Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2019
Ran by SoBot (28-09-2019 20:58:55)
Running from C:\Users\SoBot\Downloads
Windows 7 Professional Service Pack 1 (X64) (2019-09-28 14:12:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3562657316-3913107346-467950137-500 - Administrator - Disabled)
Convidado (S-1-5-21-3562657316-3913107346-467950137-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3562657316-3913107346-467950137-1002 - Limited - Enabled)
SoBot (S-1-5-21-3562657316-3913107346-467950137-1001 - Administrator - Enabled) => C:\Users\SoBot
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Aurox-Global (HKLM-x32\...\Aurox-Global) (Version: - )
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.3.0.8046 - DLL-Files.com Client)
Fortera 12v6 (HKU\S-1-5-21-3562657316-3913107346-467950137-1001\...\Fortera 12v6) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Outbyte PC Repair (HKLM-x32\...\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1) (Version: 1.0.2.4 - Outbyte Computing Pty Ltd)
WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
X-Mouse Button Control 2.18.8 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.18.8 - Highresolution Enterprises)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2019-09-28 19:28 - 2019-09-28 19:28 - 000014848 _____ () [File not signed] C:\Users\SoBot\AppData\Local\Temp\nsv12D3.tmp\InstallOptions.dll
2019-09-28 19:28 - 2019-09-28 19:28 - 000009728 _____ () [File not signed] C:\Users\SoBot\AppData\Local\Temp\nsv12D3.tmp\nsDialogs.dll
2019-09-28 19:28 - 2019-09-28 19:28 - 000010752 _____ () [File not signed] C:\Users\SoBot\AppData\Local\Temp\nsv12D3.tmp\System.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000976677 _____ () [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\libevent-2-1-6.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000328203 _____ () [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssp-0.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000119296 _____ () [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\zlib1.dll
2017-02-08 18:46 - 2019-09-28 19:24 - 000167424 _____ () [File not signed] C:\Users\SoBot\Desktop\Xenobot\lua5.1.dll
2017-02-08 18:46 - 2019-09-28 19:24 - 002198016 _____ () [File not signed] C:\Users\SoBot\Desktop\Xenobot\QtCore4.dll
2017-02-08 18:46 - 2019-09-28 19:24 - 007779328 _____ () [File not signed] C:\Users\SoBot\Desktop\Xenobot\QtGui4.dll
2017-02-08 18:46 - 2019-09-28 19:24 - 000804352 _____ () [File not signed] C:\Users\SoBot\Desktop\Xenobot\QtNetwork4.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000590631 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\libwinpthread-1.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000463872 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\freebl3.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000248320 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\lgpllibs.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 001922560 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\mozavcodec.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000310272 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\mozavutil.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000996352 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\mozglue.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 001951744 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\nss3.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000430080 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\nssckbi.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000225280 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\softokn3.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 092623893 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\xul.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 003008269 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\LIBEAY32.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000817559 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3562657316-3913107346-467950137-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SoBot\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1B83B1EC-3283-4BD9-AC46-128F510F54FC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
28-09-2019 19:53:16 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
28-09-2019 19:54:00 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
==================== Faulty Device Manager Devices =============
Name: Dispositivo USB de Introdução de Texto
Description: Dispositivo USB de Introdução de Texto
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Dispositivos padrão de sistema)
Service: HidUsb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Dispositivo de sistema base
Description: Dispositivo de sistema base
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/28/2019 03:11:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (09/28/2019 07:45:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.
Error: (09/28/2019 07:45:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 70.
Error: (09/28/2019 07:45:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 70.
Error: (09/28/2019 07:22:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.
Error: (09/28/2019 07:22:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 70.
Error: (09/28/2019 07:22:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 70.
==================== Memory info ===========================
BIOS: innotek GmbH VBOX - 1 12/01/2006
Motherboard: Oracle Corporation VirtualBox
Processor: Intel(R) Pentium(R) CPU G4560 @ 3.50GHz
Percentage of memory in use: 92%
Total physical RAM: 2047.55 MB
Available physical RAM: 154.79 MB
Total Virtual: 5855.11 MB
Available Virtual: 529.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:31.9 GB) (Free:18.36 GB) NTFS
Drive d: (GSP1RMCPRXFREO_PT_DVD) (CDROM) (Total:2.97 GB) (Free:0 GB) UDF
\\?\Volume{7979349d-e1f8-11e9-89ea-806e6f6e6963}\ (Sistema Reservado) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 32 GB) (Disk ID: 63EAF4CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=31.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by SoBot (28-09-2019 20:58:55)
Running from C:\Users\SoBot\Downloads
Windows 7 Professional Service Pack 1 (X64) (2019-09-28 14:12:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3562657316-3913107346-467950137-500 - Administrator - Disabled)
Convidado (S-1-5-21-3562657316-3913107346-467950137-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3562657316-3913107346-467950137-1002 - Limited - Enabled)
SoBot (S-1-5-21-3562657316-3913107346-467950137-1001 - Administrator - Enabled) => C:\Users\SoBot
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Aurox-Global (HKLM-x32\...\Aurox-Global) (Version: - )
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.3.0.8046 - DLL-Files.com Client)
Fortera 12v6 (HKU\S-1-5-21-3562657316-3913107346-467950137-1001\...\Fortera 12v6) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Outbyte PC Repair (HKLM-x32\...\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1) (Version: 1.0.2.4 - Outbyte Computing Pty Ltd)
WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
X-Mouse Button Control 2.18.8 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.18.8 - Highresolution Enterprises)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2019-09-28 19:28 - 2019-09-28 19:28 - 000014848 _____ () [File not signed] C:\Users\SoBot\AppData\Local\Temp\nsv12D3.tmp\InstallOptions.dll
2019-09-28 19:28 - 2019-09-28 19:28 - 000009728 _____ () [File not signed] C:\Users\SoBot\AppData\Local\Temp\nsv12D3.tmp\nsDialogs.dll
2019-09-28 19:28 - 2019-09-28 19:28 - 000010752 _____ () [File not signed] C:\Users\SoBot\AppData\Local\Temp\nsv12D3.tmp\System.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000976677 _____ () [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\libevent-2-1-6.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000328203 _____ () [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssp-0.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000119296 _____ () [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\zlib1.dll
2017-02-08 18:46 - 2019-09-28 19:24 - 000167424 _____ () [File not signed] C:\Users\SoBot\Desktop\Xenobot\lua5.1.dll
2017-02-08 18:46 - 2019-09-28 19:24 - 002198016 _____ () [File not signed] C:\Users\SoBot\Desktop\Xenobot\QtCore4.dll
2017-02-08 18:46 - 2019-09-28 19:24 - 007779328 _____ () [File not signed] C:\Users\SoBot\Desktop\Xenobot\QtGui4.dll
2017-02-08 18:46 - 2019-09-28 19:24 - 000804352 _____ () [File not signed] C:\Users\SoBot\Desktop\Xenobot\QtNetwork4.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000590631 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\libwinpthread-1.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000463872 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\freebl3.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000248320 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\lgpllibs.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 001922560 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\mozavcodec.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000310272 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\mozavutil.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000996352 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\mozglue.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 001951744 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\nss3.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000430080 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\nssckbi.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000225280 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\softokn3.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 092623893 _____ (Mozilla Foundation) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\xul.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 003008269 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\LIBEAY32.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 000817559 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\SoBot\Desktop\Tor Browser\Browser\TorBrowser\Tor\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3562657316-3913107346-467950137-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SoBot\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1B83B1EC-3283-4BD9-AC46-128F510F54FC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
28-09-2019 19:53:16 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
28-09-2019 19:54:00 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
==================== Faulty Device Manager Devices =============
Name: Dispositivo USB de Introdução de Texto
Description: Dispositivo USB de Introdução de Texto
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Dispositivos padrão de sistema)
Service: HidUsb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Dispositivo de sistema base
Description: Dispositivo de sistema base
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/28/2019 03:11:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (09/28/2019 07:45:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.
Error: (09/28/2019 07:45:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 70.
Error: (09/28/2019 07:45:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 70.
Error: (09/28/2019 07:22:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.
Error: (09/28/2019 07:22:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 70.
Error: (09/28/2019 07:22:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 70.
==================== Memory info ===========================
BIOS: innotek GmbH VBOX - 1 12/01/2006
Motherboard: Oracle Corporation VirtualBox
Processor: Intel(R) Pentium(R) CPU G4560 @ 3.50GHz
Percentage of memory in use: 92%
Total physical RAM: 2047.55 MB
Available physical RAM: 154.79 MB
Total Virtual: 5855.11 MB
Available Virtual: 529.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:31.9 GB) (Free:18.36 GB) NTFS
Drive d: (GSP1RMCPRXFREO_PT_DVD) (CDROM) (Total:2.97 GB) (Free:0 GB) UDF
\\?\Volume{7979349d-e1f8-11e9-89ea-806e6f6e6963}\ (Sistema Reservado) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 32 GB) (Disk ID: 63EAF4CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=31.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================