Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:22-11-2015 Executado por Joao (2015-11-23 10:04:05) Executando a partir de C:\Users\Joao\Desktop Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-03-07 16:05:23) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-48089091-2623837105-114055649-500 - Administrator - Disabled) Convidado (S-1-5-21-48089091-2623837105-114055649-501 - Limited - Disabled) Joao (S-1-5-21-48089091-2623837105-114055649-1001 - Administrator - Enabled) => C:\Users\Joao UpdatusUser (S-1-5-21-48089091-2623837105-114055649-1002 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-48089091-2623837105-114055649-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.) Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.) Atualizações da NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation) AutoCAD 2010 - English (HKLM\...\AutoCAD 2010 - English) (Version: 18.0.55.0 - Autodesk) AutoCAD 2010 - English (Version: 18.0.55.0 - Autodesk) Hidden AutoCAD 2010 Language Pack - English (Version: 18.0.55.0 - Autodesk) Hidden Autodesk DWF Viewer (HKLM\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.) Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.7 - Autodesk, Inc.) Compiled Driver Disk(Motorola) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811202}_is1) (Version: 1.0.8.0 - COMPELSON Labs) CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.) DriverEasy 4.9.3 (HKLM\...\DriverEasy_is1) (Version: 4.9.3.0 - Easeware) ESET NOD32 Antivirus (HKLM\...\{A1A01D26-AF53-42C0-9DAE-1BC2FCC68812}) (Version: 8.0.304.0 - ESET, spol s r. o.) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Drive (HKLM\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.) Google SketchUp 8 (HKLM\...\{6B5F92BB-4272-4A69-B39B-EED000BC6192}) (Version: 3.0.14372 - Google, Inc.) Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden HP Deskjet 2050 J510 series Ajuda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard) HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{D63C6E54-882C-478B-91AB-53D1E89C80BA}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{6A653EE1-F8B9-4885-BB4A-E9D9481F626C}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) K-Lite Mega Codec Pack 9.8.0 (HKLM\...\KLiteCodecPack_is1) (Version: 9.8.0 - ) MCESimplificado (HKLM\...\ST6UNST #1) (Version: - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Motorola Device Manager (HKLM\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility) Motorola Device Software Update (Version: 13.09.3001 - Motorola Mobility) Hidden Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{BA562260-B4FA-4D87-ADC5-963783028C68}) (Version: 6.4.0 - Motorola Mobility LLC) Mozilla Firefox 42.0 (x86 pt-BR) (HKLM\...\Mozilla Firefox 42.0 (x86 pt-BR)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NVIDIA Driver de gráficos 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation) OLYMPUS CAMEDIA Master 4.2 (HKLM\...\{30BB4D60-81DB-11D5-BB77-00400536ABAC}) (Version: - ) Painel de controle da NVIDIA 309.08 (Version: 309.08 - NVIDIA Corporation) Hidden Platform (Version: 1.39 - VIA Technologies, Inc.) Hidden QuickTime (HKLM\...\QuickTime) (Version: - ) SketchUp 2015 (HKLM\...\{989CF309-4CB7-49F9-8B77-2CD9E9EE5BF2}) (Version: 15.0.9351 - Trimble Navigation Limited) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VIA Gerenciador de dispositivo de plataforma (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) ==================== Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1002_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1002_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-48089091-2623837105-114055649-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.) ==================== Pontos de Restauração ========================= 18-03-2015 10:42:33 Windows Update 18-11-2015 07:59:58 Instalado Motorola Device Manager ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-14 00:04 - 2009-06-10 19:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {008430B3-D086-47D9-92BB-21EFD94AAE69} - System32\Tasks\Hybrid2 => C:\Trial\IR7\IR7.vbs [2014-12-16] () Task: {08D1D224-627E-4211-B0AB-82EFA6F13757} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-03-07] () Task: {24E8D136-5727-404E-B93F-15A151D4FDB6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated) Task: {3A3C7100-E016-42DE-B9BE-F5699D39563E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.) Task: {44F65EF8-4472-4367-99E0-9EB0272A8DBB} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2015-06-19] (Easeware) Task: {50DAA95C-5C4C-4EF1-ABCD-15393B2DAD5E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {50F32F48-9A8F-4733-B585-A4DEA176289D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bfbc4ad17430 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.) Task: {6203F625-5062-4992-9047-13DC8EA05AA3} - System32\Tasks\GoogleUpdateTaskMachineCore1d08fdd1e7a5b40 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.) Task: {68BC9CC0-6BDC-4D8F-95A2-A4D74DDD3536} - System32\Tasks\GoogleUpdateTaskMachineUA1d08fdd1ea16b40 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.) Task: {7F3D8344-C222-40C6-BE77-DDA2CF135FCA} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f09b10362f40 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.) Task: {8C5F58AC-C031-4A1D-8FC3-56E930BE42CF} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.) Task: {8D3C6B4B-79A9-4599-BDA0-AEBBD0F36CBD} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] () Task: {AE58C562-7E73-4A47-AD96-07AD48C4636B} - System32\Tasks\Hybrid4 => taskkill Task: {B2CF3318-EFA3-4A3D-943B-FA2FF153CB37} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [2012-11-07] (ASUSTek Computer INC.) Task: {CB1CA67F-52BE-4DA0-B755-2DE7980FB2FC} - System32\Tasks\Motorola Device Manager Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] () Task: {DDE36FFE-FE46-4D3C-BBD3-841E0149CB58} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 8.0\upgrade.exe [2015-11-23] (ESET) Task: {E4EA9C9D-A9A6-45E9-B357-0AD62752FF41} - System32\Tasks\IR7 => cmd.exe /c cscript.exe /b C:\Windows\System32\slmgr.vbs /rearm && net stop sppsvc && net start sppsvc Task: {E51D5FE9-2109-4C90-84DE-71FD9E457877} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfbc4aa43a10 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.) Task: {E801D3BB-B9BC-4AE5-B43B-62C4F07F22B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.) Task: {EF1E7C0D-79F7-46EC-B78C-3D332D7D605C} - System32\Tasks\Hybrid3 => taskkill Task: {FF53552A-D679-46C0-9F0E-851F6FBAB2E2} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e4316e25e4e0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fdd1e7a5b40.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfbc4aa43a10.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fdd1ea16b40.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bfbc4ad17430.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e4316e25e4e0.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f09b10362f40.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-03-07 14:37 - 2015-01-30 22:48 - 00078480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2015-03-07 14:28 - 2013-10-23 16:23 - 00089136 _____ () C:\Windows\System32\cpwmon2k.dll 2014-04-07 12:31 - 2014-04-07 12:31 - 00172032 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll 2015-06-26 14:12 - 2012-11-30 18:55 - 00080504 ____R () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll 2015-06-26 14:12 - 2012-11-30 18:55 - 00113272 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll 2015-11-23 08:50 - 2015-11-23 08:50 - 00098816 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32api.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00110080 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\pywintypes27.dll 2015-11-23 08:50 - 2015-11-23 08:50 - 00364544 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\pythoncom27.dll 2015-11-23 08:50 - 2015-11-23 08:50 - 00046080 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_socket.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 01208320 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_ssl.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00320512 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32com.shell.shell.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00776704 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_hashlib.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 01176576 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._core_.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00806400 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._gdi_.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00816128 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._windows_.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 01067008 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._controls_.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00733184 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._misc_.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00682496 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\pysqlite2._sqlite.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00088064 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_ctypes.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00119808 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32file.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00108544 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32security.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00007168 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\hashobjs_ext.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00070144 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\usb_ext.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00167936 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32gui.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00018432 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32event.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00128512 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_elementtree.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00127488 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\pyexpat.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00013824 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\common.time34.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00036864 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_psutil_windows.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00038912 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32inet.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00011264 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32crypt.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00077312 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._html2.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00027136 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_multiprocessing.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00020480 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\_yappi.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00035840 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32process.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00686080 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\unicodedata.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00123392 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._wizard.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00024064 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32pipe.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00010240 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\select.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00025600 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32pdh.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00525640 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\windows._lib_cacheinvalidation.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00017408 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32profile.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00022528 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\win32ts.pyd 2015-11-23 08:50 - 2015-11-23 08:50 - 00078848 _____ () C:\Users\Joao\AppData\Local\Temp\_MEI21762\wx._animate.pyd 2015-07-14 19:20 - 2015-07-14 19:20 - 00756376 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-48089091-2623837105-114055649-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Joao\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 189.7.152.31 - 189.7.152.36 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{DBD0B6DC-49F0-4324-A90F-0F3EF8AB359D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{FA390469-8A4E-424A-B519-C31BAEECAF52}] => (Allow) C:\Users\Joao\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{469C854E-73A9-4E33-BE9A-1CB9D63C7019}] => (Allow) C:\Users\Joao\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DF6142EE-0FB6-4590-A4B8-8F8ED4772F2B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6168941D-A323-44B6-AFC7-17FB702558DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{BF315A00-69E9-4CF5-99B9-E689940A4D94}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{29B8FBB8-D293-4E05-B8F5-42BEBE04BA96}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{4806AB59-946E-4B48-B1F5-AAA9946F8BB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{87233FF3-4309-451F-A57A-A0D827D5C687}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{85CCBD93-7770-4913-894A-82E304577B69}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe FirewallRules: [{6A2CE696-3493-44C9-B83B-7FFB7D571D76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6008F17E-65A9-49EA-BB42-EC6D86C694BD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{5495DB25-2526-484B-99CB-72393B679A88}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (11/23/2015 08:52:05 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/23/2015 08:50:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: AutoKMS.exe, versão: 2.5.2.0, carimbo de hora: 0x53c9a9a0 Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.18847, carimbo de hora: 0x554d7b00 Código de exceção: 0xe0434352 Deslocamento com falha: 0x0000812f Identificação do processo com falha: 0x650 Hora de início do aplicativo com falha: 0xAutoKMS.exe0 Caminho do aplicativo com falha: AutoKMS.exe1 FCaminho do módulo de falhas: AutoKMS.exe2 Identificação do Relatório: AutoKMS.exe3 Error: (11/23/2015 08:50:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: AutoKMS.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.ComponentModel.Win32Exception Pilha: em System.Diagnostics.EventLogInternal.get_EntryCount() em System.Diagnostics.EventLogInternal.GetEntryAtNoThrow(Int32) em System.Diagnostics.EventLogEntryCollection+EntriesEnumerator.MoveNext() em ..(.) em ..(.) em ..() Error: (11/23/2015 07:55:33 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/21/2015 11:59:59 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/20/2015 05:12:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/20/2015 00:19:40 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (11/20/2015 00:18:47 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (11/20/2015 10:56:23 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/19/2015 05:06:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Erros de Sistema: ============= Error: (11/23/2015 08:50:16 AM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x0000000a (0x898c3000, 0x00000000, 0x00000000, 0x82cd21a1)C:\Windows\MEMORY.DMP112315-9344-01 Error: (11/23/2015 08:50:15 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 07:57:43 às ‎23/‎11/‎2015 não era esperado. Error: (11/20/2015 05:14:43 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Falha inesperada. Erro: D@01010004 Error: (11/20/2015 05:14:43 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Falha inesperada. Erro: D@01010004 Error: (11/20/2015 05:14:43 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Falha inesperada. Erro: D@01010004 Error: (11/19/2015 07:54:02 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 07:38:20 às ‎19/‎11/‎2015 não era esperado. Error: (11/16/2015 08:08:33 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 07:58:11 às ‎16/‎11/‎2015 não era esperado. Error: (11/12/2015 00:05:41 PM) (Source: volsnap) (EventID: 36) (User: ) Description: As cópias de sombra do volume C: foram anuladas porque o armazenamento de cópia de sombra não pôde crescer devido a um limite imposto pelo usuário. Error: (11/10/2015 03:35:30 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 15:32:35 às ‎10/‎11/‎2015 não era esperado. Error: (11/09/2015 08:14:31 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 08:06:09 às ‎09/‎11/‎2015 não era esperado. CodeIntegrity: =================================== Date: 2015-03-18 13:14:47.187 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-18 13:14:47.150 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-18 13:14:47.113 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-18 13:14:47.076 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-18 13:14:45.534 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-03-18 13:14:45.498 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-03-18 13:14:45.461 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-03-18 13:14:45.424 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-03-08 17:45:04.772 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-08 17:45:04.679 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_591283e7109a2658\appid.sys because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: AMD Athlon(tm) II X4 620 Processor Percentagem de memória em uso: 68% RAM física total: 1791.43 MB RAM física disponível: 567.75 MB Virtual Total: 3582.86 MB Virtual disponível: 1845.9 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:55.56 GB) (Free:23.97 GB) NTFS Drive d: () (Fixed) (Total:443.23 GB) (Free:433.95 GB) NTFS Drive e: () (Fixed) (Total:488.18 GB) (Free:424.11 GB) NTFS Drive g: (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: AC659FBA) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=55.6 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1C98BFAE) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=488.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================