Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 20-09-2017
Executado por RODRIGO (21-09-2017 20:05:06)
Executando a partir de C:\Users\RODRIGO\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-05-19 17:24:20)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2569912285-2516486697-1191534479-500 - Administrator - Disabled)
Convidado (S-1-5-21-2569912285-2516486697-1191534479-501 - Limited - Disabled)
RODRIGO (S-1-5-21-2569912285-2516486697-1191534479-1000 - Administrator - Enabled) => C:\Users\RODRIGO
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
7-Zip 16.01 (x64) (HKLM\...\7-Zip) (Version: 16.01 - Igor Pavlov)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Atualizações da NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira (HKLM-x32\...\{1B48601D-0537-4589-9952-A8989BE8249A}) (Version: 1.2.96.16095 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{7c01a3b4-3454-446e-8473-8a245f962c28}) (Version: 1.2.96.16095 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.30.29 - Avira Operations GmbH & Co. KG)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Chromium (HKU\S-1-5-21-2569912285-2516486697-1191534479-1000\...\Chromium) (Version: 51.0.2683.0 - Chromium)
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - )
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version: - )
foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.91 - Google Inc.)
Google Drive (HKLM-x32\...\{F9A2761E-C1E4-4384-92A3-5732C9738327}) (Version: 2.34.6717.9565 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GunboundPS (HKLM-x32\...\GunboundPS_is1) (Version: - Softnyx co.,Ltd.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HL-1200 series (HKLM-x32\...\{3D91358F-DE2D-46A2-AE8B-888C482B51C9}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Matroska Pack (HKLM-x32\...\Matroska Pack) (Version: - )
MatroskaProp (remove only) (HKLM-x32\...\MatroskaProp) (Version: - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA Driver de áudio HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Driver de gráficos 359.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.21 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 359.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.21 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NyxLauncherPS (HKLM-x32\...\NyxLauncherPS_is1) (Version: - Softnyx co.,ltd.)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Painel de controle da NVIDIA 359.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 359.21 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Winrar 5.00 (64-bit) (HKLM\...\Winrar 5.00 (64-bit)5.00) (Version: 5.00 - Friends in War)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-19] (Igor Pavlov)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-14] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-19] (Igor Pavlov)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-12-16] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-19] (Igor Pavlov)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-14] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1BF7B4FB-4966-4145-9D18-D52EBC6E9657} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {1C63D597-95FB-44DB-9103-20503CC96206} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {32C3C618-27EA-42A4-8269-8BDA50E9EB4B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-10-10] (@ByELDI)
Task: {4B01B7F0-EB25-4E2D-A04C-FD9E5813ACF4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)
Task: {58CEF893-01D9-4913-83F4-E33AE9B2C284} - System32\Tasks\ASUS\i-Setup171410 => C:\Windows\MEI-Win7-8-8-1_VER10001204\AsusSetup.exe [2013-08-22] (ASUSTeK Computer Inc.)
Task: {61D7A018-AD1B-4BED-88C7-2A8FAF6067C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {65ACB6E3-D5C9-425B-868C-53F15713E0F6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {9F56865D-8F3B-4895-8144-19CCEB59389A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D5BB9F61-4F09-4CDA-88CA-A11406CE5B07} - System32\Tasks\{F4AFBCFE-BFCC-4A5D-AC47-41ED120FD804} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.38.0.101&LastError=12040
Task: {D7114060-818E-4B22-8FC1-2C860EB0A9AF} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {E16A4FF5-4CDA-460B-8400-5D3B288A9BCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)
Task: {EBB981F3-DD20-4DBB-9CD9-CE3E1B368DF9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-13] (Adobe Systems Incorporated)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2016-05-19 14:53 - 2015-12-16 16:47 - 000126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-06 19:00 - 2016-06-14 22:14 - 000369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2017-03-06 19:00 - 2016-06-14 22:14 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-03-06 19:00 - 2016-06-14 22:14 - 003613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-03-06 18:24 - 2016-06-14 22:14 - 000289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-03-06 19:00 - 2016-06-14 22:14 - 002667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-03-06 19:00 - 2016-06-14 22:14 - 001990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-03-06 19:00 - 2016-06-14 22:14 - 001842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2017-03-06 19:00 - 2016-06-14 22:14 - 000208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-03-06 19:00 - 2016-06-14 22:14 - 000035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-03-06 19:00 - 2016-06-14 22:14 - 000921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2017-09-18 19:55 - 2017-09-14 05:30 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.91\libglesv2.dll
2017-09-18 19:55 - 2017-09-14 05:30 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.91\libegl.dll
2017-03-06 18:24 - 2016-06-14 22:14 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-03-16 17:02 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2017-05-28 16:39 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2569912285-2516486697-1191534479-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\RODRIGO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{BC926E03-9E09-4383-B0D0-92C2EB5DF5BE}] => (Allow) C:\Users\RODRIGO\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{811248B3-FC9F-4E6E-8CDD-E2F0E513339A}C:\game\softnyxgame\gunboundps\gunbound.gme] => (Allow) C:\game\softnyxgame\gunboundps\gunbound.gme
FirewallRules: [UDP Query User{2558D340-5DDF-4E76-835E-D09059B5DF0E}C:\game\softnyxgame\gunboundps\gunbound.gme] => (Allow) C:\game\softnyxgame\gunboundps\gunbound.gme
FirewallRules: [{B170C915-AACC-4F2A-A5C4-215B22E800E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D6BFDB83-7830-420B-811E-3916D91DA467}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{313788CC-A1A7-4881-BDEC-C092E0A0D8E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D4721F4C-8941-498E-9EB7-E2265EBBF6F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1703A1DF-76D0-4298-856E-C4824F58243E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{350104ED-B278-4DF5-8344-07D04945ACA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4E55C136-037E-47A0-B583-3F3F783BC8C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{A1B9B51C-9192-46B0-9A80-6F1954A4D5C4}C:\program files (x86)\emuletorrent\emuletorrent.exe] => (Allow) C:\program files (x86)\emuletorrent\emuletorrent.exe
FirewallRules: [UDP Query User{68816F71-9CAF-4808-9C1D-61F9E06BBC74}C:\program files (x86)\emuletorrent\emuletorrent.exe] => (Allow) C:\program files (x86)\emuletorrent\emuletorrent.exe
FirewallRules: [TCP Query User{E0E93527-7E3A-4E47-9EE9-07A99628C0F6}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{F1E18E3B-C12E-4AEB-8642-0C36F11D9BFC}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [{9CEAEE7F-13BD-4235-AB4F-FC2E4FB8909C}] => (Allow) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
FirewallRules: [{3B7EDB70-08B5-4CD0-B6E2-FE812F6E6AB7}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{8726AC61-CB5B-40ED-A065-3D482E6F6BFC}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [TCP Query User{D189AFD2-66E5-4FA8-B523-C04884ECDE9C}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{41B392F0-89FA-4819-A0D5-4A6898CE337F}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{608834C0-CA68-4423-9F56-F08069ECF58C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
09-09-2017 23:05:27 Ponto de Verificação Agendado
17-09-2017 10:38:15 Ponto de Verificação Agendado
18-09-2017 19:07:21 JRT Pre-Junkware Removal
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Atheros AR5005G Wireless Network Adapter #2
Description: Atheros AR5005G Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (09/20/2017 10:04:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa bsplayer.exe versão 2.7.0.1080 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: dbc
Hora de Início: 01d332756d192ff0
Hora de Término: 83
Caminho do Aplicativo: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
Id do Relatório:
Error: (08/22/2017 09:18:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.1.7601.17514 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 6f0
Hora de Início: 01d31ba2788e7be0
Hora de Término: 10
Caminho do Aplicativo: C:\Windows\Explorer.EXE
Id do Relatório: 9568ce71-8798-11e7-a58e-20cf30e0979b
Error: (08/22/2017 08:56:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.1.7601.17514 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 710
Hora de Início: 01d31ba1835d9fc0
Hora de Término: 10
Caminho do Aplicativo: C:\Windows\Explorer.EXE
Id do Relatório: 7dead3e1-8795-11e7-b9d4-20cf30e0979b
Error: (08/16/2017 06:53:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa bsplayer.exe versão 2.7.0.1080 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 3b4
Hora de Início: 01d316da0576d5c0
Hora de Término: 38
Caminho do Aplicativo: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
Id do Relatório: 4d268899-82cd-11e7-ad92-20cf30e0979b
Error: (08/13/2017 09:29:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa bsplayer.exe versão 2.7.0.1080 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 158c
Hora de Início: 01d3142faf8907c0
Hora de Término: 13
Caminho do Aplicativo: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
Id do Relatório: fb487a61-8022-11e7-8ba6-20cf30e0979b
Error: (07/25/2017 09:30:48 PM) (Source: MsiInstaller) (EventID: 10005) (User: RODRIGO-PC)
Description: Produto: Teoma Media Search App -- Erro 25001. Os aplicativos a seguir deverão estar fechados para continuar a desinstalação:
Google Chrome
Error: (05/19/2017 11:37:19 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: RODRIGO-PC)
Description: O aplicativo ou serviço 'PDF Architect 4 Creator' não pôde ser reiniciado.
Error: (05/19/2017 11:36:40 PM) (Source: MsiInstaller) (EventID: 10005) (User: RODRIGO-PC)
Description: Produto: Teoma Media Search App -- Erro 25001. Os aplicativos a seguir deverão estar fechados para continuar a desinstalação:
Google Chrome
Error: (05/19/2017 11:36:33 PM) (Source: MsiInstaller) (EventID: 10005) (User: RODRIGO-PC)
Description: Produto: Teoma Media Search App -- Erro 25001. Os aplicativos a seguir deverão estar fechados para continuar a desinstalação:
Google Chrome
Error: (05/19/2017 11:36:32 PM) (Source: MsiInstaller) (EventID: 10005) (User: RODRIGO-PC)
Description: Produto: Teoma Media Search App -- Erro 25001. Os aplicativos a seguir deverão estar fechados para continuar a desinstalação:
Google Chrome
Erros de Sistema:
=============
Error: (09/21/2017 07:55:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
AFD
avipbb
avkmgr
CSC
DfsC
discache
HWiNFO32
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
vwififlt
Wanarpv6
WfpLwf
ws2ifsl
Error: (09/21/2017 07:55:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Agendador de Tarefas depende do serviço Log de Eventos do Windows, mas não foi possível iniciá-lo devido ao seguinte erro:
O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.
Error: (09/21/2017 07:50:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
AFD
avipbb
avkmgr
CSC
DfsC
discache
HWiNFO32
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
vwififlt
Wanarpv6
WfpLwf
ws2ifsl
Error: (09/21/2017 07:50:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Agendador de Tarefas depende do serviço Log de Eventos do Windows, mas não foi possível iniciá-lo devido ao seguinte erro:
O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.
Error: (09/21/2017 07:49:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro:
Acesso negado.
Error: (09/21/2017 07:49:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro:
Acesso negado.
Error: (09/21/2017 07:49:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro:
Acesso negado.
Error: (09/21/2017 07:49:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro:
Acesso negado.
Error: (09/21/2017 07:42:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 19:41:07 às 21/09/2017 não era esperado.
Error: (09/21/2017 07:41:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gerenciador de Sessão do Gerenciador de Janelas da Área de Trabalho devido ao seguinte erro:
O sistema não pode encontrar o caminho especificado.
CodeIntegrity:
===================================
Date: 2017-05-28 16:39:21.237
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-28 16:39:21.237
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-28 16:39:21.221
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-28 16:39:21.206
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-27 17:58:48.260
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-27 17:58:48.260
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-27 17:58:48.244
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-27 17:58:48.228
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-19 20:24:59.998
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-19 20:24:59.983
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Informações da Memória ===========================
Processador: AMD Athlon(tm) II X4 640 Processor
Percentagem de memória em uso: 61%
RAM física total: 4095.23 MB
RAM física disponível: 1582.38 MB
Virtual Total: 8188.65 MB
Virtual disponível: 4773.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:197.99 GB) NTFS
Drive e: (Novo volume) (Fixed) (Total:97.66 GB) (Free:27.89 GB) NTFS
Drive f: (BACKUP) (Fixed) (Total:75.13 GB) (Free:43.28 GB) NTFS
Drive g: (Rodrigo_02) (Fixed) (Total:292.97 GB) (Free:81.33 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8ED1C27F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D7B70BC0)
Partition 1: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=75.1 GB) - (Type=OF Extended)
==================== Fim de Addition.txt ============================