Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:05-03-2016 01
Executado por Pedro (2016-03-30 19:40:01)
Executando a partir de C:\Users\Pedro\Music\Pictures\Desktop
Microsoft Windows 7 Home Basic Service Pack 1 (X86) (2011-05-07 20:33:57)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3242213785-1770070969-4110494137-500 - Administrator - Disabled)
Convidado (S-1-5-21-3242213785-1770070969-4110494137-501 - Limited - Disabled) => C:\Users\Convidado
Pedro (S-1-5-21-3242213785-1770070969-4110494137-1000 - Administrator - Enabled) => C:\Users\Pedro
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Disabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
Action Games, PokeWorks (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Action Games, PokeWorks) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\{5CD2884E-CAD6-472A-9F7B-C56D4F978182}) (Version: - )
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Akamai NetSession Interface (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
Audiggle version 3.0.0.2 (HKLM\...\{FCAD9ED0-C00F-45FA-91DB-F89140EFAB3A}_is1) (Version: 3.0.0.2 - Audiggle LTD)
Aurera-Global (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Aurera-Global) (Version: - )
Baidu App Store (HKLM\...\Baidu App Store 5.1.0.8859) (Version: 5.1.0.8859 - Baidu, Inc.)
Baidu Browser (HKLM\...\Spark) (Version: 43.18 Preview - Baidu Inc.)
Baidu PC Faster (HKLM\...\Baidu PC Faster 5.1.0.0) (Version: 5.1.3.126764 - Baidu, Inc.) <==== ATENÇÃO
BlueStacks App Player (HKLM\...\{6693B491-7BA8-4A42-A40C-B1BABC8C5339}) (Version: 2.1.7.5658 - BlueStack Systems, Inc.)
BYOND (HKLM\...\BYOND) (Version: 501.1217 - BYOND)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrossFire BR (HKLM\...\CrossFire BR_is1) (Version: V5148 - Z8Games.com)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EagleGet version 2.0.2.8 (HKLM\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.2.8 - EagleGet)
EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - FinalWire Ltd.)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
GameMaker 8.1 (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\GameMaker81) (Version: - )
Gerenciador de Downloads (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\a54e16f5d00985b6) (Version: 0.9.3.106 - Level Up! Gerenciador)
Giga Protection (HKLM\...\{516BB79B-2644-4AD1-A6C1-82DC377573D8}_is1) (Version: 5.6 - eyedrops digital)
Godot Engine (HKLM\...\Steam App 404790) (Version: - Godot Engine)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Grand Chase History 3.0 (HKLM\...\{9D0C9F3A-DBA7-4A3E-B1A3-A3F57AA15321}_is1) (Version: 3.0 - History Games, Inc.)
GraphicsGale FreeEdition version 2.04.03 (HKLM\...\GraphicsGale FreeEdition_is1) (Version: - HUMANBALANCE Ltd.)
HyperCam 3 (HKLM\...\HyperCam 3 3.6.1311.20) (Version: 3.6.1311.20 - Solveig Multimedia)
Instalador Naruto Revolution (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Instalador Naruto Revolution) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2008 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Internet Explorer (Version: 8 - Microsoft Corporation) Hidden
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JS Pokemon (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\JS Pokemon) (Version: - )
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kogama Launcher for Brazil (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\KogamaLauncherBR) (Version: 1.0.0.90 - Multiverse ApS)
Launcher PNoX (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Launcher PNoX) (Version: - )
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.420 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.420 - LogMeIn, Inc.) Hidden
LuaEdit 2010 (x86 - 3.0.10.0) (HKLM\...\LuaEdit 2010_is1) (Version: - Open Source)
MegaProLib versão 1.0 (HKLM\...\{F922B4E6-04A5-464E-8C40-CB4887DEE0D4}_is1) (Version: 1.0 - Megaware Industrial Ltda)
MEmu (HKLM\...\MEmu) (Version: 2.5.0 - Microvirt)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{3911CF56-9EF2-39BA-846A-C27BD3CD0685}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft Office com Clique para Executar 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Português (Brasil) (HKLM\...\{90140011-0066-0416-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\OneDriveSetup.exe) (Version: 17.3.6301.0127 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{53EB5150-C3C6-45F0-A939-14FD85C0F17C}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotioninJoy ds3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.00005 - www.motioninjoy.com)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyProduct (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\MyProduct) (Version: - )
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
Object Builder (HKLM\...\{F331D99A-2823-8BA5-3AEC-F0B2E975EE17}) (Version: - )
Object Builder (HKLM\...\ObjectBuilder) (Version: 0.3.4 - UNKNOWN)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
OtPokemonDBR versão 1.0 (HKLM\...\{AB47011F-3B6E-4DDE-B6DD-D88A09B24C29}_is1) (Version: 1.0 - OtPokemonDBR, Inc.)
Pacote de Driver do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (12/06/2010 4.0.0000.00000) (HKLM\...\30B2813B1F17EF6D99360A190E7F0D3BA2F0DC3C) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
PokeBrO Patcher (HKLM\...\PokeBrO Patcher) (Version: - )
PokeMIW (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\PokeMIW) (Version: - )
Pokémon Draw 1.10 (HKLM\...\Pokémon Draw 1.10) (Version: - )
Pokémon Rusty versão 1.0 (HKLM\...\{1C10F4AC-2AD3-494C-9070-7FBC85506105}_is1) (Version: 1.0 - Pokémon Rusty, Inc.)
PokemonBR Launcher 5.0 (HKLM\...\PokemonBR Launcher 5.0) (Version: - )
PPSSPP version 0.9.8 (HKLM\...\PPSSPP_is1) (Version: 0.9.8 - )
PSky v2 (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\PSky v2) (Version: - )
PSky v4 (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\PSky v4) (Version: - )
PSoul versão 2.7.8 (HKLM\...\{5C5FB05F-B231-4A43-BD55-20A593AE740F}_is1) (Version: 2.7.8 - PSoul)
RaidCall (HKLM\...\RaidCall) (Version: 9.0.4-1.0.2688.511 - raidcall.com.br)
Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Remere's Map Editor (HKLM\...\{9CBEAEF3-C6BA-4F0F-8DC2-03B12BC8CF2F}) (Version: 2.1 - Remere)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
RGSS-RTP Standard (HKLM\...\RGSS-RTP Standard) (Version: - )
ROTZ versão 0.1 (HKLM\...\{77428B89-375D-4A5E-880B-0AE47CFFC4C5}_is1) (Version: 0.1 - ROTZ)
Software de dispositivo do Chipset Intel® (Version: 10.0.27 - Intel(R) Corporation) Hidden
SQLite Expert Personal 3.5.92 (HKLM\...\SQLite Expert Personal 3_is1) (Version: - Bogdan Ureche)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
Tibia MULTI-ip changer (HKLM\...\TMIPC) (Version: - Asprate)
Transformice (HKLM\...\Transformice) (Version: 1.0.0 - UNKNOWN)
Unity Web Player (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visualizador do Microsoft PowerPoint (HKLM\...\{95140000-00AF-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Woody Woodpecker (HKLM\...\Woody Woodpecker) (Version: - )
ZentyalOnline (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\ZentyalOnline) (Version: - )
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuthLib.dll ()
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{20BEBD18-11D0-4470-AAE1-F34B9E8D9761}\InprocServer32 -> C:\Users\Pedro\AppData\Local\SkypePlugin\7.3.0.501\GatewayActiveX.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Pedro\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{5067957C-53ED-4A6D-90EA-DAE18CD69B10}\localserver32 -> C:\Users\Pedro\AppData\Local\SkypePlugin\7.3.0.501\PluginHost.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{9843d1f9-641f-5b9a-bc7c-f59bba9a8f25}\InprocServer32 -> C:\Program Files\EagleGet\npEagleget.dll (EagleGet)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{B5322578-1624-4C26-BB8C-E366FFB9314F}\localserver32 -> C:\Users\Pedro\AppData\Local\SkypePlugin\7.3.0.501\GatewayVersion.exe (Skype Technologies S.A.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1180A551-234D-498C-9643-A4DD3EA130F0} - System32\Tasks\{5FD893B0-2E60-4F38-94C7-89A2B3EA2358} => pcalua.exe -a "C:\Users\Pedro\Downloads\Pokerag Torrent\Pokerag\Setup Pokerag.exe" -d "C:\Users\Pedro\Downloads\Pokerag Torrent\Pokerag"
Task: {1875310E-AAF4-42E4-A439-E1A27772EBFD} - System32\Tasks\{3461EFDE-E50E-414A-9EFD-3CB1BC644BBF} => pcalua.exe -a C:\Users\Pedro\Videos\YGOPro\vcredist_x86.exe -d C:\Users\Pedro\Videos\YGOPro
Task: {2375F586-1009-41FB-B54E-30D8AF2B781D} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe
Task: {2705470B-9926-471B-BA8C-13B89BFDBAE5} - System32\Tasks\{8717A7C0-B769-4C50-95B7-73C2277F4713} => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22] (LogMeIn Inc.)
Task: {4ADDB85F-AD3B-4957-A91D-7478BF6B7923} - System32\Tasks\{4BFECFF9-026F-45D7-BB29-920AEA3BA0A0} => pcalua.exe -a "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W\EDITOR ACCOUNT.exe" -d "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W"
Task: {5CF6B9CB-7492-4330-B9B6-9B6AE868A757} - System32\Tasks\{ED0B2BBA-3AC4-4E74-BD14-E81B3E0C2CFD} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=12002
Task: {6104BBB5-6326-48B6-A9F5-78EC28F6FC1F} - System32\Tasks\{FB6D6DE5-BE95-471C-88C9-FD9DFC1CBD44} => pcalua.exe -a "C:\Users\Pedro\Music\Pictures\Desktop\PokeDraw 1.10.exe" -d C:\Users\Pedro\Music\Pictures\Desktop
Task: {73934C9C-1146-41DD-A2AC-BF0376E3B32B} - System32\Tasks\{82E66198-122D-4035-925D-CA62F5856597} => C:\Program Files\Woody Woodpecker\Woody.exe
Task: {74ED9048-8005-43B6-AF1A-C4D259067EB1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {7B4549E5-E44F-4F70-85CB-DCEF00D457C5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-14] (Microsoft Corporation)
Task: {89AC76FF-59C1-48C7-A3F8-055323854CB8} - System32\Tasks\Baidu PC Faster Service => C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe
Task: {89C13DD9-1630-4F2E-8AEE-31B49A2231AA} - \060184C3-9766-46a0-B258-F4518A0B2633 -> Nenhum Arquivo <==== ATENÇÃO
Task: {95C27F9F-43D4-4790-81B1-C961C37B7A7A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {98C7606C-F8C6-4836-9F79-D6B75C6468E6} - System32\Tasks\{FE4E1454-D165-4B85-9590-077F50679EF1} => pcalua.exe -a "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W\NtoBlackW.exe" -d "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W"
Task: {A2987A9A-2E72-4A1D-B329-DFB43E051994} - System32\Tasks\{8FDDF2C3-B03B-47D9-BB5A-275FF7D17E12} => pcalua.exe -a C:\Joymax\DMO\uninstaller.exe
Task: {AB7A952E-270E-410D-9989-1AECD67B474F} - System32\Tasks\SparkUpdater => C:\Program Files\baidu\Baidu Browser\SparkUpdate.exe [2016-03-07] (Baidu.com, Inc.)
Task: {AC2E59C2-82DF-444A-B67B-4117577873E0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B949C4D9-8892-40A0-9C93-DAADC8720DE2} - System32\Tasks\{1761EF4C-843D-4DE7-995F-EA6B2209464B} => C:\Users\Pedro\Documents\PokeBrO\client.exe [2015-10-28] (PokeBRO Team )
Task: {BAF576F7-37FF-4962-ADD8-181E70780A3E} - System32\Tasks\{985A0C01-A32D-48AB-8E20-F81128337473} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.0.102/pt/go/help.faq.installer?LastError=1638
Task: {C0502A5D-C730-4FDA-BEC3-9BC94D65BD70} - System32\Tasks\{F7FCCFB8-651D-4C9F-85D6-BB6BD6A13298} => pcalua.exe -a C:\Users\Pedro\Downloads\tibia854.exe -d C:\Users\Pedro\Downloads
Task: {C26ACFA3-BEA0-433E-91C4-544BF015F1F9} - System32\Tasks\{0CF05D02-075F-431D-AB7E-4BB725393AE7} => pcalua.exe -a "C:\Program Files\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe"
Task: {CD2A489E-67B7-4BC3-BE00-79D883DD4D44} - System32\Tasks\{47A84119-E5E9-4CAF-8EEE-14487B752462} => C:\Users\Pedro\Documents\PokeBrO\client.exe [2015-10-28] (PokeBRO Team )
Task: {CFA96204-6E6B-4F1D-8E4C-A507FC93C881} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-04] (Adobe Systems Incorporated)
Task: {D1C3B31A-B287-4F91-90F0-F3CCEFA50FB1} - System32\Tasks\{9FFCE146-453B-4C02-B4FD-3FFD36D61359} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.0.102/pt/abandoninstall?source=lightinstaller&page=tsMain
Task: {D2F9188D-F287-47F9-A769-3004141FA48A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe
Task: {E5F19592-6EC2-4D75-960E-E0E81EB9E224} - System32\Tasks\Baidu PC Faster Update => C:\Program Files\PC Faster\5.1.0.0\Updater.exe
Task: {F096DE85-0A8C-499D-99A4-BE97183252CA} - System32\Tasks\{3C3C4A99-CB40-44E7-8AD4-E483BF037D2F} => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22] (LogMeIn Inc.)
Task: {F4A799B2-25B4-47A5-B4F7-4F3020341456} - System32\Tasks\{866ADB77-1BAF-4A10-AC0A-874A009BE39A} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {F4C05A59-5C4B-4C98-BA1B-BC327BB5A1C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 _____ () C:\Windows\system32\slc.dll
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 _____ () C:\Windows\System32\slc.dll
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 _____ () c:\windows\system32\slc.dll
2015-08-31 21:54 - 2015-10-13 02:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2011-05-08 09:30 - 2015-12-08 19:19 - 00413936 _____ () c:\windows\system32\takeexternal.dll
2011-05-08 09:30 - 2015-12-08 19:19 - 00413936 _____ () c:\windows\system32\winsecsrv.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00983352 _____ () C:\Program Files\baidu\Baidu Browser\Spark.exe
2016-03-06 18:26 - 2016-03-07 13:39 - 00430904 _____ () C:\Program Files\baidu\Baidu Browser\bdminiopenssl.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 01018168 _____ () C:\Program Files\baidu\Baidu Browser\bdxui.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00321848 _____ () C:\Program Files\baidu\Baidu Browser\bdaccount.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00521016 _____ () C:\Program Files\baidu\Baidu Browser\xnet.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00276792 _____ () C:\Program Files\baidu\Baidu Browser\p2squery.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00219448 _____ () C:\Program Files\baidu\Baidu Browser\bdbrowsertray.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00410936 _____ () C:\Program Files\baidu\Baidu Browser\bdxctrl.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00116024 _____ () C:\Program Files\baidu\Baidu Browser\SparkSafe.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00581432 _____ () C:\Program Files\baidu\Baidu Browser\bdstatreport.dll
2016-03-06 18:27 - 2016-03-06 18:27 - 00083088 _____ () C:\Users\Pedro\AppData\Roaming\baidu\Spark\sysdata\ExtApp\SnapImg\SnapImg.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 01281848 _____ () C:\Program Files\baidu\Baidu Browser\libglesv2.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00080696 _____ () C:\Program Files\baidu\Baidu Browser\libegl.dll
2016-03-06 18:26 - 2015-06-19 01:38 - 14965064 _____ () C:\Program Files\baidu\Baidu Browser\PepperFlash\pepflashplayer.dll
2014-09-23 17:52 - 2016-02-27 10:33 - 00618496 _____ () C:\Users\Pedro\Videos\YUGIOH\irrKlang.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\aeriagames.com -> hxxp://aeriagames.com
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-05-09 22:31 - 2016-03-30 15:03 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\Services: PCFasterSvc_{PCFaster_5.1.0.0} => 2
MSCONFIG\startupfolder: C:^Users^Pedro^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 3.8.8.1435.lnk => C:\Windows\pss\PC App Store Uninstall 3.8.8.1435.lnk.Startup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Baidu PC Faster 5.1.0.0 => "C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe" -auto -start
MSCONFIG\startupreg: btcl => "C:\Users\Pedro\AppData\Roaming\dist13\btcl.exe"
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: EagleGet => C:\Program Files\EagleGet\Eagleget.exe -V
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: PCAppStore_AppStoreDeskTool => "C:\Program Files\PC App Store\4.10.1.7752\AppStoreDeskTool.exe"
MSCONFIG\startupreg: phx => C:\Users\Pedro\AppData\Roaming\phx\lm32.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{18339852-CD09-4975-898A-CF182F8BA4C0}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7002572A-1628-4357-A926-CEEB43C91CF5}] => (Allow) LPort=2869
FirewallRules: [{29589E20-3D81-4D73-B5A4-6EF8E79B3775}] => (Allow) LPort=1900
FirewallRules: [{A79E040C-6FC4-4A0D-9F48-ED001F97152B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3A42E0D2-A21E-4852-BA3F-B649F25F86E8}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{48A8BE6E-474E-4AF7-8882-27EB464DD71F}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{FA70D2DE-2CFB-464F-B9BB-7D9E1D501DCE}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{75B9E395-286C-42C5-B0F8-E2D101BBE638}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{24801691-56D0-42A3-8FD8-CF7D776B8C78}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{F6AFC031-6A22-41AE-AC68-6EF9A6EE266B}] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{CA73145D-5983-4145-82D3-9FA0A5936E38}] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{00377C04-1176-4918-BF3F-EE25F55C9E7B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{75E1EF01-E000-4E6A-A755-A10B21555DEE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{26B957B5-FDD4-45E3-A61D-9F77023F964C}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{E6286763-8B7E-4C9C-AD0E-9A34E19B21F4}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{41A24A07-F773-4217-850A-9F286E9F79A6}C:\windows\system32\igfxpers.exe] => (Block) C:\windows\system32\igfxpers.exe
FirewallRules: [UDP Query User{F97150A1-A81E-4E71-8935-B214E6F1DEBF}C:\windows\system32\igfxpers.exe] => (Block) C:\windows\system32\igfxpers.exe
FirewallRules: [TCP Query User{F73EFFA3-04FE-43BC-8278-CFAEB001A6AC}C:\windows\system32\dwm.exe] => (Allow) C:\windows\system32\dwm.exe
FirewallRules: [UDP Query User{7BDB2AB4-A00F-4628-B83A-BA13CAA20346}C:\windows\system32\dwm.exe] => (Allow) C:\windows\system32\dwm.exe
FirewallRules: [TCP Query User{4CAB0E0B-2C31-477C-AFC0-15F07B5883B6}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{56EE4D0B-CCED-4104-ACFE-17BE4877CDAC}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{8C8FAFD1-64E9-4799-9E32-73663EF55ACD}C:\windows\system32\userinit.exe] => (Allow) C:\windows\system32\userinit.exe
FirewallRules: [UDP Query User{8D461C2D-DB95-42D1-A0BD-180C93C1A430}C:\windows\system32\userinit.exe] => (Allow) C:\windows\system32\userinit.exe
FirewallRules: [{257FB637-63ED-464A-8143-7B7347765D8F}] => (Block) C:\windows\system32\userinit.exe
FirewallRules: [{BEEE2221-6B47-424F-A951-06389ADEC84A}] => (Block) C:\windows\system32\userinit.exe
FirewallRules: [{5986A744-97E8-4146-8F0F-E4DF354EF7C9}] => (Allow) LPort=7171
FirewallRules: [TCP Query User{F0FB66F2-E48E-428D-B385-0A8CA9306C8B}C:\program files\winrar\winrar.exe] => (Allow) C:\program files\winrar\winrar.exe
FirewallRules: [UDP Query User{A3E28594-BE5B-411E-ADEC-333D37F80FDA}C:\program files\winrar\winrar.exe] => (Allow) C:\program files\winrar\winrar.exe
FirewallRules: [{89F9C391-B02E-4822-8C6E-600280B313D2}] => (Block) C:\program files\winrar\winrar.exe
FirewallRules: [{F2A904BD-4F26-4CA3-BF31-8B2F4F614215}] => (Block) C:\program files\winrar\winrar.exe
FirewallRules: [TCP Query User{9D0638FB-EE5F-4072-B113-F623C7904EEA}C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe] => (Block) C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe
FirewallRules: [UDP Query User{444F4B82-ACA9-4E7F-9526-CA025D527E3B}C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe] => (Block) C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe
FirewallRules: [TCP Query User{0C9EB0DA-F5B3-436E-B2F4-BF6638A58D26}C:\windows\system32\megareg\megareg.exe] => (Block) C:\windows\system32\megareg\megareg.exe
FirewallRules: [UDP Query User{35C5D209-076C-44D2-846A-292DB6D2F8A7}C:\windows\system32\megareg\megareg.exe] => (Block) C:\windows\system32\megareg\megareg.exe
FirewallRules: [TCP Query User{62CF9471-1C44-4322-8EA0-BADBEBAE1161}C:\windows\regedit.exe] => (Block) C:\windows\regedit.exe
FirewallRules: [UDP Query User{77BF6FA5-82EC-47FB-8894-394A1C58CF90}C:\windows\regedit.exe] => (Block) C:\windows\regedit.exe
FirewallRules: [{E988F576-ECCB-4621-B003-126AA4744D4A}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\crossfire_downloader.exe
FirewallRules: [{7AFE012F-1343-47DB-BA29-8733132CF63D}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\crossfire_downloader.exe
FirewallRules: [{256D6FCE-5325-46F2-9465-8E1FFAB8054C}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\cfPT_downloader.exe
FirewallRules: [{B124927E-71A8-4EE1-AEA4-8048002E41B3}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\cfPT_downloader.exe
FirewallRules: [TCP Query User{FE62C861-6E76-4D43-9A15-42CC4AC390AE}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{0EBB8AC6-3BA1-4048-9497-FEC045363B39}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{BFD67446-A5AE-4351-B8A0-5137C18A973F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{42F177BF-D2F6-4F7D-88C8-DC288473D42F}C:\program files\raidcall\raidcall.exe] => (Block) C:\program files\raidcall\raidcall.exe
FirewallRules: [UDP Query User{4008B0D8-3E47-4BFF-A367-D06DB6FD9F34}C:\program files\raidcall\raidcall.exe] => (Block) C:\program files\raidcall\raidcall.exe
FirewallRules: [TCP Query User{B7872C2A-166E-4F1D-81EE-D9616C0953DE}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{74F91CED-A5C2-46E6-A311-0F830C20EF3C}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [TCP Query User{BFC01534-6852-4B51-9D0E-4FF6DE1DBA54}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{E94F6D62-02B3-49D1-B61C-3BDE51288926}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{0BD7BF26-8DCA-4ED0-8FF6-79EE22596993}] => (Allow) C:\Level Up! Games\Grand Chase\main.exe
FirewallRules: [{F2DB3BDD-1033-473C-B118-19F8BAA0D369}] => (Allow) C:\Level Up! Games\Grand Chase\main.exe
FirewallRules: [TCP Query User{8D8B806D-B322-4A32-83CB-7B5ED3E9129F}C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe] => (Block) C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe
FirewallRules: [UDP Query User{5CE4BCD1-C422-45FC-B89E-C10B5C42E8E3}C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe] => (Block) C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe
FirewallRules: [{8EC2C246-378F-4AF2-A9F2-7C024F747C14}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D7F6BA57-B47E-431A-A5C4-ED37EC633D71}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC35B7E7-ABE2-44DA-BD48-94D5727B5901}] => (Allow) C:\Level Up! Games\Elsword\data\x2.exe
FirewallRules: [{806F4EC7-65BB-4D80-8232-FA1881CB56DD}] => (Allow) C:\Level Up! Games\Elsword\data\x2.exe
FirewallRules: [TCP Query User{C85B8A88-FB5F-4338-9D3F-41843C96555F}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E3A40E5-4D0D-4ADE-9640-7B02C3F6E194}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{75AB8967-492D-4271-8B8E-24992CF5F683}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{842A841A-C839-4C2F-A9DA-AB9952781FF2}C:\users\pedro\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\pedro\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{BD6EC42A-5A2F-454F-B8D8-88F2CAAF257F}C:\users\pedro\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\pedro\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{3C2C258F-C6EC-49F7-BDC2-EF87B5A491E0}C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe] => (Block) C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe
FirewallRules: [UDP Query User{58C91537-A1D1-4990-8B15-F1D955D96895}C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe] => (Block) C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe
FirewallRules: [{19EE6CEF-8E8F-4921-A2D0-D2DFBC8E3E57}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe
FirewallRules: [{91911B81-CD7B-4763-958E-A5BE42B2F32B}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe
FirewallRules: [TCP Query User{992C69AD-B2ED-4E49-80C2-D546B889F914}C:\windows\system32\wuauclt.exe] => (Block) C:\windows\system32\wuauclt.exe
FirewallRules: [UDP Query User{02F36BEA-F03F-4503-AD1C-BB05A62DDB71}C:\windows\system32\wuauclt.exe] => (Block) C:\windows\system32\wuauclt.exe
FirewallRules: [TCP Query User{4924BBD9-6456-4518-A87C-AE46B78113B2}C:\program files\microsoft xbox 360 accessories\xboxstat.exe] => (Block) C:\program files\microsoft xbox 360 accessories\xboxstat.exe
FirewallRules: [UDP Query User{B8D1609B-252C-45D5-862F-CE4BCE170463}C:\program files\microsoft xbox 360 accessories\xboxstat.exe] => (Block) C:\program files\microsoft xbox 360 accessories\xboxstat.exe
FirewallRules: [TCP Query User{10F6CBC2-69A8-4D4D-AD68-C5DC2A73D92C}C:\windows\system32\taskmgr.exe] => (Block) C:\windows\system32\taskmgr.exe
FirewallRules: [UDP Query User{1DA6FB6C-F0C6-46BA-A4D8-1D84C1FADB42}C:\windows\system32\taskmgr.exe] => (Block) C:\windows\system32\taskmgr.exe
FirewallRules: [TCP Query User{889AB15C-88C7-4E95-9AA9-628595C865A7}C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe] => (Allow) C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe
FirewallRules: [UDP Query User{6EE8C663-E964-4A1F-AB85-B47A49AAB5EA}C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe] => (Allow) C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe
FirewallRules: [{76A1A988-1199-4CE0-9F74-F4EB7F2C35CE}] => (Allow) LPort=7171
FirewallRules: [{99B9F3F5-9E2B-44B2-9246-F2E4B707661C}] => (Allow) LPort=7171
FirewallRules: [TCP Query User{6DA2B786-5857-457D-ADC7-C84222B9E6E4}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Block) C:\users\pedro\videos\yugioh\ygopro_vs.exe
FirewallRules: [UDP Query User{32BED6BD-5C1B-454D-8671-97938A6C5B84}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Block) C:\users\pedro\videos\yugioh\ygopro_vs.exe
FirewallRules: [{4B0AA30B-FB51-4979-BD8F-63E3224971CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{2B89606C-4826-4605-8CC7-33EE6EF2EB50}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{75BA2FD1-772A-4D2C-8710-9232DC079A1A}] => (Allow) C:\Level Up\Elsword\data\x2.exe
FirewallRules: [{51DFFE9D-CA35-4848-8880-9ECDCDB434E3}] => (Allow) C:\Level Up\Elsword\data\x2.exe
FirewallRules: [{F5AFD418-7092-4C18-B1AA-47C769FCC5B2}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe
FirewallRules: [{77CCEEBB-FE06-4CD8-BAAC-41237B54DEA5}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe
FirewallRules: [{08572770-1EFE-42A6-B54A-F6ADB33B5554}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe
FirewallRules: [{8F63E0CA-31CD-4D02-939D-4528FC0B6977}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe
FirewallRules: [TCP Query User{6E66DAD1-2E68-4D73-9F84-00BD8569DBFC}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs.exe
FirewallRules: [UDP Query User{897E4704-ED6B-40C0-BCED-A3B5455EE168}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs.exe
FirewallRules: [TCP Query User{D5285E8D-6D32-4432-B7FC-E0B587BF42B6}C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe] => (Allow) C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe
FirewallRules: [UDP Query User{2760885E-B6B7-4BC2-AF53-EBDE7C53405A}C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe] => (Allow) C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe
FirewallRules: [{A92CABD5-A343-48E5-BA93-D2C151869705}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe
FirewallRules: [{8EAB3115-916D-40C0-B248-92B28D54EFD8}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe
FirewallRules: [{CAD1B620-AC7F-4425-88A9-45AC82EDA71D}] => (Allow) C:\Program Files\RaidCall.BR\raidcall.exe
FirewallRules: [{8552804C-48C8-43AF-AA10-42F7D5EAAE24}] => (Allow) C:\Program Files\RaidCall.BR\raidcall.exe
FirewallRules: [{4B066957-5534-4B23-9B50-685D580C8E9B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{05ACCD09-AF3C-4F8C-9508-ECDF7EF2A055}] => (Allow) C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{869E63C8-CF45-445E-995B-EA925804965D}D:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [UDP Query User{0DC4F09F-9AFC-4A31-84B1-8F4864D8056B}D:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [TCP Query User{0938220A-BB5A-4EE4-9A86-5D362878A5B3}C:\program files\luaedit 2010\luaedit.exe] => (Block) C:\program files\luaedit 2010\luaedit.exe
FirewallRules: [UDP Query User{3BF1F4F7-FDCB-4693-BC15-684ACF0AFE05}C:\program files\luaedit 2010\luaedit.exe] => (Block) C:\program files\luaedit 2010\luaedit.exe
FirewallRules: [{C3B0B024-D1ED-4F5C-A8A4-D117BCED3D27}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\Steam.exe
FirewallRules: [{178CB747-A071-4D4C-88A2-7F83CA866252}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\Steam.exe
FirewallRules: [{CF189B11-BDE6-4A14-A0A1-24A65FF56CAA}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\bin\steamwebhelper.exe
FirewallRules: [{7EC35FF6-E977-4DA5-AE39-4520656BAFE9}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\bin\steamwebhelper.exe
FirewallRules: [{5629AF62-E3DA-42F4-9B2C-8CE1F48F7FB5}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\steamapps\common\Godot Engine\godot.windows.opt.tools.32.exe
FirewallRules: [{F2874E78-410B-4AF8-B20A-14B672833535}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\steamapps\common\Godot Engine\godot.windows.opt.tools.32.exe
FirewallRules: [{B21283B7-D46C-4004-AB1A-649A012B5A43}] => (Allow) C:\Program Files\Grand Chase History\main.exe
FirewallRules: [{DF11D711-54CD-4AB7-8EBE-DEAA2B1ED927}] => (Allow) C:\Program Files\Grand Chase History\main.exe
FirewallRules: [TCP Query User{67EEA94F-9FFF-4147-9CF9-E8F74C1012AE}C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe
FirewallRules: [UDP Query User{593157D3-0A59-4664-9273-BF6000E0C791}C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe
StandardProfile\AuthorizedApplications: [C:\Windows\system32\winlogon.exe] => enabled:@shell32.dll,-1
StandardProfile\AuthorizedApplications: [C:\Windows\system32\wininit.exe] => enabled:@shell32.dll,-1
==================== Pontos de Restauração =========================
24-03-2016 11:46:01 Windows Update
25-03-2016 01:22:45 Windows Update
25-03-2016 10:40:06 Windows Update
26-03-2016 02:53:53 Windows Update
26-03-2016 11:05:58 Windows Update
27-03-2016 11:27:22 Windows Update
27-03-2016 19:00:40 Backup do Windows
27-03-2016 23:06:07 Windows Update
28-03-2016 12:31:50 Windows Update
28-03-2016 22:50:58 Windows Update
29-03-2016 12:37:40 Windows Update
29-03-2016 19:29:37 Installed Safari
29-03-2016 19:38:08 Removed Safari
30-03-2016 15:03:28 Restore Point Created by FRST
30-03-2016 18:50:56 JRT Pre-Junkware Removal
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Unidade de disquete
Description: Unidade de disquete
Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318}
Manufacturer: (Unidades de disquete padrão)
Service: flpydisk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Adaptador de Túnel Teredo da Microsoft
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/30/2016 04:34:21 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (03/30/2016 03:03:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service Xbox Live Network Manager Service since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (03/30/2016 03:03:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service WMPNetworkSvc since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (03/30/2016 03:03:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service winsecsrv since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (03/30/2016 03:03:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service Windows Security since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (03/30/2016 03:03:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service egGetSvc since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (03/30/2016 03:03:28 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {2b375c1e-250f-48bd-b3ff-c073ccff17e1}
Error: (03/30/2016 12:40:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 148c
Hora de Início: 01d18a9a6182fda7
Hora de Término: 4
Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe
Id do Relatório: b8051328-f68d-11e5-bb5b-4487fcba7ef6
Error: (03/30/2016 12:39:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 1314
Hora de Início: 01d18a9a5449a285
Hora de Término: 3
Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe
Id do Relatório: 9bdeda24-f68d-11e5-bb5b-4487fcba7ef6
Error: (03/30/2016 12:39:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 1078
Hora de Início: 01d18a9a08f2567c
Hora de Término: 5
Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe
Id do Relatório: 9045c79a-f68d-11e5-bb5b-4487fcba7ef6
Erros de Sistema:
=============
Error: (03/30/2016 05:59:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SkypeUpdateEx devido ao seguinte erro:
%%2
Error: (03/30/2016 05:59:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Microsoft Antimalware Service terminou com o erro:
%%-2147024894
Error: (03/30/2016 05:56:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Proteção de Software foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (03/30/2016 05:53:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SkypeUpdateEx devido ao seguinte erro:
%%2
Error: (03/30/2016 05:53:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Agendador de Tarefas depende do serviço Log de Eventos do Windows, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
Error: (03/30/2016 05:53:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Microsoft Antimalware Service terminou com o erro:
%%-2147024894
Error: (03/30/2016 05:33:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SkypeUpdateEx devido ao seguinte erro:
%%2
Error: (03/30/2016 05:32:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Microsoft Antimalware Service terminou com o erro:
%%-2147024894
Error: (03/30/2016 05:26:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SkypeUpdateEx devido ao seguinte erro:
%%2
Error: (03/30/2016 05:26:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Agendador de Tarefas depende do serviço Log de Eventos do Windows, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
CodeIntegrity:
===================================
Date: 2016-03-30 16:03:56.440
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-30 16:03:56.206
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-30 16:03:29.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-30 16:03:29.523
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-30 12:41:13.119
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-30 12:41:12.855
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 15:52:42.819
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 15:52:42.622
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 15:51:37.981
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 15:51:37.811
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentagem de memória em uso: 89%
RAM física total: 1911.12 MB
RAM física disponível: 210.02 MB
Virtual Total: 3822.23 MB
Virtual disponível: 1853.35 MB
==================== Drives ================================
Drive c: (Win7) (Fixed) (Total:465.76 GB) (Free:345.2 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive d: (CD105A4) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 27E1EF72)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Pedro (2016-03-30 19:40:01)
Executando a partir de C:\Users\Pedro\Music\Pictures\Desktop
Microsoft Windows 7 Home Basic Service Pack 1 (X86) (2011-05-07 20:33:57)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3242213785-1770070969-4110494137-500 - Administrator - Disabled)
Convidado (S-1-5-21-3242213785-1770070969-4110494137-501 - Limited - Disabled) => C:\Users\Convidado
Pedro (S-1-5-21-3242213785-1770070969-4110494137-1000 - Administrator - Enabled) => C:\Users\Pedro
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Disabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
Action Games, PokeWorks (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Action Games, PokeWorks) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\{5CD2884E-CAD6-472A-9F7B-C56D4F978182}) (Version: - )
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Akamai NetSession Interface (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
Audiggle version 3.0.0.2 (HKLM\...\{FCAD9ED0-C00F-45FA-91DB-F89140EFAB3A}_is1) (Version: 3.0.0.2 - Audiggle LTD)
Aurera-Global (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Aurera-Global) (Version: - )
Baidu App Store (HKLM\...\Baidu App Store 5.1.0.8859) (Version: 5.1.0.8859 - Baidu, Inc.)
Baidu Browser (HKLM\...\Spark) (Version: 43.18 Preview - Baidu Inc.)
Baidu PC Faster (HKLM\...\Baidu PC Faster 5.1.0.0) (Version: 5.1.3.126764 - Baidu, Inc.) <==== ATENÇÃO
BlueStacks App Player (HKLM\...\{6693B491-7BA8-4A42-A40C-B1BABC8C5339}) (Version: 2.1.7.5658 - BlueStack Systems, Inc.)
BYOND (HKLM\...\BYOND) (Version: 501.1217 - BYOND)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrossFire BR (HKLM\...\CrossFire BR_is1) (Version: V5148 - Z8Games.com)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EagleGet version 2.0.2.8 (HKLM\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.2.8 - EagleGet)
EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - FinalWire Ltd.)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
GameMaker 8.1 (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\GameMaker81) (Version: - )
Gerenciador de Downloads (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\a54e16f5d00985b6) (Version: 0.9.3.106 - Level Up! Gerenciador)
Giga Protection (HKLM\...\{516BB79B-2644-4AD1-A6C1-82DC377573D8}_is1) (Version: 5.6 - eyedrops digital)
Godot Engine (HKLM\...\Steam App 404790) (Version: - Godot Engine)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Grand Chase History 3.0 (HKLM\...\{9D0C9F3A-DBA7-4A3E-B1A3-A3F57AA15321}_is1) (Version: 3.0 - History Games, Inc.)
GraphicsGale FreeEdition version 2.04.03 (HKLM\...\GraphicsGale FreeEdition_is1) (Version: - HUMANBALANCE Ltd.)
HyperCam 3 (HKLM\...\HyperCam 3 3.6.1311.20) (Version: 3.6.1311.20 - Solveig Multimedia)
Instalador Naruto Revolution (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Instalador Naruto Revolution) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2008 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Internet Explorer (Version: 8 - Microsoft Corporation) Hidden
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JS Pokemon (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\JS Pokemon) (Version: - )
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kogama Launcher for Brazil (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\KogamaLauncherBR) (Version: 1.0.0.90 - Multiverse ApS)
Launcher PNoX (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Launcher PNoX) (Version: - )
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.420 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.420 - LogMeIn, Inc.) Hidden
LuaEdit 2010 (x86 - 3.0.10.0) (HKLM\...\LuaEdit 2010_is1) (Version: - Open Source)
MegaProLib versão 1.0 (HKLM\...\{F922B4E6-04A5-464E-8C40-CB4887DEE0D4}_is1) (Version: 1.0 - Megaware Industrial Ltda)
MEmu (HKLM\...\MEmu) (Version: 2.5.0 - Microvirt)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{3911CF56-9EF2-39BA-846A-C27BD3CD0685}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft Office com Clique para Executar 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Português (Brasil) (HKLM\...\{90140011-0066-0416-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\OneDriveSetup.exe) (Version: 17.3.6301.0127 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{53EB5150-C3C6-45F0-A939-14FD85C0F17C}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotioninJoy ds3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.00005 - www.motioninjoy.com)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyProduct (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\MyProduct) (Version: - )
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
Object Builder (HKLM\...\{F331D99A-2823-8BA5-3AEC-F0B2E975EE17}) (Version: - )
Object Builder (HKLM\...\ObjectBuilder) (Version: 0.3.4 - UNKNOWN)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
OtPokemonDBR versão 1.0 (HKLM\...\{AB47011F-3B6E-4DDE-B6DD-D88A09B24C29}_is1) (Version: 1.0 - OtPokemonDBR, Inc.)
Pacote de Driver do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (12/06/2010 4.0.0000.00000) (HKLM\...\30B2813B1F17EF6D99360A190E7F0D3BA2F0DC3C) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
PokeBrO Patcher (HKLM\...\PokeBrO Patcher) (Version: - )
PokeMIW (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\PokeMIW) (Version: - )
Pokémon Draw 1.10 (HKLM\...\Pokémon Draw 1.10) (Version: - )
Pokémon Rusty versão 1.0 (HKLM\...\{1C10F4AC-2AD3-494C-9070-7FBC85506105}_is1) (Version: 1.0 - Pokémon Rusty, Inc.)
PokemonBR Launcher 5.0 (HKLM\...\PokemonBR Launcher 5.0) (Version: - )
PPSSPP version 0.9.8 (HKLM\...\PPSSPP_is1) (Version: 0.9.8 - )
PSky v2 (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\PSky v2) (Version: - )
PSky v4 (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\PSky v4) (Version: - )
PSoul versão 2.7.8 (HKLM\...\{5C5FB05F-B231-4A43-BD55-20A593AE740F}_is1) (Version: 2.7.8 - PSoul)
RaidCall (HKLM\...\RaidCall) (Version: 9.0.4-1.0.2688.511 - raidcall.com.br)
Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Remere's Map Editor (HKLM\...\{9CBEAEF3-C6BA-4F0F-8DC2-03B12BC8CF2F}) (Version: 2.1 - Remere)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
RGSS-RTP Standard (HKLM\...\RGSS-RTP Standard) (Version: - )
ROTZ versão 0.1 (HKLM\...\{77428B89-375D-4A5E-880B-0AE47CFFC4C5}_is1) (Version: 0.1 - ROTZ)
Software de dispositivo do Chipset Intel® (Version: 10.0.27 - Intel(R) Corporation) Hidden
SQLite Expert Personal 3.5.92 (HKLM\...\SQLite Expert Personal 3_is1) (Version: - Bogdan Ureche)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
Tibia MULTI-ip changer (HKLM\...\TMIPC) (Version: - Asprate)
Transformice (HKLM\...\Transformice) (Version: 1.0.0 - UNKNOWN)
Unity Web Player (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visualizador do Microsoft PowerPoint (HKLM\...\{95140000-00AF-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Woody Woodpecker (HKLM\...\Woody Woodpecker) (Version: - )
ZentyalOnline (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\ZentyalOnline) (Version: - )
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuthLib.dll ()
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{20BEBD18-11D0-4470-AAE1-F34B9E8D9761}\InprocServer32 -> C:\Users\Pedro\AppData\Local\SkypePlugin\7.3.0.501\GatewayActiveX.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Pedro\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{5067957C-53ED-4A6D-90EA-DAE18CD69B10}\localserver32 -> C:\Users\Pedro\AppData\Local\SkypePlugin\7.3.0.501\PluginHost.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{9843d1f9-641f-5b9a-bc7c-f59bba9a8f25}\InprocServer32 -> C:\Program Files\EagleGet\npEagleget.dll (EagleGet)
CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{B5322578-1624-4C26-BB8C-E366FFB9314F}\localserver32 -> C:\Users\Pedro\AppData\Local\SkypePlugin\7.3.0.501\GatewayVersion.exe (Skype Technologies S.A.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1180A551-234D-498C-9643-A4DD3EA130F0} - System32\Tasks\{5FD893B0-2E60-4F38-94C7-89A2B3EA2358} => pcalua.exe -a "C:\Users\Pedro\Downloads\Pokerag Torrent\Pokerag\Setup Pokerag.exe" -d "C:\Users\Pedro\Downloads\Pokerag Torrent\Pokerag"
Task: {1875310E-AAF4-42E4-A439-E1A27772EBFD} - System32\Tasks\{3461EFDE-E50E-414A-9EFD-3CB1BC644BBF} => pcalua.exe -a C:\Users\Pedro\Videos\YGOPro\vcredist_x86.exe -d C:\Users\Pedro\Videos\YGOPro
Task: {2375F586-1009-41FB-B54E-30D8AF2B781D} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe
Task: {2705470B-9926-471B-BA8C-13B89BFDBAE5} - System32\Tasks\{8717A7C0-B769-4C50-95B7-73C2277F4713} => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22] (LogMeIn Inc.)
Task: {4ADDB85F-AD3B-4957-A91D-7478BF6B7923} - System32\Tasks\{4BFECFF9-026F-45D7-BB29-920AEA3BA0A0} => pcalua.exe -a "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W\EDITOR ACCOUNT.exe" -d "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W"
Task: {5CF6B9CB-7492-4330-B9B6-9B6AE868A757} - System32\Tasks\{ED0B2BBA-3AC4-4E74-BD14-E81B3E0C2CFD} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=12002
Task: {6104BBB5-6326-48B6-A9F5-78EC28F6FC1F} - System32\Tasks\{FB6D6DE5-BE95-471C-88C9-FD9DFC1CBD44} => pcalua.exe -a "C:\Users\Pedro\Music\Pictures\Desktop\PokeDraw 1.10.exe" -d C:\Users\Pedro\Music\Pictures\Desktop
Task: {73934C9C-1146-41DD-A2AC-BF0376E3B32B} - System32\Tasks\{82E66198-122D-4035-925D-CA62F5856597} => C:\Program Files\Woody Woodpecker\Woody.exe
Task: {74ED9048-8005-43B6-AF1A-C4D259067EB1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {7B4549E5-E44F-4F70-85CB-DCEF00D457C5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-14] (Microsoft Corporation)
Task: {89AC76FF-59C1-48C7-A3F8-055323854CB8} - System32\Tasks\Baidu PC Faster Service => C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe
Task: {89C13DD9-1630-4F2E-8AEE-31B49A2231AA} - \060184C3-9766-46a0-B258-F4518A0B2633 -> Nenhum Arquivo <==== ATENÇÃO
Task: {95C27F9F-43D4-4790-81B1-C961C37B7A7A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {98C7606C-F8C6-4836-9F79-D6B75C6468E6} - System32\Tasks\{FE4E1454-D165-4B85-9590-077F50679EF1} => pcalua.exe -a "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W\NtoBlackW.exe" -d "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W"
Task: {A2987A9A-2E72-4A1D-B329-DFB43E051994} - System32\Tasks\{8FDDF2C3-B03B-47D9-BB5A-275FF7D17E12} => pcalua.exe -a C:\Joymax\DMO\uninstaller.exe
Task: {AB7A952E-270E-410D-9989-1AECD67B474F} - System32\Tasks\SparkUpdater => C:\Program Files\baidu\Baidu Browser\SparkUpdate.exe [2016-03-07] (Baidu.com, Inc.)
Task: {AC2E59C2-82DF-444A-B67B-4117577873E0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B949C4D9-8892-40A0-9C93-DAADC8720DE2} - System32\Tasks\{1761EF4C-843D-4DE7-995F-EA6B2209464B} => C:\Users\Pedro\Documents\PokeBrO\client.exe [2015-10-28] (PokeBRO Team )
Task: {BAF576F7-37FF-4962-ADD8-181E70780A3E} - System32\Tasks\{985A0C01-A32D-48AB-8E20-F81128337473} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.0.102/pt/go/help.faq.installer?LastError=1638
Task: {C0502A5D-C730-4FDA-BEC3-9BC94D65BD70} - System32\Tasks\{F7FCCFB8-651D-4C9F-85D6-BB6BD6A13298} => pcalua.exe -a C:\Users\Pedro\Downloads\tibia854.exe -d C:\Users\Pedro\Downloads
Task: {C26ACFA3-BEA0-433E-91C4-544BF015F1F9} - System32\Tasks\{0CF05D02-075F-431D-AB7E-4BB725393AE7} => pcalua.exe -a "C:\Program Files\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe"
Task: {CD2A489E-67B7-4BC3-BE00-79D883DD4D44} - System32\Tasks\{47A84119-E5E9-4CAF-8EEE-14487B752462} => C:\Users\Pedro\Documents\PokeBrO\client.exe [2015-10-28] (PokeBRO Team )
Task: {CFA96204-6E6B-4F1D-8E4C-A507FC93C881} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-04] (Adobe Systems Incorporated)
Task: {D1C3B31A-B287-4F91-90F0-F3CCEFA50FB1} - System32\Tasks\{9FFCE146-453B-4C02-B4FD-3FFD36D61359} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.0.102/pt/abandoninstall?source=lightinstaller&page=tsMain
Task: {D2F9188D-F287-47F9-A769-3004141FA48A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe
Task: {E5F19592-6EC2-4D75-960E-E0E81EB9E224} - System32\Tasks\Baidu PC Faster Update => C:\Program Files\PC Faster\5.1.0.0\Updater.exe
Task: {F096DE85-0A8C-499D-99A4-BE97183252CA} - System32\Tasks\{3C3C4A99-CB40-44E7-8AD4-E483BF037D2F} => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22] (LogMeIn Inc.)
Task: {F4A799B2-25B4-47A5-B4F7-4F3020341456} - System32\Tasks\{866ADB77-1BAF-4A10-AC0A-874A009BE39A} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {F4C05A59-5C4B-4C98-BA1B-BC327BB5A1C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 _____ () C:\Windows\system32\slc.dll
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 _____ () C:\Windows\System32\slc.dll
2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 _____ () c:\windows\system32\slc.dll
2015-08-31 21:54 - 2015-10-13 02:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2011-05-08 09:30 - 2015-12-08 19:19 - 00413936 _____ () c:\windows\system32\takeexternal.dll
2011-05-08 09:30 - 2015-12-08 19:19 - 00413936 _____ () c:\windows\system32\winsecsrv.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00983352 _____ () C:\Program Files\baidu\Baidu Browser\Spark.exe
2016-03-06 18:26 - 2016-03-07 13:39 - 00430904 _____ () C:\Program Files\baidu\Baidu Browser\bdminiopenssl.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 01018168 _____ () C:\Program Files\baidu\Baidu Browser\bdxui.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00321848 _____ () C:\Program Files\baidu\Baidu Browser\bdaccount.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00521016 _____ () C:\Program Files\baidu\Baidu Browser\xnet.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00276792 _____ () C:\Program Files\baidu\Baidu Browser\p2squery.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00219448 _____ () C:\Program Files\baidu\Baidu Browser\bdbrowsertray.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00410936 _____ () C:\Program Files\baidu\Baidu Browser\bdxctrl.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00116024 _____ () C:\Program Files\baidu\Baidu Browser\SparkSafe.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00581432 _____ () C:\Program Files\baidu\Baidu Browser\bdstatreport.dll
2016-03-06 18:27 - 2016-03-06 18:27 - 00083088 _____ () C:\Users\Pedro\AppData\Roaming\baidu\Spark\sysdata\ExtApp\SnapImg\SnapImg.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 01281848 _____ () C:\Program Files\baidu\Baidu Browser\libglesv2.dll
2016-03-06 18:26 - 2016-03-07 13:39 - 00080696 _____ () C:\Program Files\baidu\Baidu Browser\libegl.dll
2016-03-06 18:26 - 2015-06-19 01:38 - 14965064 _____ () C:\Program Files\baidu\Baidu Browser\PepperFlash\pepflashplayer.dll
2014-09-23 17:52 - 2016-02-27 10:33 - 00618496 _____ () C:\Users\Pedro\Videos\YUGIOH\irrKlang.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\aeriagames.com -> hxxp://aeriagames.com
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-05-09 22:31 - 2016-03-30 15:03 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\Services: PCFasterSvc_{PCFaster_5.1.0.0} => 2
MSCONFIG\startupfolder: C:^Users^Pedro^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 3.8.8.1435.lnk => C:\Windows\pss\PC App Store Uninstall 3.8.8.1435.lnk.Startup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Baidu PC Faster 5.1.0.0 => "C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe" -auto -start
MSCONFIG\startupreg: btcl => "C:\Users\Pedro\AppData\Roaming\dist13\btcl.exe"
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: EagleGet => C:\Program Files\EagleGet\Eagleget.exe -V
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: PCAppStore_AppStoreDeskTool => "C:\Program Files\PC App Store\4.10.1.7752\AppStoreDeskTool.exe"
MSCONFIG\startupreg: phx => C:\Users\Pedro\AppData\Roaming\phx\lm32.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{18339852-CD09-4975-898A-CF182F8BA4C0}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7002572A-1628-4357-A926-CEEB43C91CF5}] => (Allow) LPort=2869
FirewallRules: [{29589E20-3D81-4D73-B5A4-6EF8E79B3775}] => (Allow) LPort=1900
FirewallRules: [{A79E040C-6FC4-4A0D-9F48-ED001F97152B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3A42E0D2-A21E-4852-BA3F-B649F25F86E8}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{48A8BE6E-474E-4AF7-8882-27EB464DD71F}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{FA70D2DE-2CFB-464F-B9BB-7D9E1D501DCE}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{75B9E395-286C-42C5-B0F8-E2D101BBE638}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{24801691-56D0-42A3-8FD8-CF7D776B8C78}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{F6AFC031-6A22-41AE-AC68-6EF9A6EE266B}] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{CA73145D-5983-4145-82D3-9FA0A5936E38}] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{00377C04-1176-4918-BF3F-EE25F55C9E7B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{75E1EF01-E000-4E6A-A755-A10B21555DEE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{26B957B5-FDD4-45E3-A61D-9F77023F964C}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{E6286763-8B7E-4C9C-AD0E-9A34E19B21F4}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{41A24A07-F773-4217-850A-9F286E9F79A6}C:\windows\system32\igfxpers.exe] => (Block) C:\windows\system32\igfxpers.exe
FirewallRules: [UDP Query User{F97150A1-A81E-4E71-8935-B214E6F1DEBF}C:\windows\system32\igfxpers.exe] => (Block) C:\windows\system32\igfxpers.exe
FirewallRules: [TCP Query User{F73EFFA3-04FE-43BC-8278-CFAEB001A6AC}C:\windows\system32\dwm.exe] => (Allow) C:\windows\system32\dwm.exe
FirewallRules: [UDP Query User{7BDB2AB4-A00F-4628-B83A-BA13CAA20346}C:\windows\system32\dwm.exe] => (Allow) C:\windows\system32\dwm.exe
FirewallRules: [TCP Query User{4CAB0E0B-2C31-477C-AFC0-15F07B5883B6}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{56EE4D0B-CCED-4104-ACFE-17BE4877CDAC}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{8C8FAFD1-64E9-4799-9E32-73663EF55ACD}C:\windows\system32\userinit.exe] => (Allow) C:\windows\system32\userinit.exe
FirewallRules: [UDP Query User{8D461C2D-DB95-42D1-A0BD-180C93C1A430}C:\windows\system32\userinit.exe] => (Allow) C:\windows\system32\userinit.exe
FirewallRules: [{257FB637-63ED-464A-8143-7B7347765D8F}] => (Block) C:\windows\system32\userinit.exe
FirewallRules: [{BEEE2221-6B47-424F-A951-06389ADEC84A}] => (Block) C:\windows\system32\userinit.exe
FirewallRules: [{5986A744-97E8-4146-8F0F-E4DF354EF7C9}] => (Allow) LPort=7171
FirewallRules: [TCP Query User{F0FB66F2-E48E-428D-B385-0A8CA9306C8B}C:\program files\winrar\winrar.exe] => (Allow) C:\program files\winrar\winrar.exe
FirewallRules: [UDP Query User{A3E28594-BE5B-411E-ADEC-333D37F80FDA}C:\program files\winrar\winrar.exe] => (Allow) C:\program files\winrar\winrar.exe
FirewallRules: [{89F9C391-B02E-4822-8C6E-600280B313D2}] => (Block) C:\program files\winrar\winrar.exe
FirewallRules: [{F2A904BD-4F26-4CA3-BF31-8B2F4F614215}] => (Block) C:\program files\winrar\winrar.exe
FirewallRules: [TCP Query User{9D0638FB-EE5F-4072-B113-F623C7904EEA}C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe] => (Block) C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe
FirewallRules: [UDP Query User{444F4B82-ACA9-4E7F-9526-CA025D527E3B}C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe] => (Block) C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe
FirewallRules: [TCP Query User{0C9EB0DA-F5B3-436E-B2F4-BF6638A58D26}C:\windows\system32\megareg\megareg.exe] => (Block) C:\windows\system32\megareg\megareg.exe
FirewallRules: [UDP Query User{35C5D209-076C-44D2-846A-292DB6D2F8A7}C:\windows\system32\megareg\megareg.exe] => (Block) C:\windows\system32\megareg\megareg.exe
FirewallRules: [TCP Query User{62CF9471-1C44-4322-8EA0-BADBEBAE1161}C:\windows\regedit.exe] => (Block) C:\windows\regedit.exe
FirewallRules: [UDP Query User{77BF6FA5-82EC-47FB-8894-394A1C58CF90}C:\windows\regedit.exe] => (Block) C:\windows\regedit.exe
FirewallRules: [{E988F576-ECCB-4621-B003-126AA4744D4A}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\crossfire_downloader.exe
FirewallRules: [{7AFE012F-1343-47DB-BA29-8733132CF63D}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\crossfire_downloader.exe
FirewallRules: [{256D6FCE-5325-46F2-9465-8E1FFAB8054C}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\cfPT_downloader.exe
FirewallRules: [{B124927E-71A8-4EE1-AEA4-8048002E41B3}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\cfPT_downloader.exe
FirewallRules: [TCP Query User{FE62C861-6E76-4D43-9A15-42CC4AC390AE}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{0EBB8AC6-3BA1-4048-9497-FEC045363B39}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{BFD67446-A5AE-4351-B8A0-5137C18A973F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{42F177BF-D2F6-4F7D-88C8-DC288473D42F}C:\program files\raidcall\raidcall.exe] => (Block) C:\program files\raidcall\raidcall.exe
FirewallRules: [UDP Query User{4008B0D8-3E47-4BFF-A367-D06DB6FD9F34}C:\program files\raidcall\raidcall.exe] => (Block) C:\program files\raidcall\raidcall.exe
FirewallRules: [TCP Query User{B7872C2A-166E-4F1D-81EE-D9616C0953DE}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{74F91CED-A5C2-46E6-A311-0F830C20EF3C}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [TCP Query User{BFC01534-6852-4B51-9D0E-4FF6DE1DBA54}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{E94F6D62-02B3-49D1-B61C-3BDE51288926}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{0BD7BF26-8DCA-4ED0-8FF6-79EE22596993}] => (Allow) C:\Level Up! Games\Grand Chase\main.exe
FirewallRules: [{F2DB3BDD-1033-473C-B118-19F8BAA0D369}] => (Allow) C:\Level Up! Games\Grand Chase\main.exe
FirewallRules: [TCP Query User{8D8B806D-B322-4A32-83CB-7B5ED3E9129F}C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe] => (Block) C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe
FirewallRules: [UDP Query User{5CE4BCD1-C422-45FC-B89E-C10B5C42E8E3}C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe] => (Block) C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe
FirewallRules: [{8EC2C246-378F-4AF2-A9F2-7C024F747C14}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D7F6BA57-B47E-431A-A5C4-ED37EC633D71}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC35B7E7-ABE2-44DA-BD48-94D5727B5901}] => (Allow) C:\Level Up! Games\Elsword\data\x2.exe
FirewallRules: [{806F4EC7-65BB-4D80-8232-FA1881CB56DD}] => (Allow) C:\Level Up! Games\Elsword\data\x2.exe
FirewallRules: [TCP Query User{C85B8A88-FB5F-4338-9D3F-41843C96555F}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E3A40E5-4D0D-4ADE-9640-7B02C3F6E194}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{75AB8967-492D-4271-8B8E-24992CF5F683}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{842A841A-C839-4C2F-A9DA-AB9952781FF2}C:\users\pedro\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\pedro\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{BD6EC42A-5A2F-454F-B8D8-88F2CAAF257F}C:\users\pedro\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\pedro\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{3C2C258F-C6EC-49F7-BDC2-EF87B5A491E0}C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe] => (Block) C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe
FirewallRules: [UDP Query User{58C91537-A1D1-4990-8B15-F1D955D96895}C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe] => (Block) C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe
FirewallRules: [{19EE6CEF-8E8F-4921-A2D0-D2DFBC8E3E57}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe
FirewallRules: [{91911B81-CD7B-4763-958E-A5BE42B2F32B}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe
FirewallRules: [TCP Query User{992C69AD-B2ED-4E49-80C2-D546B889F914}C:\windows\system32\wuauclt.exe] => (Block) C:\windows\system32\wuauclt.exe
FirewallRules: [UDP Query User{02F36BEA-F03F-4503-AD1C-BB05A62DDB71}C:\windows\system32\wuauclt.exe] => (Block) C:\windows\system32\wuauclt.exe
FirewallRules: [TCP Query User{4924BBD9-6456-4518-A87C-AE46B78113B2}C:\program files\microsoft xbox 360 accessories\xboxstat.exe] => (Block) C:\program files\microsoft xbox 360 accessories\xboxstat.exe
FirewallRules: [UDP Query User{B8D1609B-252C-45D5-862F-CE4BCE170463}C:\program files\microsoft xbox 360 accessories\xboxstat.exe] => (Block) C:\program files\microsoft xbox 360 accessories\xboxstat.exe
FirewallRules: [TCP Query User{10F6CBC2-69A8-4D4D-AD68-C5DC2A73D92C}C:\windows\system32\taskmgr.exe] => (Block) C:\windows\system32\taskmgr.exe
FirewallRules: [UDP Query User{1DA6FB6C-F0C6-46BA-A4D8-1D84C1FADB42}C:\windows\system32\taskmgr.exe] => (Block) C:\windows\system32\taskmgr.exe
FirewallRules: [TCP Query User{889AB15C-88C7-4E95-9AA9-628595C865A7}C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe] => (Allow) C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe
FirewallRules: [UDP Query User{6EE8C663-E964-4A1F-AB85-B47A49AAB5EA}C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe] => (Allow) C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe
FirewallRules: [{76A1A988-1199-4CE0-9F74-F4EB7F2C35CE}] => (Allow) LPort=7171
FirewallRules: [{99B9F3F5-9E2B-44B2-9246-F2E4B707661C}] => (Allow) LPort=7171
FirewallRules: [TCP Query User{6DA2B786-5857-457D-ADC7-C84222B9E6E4}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Block) C:\users\pedro\videos\yugioh\ygopro_vs.exe
FirewallRules: [UDP Query User{32BED6BD-5C1B-454D-8671-97938A6C5B84}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Block) C:\users\pedro\videos\yugioh\ygopro_vs.exe
FirewallRules: [{4B0AA30B-FB51-4979-BD8F-63E3224971CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{2B89606C-4826-4605-8CC7-33EE6EF2EB50}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{75BA2FD1-772A-4D2C-8710-9232DC079A1A}] => (Allow) C:\Level Up\Elsword\data\x2.exe
FirewallRules: [{51DFFE9D-CA35-4848-8880-9ECDCDB434E3}] => (Allow) C:\Level Up\Elsword\data\x2.exe
FirewallRules: [{F5AFD418-7092-4C18-B1AA-47C769FCC5B2}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe
FirewallRules: [{77CCEEBB-FE06-4CD8-BAAC-41237B54DEA5}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe
FirewallRules: [{08572770-1EFE-42A6-B54A-F6ADB33B5554}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe
FirewallRules: [{8F63E0CA-31CD-4D02-939D-4528FC0B6977}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe
FirewallRules: [TCP Query User{6E66DAD1-2E68-4D73-9F84-00BD8569DBFC}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs.exe
FirewallRules: [UDP Query User{897E4704-ED6B-40C0-BCED-A3B5455EE168}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs.exe
FirewallRules: [TCP Query User{D5285E8D-6D32-4432-B7FC-E0B587BF42B6}C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe] => (Allow) C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe
FirewallRules: [UDP Query User{2760885E-B6B7-4BC2-AF53-EBDE7C53405A}C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe] => (Allow) C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe
FirewallRules: [{A92CABD5-A343-48E5-BA93-D2C151869705}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe
FirewallRules: [{8EAB3115-916D-40C0-B248-92B28D54EFD8}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe
FirewallRules: [{CAD1B620-AC7F-4425-88A9-45AC82EDA71D}] => (Allow) C:\Program Files\RaidCall.BR\raidcall.exe
FirewallRules: [{8552804C-48C8-43AF-AA10-42F7D5EAAE24}] => (Allow) C:\Program Files\RaidCall.BR\raidcall.exe
FirewallRules: [{4B066957-5534-4B23-9B50-685D580C8E9B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{05ACCD09-AF3C-4F8C-9508-ECDF7EF2A055}] => (Allow) C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{869E63C8-CF45-445E-995B-EA925804965D}D:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [UDP Query User{0DC4F09F-9AFC-4A31-84B1-8F4864D8056B}D:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [TCP Query User{0938220A-BB5A-4EE4-9A86-5D362878A5B3}C:\program files\luaedit 2010\luaedit.exe] => (Block) C:\program files\luaedit 2010\luaedit.exe
FirewallRules: [UDP Query User{3BF1F4F7-FDCB-4693-BC15-684ACF0AFE05}C:\program files\luaedit 2010\luaedit.exe] => (Block) C:\program files\luaedit 2010\luaedit.exe
FirewallRules: [{C3B0B024-D1ED-4F5C-A8A4-D117BCED3D27}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\Steam.exe
FirewallRules: [{178CB747-A071-4D4C-88A2-7F83CA866252}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\Steam.exe
FirewallRules: [{CF189B11-BDE6-4A14-A0A1-24A65FF56CAA}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\bin\steamwebhelper.exe
FirewallRules: [{7EC35FF6-E977-4DA5-AE39-4520656BAFE9}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\bin\steamwebhelper.exe
FirewallRules: [{5629AF62-E3DA-42F4-9B2C-8CE1F48F7FB5}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\steamapps\common\Godot Engine\godot.windows.opt.tools.32.exe
FirewallRules: [{F2874E78-410B-4AF8-B20A-14B672833535}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\steamapps\common\Godot Engine\godot.windows.opt.tools.32.exe
FirewallRules: [{B21283B7-D46C-4004-AB1A-649A012B5A43}] => (Allow) C:\Program Files\Grand Chase History\main.exe
FirewallRules: [{DF11D711-54CD-4AB7-8EBE-DEAA2B1ED927}] => (Allow) C:\Program Files\Grand Chase History\main.exe
FirewallRules: [TCP Query User{67EEA94F-9FFF-4147-9CF9-E8F74C1012AE}C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe
FirewallRules: [UDP Query User{593157D3-0A59-4664-9273-BF6000E0C791}C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe
StandardProfile\AuthorizedApplications: [C:\Windows\system32\winlogon.exe] => enabled:@shell32.dll,-1
StandardProfile\AuthorizedApplications: [C:\Windows\system32\wininit.exe] => enabled:@shell32.dll,-1
==================== Pontos de Restauração =========================
24-03-2016 11:46:01 Windows Update
25-03-2016 01:22:45 Windows Update
25-03-2016 10:40:06 Windows Update
26-03-2016 02:53:53 Windows Update
26-03-2016 11:05:58 Windows Update
27-03-2016 11:27:22 Windows Update
27-03-2016 19:00:40 Backup do Windows
27-03-2016 23:06:07 Windows Update
28-03-2016 12:31:50 Windows Update
28-03-2016 22:50:58 Windows Update
29-03-2016 12:37:40 Windows Update
29-03-2016 19:29:37 Installed Safari
29-03-2016 19:38:08 Removed Safari
30-03-2016 15:03:28 Restore Point Created by FRST
30-03-2016 18:50:56 JRT Pre-Junkware Removal
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Unidade de disquete
Description: Unidade de disquete
Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318}
Manufacturer: (Unidades de disquete padrão)
Service: flpydisk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Adaptador de Túnel Teredo da Microsoft
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/30/2016 04:34:21 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (03/30/2016 03:03:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service Xbox Live Network Manager Service since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (03/30/2016 03:03:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service WMPNetworkSvc since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (03/30/2016 03:03:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service winsecsrv since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (03/30/2016 03:03:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service Windows Security since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (03/30/2016 03:03:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service egGetSvc since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (03/30/2016 03:03:28 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {2b375c1e-250f-48bd-b3ff-c073ccff17e1}
Error: (03/30/2016 12:40:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 148c
Hora de Início: 01d18a9a6182fda7
Hora de Término: 4
Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe
Id do Relatório: b8051328-f68d-11e5-bb5b-4487fcba7ef6
Error: (03/30/2016 12:39:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 1314
Hora de Início: 01d18a9a5449a285
Hora de Término: 3
Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe
Id do Relatório: 9bdeda24-f68d-11e5-bb5b-4487fcba7ef6
Error: (03/30/2016 12:39:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 1078
Hora de Início: 01d18a9a08f2567c
Hora de Término: 5
Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe
Id do Relatório: 9045c79a-f68d-11e5-bb5b-4487fcba7ef6
Erros de Sistema:
=============
Error: (03/30/2016 05:59:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SkypeUpdateEx devido ao seguinte erro:
%%2
Error: (03/30/2016 05:59:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Microsoft Antimalware Service terminou com o erro:
%%-2147024894
Error: (03/30/2016 05:56:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Proteção de Software foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (03/30/2016 05:53:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SkypeUpdateEx devido ao seguinte erro:
%%2
Error: (03/30/2016 05:53:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Agendador de Tarefas depende do serviço Log de Eventos do Windows, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
Error: (03/30/2016 05:53:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Microsoft Antimalware Service terminou com o erro:
%%-2147024894
Error: (03/30/2016 05:33:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SkypeUpdateEx devido ao seguinte erro:
%%2
Error: (03/30/2016 05:32:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Microsoft Antimalware Service terminou com o erro:
%%-2147024894
Error: (03/30/2016 05:26:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SkypeUpdateEx devido ao seguinte erro:
%%2
Error: (03/30/2016 05:26:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Agendador de Tarefas depende do serviço Log de Eventos do Windows, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
CodeIntegrity:
===================================
Date: 2016-03-30 16:03:56.440
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-30 16:03:56.206
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-30 16:03:29.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-30 16:03:29.523
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-30 12:41:13.119
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-30 12:41:12.855
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 15:52:42.819
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 15:52:42.622
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 15:51:37.981
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 15:51:37.811
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentagem de memória em uso: 89%
RAM física total: 1911.12 MB
RAM física disponível: 210.02 MB
Virtual Total: 3822.23 MB
Virtual disponível: 1853.35 MB
==================== Drives ================================
Drive c: (Win7) (Fixed) (Total:465.76 GB) (Free:345.2 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive d: (CD105A4) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 27E1EF72)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================