Segue os relatorios !
- FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2015
Ran by ADM (administrator) on PC on 13-02-2015 12:29:16
Running from C:\Users\Public\Documents\Documents\Desktop
Loaded Profiles: ADM (Available profiles: ADM)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Português (Brasil)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(FSPro Labs) C:\Program Files\My Lockbox\mylbx.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-06-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [2303752 2014-10-08] (FSPro Labs)
HKU\S-1-5-21-154245746-4024786111-2166681138-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-154245746-4024786111-2166681138-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2426144 2014-11-25] (IObit)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-154245746-4024786111-2166681138-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-154245746-4024786111-2166681138-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\ADM\AppData\Roaming\Mozilla\Firefox\Profiles\19aegtrn.default
FF Homepage: www.terra.com.br
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\ADM\AppData\Roaming\Mozilla\Firefox\Profiles\19aegtrn.default\Extensions\[email]iobitascsurfingprotection@iobit.com[/email] [2014-11-28]
FF Extension: DolarHoje - C:\Users\ADM\AppData\Roaming\Mozilla\Firefox\Profiles\19aegtrn.default\Extensions\[email]jid0-7gwDdlcXMu0AyBsMQvCuZ1XMDbE@jetpack.xpi[/email] [2014-12-12]
FF Extension: Google Translator for Firefox - C:\Users\ADM\AppData\Roaming\Mozilla\Firefox\Profiles\19aegtrn.default\Extensions\[email]translator@zoli.bod.xpi[/email] [2014-11-14]
FF Extension: ProfilePassword-Firefox - C:\Users\ADM\AppData\Roaming\Mozilla\Firefox\Profiles\19aegtrn.default\Extensions\{b9615918-d3de-44a4-ab65-76df7ea1f1c1}.xpi [2014-11-13]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{googleageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-07]
CHR Extension: (YouTube) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-07]
CHR Extension: (Pesquisa do Google) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-07]
CHR Extension: (Google Wallet) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-07]
CHR Extension: (Gmail) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-07]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [51760 2011-06-03] (FSPro Labs)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [88992 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [166816 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110624 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [125216 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [40192 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [96160 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [61984 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [121888 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [288032 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [208800 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [109856 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [244000 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [96928 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [139536 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [105232 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [168208 2014-10-02] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [113936 2014-10-02] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [124688 2014-10-02] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [100112 2014-10-13] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [48736 2014-03-25] (Panda Security, S.L.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-13 05:55 - 2015-02-13 08:47 - 00000020 _____ () C:\Users\ADM\AppData\Roaming\appdataFr3.bin
2015-02-13 05:48 - 2014-03-25 10:15 - 00048736 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-02-13 00:18 - 2015-02-13 00:18 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-02-13 00:15 - 2015-02-13 10:29 - 00000000 ____D () C:\Users\ADM\AppData\Roaming\ZHP
2015-02-13 00:15 - 2015-02-13 00:18 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-02-13 00:15 - 2015-02-13 00:15 - 00000000 ____D () C:\Users\Todos os Usuários\ProductData
2015-02-13 00:15 - 2015-02-13 00:15 - 00000000 ____D () C:\ProgramData\ProductData
2015-02-13 00:15 - 2015-02-13 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-02-13 00:14 - 2015-02-13 00:14 - 06874603 _____ (Nicolas Coolman ) C:\ZHPDiag2.exe
2015-02-12 22:25 - 2015-02-13 11:31 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-12 22:25 - 2015-02-13 05:48 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-12 22:23 - 2015-02-12 22:23 - 00000000 ____D () C:\Users\ADM\AppData\Roaming\ProductData
2015-02-12 22:06 - 2015-02-12 21:42 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-12 20:36 - 2015-02-12 22:22 - 00025167 _____ () C:\zoek-results.log
2015-02-12 20:33 - 2015-02-12 22:22 - 00000000 ____D () C:\zoek_backup
2015-02-12 11:07 - 2015-02-12 11:20 - 00000000 ____D () C:\AdwCleaner
2015-02-12 06:13 - 2015-02-13 05:47 - 00000392 _____ () C:\Windows\setupact.log
2015-02-12 06:13 - 2015-02-12 22:22 - 00001016 _____ () C:\Windows\PFRO.log
2015-02-12 06:13 - 2015-02-12 06:13 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-12 00:42 - 2015-02-13 12:29 - 00000000 ____D () C:\FRST
2015-02-11 15:28 - 2015-01-23 00:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-11 15:28 - 2015-01-23 00:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-10 19:45 - 2015-01-15 04:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 19:45 - 2015-01-15 04:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 19:45 - 2015-01-15 04:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 19:45 - 2015-01-15 04:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 19:45 - 2015-01-15 04:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 19:45 - 2015-01-15 04:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 19:45 - 2015-01-15 04:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 19:45 - 2015-01-15 04:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 19:45 - 2015-01-15 04:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 19:45 - 2015-01-15 04:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 19:45 - 2015-01-15 04:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 19:45 - 2015-01-15 01:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 19:45 - 2015-01-08 22:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 19:44 - 2015-01-14 02:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-10 19:44 - 2015-01-14 02:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 19:43 - 2015-01-14 02:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 19:43 - 2015-01-11 23:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 19:43 - 2015-01-11 23:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 19:43 - 2015-01-11 23:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 19:43 - 2015-01-11 23:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 19:43 - 2015-01-11 23:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 19:43 - 2015-01-11 23:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 19:43 - 2015-01-11 23:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 19:43 - 2015-01-11 23:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 19:43 - 2015-01-11 23:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 19:43 - 2015-01-11 22:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 19:43 - 2015-01-11 22:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 19:43 - 2015-01-11 22:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 19:43 - 2015-01-11 22:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 19:43 - 2015-01-11 22:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 19:43 - 2015-01-11 22:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 19:43 - 2015-01-11 22:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 19:43 - 2015-01-11 22:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 19:43 - 2015-01-11 22:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 19:43 - 2015-01-11 22:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 19:43 - 2015-01-11 22:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 19:43 - 2015-01-11 22:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 19:43 - 2015-01-11 22:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 19:43 - 2015-01-11 22:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 19:43 - 2015-01-11 22:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 19:43 - 2015-01-11 22:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 19:43 - 2015-01-11 21:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 19:43 - 2015-01-11 21:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 19:43 - 2015-01-10 03:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 19:43 - 2015-01-10 03:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 19:43 - 2015-01-10 03:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 19:43 - 2015-01-10 03:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 19:43 - 2015-01-10 03:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 19:43 - 2015-01-10 03:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 19:43 - 2015-01-10 03:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 19:43 - 2014-11-26 00:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 19:39 - 2015-01-12 23:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 19:39 - 2014-12-12 02:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 19:39 - 2014-12-07 23:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 19:39 - 2014-07-06 22:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-10 19:39 - 2014-07-06 22:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-07 23:31 - 2015-02-07 23:32 - 00000000 ____D () C:\Program Files\ezAutoCorrect for GMail
2015-02-04 23:16 - 2015-02-04 23:16 - 00000079 _____ () C:\Program Files\prefs.js
2015-02-04 16:02 - 2015-02-04 16:02 - 00000000 ____D () C:\Users\Todos os Usuários\AdPunisher
2015-02-04 16:02 - 2015-02-04 16:02 - 00000000 ____D () C:\ProgramData\AdPunisher
2015-02-04 07:01 - 2015-02-04 07:01 - 00000000 ____D () C:\Program Files\TransferBigFilescom Gmail Extension
2015-02-01 00:52 - 2015-02-01 00:52 - 00000000 ____D () C:\Program Files\Tumblr Collage
2015-01-27 01:13 - 2015-01-27 01:18 - 00000000 ____D () C:\Users\ADM\AppData\Roaming\Skype
2015-01-27 01:13 - 2015-01-27 01:15 - 00000000 ___RD () C:\Program Files\Skype
2015-01-27 01:13 - 2015-01-27 01:13 - 00000000 ____D () C:\Users\Todos os Usuários\Skype
2015-01-27 01:13 - 2015-01-27 01:13 - 00000000 ____D () C:\Users\ADM\AppData\Local\Skype
2015-01-27 01:13 - 2015-01-27 01:13 - 00000000 ____D () C:\ProgramData\Skype
2015-01-27 01:13 - 2015-01-27 01:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-27 01:13 - 2015-01-27 01:13 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-01-26 14:33 - 2015-02-04 23:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-26 10:15 - 2007-05-27 12:36 - 00000000 ____D () C:\cs_rio_-_1.6
2015-01-25 21:22 - 2015-01-25 21:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-25 21:22 - 2015-01-25 21:22 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-25 21:21 - 2015-01-25 21:21 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-25 21:21 - 2015-01-25 21:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-25 21:05 - 2015-02-13 12:17 - 01741862 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 19:10 - 2015-01-25 19:10 - 00000000 ____D () C:\Program Files\OverTask
2015-01-25 14:48 - 2015-01-25 14:48 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-19 18:32 - 2015-01-19 18:32 - 00000000 ____D () C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-19 18:31 - 2015-01-19 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-01-19 18:29 - 2015-01-19 18:31 - 00000000 ____D () C:\Program Files\Counter-Strike 1.6
2015-01-18 16:58 - 2015-01-19 11:30 - 00000000 ____D () C:\Program Files\Clear Cache
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-13 12:17 - 2014-11-11 13:00 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-13 07:52 - 2009-07-14 01:34 - 00031808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-13 07:52 - 2009-07-14 01:34 - 00031808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-13 05:47 - 2009-07-14 01:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-12 22:33 - 2014-11-07 20:14 - 00002134 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-12 08:54 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\rescache
2015-02-12 06:21 - 2014-11-07 19:13 - 00000000 ____D () C:\Users\ADM
2015-02-11 18:46 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-11 01:42 - 2009-07-14 01:33 - 00374912 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 01:40 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2015-02-11 01:24 - 2014-11-11 11:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 01:20 - 2014-11-11 11:08 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-05 09:41 - 2014-11-11 13:00 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 09:41 - 2014-11-11 13:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-03 20:13 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-02-03 20:12 - 2014-11-28 23:49 - 00000000 ____D () C:\Users\ADM\AppData\Roaming\IObit
2015-02-03 20:12 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\registration
2015-02-03 20:12 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\AppCompat
2015-01-31 18:15 - 2014-11-11 13:12 - 00000000 ____D () C:\Users\ADM\AppData\Local\Microsoft Help
2015-01-27 00:54 - 2009-07-14 01:53 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-26 20:43 - 2014-11-11 13:07 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-25 21:53 - 2014-11-28 23:57 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 21:29 - 2014-11-11 12:59 - 00000000 ____D () C:\Users\ADM\AppData\Local\Adobe
2015-01-25 21:05 - 2014-12-20 21:13 - 42565632 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2015-01-25 21:05 - 2014-12-20 21:13 - 00274432 _____ () C:\Windows\system32\config\DEFAULT.iobit
2015-01-25 21:05 - 2014-12-20 21:13 - 00028672 _____ () C:\Windows\system32\config\SAM.iobit
2015-01-25 21:05 - 2014-12-20 21:13 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2015-01-25 16:10 - 2014-11-11 12:58 - 00000000 ____D () C:\Users\Todos os Usuários\Oracle
2015-01-25 16:10 - 2014-11-11 12:58 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-25 14:49 - 2014-11-11 12:58 - 00000000 ____D () C:\Program Files\Java
2015-01-25 14:48 - 2014-11-11 12:59 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-25 06:53 - 2011-04-12 01:47 - 01275626 _____ () C:\Windows\system32\prfh0416.dat
2015-01-25 06:53 - 2011-04-12 01:47 - 00691546 _____ () C:\Windows\system32\prfc0416.dat
2015-01-25 06:53 - 2010-11-20 18:01 - 00006210 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-19 18:32 - 2014-11-07 19:13 - 00000000 ____D () C:\Users\ADM\AppData\Local\VirtualStore
==================== Files in the root of some directories =======
2015-02-04 23:16 - 2015-02-04 23:16 - 0000079 _____ () C:\Program Files\prefs.js
2015-02-13 05:55 - 2015-02-13 08:47 - 0000020 _____ () C:\Users\ADM\AppData\Roaming\appdataFr3.bin
2014-11-07 20:28 - 2014-11-07 20:30 - 0000353 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 11:23
==================== End Of Log ============================
- Addition
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-02-2015
Ran by ADM at 2015-02-13 12:29:52
Running from C:\Users\Public\Documents\Documents\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Free Antivirus (Enabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Free Antivirus (Enabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
AMD Catalyst Install Manager (HKLM\...\{1F897E00-83A6-4133-54E1-58F8D35E61C2}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Aplicativo Credicard (HKLM\...\{245BB5B9-6211-4CFA-9B20-995025D2CFC5}) (Version: 1.1.36 - Credicard)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.1.0.0 - Auslogics Labs Pty Ltd)
Auslogics Registry Cleaner (HKLM\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 4.1.0.0 - Auslogics Labs Pty Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Counter-Strike 1.6 (HKLM\...\Counter-Strike 1.6) (Version: - )
DJ_SF_06_D1600_SW_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
HP Deskjet D1600 Printer Driver 14.0 Rel. 6 (HKLM\...\{96178C0A-BAF9-4E49-A2A5-CDE76722105B}) (Version: 14.0 - HP)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JetClean (HKLM\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
Malwarebytes Anti-Malware versão 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Megacubo 10 (HKLM\...\Megacubo_is1) (Version: 10.9.9 - www.megacubo.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 35.0.1 (x86 pt-BR)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
My Lockbox 3.5 (HKLM\...\My Lockbox_is1) (Version: 3.5 - )
Nero 7 Essentials (HKLM\...\{F87DA817-8D53-42CC-AA45-93A100341046}) (Version: 7.02.3907 - Nero AG)
Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM\...\Panda Universal Agent Endpoint) (Version: 15.00.04.0002 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype? 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
ZHPDiag 2015 (HKLM\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
03-02-2015 20:07:43 Windows Update
03-02-2015 20:08:10 Operação de restauração
04-02-2015 06:10:53 Windows Update
10-02-2015 19:35:52 Windows Update
10-02-2015 20:32:14 Revo Uninstaller's restore point - ManticoreTribble
10-02-2015 20:33:39 Revo Uninstaller's restore point - Supreme AdBlocker
11-02-2015 01:17:23 Windows Update
12-02-2015 01:06:33 Windows Update
12-02-2015 20:36:13 zoek.exe restore point
12-02-2015 21:45:06 zoek.exe restore point
13-02-2015 10:29:15 ZHPFix Restore System Point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:04 - 2009-06-10 18:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01E102A5-7D21-44DB-9BE7-315A149FCD6A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {08C81107-97BD-4D92-A739-988CC3355152} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {8E517850-0C7C-4670-B5E9-DBA9A7F891C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {CD04A3DF-5118-48A8-85D2-B2850411E4F4} - \Uninstaller_SkipUac_ADM No Task File <==== ATTENTION
Task: {D0E37D4C-D88D-4585-9E10-E9811794DCA8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {D20AFB2F-2152-41BB-9620-B59E5C27F95B} - \ASC8_PerformanceMonitor No Task File <==== ATTENTION
Task: {DDB9488F-C947-47FE-A8A7-F3B361491EE9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E8F8DF2E-A35A-4553-BDFD-F2C8648E190F} - System32\Tasks\ASC8_SkipUac_ADM => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2014-11-26] (IObit)
Task: {F7AA2DE6-5667-45AC-8613-DCDE62470216} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-11-28 23:49 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 8\sqlite3.dll
2013-04-12 14:23 - 2013-04-12 14:23 - 00612664 _____ () C:\Program Files\Panda Security\Panda Security Protection\SQLite3.dll
2014-11-28 23:49 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 8\webres.dll
2014-12-12 19:25 - 2014-12-12 19:25 - 00050688 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2012-06-11 11:45 - 2012-06-11 11:45 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-154245746-4024786111-2166681138-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
ADM (S-1-5-21-154245746-4024786111-2166681138-1000 - Administrator - Enabled) => C:\Users\ADM
Administrador (S-1-5-21-154245746-4024786111-2166681138-500 - Administrator - Disabled)
Convidado (S-1-5-21-154245746-4024786111-2166681138-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-154245746-4024786111-2166681138-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Teclado Padrão PS/2
Description: Teclado Padrão PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (teclados padrões)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/13/2015 00:27:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: firefox.exe, versão: 35.0.1.5500, carimbo de hora: 0x54c1fdbc
Nome do módulo de falhas: mfreadwrite.dll, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7b890
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0002d2a4
Identificação do processo com falha: 0x1598
Hora de início do aplicativo com falha: 0xfirefox.exe0
Caminho do aplicativo com falha: firefox.exe1
FCaminho do módulo de falhas: firefox.exe2
Identificação do Relatório: firefox.exe3
Error: (02/13/2015 00:24:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: firefox.exe, versão: 35.0.1.5500, carimbo de hora: 0x54c1fdbc
Nome do módulo de falhas: dbghelp.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x54c868cc
Código de exceção: 0xc0000005
Deslocamento com falha: 0x5e47d2a4
Identificação do processo com falha: 0x470
Hora de início do aplicativo com falha: 0xfirefox.exe0
Caminho do aplicativo com falha: firefox.exe1
FCaminho do módulo de falhas: firefox.exe2
Identificação do Relatório: firefox.exe3
Error: (02/13/2015 11:05:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: firefox.exe, versão: 35.0.1.5500, carimbo de hora: 0x54c1fdbc
Nome do módulo de falhas: dbghelp.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x54c868cc
Código de exceção: 0xc0000005
Deslocamento com falha: 0x5a4cd2a4
Identificação do processo com falha: 0xc40
Hora de início do aplicativo com falha: 0xfirefox.exe0
Caminho do aplicativo com falha: firefox.exe1
FCaminho do módulo de falhas: firefox.exe2
Identificação do Relatório: firefox.exe3
Error: (02/13/2015 10:29:11 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {150c43fd-90c0-4e20-b3a6-b51f4a13482e}
Error: (02/13/2015 10:28:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: firefox.exe, versão: 35.0.1.5500, carimbo de hora: 0x54c1fdbc
Nome do módulo de falhas: dbghelp.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x54c868cc
Código de exceção: 0xc0000005
Deslocamento com falha: 0x614cd2a4
Identificação do processo com falha: 0xdac
Hora de início do aplicativo com falha: 0xfirefox.exe0
Caminho do aplicativo com falha: firefox.exe1
FCaminho do módulo de falhas: firefox.exe2
Identificação do Relatório: firefox.exe3
Error: (02/13/2015 05:48:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/13/2015 00:58:37 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: O Windows não pode acessar o arquivo por um destes motivos: há um problema de conexão com a rede, o disco no qual o arquivo está armazenado ou nos drivers de armazenamento
instalados neste computador, ou o disco está ausente. O Windows fechou o programa Firefox por causa desse erro.
Programa: Firefox
Arquivo:
O valor do erro está listado na seção Dados Adicionais.
Ação do Usuário
1. Abra o arquivo novamente.
Esta situação pode ser um problema temporário corrigida quando o programa é executado novamente.
2.
Se o arquivo ainda não puder ser acessado e
- não estiver na rede,
o administrador da rede deverá verificar se não há um problema com a rede e se o servidor puder ser contatado.
- Está em um disco removível, por exemplo, um disquete ou CD-ROM, verifique se o disco está completamente inserido no computador.
3. Verifique e repare o sistema de arquivos ao executar CHKDSK. Para executar CHKDSK, clique em Iniciar, clique em Executar, digite CMD e clique em OK. No prompt de comando, digite CHKDSK /F e pressione ENTER.
4. Se o problema persistir, restaure o arquivo de uma cópia de backup.
5. Determine se outros arquivos no mesmo disco podem ser abertos. Em caso negativo, o disco pode estar danificado. Se for um disco rígido, contate o administrador ou o fornecedor de hardware do computador para
obter assistência adicional.
Dados Adicionais
Valor do erro: 00000000
Tipo de disco: 0
Error: (02/13/2015 00:58:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: firefox.exe, versão: 35.0.1.5500, carimbo de hora: 0x54c1fdbc
Nome do módulo de falhas: dwrite.dll, versão: 6.2.9200.16492, carimbo de hora: 0x50f31984
Código de exceção: 0xc000001d
Deslocamento com falha: 0x000bd2a4
Identificação do processo com falha: 0x318
Hora de início do aplicativo com falha: 0xfirefox.exe0
Caminho do aplicativo com falha: firefox.exe1
FCaminho do módulo de falhas: firefox.exe2
Identificação do Relatório: firefox.exe3
Error: (02/13/2015 00:15:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: firefox.exe, versão: 35.0.1.5500, carimbo de hora: 0x54c1fdbc
Nome do módulo de falhas: dbghelp.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x54c868cc
Código de exceção: 0xc0000005
Deslocamento com falha: 0x674ed2a4
Identificação do processo com falha: 0x1414
Hora de início do aplicativo com falha: 0xfirefox.exe0
Caminho do aplicativo com falha: firefox.exe1
FCaminho do módulo de falhas: firefox.exe2
Identificação do Relatório: firefox.exe3
Error: (02/12/2015 10:22:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (02/13/2015 05:48:09 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para FailureActions com o seguinte erro:
%%5
Error: (02/12/2015 10:22:26 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para FailureActions com o seguinte erro:
%%5
Error: (02/12/2015 09:58:55 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (02/12/2015 09:58:54 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (02/12/2015 09:58:54 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (02/12/2015 09:58:53 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (02/12/2015 09:58:52 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (02/12/2015 09:58:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (02/12/2015 09:58:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (02/12/2015 09:58:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Microsoft Office Sessions:
=========================
Error: (02/13/2015 00:27:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe35.0.1.550054c1fdbcmfreadwrite.dll12.0.7601.175144ce7b890c00000050002d2a4159801d047a126336a30C:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\system32\mfreadwrite.dllc1af23b8-b394-11e4-92c9-00248ccf2999
Error: (02/13/2015 00:24:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe35.0.1.550054c1fdbcdbghelp.dll_unloaded0.0.0.054c868ccc00000055e47d2a447001d047a03478bed1C:\Program Files\Mozilla Firefox\firefox.exedbghelp.dll64b3f9a4-b394-11e4-92c9-00248ccf2999
Error: (02/13/2015 11:05:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe35.0.1.550054c1fdbcdbghelp.dll_unloaded0.0.0.054c868ccc00000055a4cd2a4c4001d0479126057f98C:\Program Files\Mozilla Firefox\firefox.exedbghelp.dll5903c418-b389-11e4-92c9-00248ccf2999
Error: (02/13/2015 10:29:11 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Acesso negado.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {150c43fd-90c0-4e20-b3a6-b51f4a13482e}
Error: (02/13/2015 10:28:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe35.0.1.550054c1fdbcdbghelp.dll_unloaded0.0.0.054c868ccc0000005614cd2a4dac01d0478838cd130fC:\Program Files\Mozilla Firefox\firefox.exedbghelp.dll2312b902-b384-11e4-92c9-00248ccf2999
Error: (02/13/2015 05:48:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/13/2015 00:58:37 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Firefox000000000
Error: (02/13/2015 00:58:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe35.0.1.550054c1fdbcdwrite.dll6.2.9200.1649250f31984c000001d000bd2a431801d0473c686fb06cC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\system32\dwrite.dll95fcbc65-b334-11e4-b6d9-00248ccf2999
Error: (02/13/2015 00:15:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe35.0.1.550054c1fdbcdbghelp.dll_unloaded0.0.0.054c868ccc0000005674ed2a4141401d0472ba0b0c2a3C:\Program Files\Mozilla Firefox\firefox.exedbghelp.dll8e4dfef5-b32e-11e4-b6d9-00248ccf2999
Error: (02/12/2015 10:22:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz
Percentage of memory in use: 21%
Total physical RAM: 3583.18 MB
Available physical RAM: 2825.02 MB
Total Pagefile: 7164.65 MB
Available Pagefile: 5900.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.16 MB
==================== Drives ================================
Drive c: (SISTEMA) (Fixed) (Total:477.7 GB) (Free:421.06 GB) NTFS
Drive d: (MVIRTUAL) (Fixed) (Total:10.6 GB) (Free:10.51 GB) NTFS
Drive e: (BACKUP) (Fixed) (Total:443.21 GB) (Free:390.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1E331E33)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: C383C383)
Partition 1: (Not Active) - (Size=477.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453.8 GB) - (Type=OF Extended)
==================== End Of Log ============================