "C:\Program Files\X ArcWis\X ArcWis.dll",nwhpRh <==== ATENÇÃO
Task: {C6C58AB7-0506-4E67-B401-02E5892C41E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-19] (Adobe Systems Incorporated)
Task: {D6D52CFF-696D-47FD-B42C-16E48E001684} - \Milimili -> Nenhum Arquivo <==== ATENÇÃO
Task: {DBD406A3-0E8F-4569-BB6A-DAC900F29CF0} - System32\Tasks\2c0b19d998c7ae02a37f6680d4f96c3e => sc start 2c0b19d998c7ae02a37f6680d4f96c3e <==== ATENÇÃO
Task: {DC0F5142-93DC-4DF7-BAD6-178B59AC38ED} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-05-19] (Glarysoft Ltd)
Task: {E55ADA8B-24B7-4D4F-90B1-DFDEA7AF00A0} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2015-10-30] (Dll-FIles.Com)
Task: {E8276531-42C9-4B7C-9F92-6541538B1035} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EC849CE7-701B-415A-B91A-BB4717055BC3} - \Microsoft\Windows\Windows Error Reporting\VideErroroReporting -> Nenhum Arquivo <==== ATENÇÃO
Task: {ED78EB24-9C00-46D6-9DF3-7A009F5265E0} - \Online Application V2G1 -> Nenhum Arquivo <==== ATENÇÃO
Task: {F11762A0-04C5-4E21-9149-1DF42B0BC20A} - \DriverPack Notifier -> Nenhum Arquivo <==== ATENÇÃO
Task: {F1549ED3-0BE6-43D5-9420-83884CA789FF} - \AutoPico Daily Restart -> Nenhum Arquivo <==== ATENÇÃO
Task: {FA6BC329-016F-40B5-AB2A-427BBEE65A02} - \Microsoft\Windows\DeviceSettings\Atozerle -> Nenhum Arquivo <==== ATENÇÃO

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Cerberie Bit CD Burner.job => rundll32.exe C:\Program Files\Cerberie Bit CD Burner\Cerberie Bit CD Burner.dll
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\QR Data Recovery.job => rundll32.exe C:\Program Files\QR Data Recovery\QR Data Recovery.dll

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


ShortcutWithArgument: C:\Users\Nildemar\Desktop\Nildemar - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\Nildemar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\Nildemar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->

==================== Módulos Carregados (Whitelisted) ==============

2017-06-03 01:06 - 2017-05-23 05:35 - 00020208 ____H () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2017-06-18 00:50 - 2017-05-31 15:15 - 00017384 _____ () C:\Users\Nildemar\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
2017-06-07 17:09 - 2017-06-07 17:09 - 00598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2017-06-15 02:53 - 2017-06-15 02:53 - 00025192 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2017-06-15 02:53 - 2017-06-15 02:53 - 00017000 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
2017-06-15 02:53 - 2017-06-15 02:53 - 00036968 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
2012-08-31 09:52 - 2012-08-31 09:52 - 00021432 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
2017-06-16 00:11 - 2017-06-15 04:29 - 02692440 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.104\swiftshader\libglesv2.dll
2017-06-16 00:11 - 2017-06-15 04:29 - 00137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.104\swiftshader\libegl.dll
2017-06-18 00:48 - 2017-06-18 00:48 - 00115137 _____ () C:\Users\Nildemar\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
2016-04-13 05:38 - 2016-04-13 05:38 - 00482304 _____ () C:\ProgramData\MEGAsync\libsodium.dll
2017-06-10 02:05 - 2017-03-28 17:08 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-06-10 02:05 - 2017-03-28 17:08 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-06-10 02:05 - 2017-03-28 17:08 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-06-10 02:05 - 2017-03-28 17:09 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2017-06-10 02:05 - 2017-05-10 13:19 - 00631584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2017-06-07 17:07 - 2017-06-07 17:07 - 00569856 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2017-06-03 20:11 - 2017-06-03 20:11 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\69f0c87375b323dd1cf75d1753ba55a5\IsdiInterop.ni.dll
2017-01-17 23:52 - 2010-03-03 19:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Windows\System32:51423F29_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

HKU\S-1-5-21-4100489265-4132513187-709566353-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-4100489265-4132513187-709566353-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-4100489265-4132513187-709566353-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4100489265-4132513187-709566353-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2017-06-25 20:19 - 00000769 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-4100489265-4132513187-709566353-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nildemar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring =>
MSCONFIG\startupreg: CommonToolkitTray_Solvusoft =>
MSCONFIG\startupreg: core.exe "C: =>
MSCONFIG\startupreg: HP Software Update =>
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: jv16pt_PreWorker2.exe => "C:\Program Files (x86)\jv16 PowerTools 2017\jv16pt_PreWorker2.exe" /SysStartupCheck /PT:"C:\Program Files (x86)\jv16 PowerTools 2017\"
MSCONFIG\startupreg: jv16pt_PreWorker2.exe /StartupOptimizer /PT:"C: =>
MSCONFIG\startupreg: MSC =>
MSCONFIG\startupreg: msiql =>
MSCONFIG\startupreg: StartupManager.exe => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: SUPERAntiSpyware =>
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
MSCONFIG\startupreg: utility.exe => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{DC9AAD28-CDE6-415B-8260-31C70DAE4903}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{A2C7418B-3D3A-4125-8E18-F051559821DD}] => (Allow) C:\Windows\System32\IgrsSvcs.exe
FirewallRules: [{2F0C7A6C-F42B-48EF-A892-4204D84AF2C2}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{A4612F8B-1B17-4C3A-BC4A-E0B226382AE3}] => (Allow) C:\Windows\System32\IgrsSvcs.exe
FirewallRules: [{0DABCC03-BBA2-4C11-A2C9-97B4766AAB4A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D3E4278E-0FF2-4E1F-AE92-2BA1A462F6D7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F61069E6-E962-4199-AE96-4830DCB9B846}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AF8EA7EE-81A3-4790-A4E0-8C171E288D43}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{724DB829-4A6E-4F4D-8664-CDF5997B10AF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{A563ED68-45BE-4528-8351-E39E9A5CA6D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{A1641310-2B48-4D99-921B-F48FF984D814}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{494A9FD8-AA97-4AF9-956B-6741B61432CC}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{9FF819F2-E63D-4FA8-A560-53BF19D90176}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{624B2890-F232-4A91-8F58-2CB4CDA4C35F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{46FAE753-530B-4FDA-951F-ECAC82243591}] => (Allow) LPort=1688
FirewallRules: [{ADD315C3-292D-42B3-AA09-D17F04ED8BC1}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{D0A793C1-1A98-405F-8214-4B891DC4FC16}] => (Allow) C:\Users\Nildemar\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{3BA344AC-F5C7-4FC6-B799-30E1B82B5465}] => (Allow) LPort=2869
FirewallRules: [{6F93C941-BF13-4453-92EC-74C3F379827C}] => (Allow) LPort=1900
FirewallRules: [{9E313E53-36B6-4411-9C8A-989470F4158C}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{DAD56E08-9B50-4FFD-8FCF-DEE3479F3F75}] => (Allow) LPort=50248
FirewallRules: [{95F3AC59-3E07-4FC4-83E4-B52AF4911048}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5E960054-6C62-4181-AD6C-E83BBCA8A497}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0553F205-D14B-4E55-99D0-B7337FC944BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D18A6E62-A782-4DB5-9080-9AC8BB36BE16}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4228CDF3-B060-4D4A-B223-B2DFD08CB68D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8852C722-13C0-4A2B-B200-631E60FDB55C}] => (Allow) C:\Users\Nildemar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{58CFD201-FD6E-4861-BE8B-01238D34ECE6}] => (Allow) C:\Users\Nildemar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75C540D5-5E63-47BC-A961-4896A3FD54C3}] => (Allow) C:\Users\Nildemar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E014F59D-B73B-403F-AF97-33A4AAD82CAC}] => (Allow) C:\Users\Nildemar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F280EA84-73C6-4940-AC5B-AC0696A9AAD1}] => (Allow) C:\Users\Nildemar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F47670BF-1066-4E18-B9A7-F5CA1E7CA61D}] => (Allow) C:\Users\Nildemar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BAD83550-1C8F-4B95-BC2B-E11BE4F86E9C}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{2E9C1A89-B272-4D63-B494-07C1E2835A86}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{24708639-D52F-4BB2-B4CF-C578583634EC}] => (Allow) C:\Users\Nildemar\AppData\Roaming\uTorrent\updates\3.5.0_43804.exe
FirewallRules: [{00566F2C-401E-4010-8D27-2279146B4173}] => (Allow) C:\Users\Nildemar\AppData\Roaming\uTorrent\updates\3.5.0_43804.exe
FirewallRules: [{8D3E5AE6-5949-4B0D-8B9A-650C1F77245F}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{0C467D5E-B998-4ECC-A77D-79318BE4473E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{339CD20F-3240-4EB5-B65B-2C541C7AA58D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2ACFF53C-4D53-4C8F-BD37-2B3B0FF4635B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2E13BF0D-0F10-4446-A54A-27EB34C240CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1ECF98EC-76B1-4D48-8140-C5B0B32D1003}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{16496F1B-E32C-433B-A613-204A3653ED72}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{501F7BE0-E339-4C66-ABC0-605ADACD5AA3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BA873934-A8CE-46E2-A17C-8C902C744570}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A99497B8-92AF-4EAB-B1BC-63BA79A24F9F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{1FBB01E0-0B28-4931-9E78-01764A2B71FD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\DriverBooster.exe
FirewallRules: [{CB190EA3-EE94-4344-B491-07E499F01D1A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\DriverBooster.exe
FirewallRules: [{926FA905-1B52-4BA3-83B4-AE0983512C69}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\DBDownloader.exe
FirewallRules: [{EA43B2D3-B54C-4A49-B83A-4288921B5569}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\DBDownloader.exe
FirewallRules: [{A9A15292-2A50-43CD-BDF4-933B41FA485F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\AutoUpdate.exe
FirewallRules: [{17919445-CD1E-4CD3-9C0B-5942047738D0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\AutoUpdate.exe
FirewallRules: [{231DD56F-CEFF-48C6-B25B-B8C62BD879DD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2F85A194-0856-4992-9844-26B6EAF0799E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{285EDD62-78BB-401F-AAE9-D94AA392E80F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe

==================== Pontos de Restauração =========================

19-06-2017 15:39:17 Instalação de Pacote de Driver de Dispositivo: Google, Inc. SAMSUNG Android Phone
19-06-2017 22:14:13 Windows Update
19-06-2017 22:19:09 Windows Update
20-06-2017 00:26:49 Instalador de Módulos do Windows
20-06-2017 00:31:38 Instalador de Módulos do Windows
20-06-2017 00:44:29 Instalador de Módulos do Windows
20-06-2017 14:14:30 Re-Loader by R@1n
20-06-2017 17:22:06 Instalador de Módulos do Windows
21-06-2017 00:09:30 Instalador de Módulos do Windows
21-06-2017 23:57:49 DLL-Files Fixer qua, jun 21, 17 23:57
22-06-2017 09:28:30 Windows Update
23-06-2017 00:59:04 Operação de restauração
23-06-2017 08:04:51 WinThruster sex, jun 23, 17 08:04
25-06-2017 19:04:39 DLL-Files Fixer dom, jun 25, 17 19:04
25-06-2017 20:18:47 WinThruster dom, jun 25, 17 20:18

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: AZOZ5ZUY IDE Controller
Description: AZOZ5ZUY IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: amjqxy0g
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: 930b7929b99d3c55fdf5ac11dd17cb8c
Description: 930b7929b99d3c55fdf5ac11dd17cb8c
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: 930b7929b99d3c55fdf5ac11dd17cb8c
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (06/26/2017 09:42:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: AutoKMS.exe, versão: 2.4.0.0, carimbo de hora: 0x511d2de7
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.23807, carimbo de hora: 0x5915f98e
Código de exceção: 0xe0434352
Deslocamento com falha: 0x0000c54f
Identificação do processo com falha: 0x690
Hora de início do aplicativo com falha: 0x01d2eeddeee73d51
Caminho do aplicativo com falha: C:\Windows\AutoKMS\AutoKMS.exe
FCaminho do módulo de falhas: C:\Windows\syswow64\KERNELBASE.dll
Identificação do Relatório: 780bb0ee-5ad1-11e7-8b0b-c0cb38e10c98

Error: (06/26/2017 09:42:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: AutoKMS.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: System.Runtime.InteropServices.COMException
em System.Management.ThreadDispatch.Start()
em System.Management.ManagementScope.Initialize()
em System.Management.ManagementObjectSearcher.Initialize()
em System.Management.ManagementObjectSearcher.Get()
em ..(., System.String)
em ...ctor()
em ..(.)
em ..()

Error: (06/26/2017 03:49:39 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-03T01:01:39Z. Error Code: 0x80070005.

Error: (06/26/2017 03:16:41 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-03T01:01:41Z. Error Code: 0x80070005.

Error: (06/26/2017 03:11:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: WsAppService.exe, versão: 2.2.0.5, carimbo de hora: 0x56fce241
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.23807, carimbo de hora: 0x5915fe14
Código de exceção: 0xe053534f
Deslocamento com falha: 0x000000000001a06d
Identificação do processo com falha: 0x%9
Hora de início do aplicativo com falha: 0xWsAppService.exe0
Caminho do aplicativo com falha: WsAppService.exe1
FCaminho do módulo de falhas: WsAppService.exe2
Identificação do Relatório: WsAppService.exe3

Error: (06/26/2017 01:21:28 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-03T01:01:28Z. Error Code: 0x80070005.

Error: (06/26/2017 01:16:20 PM) (Source: Outlook) (EventID: 35) (User: )
Description: Falha ao determinar se o repositório está no escopo de rastreamento (erro = 0x80070002).

Error: (06/26/2017 01:16:20 PM) (Source: Outlook) (EventID: 34) (User: )
Description: Falha ao obter o Gerenciador do Escopo de Rastreamento com erro=0x80070002.

Error: (06/26/2017 01:08:14 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-03T01:01:14Z. Error Code: 0x80070005.

Error: (06/25/2017 10:06:46 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-03T01:00:46Z. Error Code: 0x80070005.


Erros de Sistema:
=============
Error: (06/26/2017 09:42:01 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 70.

Error: (06/26/2017 09:42:01 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 70.

Error: (06/26/2017 09:41:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
930b7929b99d3c55fdf5ac11dd17cb8c
gbpddfac
gbpddreg

Error: (06/26/2017 09:40:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ReadyComm.DirectRouter devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (06/26/2017 09:40:12 PM) (Source: APPHOSTSVC) (EventID: 9010) (User: )
Description: O Serviço Auxiliar de Host do Aplicativo encontrou um erro ao tentar acessar o diretório do histórico raiz 'C:\inetpub\history'. O diretório não existe ou as permissões nele não permitem que o serviço de histórico o acesse. O recurso de histórico de configuração está desabilitado por enquanto e será habilitado novamente após a resolução do problema. Para resolver o problema, verifique se o diretório existe e se o grupo Administradores tem acesso de leitura e gravação a ele. O campo de dados contém o número do erro.

Error: (06/26/2017 09:40:06 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: AUTORIDADE NT)
Description: O serviço de log de eventos encontrou um erro ao inicializar recursos de publicação para o canal Microsoft-RMS-MSIPC/Debug. Se o tipo de canal for Analítico ou Depurar, isso poderá significar que também ocorreu um erro ao serem inicializados recursos de log.

Error: (06/26/2017 09:40:06 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: AUTORIDADE NT)
Description: O serviço de log de eventos encontrou um erro ao inicializar recursos de publicação para o canal DebugChannel. Se o tipo de canal for Analítico ou Depurar, isso poderá significar que também ocorreu um erro ao serem inicializados recursos de log.

Error: (06/26/2017 09:40:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbp Service devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (06/26/2017 06:15:18 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 20.

Error: (06/26/2017 03:43:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
930b7929b99d3c55fdf5ac11dd17cb8c
gbpddfac
gbpddreg


CodeIntegrity:
===================================
Date: 2017-05-22 06:16:03.458
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-22 06:16:03.411
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-18 12:43:20.015
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-bcrypt-primitives-dll_31bf3856ad364e35_6.2.9200.16384_none_0edc8545e871119d\bcryptprimitives.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-01-18 12:43:20.005
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-bcrypt-primitives-dll_31bf3856ad364e35_6.2.9200.16384_none_0edc8545e871119d\bcryptprimitives.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-01-18 12:43:19.995
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-bcrypt-primitives-dll_31bf3856ad364e35_6.2.9200.16384_none_0edc8545e871119d\bcryptprimitives.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-01-18 12:43:01.243
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$WINDOWS.~BT\Windows\WinSxS\Backup\x86_microsoft-windows-bcrypt-primitives-dll_31bf3856ad364e35_6.2.9200.16384_none_0edc8545e871119d_bcryptprimitives.dll_5dcb347c because the set of per-page image hashes could not be found on the system.

Date: 2017-01-18 12:43:01.232
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$WINDOWS.~BT\Windows\WinSxS\Backup\x86_microsoft-windows-bcrypt-primitives-dll_31bf3856ad364e35_6.2.9200.16384_none_0edc8545e871119d_bcryptprimitives.dll_5dcb347c because the set of per-page image hashes could not be found on the system.

Date: 2017-01-18 12:43:01.221
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$WINDOWS.~BT\Windows\WinSxS\Backup\x86_microsoft-windows-bcrypt-primitives-dll_31bf3856ad364e35_6.2.9200.16384_none_0edc8545e871119d_bcryptprimitives.dll_5dcb347c because the set of per-page image hashes could not be found on the system.

Date: 2017-01-18 12:42:55.316
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$WINDOWS.~BT\Windows\WinSxS\Backup\amd64_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_e90a11d7d5070f99_userenv.dll_1a3a70b6 because the set of per-page image hashes could not be found on the system.

Date: 2017-01-18 12:42:54.881
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$WINDOWS.~BT\Windows\WinSxS\Backup\amd64_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_e90a11d7d5070f99_userenv.dll_1a3a70b6 because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentagem de memória em uso: 33%
RAM física total: 7990.85 MB
RAM física disponível: 5322.99 MB
Virtual Total: 16279.88 MB
Virtual disponível: 13490.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:244.14 GB) (Free:47.77 GB) NTFS
Drive d: () (Fixed) (Total:53.61 GB) (Free:12.83 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E56985A4)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=53.6 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité