Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01 Executado por user (2016-04-03 00:40:06) Executando a partir de C:\Users\user\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2015-10-01 13:17:03) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-477325340-1462177856-3662902613-500 - Administrator - Disabled) Convidado (S-1-5-21-477325340-1462177856-3662902613-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-477325340-1462177856-3662902613-1002 - Limited - Enabled) user (S-1-5-21-477325340-1462177856-3662902613-1000 - Administrator - Enabled) => C:\Users\user ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.) 4 Elements (HKLM-x32\...\4 Elements_is1) (Version: 1.0 - GameTop Pte. Ltd.) Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated) Apple Mobile Device Support (HKLM\...\{316BFAA9-B213-4A4C-AF39-AC4D7EA99B54}) (Version: 9.0.0.26 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BS Player ControlBar B Toolbar for IE (HKLM-x32\...\IECT3329621) (Version: 6.23.0.9 - BS Player ControlBar B) <==== ATENÇÃO BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.) Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) DWA-132 (HKLM-x32\...\{9899B8B5-C656-4816-903C-29C4185BF674}) (Version: 1.00.0000 - D-Link) European Mystery The Face of Envy Collectors 1.00 (HKLM-x32\...\European Mystery The Face of Envy Collectors 1.00) (Version: 1.00 - Games) Farm Frenzy Hurricane Season (HKLM-x32\...\Farm Frenzy Hurricane Season1.1) (Version: 1.1 - Foxy Games) FarmFrenzy 3 American Pie (HKLM-x32\...\FarmFrenzy 3 American Pie) (Version: - ) FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - Solvusoft Corporation) Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard) HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{78F1A88C-5322-4DF7-BDCF-9AB8F5F4041C}) (Version: 1.0.9.0 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{CAF5FFBA-8F3B-409C-9126-74DF66A036DF}) (Version: 12.0.30.219 - Hewlett-Packard Company) iTunes (HKLM\...\{6F7260CC-8ECE-4C72-9415-AB1F608BB80A}) (Version: 12.3.0.44 - Apple Inc.) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Luxor Amun Rising (HKLM-x32\...\Luxor Amun Rising) (Version: - ) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mystery Case Files 12 Key To Ravenhearst CE 1.0 (HKLM-x32\...\Mystery Case Files 12 Key To Ravenhearst CE 1.0) (Version: 1.0 - Èãðû íà Cat-A-Cat.NET) Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Popcorn Time (HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\Popcorn Time) (Version: - Popcorn Official) ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.) Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: - CMI Limited) <==== ATENÇÃO Remote Mouse version 2.803 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.803 - Remote Mouse) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Sonic Train (HKLM-x32\...\Sonic Train) (Version: 2.0.5767.19322 - Sonic Train) <==== ATENÇÃO Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony) Super Mario Bros. X version 1.3 (HKLM-x32\...\{C9EAEE6B-741F-421D-B9CE-9FA300DA92AD}_is1) (Version: 1.3 - SuperMarioBrothers.org) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.) The Desktop Weather 2.0.1.11245 (HKLM\...\WeatherTool) (Version: 2.0.1.11245 - ShenZhen Enode Techology co,.Ltd) <==== ATENÇÃO The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.62.153 - Electronic Arts) The Sims™ 3 Acelerando Coleção de Objetos (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts) The Sims™ 3 Ambições (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts) The Sims™ 3 Caindo na Noite (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts) The Sims™ 3 Cinema Coleção de Objetos (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts) The Sims™ 3 Estações (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts) The Sims™ 3 Gerações (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts) The Sims™ 3 Ilha Paradisíaca (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts) The Sims™ 3 Katy Perry Mundo Doce (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts) The Sims™ 3 No Futuro (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts) The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts) The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts) The Sims™ 3 Sobrenatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts) The Sims™ 3 Suíte de Luxo Coleção de Objetos (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts) The Sims™ 3 Vida ao Ar Livre Coleção de Objetos (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts) The Sims™ 3 Vida em Alto Estilo Coleção de Objetos (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts) The Sims™ 3 Vida Universitária (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts) The Sims™ 3 Vida Urbana Coleção de Objetos (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts) The Sims™ 3 Volta ao Mundo (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts) Theme Hospital (HKLM-x32\...\Theme Hospital_is1) (Version: - GOG.com) Tools Assist (HKLM-x32\...\{241FEF6D-4E0C-4EF1-A884-20C42E414A65}) (Version: 1.0.0.61 - Jinju Wang) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Zuma Deluxe RA (HKLM-x32\...\Zuma Deluxe RA) (Version: - ) Zuma's Revenge (HKLM-x32\...\Zuma's Revenge) (Version: - ) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0B644287-5A7E-4AE2-A6F8-66275E29E2F2} - System32\Tasks\HPCeeScheduleForuser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {257ABFC0-B770-4AA4-BDA1-6A7CBC739EB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {2C9D6BBA-AF13-43ED-A818-43B68B071599} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe Task: {352F79C0-1813-4FAC-A92E-76913999A0AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-12] (Google Inc.) Task: {45547557-0C2B-4776-845D-E29F2F4F1140} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {4799CE37-93C5-4487-B2A9-A55B730683BA} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe [2016-03-29] () Task: {492A8D05-1C02-4B90-B389-F598E2AEDEDB} - System32\Tasks\{89609BFF-EACC-4F9F-B5CA-C5CD3E6C17F7} => C:\Program Files (x86)\ToolsAssist\toolserv.exe [2015-11-16] () Task: {51CB4146-998A-42F4-BBEE-55C8738A7E09} - System32\Tasks\{0AF5FC4A-9504-416B-99BF-188E03EBC805} => pcalua.exe -a "C:\Users\user\Downloads\Mystery Case Files 12 Key To Ravenhearst CE.exe" -d C:\Users\user\Downloads Task: {51FC9B97-28C2-4D1D-9DD6-2448DFA938CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {6A699756-F1ED-408C-A81D-36CD732F190C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-01-06] (HP Inc.) Task: {77D73E0B-B22B-4E8D-AF2E-054103D06269} - System32\Tasks\{37498C2E-F251-4C86-B746-64C225300E92} => pcalua.exe -a "C:\Users\user\Downloads\Zuma deluxe PC FULL Game + Crack AMW3\Zuma Deluxe! v1.0 (crack).exe" -d "C:\Users\user\Downloads\Zuma deluxe PC FULL Game + Crack AMW3" Task: {88F6B9AD-C274-440E-8514-8E7B76842919} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-02-18] (Hewlett-Packard) Task: {977BFEA3-C434-48F3-A06E-0AF10A4C2B69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-12] (Google Inc.) Task: {9FE6577C-556D-47D4-8C4E-9E679BDFFF66} - System32\Tasks\{381F0057-BDAF-4F53-B5E8-12A928588A04} => C:\Users\user\Desktop\Jogos\OneLateNight.exe [2015-11-17] () Task: {A723A74A-DE80-4027-AECC-7F8A36729014} - System32\Tasks\{D9463B49-ED45-4A94-8F69-DACF22561940} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.21.0.100&LastError=-3 Task: {A745F143-A5D6-4960-B703-DFB74678FA87} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard) Task: {A77A9366-4A23-4A16-8558-AA0BE1D2B350} - System32\Tasks\{7CE4566F-F0E1-402F-850F-3F00C241E5D2} => C:\Users\user\Downloads\iTunes6464Setup.exe Task: {AEDD04AC-04BD-4E5A-B45F-A27B242469FB} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2015-10-01] () Task: {BEDC2074-9872-4213-8E7F-41E74624C846} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-12-01] (CyberLink) Task: {C23562B0-C8CA-4764-8773-3D5C82456FD7} - System32\Tasks\{A1D19200-87CD-4769-A454-7F0968B6F7BC} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.21.0.100&LastError=-3 Task: {C6D8C77A-5F46-46CF-A23A-211E2724D224} - System32\Tasks\{66731B69-81E9-47C9-95F5-07729AE98795} => C:\Users\user\Downloads\iTunes6464Setup.exe Task: {CBAE2B7E-5A7C-4D2E-B2B9-8D8B9239C2A7} - System32\Tasks\{55127CB9-85EE-4D69-8CAF-9A4F8D908969} => pcalua.exe -a "C:\Users\user\Desktop\Left4Dead 2\Left 4 Dead 2\#Support#\vcredist_x86\vcredist_x86.exe" -d "C:\Users\user\Desktop\Left4Dead 2\Left 4 Dead 2" -c /q Task: {E30E7231-CC5E-4FAF-9B07-C66CA3B2C9C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard) Task: {E8321E98-AA63-4781-9D35-9278A5276711} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard) Task: {EB747325-7D19-48D8-8C33-2006D4E50053} - System32\Tasks\{2FA1D10C-DAB2-4235-A110-C96EB9BC3A3C} => pcalua.exe -a "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AUX5T8GB\chromeinstall-8u77.exe" -d C:\Users\user\Desktop Task: {EEAF52C3-F009-44FE-89F6-B1B3C5CFB3A6} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-03-31] () Task: {FDD4DD92-FEA5-4B67-AFDE-BC5752D90519} - System32\Tasks\{39588182-BC81-46E9-8C20-1C818CA852C4} => pcalua.exe -a D:\setup.exe -d D:\ (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForuser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\{89609BFF-EACC-4F9F-B5CA-C5CD3E6C17F7}.job => C:\Program Files (x86)\ToolsAssist\toolserv.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2016-03-21 00:52 - 2016-03-21 00:52 - 01049736 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11245\WeatherEntryDll.dll 2016-04-02 22:21 - 2016-04-02 22:21 - 00386560 _____ () C:\Program Files (x86)\AAB7A280-1459650621-1015-AE48-D9BE395374E3\knsgEE6E.tmpfs 2016-04-02 23:30 - 2016-04-02 23:30 - 00138240 _____ () C:\Program Files (x86)\AAB7A280-1459650621-1015-AE48-D9BE395374E3\hnsq21E4.tmp 2016-04-02 23:30 - 2016-04-02 23:30 - 00389632 _____ () C:\Program Files (x86)\AAB7A280-1459650621-1015-AE48-D9BE395374E3\jnsq9D0.tmp 2015-10-28 15:52 - 2015-10-28 15:52 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe 2016-03-21 00:51 - 2016-03-21 00:51 - 00141960 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11245\WeatherService.exe 2015-10-09 00:03 - 2013-01-17 18:32 - 00318976 _____ () C:\Program Files (x86)\D-Link\DWA-132\WPSHWPBC.exe 2016-04-03 00:02 - 2016-03-31 16:28 - 02041856 _____ () C:\ProgramData\WindowsMsg\osmsg.exe 2016-01-08 19:00 - 2015-06-10 09:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe 2015-09-23 16:47 - 2015-09-23 16:47 - 00073512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2015-09-23 16:47 - 2015-09-23 16:47 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2016-03-21 00:51 - 2016-03-21 00:51 - 00543368 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11245\EVPTask.dll 2016-03-21 00:51 - 2016-03-21 00:51 - 00406664 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11245\EVPNet.dll 2016-03-21 00:51 - 2016-03-21 00:51 - 00428680 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11245\EVPDR.dll 2016-01-08 19:00 - 2012-04-30 09:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2016-01-08 19:00 - 2015-10-20 16:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2016-03-05 16:00 - 2015-05-26 19:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll 2009-12-01 20:49 - 2009-12-01 20:49 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll 2016-03-30 19:52 - 2016-03-27 04:58 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libglesv2.dll 2016-03-30 19:52 - 2016-03-27 04:58 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2016-04-02 23:28 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-477325340-1462177856-3662902613-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{CB123A86-7B52-4530-B78F-5CAB884B69D6}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe FirewallRules: [{78F9BB13-A630-4F63-A0CD-954FEDF77F6A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe FirewallRules: [{C36D604F-FE56-42A1-8544-71633068FB23}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe FirewallRules: [{32665500-B810-44F2-8102-4389E43A0854}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe FirewallRules: [{348CA772-91B2-46DA-8F05-DDD33B3E0E65}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe FirewallRules: [TCP Query User{E841F3C4-437A-483B-83AC-DB07D00BA0DB}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe FirewallRules: [UDP Query User{859EC7C1-C9AE-42AF-ABF4-3BA9E485A248}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe FirewallRules: [{98107DCA-6D80-4D62-A25A-4635B090068E}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C17E67D6-30B7-42A0-ABB2-79A9C9641B06}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2F58136B-A058-4C63-B404-91D910D76EA9}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E96E41F8-7410-4EB7-889E-42865CAF34A3}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0998D3A1-F8F3-4CA8-8813-8AB827A6D420}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E24B88B1-8152-4048-8B8D-3110C3B6E496}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D2D8C415-5604-4C1F-B788-2D0F1C82C322}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{37C90DE5-E77A-4D49-A895-0D1483FAEA82}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{53875931-3820-45E0-A50A-83DB87DA6937}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{30423803-AC58-4E58-BE26-E09DDE225FB8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FA11F7F5-3210-47E0-9FCE-2F8973C8BF4A}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [TCP Query User{E0C6EF5E-B3D7-48CD-8231-886A814C5C87}C:\users\user\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\user\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{E262FBFC-C493-43E1-BE0F-D8339B4C24C4}C:\users\user\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\user\appdata\local\popcorn time\nw.exe FirewallRules: [{A48AFFE5-FB75-4ECD-A838-565DD17D6B6B}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe FirewallRules: [{5E2F2E55-7FE5-4756-9A7A-E12FACD1A375}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe FirewallRules: [TCP Query User{975F7DFD-FADE-45DE-ACF8-82EB12ADBB8D}C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe FirewallRules: [UDP Query User{D744D407-982E-4871-93CF-9556AAE00013}C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe FirewallRules: [TCP Query User{86A7B26A-B24C-4589-BF4B-7283FF02C2CC}C:\users\user\desktop\left4dead 2\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\user\desktop\left4dead 2\left 4 dead 2\left4dead2.exe FirewallRules: [UDP Query User{330F9922-BA54-4F16-92AE-C4A50B125CE8}C:\users\user\desktop\left4dead 2\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\user\desktop\left4dead 2\left 4 dead 2\left4dead2.exe FirewallRules: [TCP Query User{DB9E7FE8-FD15-445F-AB40-237FF8640449}C:\users\user\desktop\programas\left4dead 2\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\user\desktop\programas\left4dead 2\left 4 dead 2\left4dead2.exe FirewallRules: [UDP Query User{0208F81D-084E-450E-99EB-55E176FFE961}C:\users\user\desktop\programas\left4dead 2\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\user\desktop\programas\left4dead 2\left 4 dead 2\left4dead2.exe FirewallRules: [{D89C21F1-A0F3-45B3-A593-5910FB2D1AF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8D2C7A86-E3EF-406C-BFE3-D52A2F07CEB8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{82267C88-94C9-467B-BD92-6FB14373731F}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe FirewallRules: [UDP Query User{4A2189FB-E424-423B-9BC7-A08BD8116245}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe FirewallRules: [{C2AFC5AA-030F-4C7F-B36A-8393C591E189}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe FirewallRules: [{59971001-A91D-4E31-BBD1-A49F260B2B0F}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe FirewallRules: [{F4620762-617D-4E26-88B2-CBB7EA41009B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= 25-03-2016 03:00:10 Windows Update 02-04-2016 09:55:30 Ponto de Verificação Agendado 03-04-2016 00:12:13 Removeu League of Legends ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: wfdrvr_vt_1_10_0_28 Description: wfdrvr_vt_1_10_0_28 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wfdrvr_vt_1_10_0_28 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (04/03/2016 12:39:37 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa FRST64.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 860 Hora de Início: 01d18d5a5b5534ab Hora de Término: 10 Caminho do Aplicativo: C:\Users\user\Downloads\FRST64.exe Id do Relatório: Error: (04/03/2016 12:22:23 AM) (Source: MsiInstaller) (EventID: 1002) (User: user-PC) Description: Valor inesperado ou ausente (nome: 'PackageName', valor: '') na chave 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList' Error: (04/02/2016 11:41:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: ED72.tmp, versão: 1.0.0.0, carimbo de hora: 0x56c02ba3 Nome do módulo de falhas: ED72.tmp, versão: 1.0.0.0, carimbo de hora: 0x56c02ba3 Código de exceção: 0xc0000005 Deslocamento com falha: 0x000266a0 Identificação do processo com falha: 0xbbc Hora de início do aplicativo com falha: 0xED72.tmp0 Caminho do aplicativo com falha: ED72.tmp1 FCaminho do módulo de falhas: ED72.tmp2 Identificação do Relatório: ED72.tmp3 Error: (04/02/2016 11:41:37 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: O Windows não pode acessar o arquivo por um destes motivos: há um problema de conexão com a rede, o disco no qual o arquivo está armazenado ou nos drivers de armazenamento instalados neste computador, ou o disco está ausente. O Windows fechou o programa U por causa desse erro. Programa: U Arquivo: O valor do erro está listado na seção Dados Adicionais. Ação do Usuário 1. Abra o arquivo novamente. Esta situação pode ser um problema temporário corrigida quando o programa é executado novamente. 2. Se o arquivo ainda não puder ser acessado e - não estiver na rede, o administrador da rede deverá verificar se não há um problema com a rede e se o servidor puder ser contatado. - Está em um disco removível, por exemplo, um disquete ou CD-ROM, verifique se o disco está completamente inserido no computador. 3. Verifique e repare o sistema de arquivos ao executar CHKDSK. Para executar CHKDSK, clique em Iniciar, clique em Executar, digite CMD e clique em OK. No prompt de comando, digite CHKDSK /F e pressione ENTER. 4. Se o problema persistir, restaure o arquivo de uma cópia de backup. 5. Determine se outros arquivos no mesmo disco podem ser abertos. Em caso negativo, o disco pode estar danificado. Se for um disco rígido, contate o administrador ou o fornecedor de hardware do computador para obter assistência adicional. Dados Adicionais Valor do erro: 00000000 Tipo de disco: 0 Error: (04/02/2016 11:41:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: ED71.tmp, versão: 1.0.0.0, carimbo de hora: 0x56fe9461 Nome do módulo de falhas: ED71.tmp, versão: 1.0.0.0, carimbo de hora: 0x56fe9461 Código de exceção: 0xc0000096 Deslocamento com falha: 0x0001aaf7 Identificação do processo com falha: 0x165c Hora de início do aplicativo com falha: 0xED71.tmp0 Caminho do aplicativo com falha: ED71.tmp1 FCaminho do módulo de falhas: ED71.tmp2 Identificação do Relatório: ED71.tmp3 Error: (04/02/2016 11:41:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: ED6E.tmp, versão: 0.0.0.0, carimbo de hora: 0x57007fd9 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.19160, carimbo de hora: 0x56bcd51f Código de exceção: 0xc0000005 Deslocamento com falha: 0x00041a9a Identificação do processo com falha: 0xbc0 Hora de início do aplicativo com falha: 0xED6E.tmp0 Caminho do aplicativo com falha: ED6E.tmp1 FCaminho do módulo de falhas: ED6E.tmp2 Identificação do Relatório: ED6E.tmp3 Error: (04/02/2016 11:41:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: ED6B.tmp, versão: 0.0.0.0, carimbo de hora: 0x4f47e2e4 Nome do módulo de falhas: ED6B.tmp, versão: 0.0.0.0, carimbo de hora: 0x4f47e2e4 Código de exceção: 0xc0000005 Deslocamento com falha: 0x0000632d Identificação do processo com falha: 0xc2c Hora de início do aplicativo com falha: 0xED6B.tmp0 Caminho do aplicativo com falha: ED6B.tmp1 FCaminho do módulo de falhas: ED6B.tmp2 Identificação do Relatório: ED6B.tmp3 Error: (04/02/2016 11:28:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: SevenZip-apset.exe, versão: 3.0.0.154, carimbo de hora: 0x57007f47 Nome do módulo de falhas: SevenZip-apset.exe, versão: 3.0.0.154, carimbo de hora: 0x57007f47 Código de exceção: 0xc0000005 Deslocamento com falha: 0x000011ce Identificação do processo com falha: 0x1018 Hora de início do aplicativo com falha: 0xSevenZip-apset.exe0 Caminho do aplicativo com falha: SevenZip-apset.exe1 FCaminho do módulo de falhas: SevenZip-apset.exe2 Identificação do Relatório: SevenZip-apset.exe3 Error: (04/02/2016 11:28:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: Setup__2140_il13.exe, versão: 4.0.16.6, carimbo de hora: 0x56fe2c2d Nome do módulo de falhas: Setup__2140_il13.exe, versão: 4.0.16.6, carimbo de hora: 0x56fe2c2d Código de exceção: 0xc0000005 Deslocamento com falha: 0x000019a4 Identificação do processo com falha: 0xad4 Hora de início do aplicativo com falha: 0xSetup__2140_il13.exe0 Caminho do aplicativo com falha: Setup__2140_il13.exe1 FCaminho do módulo de falhas: Setup__2140_il13.exe2 Identificação do Relatório: Setup__2140_il13.exe3 Error: (04/02/2016 11:17:33 PM) (Source: MsiInstaller) (EventID: 1002) (User: user-PC) Description: Valor inesperado ou ausente (nome: 'PackageName', valor: '') na chave 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList' Erros de Sistema: ============= Error: (04/03/2016 12:15:56 AM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR1. Error: (04/03/2016 12:15:52 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: wfdrvr_vt_1_10_0_28 Error: (04/03/2016 12:15:46 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (04/03/2016 12:15:46 AM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (04/03/2016 12:08:46 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (04/03/2016 12:07:55 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 42. O estado do erro interno é 250. Error: (04/03/2016 12:02:19 AM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR1. Error: (04/02/2016 11:28:36 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço Winsere está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (04/02/2016 11:28:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço ggbugreport está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (04/02/2016 11:16:46 PM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 42. O estado do erro interno é 250. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz Percentagem de memória em uso: 45% RAM física total: 4094.18 MB RAM física disponível: 2237.34 MB Virtual Total: 8186.57 MB Virtual disponível: 6125.75 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:572.21 GB) NTFS Drive d: (Sims3EP11) (CDROM) (Total:6.15 GB) (Free:0 GB) UDF Drive g: (20110629_0455) (CDROM) (Total:1.33 GB) (Free:0 GB) CDFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7DAC2807) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================