cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:31-12-2015
Executado por Ricardo (2016-01-03 02:02:35)
Executando a partir de C:\Users\Ricardo\Downloads
Windows 8.1 Single Language (X64) (2014-07-14 01:54:20)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-228481775-3463175574-2327754113-500 - Administrator - Disabled)
Convidado (S-1-5-21-228481775-3463175574-2327754113-501 - Limited - Disabled)
Ricardo (S-1-5-21-228481775-3463175574-2327754113-1001 - Administrator - Enabled) => C:\Users\Ricardo

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Advanced-System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1) (Version: 2.2.1000.19019 - Advanced System Protector) <==== ATENÇÃO
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.3.2225 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cliente Metin7 2012 4.0 (HKLM-x32\...\Cliente Metin7 2012 4.0) (Version: 4.0 - Metin7)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.6326 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2608 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dream Chronicles (x32 Version: 2.2.0.95 - WildTangent) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Free Mahjong Games (HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\Free Mahjong Games) (Version: 1.0 - )
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\Google Photos Backup) (Version: 1.1.1.276 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.10.0.1 - )
Heartwild Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{3C0714E4-D8F9-46A8-924E-D19D4FE46F64}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{3AD2C353-825B-47E6-9396-3C2F78D194FE}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{230D401C-7342-46E4-BF7C-885B5B55AFB1}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jogos da WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
JoJo's Fashion Show (x32 Version: 2.2.0.95 - WildTangent) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 Home Premium - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4454.1513 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 en-US)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.98 - WildTangent) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1513 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Ralink RT2860 802.11 WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Westward (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: 6.7.136 - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATENÇÃO
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-228481775-3463175574-2327754113-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Ricardo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-228481775-3463175574-2327754113-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Ricardo\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-228481775-3463175574-2327754113-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Ricardo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-228481775-3463175574-2327754113-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Ricardo\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-228481775-3463175574-2327754113-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-228481775-3463175574-2327754113-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Ricardo\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-228481775-3463175574-2327754113-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ricardo\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {000F5927-3997-421A-B638-8CDB68E7F432} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {19D6F8B6-FEE2-4189-9155-830F0A0B5E0A} - System32\Tasks\0 => Iexplore.exe <==== ATENÇÃO
Task: {20065B1E-288D-4C45-A466-54F0F870A25D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {22BC2C7D-6CAB-45CE-8230-5AEF2EC20669} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-228481775-3463175574-2327754113-1001UA => C:\Users\Ricardo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {30002C60-A183-4229-852F-8D296769E7F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {44A02FED-F639-4B93-BE85-4B8E3D50786F} - System32\Tasks\{763E0421-12DC-47F2-809D-AD9AD0CCED58} => pcalua.exe -a "C:\Program Files (x86)\Z8Games\CrossFire BR\cfPT_launcher.exe" -d "C:\Program Files (x86)\Z8Games\CrossFire BR"
Task: {470C1C6B-74E3-4C12-985E-DFEBD0714C0A} - System32\Tasks\avastBCLRestartS-1-5-21-228481775-3463175574-2327754113-1001 => Firefox.exe
Task: {4FADFFE5-042E-4AFE-BF66-5FD3331892B3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-03] (AVAST Software)
Task: {51BE3B49-3FE0-4382-9AD4-56169B2A0637} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-02-21] (Microsoft Corporation)
Task: {5E3AC8B7-8035-4529-A2B4-0A5D13A636E2} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {6DB4BB18-346E-4E02-9C32-BE7F1F1CE233} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATENÇÃO
Task: {6E5D6E30-9BDE-45AB-B84D-D076767B84CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {6F8E0D93-1B40-48A8-96A9-13C4444562BE} - System32\Tasks\{C48001BA-AE7C-4531-AD45-D13BC28D3803} => pcalua.exe -a C:\Users\Ricardo\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
Task: {70F684F3-DC86-4851-9268-648332F98CDB} - System32\Tasks\{E5701E39-1E1E-4E38-9321-DDA76132D82A} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/pt/abandoninstall?page=tsProgressBar
Task: {79C24FFF-A366-4E8E-9FE2-25AA34F4EE0E} - System32\Tasks\{B7540005-ED5E-4462-BF7F-E839319D9845} => pcalua.exe -a C:\Users\Ricardo\AppData\Local\BeamriseUninstall\Bootstrapper{1.Y2VqPwRP.100}.exe -c uninstall –slot=1 –bagKey=yikAakHwZJ8U
Task: {7E606782-9216-4D63-9B78-98F85F0DAEBB} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Task: {8420F73C-5BCB-40BF-BFA0-4AA3FBB5BB86} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [2015-11-20] () <==== ATENÇÃO
Task: {8550F04C-B9AA-442F-B19B-D5780D00CA48} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {96DB5FC1-F0AD-414C-ABD7-CA96B7AD7137} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-228481775-3463175574-2327754113-1001UA => C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9F611452-CBA6-42C8-AB1D-E70C3374C964} - System32\Tasks\{CCD47535-5970-47F5-8926-7CC0D29C0115} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.12.64.101/pt/abandoninstall?page=tsProgressBar
Task: {A1F9B6EA-D032-4327-9FFB-49F1577DC5D1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-11-24] (HP Inc.)
Task: {AD57D706-5E04-41B9-AFDB-36446A5F6C1D} - System32\Tasks\Driver Booster SkipUAC (Ricardo) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {AEF3FCB3-533A-4D0A-BB28-0E4BFF15042E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C405E741-5092-4898-B3D9-A8E4713C448B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {CCA18253-414D-474B-9CEE-728416DF270F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-228481775-3463175574-2327754113-1001Core => C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CDDE855C-85C2-4D9D-94A0-5C93795A1E86} - System32\Tasks\4889 => C:\Windows\system32\wscript.exe [2014-10-29] (Microsoft Corporation) <==== ATENÇÃO
Task: {CE01D2D6-7CA0-4637-987B-59B83CBC7665} - System32\Tasks\HPCeeScheduleForRicardo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {D770A8BF-4831-481C-A2AC-2C5F0ECD7C8C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {DF91E9FD-40D2-42F0-A380-E50ECE178383} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {F407EBD0-B9FC-4883-BF5E-9920F8D91DB7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-228481775-3463175574-2327754113-1001Core => C:\Users\Ricardo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {FB2C02E8-BBEA-4159-8EBE-3B7F9A31F786} - System32\Tasks\Advanced System~Protector => C:\Program Files (x86)\ASP\AspManager.exe [2015-11-20] ()

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-228481775-3463175574-2327754113-1001Core.job => C:\Users\Ricardo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-228481775-3463175574-2327754113-1001UA.job => C:\Users\Ricardo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-228481775-3463175574-2327754113-1001Core.job => C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-228481775-3463175574-2327754113-1001UA.job => C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRicardo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2013-03-31 22:31 - 2013-02-21 18:40 - 00375976 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-03-31 22:31 - 2013-02-21 18:39 - 00513680 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-03-31 22:31 - 2013-02-21 18:40 - 00607400 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2016-01-03 01:35 - 2015-11-20 16:13 - 06513616 _____ () C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe
2015-08-03 09:55 - 2015-08-03 09:55 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-03 09:55 - 2015-08-03 09:55 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-02 23:35 - 2016-01-02 23:35 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\16010201\algo.dll
2016-01-02 15:53 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2013-07-09 04:52 - 2012-06-08 01:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-12-11 09:30 - 2015-12-11 09:30 - 03473408 _____ () C:\Users\Ricardo\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
2015-12-25 11:35 - 2015-12-21 11:46 - 02934272 _____ () C:\ProgramData\WindowsMsg\FA889F48BA91932CA1794DC9B9F86E43.dll
2013-01-09 13:04 - 2012-06-25 16:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-01-03 01:35 - 2015-03-17 10:59 - 00886272 _____ () C:\Program Files (x86)\ASP\System.Data.SQLite.dll
2016-01-03 01:35 - 2015-11-20 16:13 - 01730512 _____ () C:\Program Files (x86)\ASP\aspsys.dll
2016-01-03 01:35 - 2015-03-17 10:59 - 00168448 _____ () C:\Program Files (x86)\ASP\UNRAR.DLL
2016-01-03 01:35 - 2015-11-20 16:13 - 00063952 _____ () C:\Program Files (x86)\ASP\ScanDll.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\Users\Todos os Usuários:NT
AlternateDataStreams: C:\Users\Todos os Usuários:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:NT
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Ricardo\Dados de Aplicativos:NT
AlternateDataStreams: C:\Users\Ricardo\Dados de Aplicativos:NT2
AlternateDataStreams: C:\Users\Ricardo\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Ricardo\AppData\Roaming:NT2
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT2
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de Aplicativos:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de Aplicativos:NT2
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT2

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Existem ainda 7866 sites a mais.

IE trusted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\123simsen.com -> www.123simsen.com

Existem ainda 7866 sites a mais.


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2012-07-26 03:26 - 2016-01-01 15:46 - 00450804 ____N C:\WINDOWS\system32\Drivers\etc\hosts

23.41.155.66 guardiao.itau.com.br127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

Existem ainda 15463 mais linhas.


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-228481775-3463175574-2327754113-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ricardo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\papel de parede do visualizador de fotos do windows.jpg
DNS Servers: 192.168.25.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\Services: scpVista => 2
HKLM\...\StartupApproved\Run: => "3D BubbleSound"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "Zwinky_5q Browser Plugin Loader 64"
HKLM\...\StartupApproved\Run32: => "Diebold - Warsaw"
HKLM\...\StartupApproved\Run32: => "YTDownloader"
HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\StartupApproved\Run: => "ares"
HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\StartupApproved\Run: => "Free Mahjong Games"
HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\StartupApproved\Run: => "Windows Loader Cpl"
HKU\S-1-5-21-228481775-3463175574-2327754113-1001\...\StartupApproved\Run: => "YTDownloader"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{FF8C204E-560F-44C4-8F57-A360F15304EB}C:\program files (x86)\metin7\cliente metin7 2012\mc.exe] => (Block) C:\program files (x86)\metin7\cliente metin7 2012\mc.exe
FirewallRules: [TCP Query User{8A41C71C-C2F6-4860-8A07-5419830A3DEC}C:\program files (x86)\metin7\cliente metin7 2012\mc.exe] => (Block) C:\program files (x86)\metin7\cliente metin7 2012\mc.exe
FirewallRules: [UDP Query User{1805D210-753D-425D-9664-6410C821E208}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2D2135A0-E511-4405-9698-DF9A6E2EA421}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A0A4C4F5-D68B-4F8F-8460-AB1335FF35E4}C:\users\ricardo\desktop\metin2fenix\fenix.exe] => (Allow) C:\users\ricardo\desktop\metin2fenix\fenix.exe
FirewallRules: [TCP Query User{EE088397-C28D-4D38-BEEC-4FD832C53938}C:\users\ricardo\desktop\metin2fenix\fenix.exe] => (Allow) C:\users\ricardo\desktop\metin2fenix\fenix.exe
FirewallRules: [UDP Query User{75E7F8A2-00C5-4E62-AB3A-02D18850C005}C:\program files (x86)\cliente _metin2hd_2013_v3.1\metin2client.bin] => (Allow) C:\program files (x86)\cliente _metin2hd_2013_v3.1\metin2client.bin
FirewallRules: [TCP Query User{0F0B0D53-75E9-4A07-8A28-FB8E704FCA68}C:\program files (x86)\cliente _metin2hd_2013_v3.1\metin2client.bin] => (Allow) C:\program files (x86)\cliente _metin2hd_2013_v3.1\metin2client.bin
FirewallRules: [UDP Query User{F30A6637-F4F5-447E-96E3-1CBA035A5CFF}C:\program files (x86)\metin2 evo\metin2client.bin] => (Allow) C:\program files (x86)\metin2 evo\metin2client.bin
FirewallRules: [TCP Query User{0E3FD279-4403-4EE0-9799-9AAE65EE5F79}C:\program files (x86)\metin2 evo\metin2client.bin] => (Allow) C:\program files (x86)\metin2 evo\metin2client.bin
FirewallRules: [UDP Query User{E95D5475-7A22-4734-A6CC-EC1F870D7277}C:\program files (x86)\ongame\metin2\metin2client.bin] => (Allow) C:\program files (x86)\ongame\metin2\metin2client.bin
FirewallRules: [TCP Query User{EACA544A-4A66-4FDC-BFAB-5280E7960896}C:\program files (x86)\ongame\metin2\metin2client.bin] => (Allow) C:\program files (x86)\ongame\metin2\metin2client.bin
FirewallRules: [UDP Query User{896BEA30-8B8D-4A3F-BF22-CA5841D93ACD}C:\program files (x86)\metin7\cliente metin7 2012\mc.exe] => (Allow) C:\program files (x86)\metin7\cliente metin7 2012\mc.exe
FirewallRules: [TCP Query User{8DB0DB82-B21A-4BC1-A723-344FCC068653}C:\program files (x86)\metin7\cliente metin7 2012\mc.exe] => (Allow) C:\program files (x86)\metin7\cliente metin7 2012\mc.exe
FirewallRules: [{66074822-1D40-4FBA-A1A2-3A1EDB9C82A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0503C1A0-1103-4707-AB6C-C5CC4DAEDCC2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{C5F29467-6DB5-434D-ABA8-F59BE1A55FAE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{53F4B74F-B571-414B-8945-4A9ECF025ED8}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{91DC25A0-929E-4FD2-8133-CF5F8C1F9CDA}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{F81F7F0B-C9B2-472A-B8D6-599FB5900BB8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1F31936C-920E-4AD1-A1A1-7DBDB4058A80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F020EB7E-3B6B-4F49-815B-D64DCEF458FA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{15B20F92-36BF-4915-B860-98D415D6886A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{918F9341-6AF7-4D50-99FF-6941BD945376}] => (Allow) LPort=1900
FirewallRules: [{A93A6F3E-9F92-42A2-AF03-C5D02E6ACA40}] => (Allow) LPort=2869
FirewallRules: [{56648402-337A-4E86-A7B5-366BB50D835D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{919E1F9F-7C4C-4B0E-BFEF-3A6F774C8298}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DF6E7C3-3145-4C04-93A2-09655D7DD3AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{EE800B2D-A48B-47BB-9D31-9D8D56868685}C:\users\ricardo\desktop\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\desktop\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{7EEE7248-FF1E-49F3-AAA2-7BC3CECA8FA9}C:\users\ricardo\desktop\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\desktop\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{0ABF07F4-1060-4762-94C3-7F835D9452A1}C:\users\ricardo\appdata\local\temp\rar$exa0.237\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.237\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{A566FC81-7CCE-471A-906A-C7D8C42EFFA8}C:\users\ricardo\appdata\local\temp\rar$exa0.237\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.237\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{1D502965-9B70-444B-8A47-6DB8E856730E}C:\users\ricardo\appdata\local\temp\rar$exa0.019\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.019\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{1C971EDD-1C49-4D7C-9D3C-6E89F52D5661}C:\users\ricardo\appdata\local\temp\rar$exa0.019\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.019\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{AC45143A-9392-404E-8A3C-D4D18E13C87E}C:\users\ricardo\desktop\metin2sweet full 2015\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\desktop\metin2sweet full 2015\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{5FA4AA31-FC26-4C5E-AE03-A4A182B09841}C:\users\ricardo\desktop\metin2sweet full 2015\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\desktop\metin2sweet full 2015\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{BD0BE5B7-F78B-4FFB-B63E-115F917BF425}C:\users\ricardo\appdata\local\temp\rar$exa0.777\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.777\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{AE183128-FDB0-499C-9E5B-A07FE42F4249}C:\users\ricardo\appdata\local\temp\rar$exa0.777\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.777\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{316A6DFF-6AF3-498A-939A-D9F06473E9BA}C:\users\ricardo\appdata\local\temp\rar$exa0.461\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.461\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{D94E133A-4743-4677-BB65-2F434E9925B5}C:\users\ricardo\appdata\local\temp\rar$exa0.461\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.461\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{7DFC89D4-4DE0-4672-8111-22E6E23D179E}C:\users\ricardo\appdata\local\temp\rar$exa0.799\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.799\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{ECB1E62E-1019-4885-B5C2-BFADA1F2AA91}C:\users\ricardo\appdata\local\temp\rar$exa0.799\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.799\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{50940648-A481-4241-B073-CA5EB92335FD}C:\users\ricardo\appdata\local\temp\rar$exa0.703\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.703\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{D0AE827B-1F0F-422B-9B8C-17ED1F4747DA}C:\users\ricardo\appdata\local\temp\rar$exa0.703\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.703\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{94CA939C-C95B-40EC-8037-9351426665D9}C:\users\ricardo\appdata\local\temp\rar$exa0.867\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.867\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{07BA36D5-40A5-401F-B5A2-5C2B5A70A6C9}C:\users\ricardo\appdata\local\temp\rar$exa0.867\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.867\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{491BCDB2-AD7C-4E57-87E3-B6224187F6C9}C:\users\ricardo\appdata\local\temp\rar$exa0.998\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.998\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{992E942C-D12C-485E-A11A-A229365E07B0}C:\users\ricardo\appdata\local\temp\rar$exa0.998\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.998\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{40B0DAF4-0A13-4920-8A23-58E5D65C3167}C:\users\ricardo\appdata\local\temp\rar$exa0.671\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.671\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{7DA7A40C-0D17-4A97-8B62-C24889EFB36C}C:\users\ricardo\appdata\local\temp\rar$exa0.671\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.671\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{4BF042CD-9524-467E-98E9-C7DBE0974C63}C:\users\ricardo\appdata\local\temp\rar$exa0.793\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.793\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{C0372367-B678-4C23-8127-CE0AA90237EC}C:\users\ricardo\appdata\local\temp\rar$exa0.793\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.793\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{6978F965-EE37-4BFE-8FA2-9B365F3A40F0}C:\users\ricardo\appdata\local\temp\rar$exa0.997\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.997\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{4D020E71-4BC4-4C7B-95F3-213A9BA55FF5}C:\users\ricardo\appdata\local\temp\rar$exa0.997\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.997\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{F386B21A-FE9E-4407-B089-03F088970C4A}C:\users\ricardo\desktop\jogos\metin2sweet full 2015\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\desktop\jogos\metin2sweet full 2015\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{FB71EBBA-9813-4047-839D-268DD8B4E8C0}C:\users\ricardo\desktop\jogos\metin2sweet full 2015\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\desktop\jogos\metin2sweet full 2015\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{BBDF4902-6B94-4923-AAFE-589795A2EB96}C:\users\ricardo\appdata\local\temp\rar$exa0.262\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.262\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{F9757DFB-FAB3-4B75-AB9D-F6BE4FA72ECD}C:\users\ricardo\appdata\local\temp\rar$exa0.262\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.262\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{8F875C33-ED87-463C-9F58-03CC132C9A7A}C:\users\ricardo\appdata\local\temp\rar$exa0.398\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.398\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{D8E18CD7-ADBC-4987-9C92-BCFE289A3016}C:\users\ricardo\appdata\local\temp\rar$exa0.398\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.398\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{2A7319D0-8EA7-40B7-9A8D-F30156F4EAE0}C:\users\ricardo\appdata\local\temp\rar$exa0.291\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.291\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{D8933FF2-B550-412B-A149-71A3AA80A089}C:\users\ricardo\appdata\local\temp\rar$exa0.291\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.291\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{1965A978-BEBD-4CE1-9654-4D5465E19160}C:\users\ricardo\appdata\local\temp\rar$exa0.101\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.101\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{1E829D46-1543-42D2-A15D-469A5D868D33}C:\users\ricardo\appdata\local\temp\rar$exa0.101\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.101\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{FB9226AD-A09E-4D8F-9E39-40EA006BE511}C:\users\ricardo\appdata\local\temp\rar$exa0.361\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.361\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{4D1ACA68-0EBD-4F62-928E-80CBE6E58A97}C:\users\ricardo\appdata\local\temp\rar$exa0.361\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.361\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{B9125465-8FE0-44B9-922D-75787D7841F8}C:\users\ricardo\appdata\local\temp\rar$exa0.780\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.780\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{EE98E5B8-5BAE-40C6-B475-34E43E370C28}C:\users\ricardo\appdata\local\temp\rar$exa0.780\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.780\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{D4EA1F23-AAA0-4BB5-B17A-47C238A05D37}C:\users\ricardo\appdata\local\temp\rar$exa0.865\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.865\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{49AAC30D-C704-4F02-9EB4-714587C68DE5}C:\users\ricardo\appdata\local\temp\rar$exa0.865\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.865\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{D6F5EC21-8068-46FE-BB8F-67BD64A2DB2F}C:\users\ricardo\appdata\local\temp\rar$exa0.590\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.590\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{D9093B25-C98D-464B-9B28-8D391818ACAD}C:\users\ricardo\appdata\local\temp\rar$exa0.590\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.590\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{674E137B-7A33-4AE2-B5FC-C70DCF947711}C:\users\ricardo\appdata\local\temp\rar$exa0.773\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.773\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{65E3ECDF-D9AE-462F-AA80-62C9A307EE78}C:\users\ricardo\appdata\local\temp\rar$exa0.773\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.773\metin2sweet full 2015\sweet.bin
FirewallRules: [{E712A2AC-AD47-4D6E-BFB7-C973F76900C3}] => (Allow) C:\Users\Ricardo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4D5E6CE-C80C-4AFC-B670-D2D3FD0E5A53}] => (Allow) C:\Users\Ricardo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{052ADBFA-806A-4AAB-BD0F-3731391827B8}C:\users\ricardo\appdata\local\temp\rar$exa0.204\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.204\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{2188ADA8-D749-4249-9F76-E851D22E3BED}C:\users\ricardo\appdata\local\temp\rar$exa0.204\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.204\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{A387CA28-2D52-427C-A2E2-36FF4EA3B147}C:\users\ricardo\appdata\local\temp\rar$exa0.082\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.082\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{A0004487-D3DB-49DD-9BFD-D6E0C838F168}C:\users\ricardo\appdata\local\temp\rar$exa0.082\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.082\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{08B17DDA-DAFC-455A-A8FC-E88CCF522E42}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2C4CEF9D-F1E4-4827-815E-BF507AF19300}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{967EAE6B-F308-477C-AC91-4896D3BF9FE0}C:\users\ricardo\appdata\local\temp\rar$exa0.186\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.186\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{94A5778A-F9A3-4013-8BDB-89C181B8BB3C}C:\users\ricardo\appdata\local\temp\rar$exa0.186\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.186\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{158A6180-ADAD-41E8-962A-24A0515DCB47}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{7CB33277-70D9-4057-87B5-9047B40C00FC}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{09D010CC-9363-45E8-AA18-CAACA54273EE}C:\users\ricardo\appdata\local\temp\rar$exa0.142\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.142\metin2sweet full 2015\sweet.bin
FirewallRules: [UDP Query User{2F6AAC74-DBAB-4F9C-8CEC-85C2A809FEA4}C:\users\ricardo\appdata\local\temp\rar$exa0.142\metin2sweet full 2015\sweet.bin] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.142\metin2sweet full 2015\sweet.bin
FirewallRules: [TCP Query User{785263E9-2621-4672-AF98-997D99C90FF0}C:\users\ricardo\appdata\local\temp\rar$exa0.312\m2progame v-7\san.inf] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.312\m2progame v-7\san.inf
FirewallRules: [UDP Query User{D713B879-5586-4B07-A07C-F26916DEA165}C:\users\ricardo\appdata\local\temp\rar$exa0.312\m2progame v-7\san.inf] => (Allow) C:\users\ricardo\appdata\local\temp\rar$exa0.312\m2progame v-7\san.inf
FirewallRules: [TCP Query User{1A7FC7DA-4E84-45FB-B459-91EC67E32205}C:\users\ricardo\desktop\m2progame v-7\san.inf] => (Allow) C:\users\ricardo\desktop\m2progame v-7\san.inf
FirewallRules: [UDP Query User{A05A8C2C-0EFC-40CE-A585-8D43CD1BBD7A}C:\users\ricardo\desktop\m2progame v-7\san.inf] => (Allow) C:\users\ricardo\desktop\m2progame v-7\san.inf
FirewallRules: [TCP Query User{3C3F7E0C-7649-45E3-95F9-50EC31A272CB}C:\program files (x86)\arxgaming\crossfire\updater.exe] => (Allow) C:\program files (x86)\arxgaming\crossfire\updater.exe
FirewallRules: [UDP Query User{20984257-30EF-456E-BD14-B77065D8A10B}C:\program files (x86)\arxgaming\crossfire\updater.exe] => (Allow) C:\program files (x86)\arxgaming\crossfire\updater.exe
FirewallRules: [{9ED6B26D-1528-49CF-847C-8C0C65A37713}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{05AAD60E-EA35-4212-9787-994EF0DFCAF9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{A2DC6465-2401-46BA-815C-245B27356E0B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{72C8F8C7-ED98-4339-A513-5BEF5D54BA53}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{DEFFE23C-FF75-46C7-94ED-D9913D436474}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{AA38C832-0218-4760-9C59-5CF0B542C837}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{37774FDB-52BA-4127-986E-4BAC0FD6DFEC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

==================== Pontos de Restauração =========================

10-12-2015 23:57:06 Windows Update
18-12-2015 23:58:31 Ponto de Verificação Agendado
25-12-2015 17:02:53 Removed Ralink Bluetooth Stack64.
27-12-2015 02:51:26 Removed Beatpad.
30-12-2015 13:01:42 Removeu League of Legends
01-01-2016 14:22:48 Removed Google Earth
02-01-2016 15:59:01 Driver Booster : 3rd Gen Core processor DRAM Controller - 0154
02-01-2016 23:46:27 Removeu League of Legends
03-01-2016 00:01:39 Removeu League of Legends

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/03/2016 01:59:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: dc4

Hora de Início: 01d145da75f47f77

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID do Relatório: 6a80ddbd-b1ce-11e5-80ed-a41731fb7552

Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/03/2016 01:06:59 AM) (Source: MsiInstaller) (EventID: 10005) (User: PC-RICARDO)
Description: Produto: Windows Defender -- Você não precisa instalar este software porque o Windows Defender está incluído no Windows Vista. É possível acessar o Windows Defender a partir da seção Segurança do Painel de Controle do Windows.

Error: (01/02/2016 04:02:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 12d0

Hora de Início: 01d14585f4620117

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID do Relatório: fad3de57-b17a-11e5-80e7-38eaa7d26102

Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2016 03:27:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa wwahost.exe versão 6.3.9600.17415 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: dc0

Hora de Início: 01d1458163396b86

Hora de Término: 4294967295

Caminho do Aplicativo: C:\WINDOWS\syswow64\wwahost.exe

ID do Relatório: 0aad4d32-b176-11e5-80e5-38eaa7d26102

Nome completo do pacote com falha: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

ID do aplicativo relativo ao pacote com falha: App

Error: (01/02/2016 03:09:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: ec8

Hora de Início: 01d1457f4ba5bb3d

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID do Relatório: 98d16f3c-b173-11e5-80e5-38eaa7d26102

Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2016 02:42:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa wwahost.exe versão 6.3.9600.17415 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 128c

Hora de Início: 01d1457b19e188c9

Hora de Término: 4294967295

Caminho do Aplicativo: C:\WINDOWS\syswow64\wwahost.exe

ID do Relatório: c0f6472f-b16f-11e5-80e5-38eaa7d26102

Nome completo do pacote com falha: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

ID do aplicativo relativo ao pacote com falha: App

Error: (01/02/2016 02:37:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 1a58

Hora de Início: 01d1457b19e3eb40

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID do Relatório: 0e1ed551-b16f-11e5-80e5-38eaa7d26102

Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2016 02:24:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa wwahost.exe versão 6.3.9600.17415 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 1b8c

Hora de Início: 01d1457901f67812

Hora de Término: 4294967295

Caminho do Aplicativo: C:\WINDOWS\syswow64\wwahost.exe

ID do Relatório: 4fb13350-b16d-11e5-80e5-38eaa7d26102

Nome completo do pacote com falha: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

ID do aplicativo relativo ao pacote com falha: App

Error: (01/02/2016 02:22:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 1ad0

Hora de Início: 01d145790170f291

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID do Relatório: f6276784-b16c-11e5-80e5-38eaa7d26102

Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2016 02:11:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 1180

Hora de Início: 01d145771b4c287b

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID do Relatório: 69f1390a-b16b-11e5-80e5-38eaa7d26102

Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1


Erros de Sistema:
=============
Error: (01/03/2016 01:29:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (01/03/2016 01:25:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (01/03/2016 01:25:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (01/03/2016 01:25:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (01/03/2016 01:25:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
%%2

Error: (01/03/2016 01:24:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço VBoxAsw Support Driver devido ao seguinte erro:
%%2

Error: (01/03/2016 01:23:44 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "WORKGROUP :1d" não pôde ser registrado na interface com o endereço IP 192.168.25.216.
O computador de endereço IP 192.168.25.1 não permitiu que o nome fosse reivindicado por
este computador.

Error: (01/03/2016 01:23:24 AM) (Source: DCOM) (EventID: 10010) (User: PC-RICARDO)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (01/03/2016 01:22:56 AM) (Source: DCOM) (EventID: 10010) (User: PC-RICARDO)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (01/03/2016 01:22:54 AM) (Source: DCOM) (EventID: 10010) (User: PC-RICARDO)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}


CodeIntegrity:
===================================
Date: 2016-01-02 00:31:51.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-01-02 00:17:30.757
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-01-02 00:16:02.704
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-01-02 00:16:02.517
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-01-02 00:05:16.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-01-02 00:05:01.690
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-01-02 00:05:01.526
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-01-02 00:05:01.365
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentagem de memória em uso: 77%
RAM física total: 3988.27 MB
RAM física disponível: 907.93 MB
Virtual Total: 6164.27 MB
Virtual disponível: 2757.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:679.85 GB) (Free:339.91 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive d: (RECOVERY) (Fixed) (Total:17.58 GB) (Free:2.18 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 9A931A64)

Partition: GPT.

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité