Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 17-07-2016 03
Executado por Rhyan (2016-07-18 11:07:31)
Executando a partir de C:\Users\Rhyan\Desktop
Microsoft Windows 10 Pro Versão 1511 (X86) (2016-05-06 04:22:36)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-341881914-638213641-549414203-500 - Administrator - Disabled) => C:\Users\Administrador.000
Convidado (S-1-5-21-341881914-638213641-549414203-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-341881914-638213641-549414203-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-341881914-638213641-549414203-1003 - Limited - Enabled)
Rhyan (S-1-5-21-341881914-638213641-549414203-1001 - Administrator - Enabled) => C:\Users\Rhyan
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-341881914-638213641-549414203-1001\...\uTorrent) (Version: 3.4.2.36615 - BitTorrent Inc.)
ABViewer 11 (HKLM\...\ABViewer 11_is1) (Version: 11.0.0.12 - CADSoftTools ®.)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Advanced RAR Repair v1.2 (HKLM\...\Advanced RAR Repair v1.2) (Version: - )
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.3.0 - IObit)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk)
Big Mutha Truckers 2 (HKLM\...\{FA075505-EFF6-4006-8E9F-921E09774684}) (Version: 1.00.0000 - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Chromium (HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Chromium) (Version: 46.0.2480.0 - Chromium)
Combat Arms (HKLM\...\Combat Arms) (Version: - )
Driver Booster 3.4 (HKLM\...\Driver Booster_is1) (Version: 3.4 - IObit)
DWG TrueView 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
HASP Device Driver (HKLM\...\HASP Device Driver) (Version: - )
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Deskjet 2050 J510 series Ajuda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{D63C6E54-882C-478B-91AB-53D1E89C80BA}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{6A653EE1-F8B9-4885-BB4A-E9D9481F626C}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Ajuda (HKLM\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050 J610 series Estudo de aprimoramento de produtos (HKLM\...\{57661627-CDB4-4D53-88A7-A2122AB5265E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Software básico do dispositivo (HKLM\...\{15242A89-4D9E-4CD1-B3BC-3B402485B5D6}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jogos Level Up (HKU\S-1-5-21-341881914-638213641-549414203-1001\...\6d7bdf9c3c2a31f9) (Version: 0.9.4.2 - Level Up)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-341881914-638213641-549414203-1001\...\MK LOL) (Version: - )
Movie Studio Platinum 13.0 (HKLM\...\{C07796C0-7C69-11E3-8E39-F04DA23A5C58}) (Version: 13.0.878 - Sony)
MuAwaY versão 97d+1.0 Custons Sem Audio (HKLM\...\{E8DEFD48-73B0-4BC7-9929-D32194C65B58}_is1) (Version: 97d+1.0 Custons Sem Audio - MuAwaY, Inc.)
Node.js (HKLM\...\{47840698-D4F5-414F-A3A9-9A23BF6C6A1A}) (Version: 4.4.3 - Node.js Foundation)
No-IP DUC (HKLM\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pixel Art 9 (HKLM\...\Pixel Art 9) (Version: - )
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Search Provided by Yahoo (HKLM\...\YahooProvidedSearch) (Version: - ) <==== ATENÇÃO
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
SketchUp 2015 (HKLM\...\{08E03BFC-1DCB-40E5-95B4-967F5B29FDEB}) (Version: 15.3.330 - Trimble Navigation Limited)
SketchUp Import for AutoCAD 2014 (HKLM\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKU\S-1-5-21-341881914-638213641-549414203-1001\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{7BDD179E-C954-438B-937D-EB411B701EAB}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BD10518F-3463-429E-8761-0AEDCEEA6297}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 32-Bit Edition (HKLM\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{BD10518F-3463-429E-8761-0AEDCEEA6297}) (Version: - Microsoft)
VIVO INTERNET (HKLM\...\VIVO INTERNET) (Version: 11.302.06.27.149 - Huawei Technologies Co.,Ltd)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wise Game Booster 1.27 (HKLM\...\Wise Game Booster_is1) (Version: 1.27 - WiseCleaner.com, Inc.)
Wise Memory Optimizer 3.46 (HKLM\...\Wise Memory Optimizer_is1) (Version: 3.46 - WiseCleaner.com, Inc.)
WolfTeam PS (HKLM\...\WolfTeam PS_is1) (Version: - Softnyx Co., Ltd.)
Wondershare PDFelement(Build 5.6.0) (HKLM\...\{5CA0183F-6D90-4615-91A5-F1A8A2014E83}_is1) (Version: 5.6.0.4 - Wondershare Software Co.,Ltd.)
WTFast 4.0 (HKLM\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 4.0.6.679 - Initex & AAA Internet Publishing)
yessearches Uninstall (HKLM\...\sto Uninstall) (Version: - ) <==== ATENÇÃO
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-341881914-638213641-549414203-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Rhyan\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-341881914-638213641-549414203-1001_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Users\Rhyan\AppData\Local\Chromium\Application\46.0.2480.0\delegate_execute.exe (The Chromium Authors) <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {065DADA4-2C9C-433A-8E41-D732E4D583E9} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {0C3A42CC-BC96-4531-8E1F-E49D34D17159} - System32\Tasks\{F510A545-82EA-48F9-B93F-BC8F4BF4AF9B} => pcalua.exe -a F:\SysCheck.exe -d F:\
Task: {0F8B80C2-1EAC-4EE0-B237-DBAF83261A7F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {0FE49A10-1229-4375-81DA-8C12B4065845} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {12307C83-1457-46C2-92FA-B2216DDB54AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {13BEC14B-F1A0-4DA6-B1CB-AA3F7DA9C867} - System32\Tasks\ASC8_SkipUac_SISTEMA => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2015-06-16] (IObit)
Task: {246D7C37-D01B-4F53-88E6-E650A4769D7A} - System32\Tasks\Security Software => C:\Users\Rhyan\AppData\Roaming\Updater\winupd.exe <==== ATENÇÃO
Task: {25FCA68D-5861-4E14-BB2C-803F1322E206} - System32\Tasks\{5B7E9E9B-D042-FF6B-B145-718A2729FA67} => C:\Users\Rhyan\AppData\Local\{867DB021-A2D5-DC99-CF4D-F971EB2505E9}\uninstall.exe [2013-04-26] () <==== ATENÇÃO
Task: {2BA7DD75-89A5-425D-AC80-97F08AE9683B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {34B1DC07-9E86-4AD0-9E42-4E3B591FF306} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-13] (Microsoft Corporation)
Task: {35A6BFE9-BAED-4890-825D-D5A2F75B177B} - System32\Tasks\crash_service => C:\Users\Rhyan\AppData\Local\BoBrowser\Application\crash_service.exe <==== ATENÇÃO
Task: {411C7356-B154-480F-86EE-ED8C6D7599D7} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {438E72B8-33BE-4FCC-A37A-1F811D6BFCE3} - System32\Tasks\gg_uac_daemon_Rhyan => C:\Program Files\Garena Plus\ggdllhost.exe [2015-07-01] ()
Task: {44B70DEF-EF49-4A9C-8899-03E63E3E7E2B} - System32\Tasks\Omega Protector Service => C:\Program Files\Omega Protector\astask.exe [2016-05-14] () <==== ATENÇÃO
Task: {45DBA534-F646-43F6-A988-CC0C754E2A81} - System32\Tasks\Internet Installer Logon => C:\Users\Rhyan\AppData\Roaming\Internet Installer\Internet Installer.exe [2016-04-12] ()
Task: {53810690-72FE-4A83-A89B-779953993870} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {563CACB0-3A8D-4C2B-85EE-D039D4B700E8} - System32\Tasks\WiseCleaner\WMOSkipUAC => C:\Program Files\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe [2016-06-02] (WiseCleaner.com)
Task: {58F17CA4-CC50-468D-8188-581D37D4D67D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5A670021-832D-45C0-A78B-7015E499255B} - System32\Tasks\Internet Installer => C:\Users\Rhyan\AppData\Roaming\Internet Installer\Internet Installer.exe [2016-04-12] () <==== ATENÇÃO
Task: {5F55DA9C-03A3-4A45-A668-843C444F2FFD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {6B0D6C7B-614C-47E8-B96A-FC38ADB90194} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {6EA48B04-2058-434F-A8C3-6472A9EDDCE2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {7CC744D1-432F-4C18-915D-E111CA36B496} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {8F41B6A4-5906-46AC-8224-1EE9B10F4210} - System32\Tasks\Run_Bobby_Browser => C:\Users\Rhyan\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATENÇÃO
Task: {92CE61D4-3C12-4DA2-B7DC-0CF204D5A561} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2016-05-18] (IObit)
Task: {955F61B3-3470-4914-919A-E4EE369FA0A6} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: {98EFA49F-0D7C-4EB1-B1B6-6A3A83536AEC} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {9A1BF03B-9563-4374-886E-C79EB4174646} - \AutoKMS -> Nenhum Arquivo <==== ATENÇÃO
Task: {9A34B51E-0663-4A58-A381-545ED3F668C8} - System32\Tasks\A-ZApps => C:\Program Files\Icoon\Icoon.exe [2016-04-22] ()
Task: {9E647D3D-3DCB-434D-A938-E4951C880501} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [2015-06-10] (IObit)
Task: {ACFBEFCA-2CFF-434E-9A4E-AB62CA4DC0DE} - System32\Tasks\{CAE0B0FB-FE5A-46EF-9CC8-B6730F9F9263} => Chrome.exe hxxp://ui.skype.com/ui/0/7.5.0.102/pt/abandoninstall?page=tsProgressBar
Task: {ADF3CA96-6AF8-4887-95F7-DD018A78678A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-14] (Google Inc.)
Task: {B12CDE41-907B-4995-A449-79446E71E91C} - System32\Tasks\task Update => C:\Program Files\Window Update\task Update\task.exe
Task: {B26C2477-7720-4F94-BC14-14CE92020323} - System32\Tasks\dec003055abfd0465e43909cce65119e => powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File C:\WINDOWS\dec003055abfd0465e43909cce65119e.ps1 <==== ATENÇÃO
Task: {B8B6971C-3D54-4B41-A86E-557D8FF73793} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {BACAC44B-8F98-4A85-86AD-DB7BA73B49F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BB57BDB2-780A-46B3-8E47-89FDB1B904CE} - System32\Tasks\Uninstaller_SkipUac_Rhyan => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {BB9A7133-6A1C-4039-9ADC-EF36354D4BE8} - System32\Tasks\ASC8_SkipUac_Rhyan => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2015-06-16] (IObit)
Task: {C819D104-B0E2-4934-883E-73283089C3FA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D15FE09A-E39C-4FCE-9D9F-52D47C929122} - System32\Tasks\Driver Booster SkipUAC (Rhyan) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2016-05-23] (IObit)
Task: {D1C2E61A-D872-44F9-9CCC-F5160EDA09C3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {D47E3B0E-A238-4363-82E1-50D7B05453A0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {D8D90F57-9AA9-4A47-B5E7-8F53E7D23E90} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {E35FFB7D-40C7-40E3-B8F8-653F222AF30D} - System32\Tasks\Sosition Reports => C:\Program Files\Sosition\SstrprTsk.exe <==== ATENÇÃO
Task: {E9409A2B-A28E-4EB7-908A-90F946E7F832} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {EBFEE977-4D7E-4D48-805F-DB7C4B92465A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {EDB905B4-5581-4626-AB5E-653549FBC943} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {EE6FB172-275F-429B-BF10-987604065EFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-14] (Google Inc.)
Task: {EF7D0299-8CF0-45D0-8C47-AC71B5B1F90C} - System32\Tasks\RDReminder => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: {FB0FDEEE-6574-4212-A94E-A4E28FA3A4A6} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {FB8C3B02-9AE9-4D49-853B-3106F630C416} - System32\Tasks\gg_uac_daemon_Administrador => C:\Program Files\Garena Plus\ggdllhost.exe [2015-07-01] ()
Task: {FDBBCB34-E93A-44BB-97FA-CCA9A4A0581D} - System32\Tasks\IT Viewer Viewer => C:\Program Files\IT Viewer\astask.exe [2016-07-17] (North CH Prog) <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Rhyan.job => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_SISTEMA.job => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Rhyan.job => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\{5B7E9E9B-D042-FF6B-B145-718A2729FA67}.job =>
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Rhyan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Program Files\Google\Chrome\Application\1fbf6001a243e485478a0cc13eee0409"
ShortcutWithArgument: C:\Users\Rhyan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 02:44 - 2015-10-30 02:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2016-05-06 04:04 - 2016-03-29 06:37 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-20 01:45 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-07-20 01:45 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-07-20 01:45 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-07-01 09:42 - 2015-07-01 09:42 - 00056256 _____ () C:\Program Files\Garena Plus\ggdllhost.exe
2015-07-01 09:42 - 2015-07-01 09:42 - 00839616 _____ () C:\Program Files\Garena Plus\ggspawn.dll
2016-05-06 04:04 - 2016-03-29 06:37 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-06 01:35 - 2016-05-06 01:35 - 00679624 _____ () C:\Users\Rhyan\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2016-02-13 08:57 - 2016-02-13 08:57 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 18:39 - 2016-04-23 01:20 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-14 19:40 - 2016-05-28 00:59 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 19:40 - 2016-05-28 00:54 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 19:40 - 2016-05-28 00:54 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 19:40 - 2016-05-28 00:57 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00444568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-06-16 15:27 - 2016-03-09 20:43 - 00660632 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00184472 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00396952 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-06-16 15:27 - 2016-03-09 20:43 - 00108696 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00024728 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00194200 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00151192 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00051864 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00031896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-06-17 23:11 - 2016-06-15 06:15 - 01745560 _____ () C:\Program Files\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 23:11 - 2016-06-15 06:15 - 00091288 _____ () C:\Program Files\Google\Chrome\Application\51.0.2704.103\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dqnaamqu.sys:changelist [282]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\immrkdur.sys:changelist [3686]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\caixa.gov.br -> imagem.caixa.gov.br
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\100sexlinks.com -> 100sexlinks.com
Existem ainda 4788 sites a mais.
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2016-02-15 12:03 - 2016-06-16 14:44 - 00001409 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.es.olx.com.br/127.0.0.1 thislineskipsanyemptylines
127.0.0.1 mirillis.com
127.0.0.1 www.mirillis.com
127.0.0.1 serwer2.paka-service.com
127.0.0.1 ns386119.ovh.net
127.0.0.1 mirillis.pl
0.0.0.1 mssplus.mcafee.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-341881914-638213641-549414203-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\Services: A-Z Apps => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdvancedSystemCareService8 => 2
MSCONFIG\Services: Apple Mobile Device => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FlexNet Licensing Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HiPatchService => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: PrivoxyService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: WsAppService => 3
HKLM\...\StartupApproved\StartupFolder: => "AutoDect.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "TotalMediaTVMonitor"
HKLM\...\StartupApproved\Run: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\StartupFolder: => "Enviar para o OneNote.lnk"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\StartupFolder: => "wolfteam latino Hack.rar.lnk"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\StartupFolder: => "Monitorar alertas de tinta - HP Deskjet 3050 J610 series.lnk"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "BitTorrent DNA"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "MKLOL"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "MK LOL"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "Pulse Ambassador Update Setup for All Users"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "Pulse Ambassador Update Setup"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_7629CE93C1BBF7478E48E7091F82DD20"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "Steam"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E26C2124-F55C-455B-9C37-1856ACBD37A2}] => (Allow) D:\c.a\Combat Arms\NMService.exe
FirewallRules: [{889FFB2A-FEDE-4899-A7F4-69163B548951}] => (Allow) D:\c.a\Combat Arms\NMService.exe
FirewallRules: [{846344A5-154C-44F1-9CDF-2BC9015CC8C1}] => (Allow) D:\c.a\Combat Arms\NMService.exe
FirewallRules: [{87D9F0C8-D9B1-497A-9A99-254D587FDB56}] => (Allow) D:\c.a\Combat Arms\NMService.exe
FirewallRules: [{9408E3F0-C745-4D6D-A4CC-421570EEAB31}] => (Block) C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{741D1622-EE7B-4CED-B19A-3C507C247F30}] => (Block) C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{49A63C07-3073-42D8-A05F-1D9F3CC828BE}C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [TCP Query User{AE8CC88A-41EF-4F05-B034-3C4394D81480}C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{C89A6954-AE68-408D-B160-5455D2AC7C4C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{98C72C1A-A1C5-495E-B848-A765FD6AD8B3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{99B42726-4435-4525-9C4F-63A6FCF832F1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{ADAC8CC7-D92D-4A97-928E-723549BC9378}C:\games\counter-strike\hlds.exe] => (Allow) C:\games\counter-strike\hlds.exe
FirewallRules: [TCP Query User{FD2E3783-9149-4879-B94E-76A472B1B8F6}C:\games\counter-strike\hlds.exe] => (Allow) C:\games\counter-strike\hlds.exe
FirewallRules: [UDP Query User{F7A13737-3693-4BB5-99A2-97897748CCAD}C:\games\counter-strike\hl.exe] => (Block) C:\games\counter-strike\hl.exe
FirewallRules: [TCP Query User{8BDADE63-4F9E-4EDD-BCF8-CE818417EF71}C:\games\counter-strike\hl.exe] => (Block) C:\games\counter-strike\hl.exe
FirewallRules: [UDP Query User{D822718D-66E2-4FD9-9460-DA9124AD7757}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [TCP Query User{3C1D6879-A08E-433C-85FF-C49F446E85B6}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [UDP Query User{F46306B4-EA01-45A1-B160-D203744F32AB}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [TCP Query User{57029676-1D79-47A0-A78B-3BE79AAF49E6}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [{AB3967F4-7AD3-45CC-9BC8-0C523779DF1B}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{227A9156-E762-4317-AD1A-31D4396E247A}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{CFD4B7C0-87ED-4360-B700-30C8ACA61124}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{A08F41AA-BA70-4353-BF77-AE45B3777C8E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4797CE0E-4B27-4588-8E45-43D9FB5397C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{AAD1F4A5-46A3-4407-811A-DF4895DD96E0}C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{2984B57E-C642-4A36-9E03-766263A9FD89}C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{44603F05-51FC-4840-A6AB-B59F64C0D2DE}] => (Allow) LPort=1688
FirewallRules: [{A3C50316-30BA-44C4-B74F-406E452FC5BF}] => (Allow) C:\Program Files\Koinonia Software\Habil Empresarial\Habil_Servidor_MSA.exe
FirewallRules: [{E6FD47FA-391E-4EB8-B684-DF25EFEFADD4}] => (Allow) C:\Program Files\Koinonia Software\Habil Empresarial\Habil_Servidor_MSA.exe
FirewallRules: [{1EC328D1-E61B-450B-9E27-7DA2BDF797F0}] => (Allow) C:\Program Files\Koinonia Software\Habil Empresarial\Habil_ServidorRelatorios.exe
FirewallRules: [{E8EF5B77-9914-43A5-A7E6-F7FFEFFBFB4E}] => (Allow) C:\Program Files\Koinonia Software\Habil Empresarial\Habil_ServidorRelatorios.exe
FirewallRules: [TCP Query User{D8488753-A766-4EFB-9B30-1FE88F1C44D5}C:\users\rhyan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rhyan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{004866C3-80F6-4C54-8ECC-AC282F7EEF36}C:\users\rhyan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rhyan\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{9CDF8FA0-F03F-4F9E-96AD-32D2FD76FAF6}D:\wolfteamps\wolfteam.bin] => (Allow) D:\wolfteamps\wolfteam.bin
FirewallRules: [UDP Query User{B79BFC44-0B14-4DE7-B60D-C8E6B74AE1D7}D:\wolfteamps\wolfteam.bin] => (Allow) D:\wolfteamps\wolfteam.bin
FirewallRules: [TCP Query User{C30D7D2D-7350-44F3-BA36-A720DB8D53C1}C:\users\rhyan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\rhyan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{44C9F1BE-4FB2-439A-AFF9-D73ED31B89E8}C:\users\rhyan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\rhyan\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{24684304-F3D5-4FE5-872B-41FC233AE57A}C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{1D63FC59-BA99-44C7-9BB6-33DB13B49E5C}C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{DF02B867-C8C1-4475-9374-4094261BA403}D:\wolfteamps\full_downloader.exe] => (Allow) D:\wolfteamps\full_downloader.exe
FirewallRules: [UDP Query User{CCE80478-87A2-4F3C-B7EF-21DD9CC14BA3}D:\wolfteamps\full_downloader.exe] => (Allow) D:\wolfteamps\full_downloader.exe
FirewallRules: [TCP Query User{7A328EC1-5EFC-4378-8D09-254ABEE92DBA}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.2_38913.exe
FirewallRules: [UDP Query User{8F65BD22-62C2-4C3E-BA42-B6D69CF446EA}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.2_38913.exe
FirewallRules: [{7696298E-16A4-4B48-8E6F-169EA4FDCC2C}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{FEDA5AE8-2F40-42B7-A300-2A5162BDDDE6}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{A2B6FDC3-A355-4086-B305-4F604BE68890}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [{A2578AE6-BD02-46FF-906A-2A3299AF9E19}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4C228149-C646-47A0-9E04-803D31CCE175}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1BFF2D07-2424-433D-9A32-CBBFDDC1CCFE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9AC99C7C-2F92-47C2-B785-D5B5FA1A160E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{563C63F6-C831-456F-8F80-CB728F3E0FC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C0CB1FA7-BAC8-4649-9D75-40D8A89E87AA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E051091B-1EB4-4207-A4E8-1B528CBAFF7D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7BE87812-1306-42E8-838B-04BAA5FAC1A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F7018A6A-4E34-47C7-9F30-4665FCF64DB7}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F4945D1E-B2F1-4A3F-8C44-320B27862AD8}] => (Allow) C:\Program Files\Garena Plus\ggdllhost.exe
FirewallRules: [{EB6C32FF-217E-455E-92F7-269D33FD1A96}] => (Allow) C:\Program Files\Garena Plus\Room\garena_room.exe
FirewallRules: [TCP Query User{452409B4-26C8-4548-8A39-376645FB3800}C:\users\rhyan\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\rhyan\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [UDP Query User{8195AAA6-9BBC-42A8-9EF5-23053BE99A98}C:\users\rhyan\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\rhyan\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [TCP Query User{BD934EED-A5D3-48EB-BC30-8CA72EB472C9}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.3_40298.exe
FirewallRules: [UDP Query User{D04C9E2D-901A-4C82-BBC5-DB1E40423071}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.3_40298.exe
FirewallRules: [{79A12545-038D-4A25-AA09-AD9502EE2E41}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{9F65F770-911E-483E-B4D9-0BC9B729308F}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{733D9487-2DDE-477B-B6D5-783018344981}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{9032256A-58A4-4F71-A4CC-689725986983}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{60B890E6-D790-46EA-8A65-53CC9F925A32}] => (Allow) C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\lol.launcher.exe
FirewallRules: [{F6BD014C-E11F-4E25-AC83-5136A08918B0}] => (Allow) C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\lol.launcher.exe
FirewallRules: [{3889C24B-F92C-4F1F-84A4-3181784BC65C}] => (Allow) C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\lol.launcher.exe
FirewallRules: [{2CCD0BD8-6334-4038-ABC2-EBBDED760A46}] => (Allow) C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\lol.launcher.exe
FirewallRules: [{13FB0B28-1B06-421A-BBCF-329689CE1874}] => (Allow) C:\Users\Rhyan\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{0573BFB3-2B99-422B-9106-8F9148EA0077}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3615D1EB-3946-4C77-84FC-F70DBD1201C4}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.7_42330.exe
FirewallRules: [UDP Query User{42F84A91-DC73-4CF4-97A8-F2A947BC4AAC}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.7_42330.exe
FirewallRules: [TCP Query User{13B81E38-23F4-4B1E-BC57-FD7BB63D27D4}C:\users\rhyan\desktop\stranded.deep.patch.0.04.e1.experimental.x86\stranded_deep_x86.exe] => (Allow) C:\users\rhyan\desktop\stranded.deep.patch.0.04.e1.experimental.x86\stranded_deep_x86.exe
FirewallRules: [UDP Query User{5D3BEDA8-B113-4B16-B303-0896D790D99F}C:\users\rhyan\desktop\stranded.deep.patch.0.04.e1.experimental.x86\stranded_deep_x86.exe] => (Allow) C:\users\rhyan\desktop\stranded.deep.patch.0.04.e1.experimental.x86\stranded_deep_x86.exe
==================== Pontos de Restauração =========================
13-07-2016 13:39:21 Windows Update
17-07-2016 13:18:42 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (07/18/2016 03:45:04 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/17/2016 11:09:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa rads_user_kernel.exe versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 1154
Hora de Início: 01d1e099654a2750
Hora de Término: 18
Caminho do Aplicativo: C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\RADS\system\rads_user_kernel.exe
ID do Relatório: a5fef896-4c8c-11e6-9902-0023aee12c5c
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (07/17/2016 04:28:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa rads_user_kernel.exe versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 108c
Hora de Início: 01d1e06150fb5268
Hora de Término: 119
Caminho do Aplicativo: C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\RADS\system\rads_user_kernel.exe
ID do Relatório: 976c68dc-4c54-11e6-9902-0023aee12c5c
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (07/17/2016 02:32:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (07/17/2016 01:19:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (07/17/2016 12:40:21 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/16/2016 12:34:12 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/16/2016 12:29:52 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (07/15/2016 12:21:02 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/14/2016 10:58:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: League of Legends.exe, versão: 6.14.150.6647, carimbo de data/hora: 0x578008ad
Nome do módulo com falha: League of Legends.exe, versão: 6.14.150.6647, carimbo de data/hora: 0x578008ad
Código de exceção: 0xc0000409
Deslocamento da falha: 0x00f17a4f
ID do processo com falha: 0x1460
Hora de início do aplicativo com falha: 0xLeague of Legends.exe0
Caminho do aplicativo com falha: League of Legends.exe1
Caminho do módulo com falha: League of Legends.exe2
ID do Relatório: League of Legends.exe3
Nome completo do pacote com falha: League of Legends.exe4
ID do aplicativo relativo ao pacote com falha: League of Legends.exe5
Erros de Sistema:
=============
Error: (07/18/2016 11:03:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço SoftProvide foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (07/18/2016 11:03:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Privoxy (PrivoxyService) foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (07/18/2016 03:38:20 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (07/18/2016 03:35:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Assistente de Conectividade de Rede depende do serviço Auxiliar de IP, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058 = O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.
Error: (07/18/2016 03:30:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Configuração Automática de WWAN terminou com o erro:
%%997 = Operação de E/S sobreposta em andamento.
Error: (07/18/2016 03:30:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_43524 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (07/18/2016 03:30:04 AM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Windows.Media.Capture.Internal.AppCaptureShell
Error: (07/18/2016 12:45:23 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (07/18/2016 12:45:16 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (07/17/2016 08:10:03 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}
CodeIntegrity:
===================================
Date: 2016-07-18 11:10:18.855
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:10:18.840
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:10:18.820
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:10:17.677
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:10:17.659
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:09:11.087
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:09:11.063
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:09:10.666
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:09:10.644
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:09:10.239
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentagem de memória em uso: 54%
RAM física total: 3034.36 MB
RAM física disponível: 1380.25 MB
Virtual Total: 3866.36 MB
Virtual disponível: 2086.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:99.56 GB) (Free:17.11 GB) NTFS
Drive d: () (Fixed) (Total:197.99 GB) (Free:39.92 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E8000000)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=198 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Rhyan (2016-07-18 11:07:31)
Executando a partir de C:\Users\Rhyan\Desktop
Microsoft Windows 10 Pro Versão 1511 (X86) (2016-05-06 04:22:36)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-341881914-638213641-549414203-500 - Administrator - Disabled) => C:\Users\Administrador.000
Convidado (S-1-5-21-341881914-638213641-549414203-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-341881914-638213641-549414203-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-341881914-638213641-549414203-1003 - Limited - Enabled)
Rhyan (S-1-5-21-341881914-638213641-549414203-1001 - Administrator - Enabled) => C:\Users\Rhyan
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-341881914-638213641-549414203-1001\...\uTorrent) (Version: 3.4.2.36615 - BitTorrent Inc.)
ABViewer 11 (HKLM\...\ABViewer 11_is1) (Version: 11.0.0.12 - CADSoftTools ®.)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Advanced RAR Repair v1.2 (HKLM\...\Advanced RAR Repair v1.2) (Version: - )
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.3.0 - IObit)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk)
Big Mutha Truckers 2 (HKLM\...\{FA075505-EFF6-4006-8E9F-921E09774684}) (Version: 1.00.0000 - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Chromium (HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Chromium) (Version: 46.0.2480.0 - Chromium)
Combat Arms (HKLM\...\Combat Arms) (Version: - )
Driver Booster 3.4 (HKLM\...\Driver Booster_is1) (Version: 3.4 - IObit)
DWG TrueView 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
HASP Device Driver (HKLM\...\HASP Device Driver) (Version: - )
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Deskjet 2050 J510 series Ajuda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{D63C6E54-882C-478B-91AB-53D1E89C80BA}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{6A653EE1-F8B9-4885-BB4A-E9D9481F626C}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Ajuda (HKLM\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050 J610 series Estudo de aprimoramento de produtos (HKLM\...\{57661627-CDB4-4D53-88A7-A2122AB5265E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Software básico do dispositivo (HKLM\...\{15242A89-4D9E-4CD1-B3BC-3B402485B5D6}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jogos Level Up (HKU\S-1-5-21-341881914-638213641-549414203-1001\...\6d7bdf9c3c2a31f9) (Version: 0.9.4.2 - Level Up)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-341881914-638213641-549414203-1001\...\MK LOL) (Version: - )
Movie Studio Platinum 13.0 (HKLM\...\{C07796C0-7C69-11E3-8E39-F04DA23A5C58}) (Version: 13.0.878 - Sony)
MuAwaY versão 97d+1.0 Custons Sem Audio (HKLM\...\{E8DEFD48-73B0-4BC7-9929-D32194C65B58}_is1) (Version: 97d+1.0 Custons Sem Audio - MuAwaY, Inc.)
Node.js (HKLM\...\{47840698-D4F5-414F-A3A9-9A23BF6C6A1A}) (Version: 4.4.3 - Node.js Foundation)
No-IP DUC (HKLM\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pixel Art 9 (HKLM\...\Pixel Art 9) (Version: - )
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Search Provided by Yahoo (HKLM\...\YahooProvidedSearch) (Version: - ) <==== ATENÇÃO
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
SketchUp 2015 (HKLM\...\{08E03BFC-1DCB-40E5-95B4-967F5B29FDEB}) (Version: 15.3.330 - Trimble Navigation Limited)
SketchUp Import for AutoCAD 2014 (HKLM\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKU\S-1-5-21-341881914-638213641-549414203-1001\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{7BDD179E-C954-438B-937D-EB411B701EAB}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BD10518F-3463-429E-8761-0AEDCEEA6297}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 32-Bit Edition (HKLM\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{BD10518F-3463-429E-8761-0AEDCEEA6297}) (Version: - Microsoft)
VIVO INTERNET (HKLM\...\VIVO INTERNET) (Version: 11.302.06.27.149 - Huawei Technologies Co.,Ltd)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wise Game Booster 1.27 (HKLM\...\Wise Game Booster_is1) (Version: 1.27 - WiseCleaner.com, Inc.)
Wise Memory Optimizer 3.46 (HKLM\...\Wise Memory Optimizer_is1) (Version: 3.46 - WiseCleaner.com, Inc.)
WolfTeam PS (HKLM\...\WolfTeam PS_is1) (Version: - Softnyx Co., Ltd.)
Wondershare PDFelement(Build 5.6.0) (HKLM\...\{5CA0183F-6D90-4615-91A5-F1A8A2014E83}_is1) (Version: 5.6.0.4 - Wondershare Software Co.,Ltd.)
WTFast 4.0 (HKLM\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 4.0.6.679 - Initex & AAA Internet Publishing)
yessearches Uninstall (HKLM\...\sto Uninstall) (Version: - ) <==== ATENÇÃO
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-341881914-638213641-549414203-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Rhyan\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-341881914-638213641-549414203-1001_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Users\Rhyan\AppData\Local\Chromium\Application\46.0.2480.0\delegate_execute.exe (The Chromium Authors) <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {065DADA4-2C9C-433A-8E41-D732E4D583E9} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {0C3A42CC-BC96-4531-8E1F-E49D34D17159} - System32\Tasks\{F510A545-82EA-48F9-B93F-BC8F4BF4AF9B} => pcalua.exe -a F:\SysCheck.exe -d F:\
Task: {0F8B80C2-1EAC-4EE0-B237-DBAF83261A7F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {0FE49A10-1229-4375-81DA-8C12B4065845} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {12307C83-1457-46C2-92FA-B2216DDB54AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {13BEC14B-F1A0-4DA6-B1CB-AA3F7DA9C867} - System32\Tasks\ASC8_SkipUac_SISTEMA => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2015-06-16] (IObit)
Task: {246D7C37-D01B-4F53-88E6-E650A4769D7A} - System32\Tasks\Security Software => C:\Users\Rhyan\AppData\Roaming\Updater\winupd.exe <==== ATENÇÃO
Task: {25FCA68D-5861-4E14-BB2C-803F1322E206} - System32\Tasks\{5B7E9E9B-D042-FF6B-B145-718A2729FA67} => C:\Users\Rhyan\AppData\Local\{867DB021-A2D5-DC99-CF4D-F971EB2505E9}\uninstall.exe [2013-04-26] () <==== ATENÇÃO
Task: {2BA7DD75-89A5-425D-AC80-97F08AE9683B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {34B1DC07-9E86-4AD0-9E42-4E3B591FF306} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-13] (Microsoft Corporation)
Task: {35A6BFE9-BAED-4890-825D-D5A2F75B177B} - System32\Tasks\crash_service => C:\Users\Rhyan\AppData\Local\BoBrowser\Application\crash_service.exe <==== ATENÇÃO
Task: {411C7356-B154-480F-86EE-ED8C6D7599D7} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {438E72B8-33BE-4FCC-A37A-1F811D6BFCE3} - System32\Tasks\gg_uac_daemon_Rhyan => C:\Program Files\Garena Plus\ggdllhost.exe [2015-07-01] ()
Task: {44B70DEF-EF49-4A9C-8899-03E63E3E7E2B} - System32\Tasks\Omega Protector Service => C:\Program Files\Omega Protector\astask.exe [2016-05-14] () <==== ATENÇÃO
Task: {45DBA534-F646-43F6-A988-CC0C754E2A81} - System32\Tasks\Internet Installer Logon => C:\Users\Rhyan\AppData\Roaming\Internet Installer\Internet Installer.exe [2016-04-12] ()
Task: {53810690-72FE-4A83-A89B-779953993870} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {563CACB0-3A8D-4C2B-85EE-D039D4B700E8} - System32\Tasks\WiseCleaner\WMOSkipUAC => C:\Program Files\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe [2016-06-02] (WiseCleaner.com)
Task: {58F17CA4-CC50-468D-8188-581D37D4D67D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5A670021-832D-45C0-A78B-7015E499255B} - System32\Tasks\Internet Installer => C:\Users\Rhyan\AppData\Roaming\Internet Installer\Internet Installer.exe [2016-04-12] () <==== ATENÇÃO
Task: {5F55DA9C-03A3-4A45-A668-843C444F2FFD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {6B0D6C7B-614C-47E8-B96A-FC38ADB90194} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {6EA48B04-2058-434F-A8C3-6472A9EDDCE2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {7CC744D1-432F-4C18-915D-E111CA36B496} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {8F41B6A4-5906-46AC-8224-1EE9B10F4210} - System32\Tasks\Run_Bobby_Browser => C:\Users\Rhyan\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATENÇÃO
Task: {92CE61D4-3C12-4DA2-B7DC-0CF204D5A561} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2016-05-18] (IObit)
Task: {955F61B3-3470-4914-919A-E4EE369FA0A6} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: {98EFA49F-0D7C-4EB1-B1B6-6A3A83536AEC} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {9A1BF03B-9563-4374-886E-C79EB4174646} - \AutoKMS -> Nenhum Arquivo <==== ATENÇÃO
Task: {9A34B51E-0663-4A58-A381-545ED3F668C8} - System32\Tasks\A-ZApps => C:\Program Files\Icoon\Icoon.exe [2016-04-22] ()
Task: {9E647D3D-3DCB-434D-A938-E4951C880501} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [2015-06-10] (IObit)
Task: {ACFBEFCA-2CFF-434E-9A4E-AB62CA4DC0DE} - System32\Tasks\{CAE0B0FB-FE5A-46EF-9CC8-B6730F9F9263} => Chrome.exe hxxp://ui.skype.com/ui/0/7.5.0.102/pt/abandoninstall?page=tsProgressBar
Task: {ADF3CA96-6AF8-4887-95F7-DD018A78678A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-14] (Google Inc.)
Task: {B12CDE41-907B-4995-A449-79446E71E91C} - System32\Tasks\task Update => C:\Program Files\Window Update\task Update\task.exe
Task: {B26C2477-7720-4F94-BC14-14CE92020323} - System32\Tasks\dec003055abfd0465e43909cce65119e => powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File C:\WINDOWS\dec003055abfd0465e43909cce65119e.ps1 <==== ATENÇÃO
Task: {B8B6971C-3D54-4B41-A86E-557D8FF73793} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {BACAC44B-8F98-4A85-86AD-DB7BA73B49F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BB57BDB2-780A-46B3-8E47-89FDB1B904CE} - System32\Tasks\Uninstaller_SkipUac_Rhyan => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {BB9A7133-6A1C-4039-9ADC-EF36354D4BE8} - System32\Tasks\ASC8_SkipUac_Rhyan => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2015-06-16] (IObit)
Task: {C819D104-B0E2-4934-883E-73283089C3FA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D15FE09A-E39C-4FCE-9D9F-52D47C929122} - System32\Tasks\Driver Booster SkipUAC (Rhyan) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2016-05-23] (IObit)
Task: {D1C2E61A-D872-44F9-9CCC-F5160EDA09C3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {D47E3B0E-A238-4363-82E1-50D7B05453A0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {D8D90F57-9AA9-4A47-B5E7-8F53E7D23E90} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {E35FFB7D-40C7-40E3-B8F8-653F222AF30D} - System32\Tasks\Sosition Reports => C:\Program Files\Sosition\SstrprTsk.exe <==== ATENÇÃO
Task: {E9409A2B-A28E-4EB7-908A-90F946E7F832} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {EBFEE977-4D7E-4D48-805F-DB7C4B92465A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {EDB905B4-5581-4626-AB5E-653549FBC943} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {EE6FB172-275F-429B-BF10-987604065EFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-14] (Google Inc.)
Task: {EF7D0299-8CF0-45D0-8C47-AC71B5B1F90C} - System32\Tasks\RDReminder => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: {FB0FDEEE-6574-4212-A94E-A4E28FA3A4A6} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {FB8C3B02-9AE9-4D49-853B-3106F630C416} - System32\Tasks\gg_uac_daemon_Administrador => C:\Program Files\Garena Plus\ggdllhost.exe [2015-07-01] ()
Task: {FDBBCB34-E93A-44BB-97FA-CCA9A4A0581D} - System32\Tasks\IT Viewer Viewer => C:\Program Files\IT Viewer\astask.exe [2016-07-17] (North CH Prog) <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Rhyan.job => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_SISTEMA.job => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Rhyan.job => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\{5B7E9E9B-D042-FF6B-B145-718A2729FA67}.job =>
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Rhyan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Program Files\Google\Chrome\Application\1fbf6001a243e485478a0cc13eee0409"
ShortcutWithArgument: C:\Users\Rhyan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 02:44 - 2015-10-30 02:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2016-05-06 04:04 - 2016-03-29 06:37 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-20 01:45 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-07-20 01:45 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-07-20 01:45 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-07-01 09:42 - 2015-07-01 09:42 - 00056256 _____ () C:\Program Files\Garena Plus\ggdllhost.exe
2015-07-01 09:42 - 2015-07-01 09:42 - 00839616 _____ () C:\Program Files\Garena Plus\ggspawn.dll
2016-05-06 04:04 - 2016-03-29 06:37 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-06 01:35 - 2016-05-06 01:35 - 00679624 _____ () C:\Users\Rhyan\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2016-02-13 08:57 - 2016-02-13 08:57 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 18:39 - 2016-04-23 01:20 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-14 19:40 - 2016-05-28 00:59 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 19:40 - 2016-05-28 00:54 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 19:40 - 2016-05-28 00:54 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 19:40 - 2016-05-28 00:57 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00444568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-06-16 15:27 - 2016-03-09 20:43 - 00660632 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00184472 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00396952 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-06-16 15:27 - 2016-03-09 20:43 - 00108696 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00024728 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00194200 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00151192 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00051864 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-06-16 15:27 - 2016-03-09 20:43 - 00031896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-06-17 23:11 - 2016-06-15 06:15 - 01745560 _____ () C:\Program Files\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 23:11 - 2016-06-15 06:15 - 00091288 _____ () C:\Program Files\Google\Chrome\Application\51.0.2704.103\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dqnaamqu.sys:changelist [282]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\immrkdur.sys:changelist [3686]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\caixa.gov.br -> imagem.caixa.gov.br
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-341881914-638213641-549414203-1001\...\100sexlinks.com -> 100sexlinks.com
Existem ainda 4788 sites a mais.
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2016-02-15 12:03 - 2016-06-16 14:44 - 00001409 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.es.olx.com.br/127.0.0.1 thislineskipsanyemptylines
127.0.0.1 mirillis.com
127.0.0.1 www.mirillis.com
127.0.0.1 serwer2.paka-service.com
127.0.0.1 ns386119.ovh.net
127.0.0.1 mirillis.pl
0.0.0.1 mssplus.mcafee.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-341881914-638213641-549414203-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\Services: A-Z Apps => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdvancedSystemCareService8 => 2
MSCONFIG\Services: Apple Mobile Device => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FlexNet Licensing Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HiPatchService => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: PrivoxyService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: WsAppService => 3
HKLM\...\StartupApproved\StartupFolder: => "AutoDect.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "TotalMediaTVMonitor"
HKLM\...\StartupApproved\Run: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\StartupFolder: => "Enviar para o OneNote.lnk"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\StartupFolder: => "wolfteam latino Hack.rar.lnk"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\StartupFolder: => "Monitorar alertas de tinta - HP Deskjet 3050 J610 series.lnk"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "BitTorrent DNA"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "MKLOL"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "MK LOL"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "Pulse Ambassador Update Setup for All Users"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "Pulse Ambassador Update Setup"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_7629CE93C1BBF7478E48E7091F82DD20"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\StartupApproved\Run: => "Steam"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E26C2124-F55C-455B-9C37-1856ACBD37A2}] => (Allow) D:\c.a\Combat Arms\NMService.exe
FirewallRules: [{889FFB2A-FEDE-4899-A7F4-69163B548951}] => (Allow) D:\c.a\Combat Arms\NMService.exe
FirewallRules: [{846344A5-154C-44F1-9CDF-2BC9015CC8C1}] => (Allow) D:\c.a\Combat Arms\NMService.exe
FirewallRules: [{87D9F0C8-D9B1-497A-9A99-254D587FDB56}] => (Allow) D:\c.a\Combat Arms\NMService.exe
FirewallRules: [{9408E3F0-C745-4D6D-A4CC-421570EEAB31}] => (Block) C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{741D1622-EE7B-4CED-B19A-3C507C247F30}] => (Block) C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{49A63C07-3073-42D8-A05F-1D9F3CC828BE}C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [TCP Query User{AE8CC88A-41EF-4F05-B034-3C4394D81480}C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\rhyan\appdata\local\apps\2.0\wb4ca6hy.kdv\48xxntep.y29\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{C89A6954-AE68-408D-B160-5455D2AC7C4C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{98C72C1A-A1C5-495E-B848-A765FD6AD8B3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{99B42726-4435-4525-9C4F-63A6FCF832F1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{ADAC8CC7-D92D-4A97-928E-723549BC9378}C:\games\counter-strike\hlds.exe] => (Allow) C:\games\counter-strike\hlds.exe
FirewallRules: [TCP Query User{FD2E3783-9149-4879-B94E-76A472B1B8F6}C:\games\counter-strike\hlds.exe] => (Allow) C:\games\counter-strike\hlds.exe
FirewallRules: [UDP Query User{F7A13737-3693-4BB5-99A2-97897748CCAD}C:\games\counter-strike\hl.exe] => (Block) C:\games\counter-strike\hl.exe
FirewallRules: [TCP Query User{8BDADE63-4F9E-4EDD-BCF8-CE818417EF71}C:\games\counter-strike\hl.exe] => (Block) C:\games\counter-strike\hl.exe
FirewallRules: [UDP Query User{D822718D-66E2-4FD9-9460-DA9124AD7757}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [TCP Query User{3C1D6879-A08E-433C-85FF-C49F446E85B6}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [UDP Query User{F46306B4-EA01-45A1-B160-D203744F32AB}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [TCP Query User{57029676-1D79-47A0-A78B-3BE79AAF49E6}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [{AB3967F4-7AD3-45CC-9BC8-0C523779DF1B}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{227A9156-E762-4317-AD1A-31D4396E247A}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{CFD4B7C0-87ED-4360-B700-30C8ACA61124}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{A08F41AA-BA70-4353-BF77-AE45B3777C8E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4797CE0E-4B27-4588-8E45-43D9FB5397C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{AAD1F4A5-46A3-4407-811A-DF4895DD96E0}C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{2984B57E-C642-4A36-9E03-766263A9FD89}C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{44603F05-51FC-4840-A6AB-B59F64C0D2DE}] => (Allow) LPort=1688
FirewallRules: [{A3C50316-30BA-44C4-B74F-406E452FC5BF}] => (Allow) C:\Program Files\Koinonia Software\Habil Empresarial\Habil_Servidor_MSA.exe
FirewallRules: [{E6FD47FA-391E-4EB8-B684-DF25EFEFADD4}] => (Allow) C:\Program Files\Koinonia Software\Habil Empresarial\Habil_Servidor_MSA.exe
FirewallRules: [{1EC328D1-E61B-450B-9E27-7DA2BDF797F0}] => (Allow) C:\Program Files\Koinonia Software\Habil Empresarial\Habil_ServidorRelatorios.exe
FirewallRules: [{E8EF5B77-9914-43A5-A7E6-F7FFEFFBFB4E}] => (Allow) C:\Program Files\Koinonia Software\Habil Empresarial\Habil_ServidorRelatorios.exe
FirewallRules: [TCP Query User{D8488753-A766-4EFB-9B30-1FE88F1C44D5}C:\users\rhyan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rhyan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{004866C3-80F6-4C54-8ECC-AC282F7EEF36}C:\users\rhyan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rhyan\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{9CDF8FA0-F03F-4F9E-96AD-32D2FD76FAF6}D:\wolfteamps\wolfteam.bin] => (Allow) D:\wolfteamps\wolfteam.bin
FirewallRules: [UDP Query User{B79BFC44-0B14-4DE7-B60D-C8E6B74AE1D7}D:\wolfteamps\wolfteam.bin] => (Allow) D:\wolfteamps\wolfteam.bin
FirewallRules: [TCP Query User{C30D7D2D-7350-44F3-BA36-A720DB8D53C1}C:\users\rhyan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\rhyan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{44C9F1BE-4FB2-439A-AFF9-D73ED31B89E8}C:\users\rhyan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\rhyan\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{24684304-F3D5-4FE5-872B-41FC233AE57A}C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{1D63FC59-BA99-44C7-9BB6-33DB13B49E5C}C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\rhyan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{DF02B867-C8C1-4475-9374-4094261BA403}D:\wolfteamps\full_downloader.exe] => (Allow) D:\wolfteamps\full_downloader.exe
FirewallRules: [UDP Query User{CCE80478-87A2-4F3C-B7EF-21DD9CC14BA3}D:\wolfteamps\full_downloader.exe] => (Allow) D:\wolfteamps\full_downloader.exe
FirewallRules: [TCP Query User{7A328EC1-5EFC-4378-8D09-254ABEE92DBA}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.2_38913.exe
FirewallRules: [UDP Query User{8F65BD22-62C2-4C3E-BA42-B6D69CF446EA}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.2_38913.exe
FirewallRules: [{7696298E-16A4-4B48-8E6F-169EA4FDCC2C}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{FEDA5AE8-2F40-42B7-A300-2A5162BDDDE6}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{A2B6FDC3-A355-4086-B305-4F604BE68890}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [{A2578AE6-BD02-46FF-906A-2A3299AF9E19}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4C228149-C646-47A0-9E04-803D31CCE175}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1BFF2D07-2424-433D-9A32-CBBFDDC1CCFE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9AC99C7C-2F92-47C2-B785-D5B5FA1A160E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{563C63F6-C831-456F-8F80-CB728F3E0FC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C0CB1FA7-BAC8-4649-9D75-40D8A89E87AA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E051091B-1EB4-4207-A4E8-1B528CBAFF7D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7BE87812-1306-42E8-838B-04BAA5FAC1A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F7018A6A-4E34-47C7-9F30-4665FCF64DB7}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F4945D1E-B2F1-4A3F-8C44-320B27862AD8}] => (Allow) C:\Program Files\Garena Plus\ggdllhost.exe
FirewallRules: [{EB6C32FF-217E-455E-92F7-269D33FD1A96}] => (Allow) C:\Program Files\Garena Plus\Room\garena_room.exe
FirewallRules: [TCP Query User{452409B4-26C8-4548-8A39-376645FB3800}C:\users\rhyan\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\rhyan\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [UDP Query User{8195AAA6-9BBC-42A8-9EF5-23053BE99A98}C:\users\rhyan\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\rhyan\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [TCP Query User{BD934EED-A5D3-48EB-BC30-8CA72EB472C9}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.3_40298.exe
FirewallRules: [UDP Query User{D04C9E2D-901A-4C82-BBC5-DB1E40423071}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.3_40298.exe
FirewallRules: [{79A12545-038D-4A25-AA09-AD9502EE2E41}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{9F65F770-911E-483E-B4D9-0BC9B729308F}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{733D9487-2DDE-477B-B6D5-783018344981}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{9032256A-58A4-4F71-A4CC-689725986983}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{60B890E6-D790-46EA-8A65-53CC9F925A32}] => (Allow) C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\lol.launcher.exe
FirewallRules: [{F6BD014C-E11F-4E25-AC83-5136A08918B0}] => (Allow) C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\lol.launcher.exe
FirewallRules: [{3889C24B-F92C-4F1F-84A4-3181784BC65C}] => (Allow) C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\lol.launcher.exe
FirewallRules: [{2CCD0BD8-6334-4038-ABC2-EBBDED760A46}] => (Allow) C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\lol.launcher.exe
FirewallRules: [{13FB0B28-1B06-421A-BBCF-329689CE1874}] => (Allow) C:\Users\Rhyan\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{0573BFB3-2B99-422B-9106-8F9148EA0077}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3615D1EB-3946-4C77-84FC-F70DBD1201C4}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.7_42330.exe
FirewallRules: [UDP Query User{42F84A91-DC73-4CF4-97A8-F2A947BC4AAC}C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Allow) C:\users\rhyan\appdata\roaming\utorrent\updates\3.4.7_42330.exe
FirewallRules: [TCP Query User{13B81E38-23F4-4B1E-BC57-FD7BB63D27D4}C:\users\rhyan\desktop\stranded.deep.patch.0.04.e1.experimental.x86\stranded_deep_x86.exe] => (Allow) C:\users\rhyan\desktop\stranded.deep.patch.0.04.e1.experimental.x86\stranded_deep_x86.exe
FirewallRules: [UDP Query User{5D3BEDA8-B113-4B16-B303-0896D790D99F}C:\users\rhyan\desktop\stranded.deep.patch.0.04.e1.experimental.x86\stranded_deep_x86.exe] => (Allow) C:\users\rhyan\desktop\stranded.deep.patch.0.04.e1.experimental.x86\stranded_deep_x86.exe
==================== Pontos de Restauração =========================
13-07-2016 13:39:21 Windows Update
17-07-2016 13:18:42 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (07/18/2016 03:45:04 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/17/2016 11:09:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa rads_user_kernel.exe versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 1154
Hora de Início: 01d1e099654a2750
Hora de Término: 18
Caminho do Aplicativo: C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\RADS\system\rads_user_kernel.exe
ID do Relatório: a5fef896-4c8c-11e6-9902-0023aee12c5c
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (07/17/2016 04:28:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa rads_user_kernel.exe versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 108c
Hora de Início: 01d1e06150fb5268
Hora de Término: 119
Caminho do Aplicativo: C:\Users\Rhyan\Desktop\REPLAY\Rhyan Fernandes\League of Legends\RADS\system\rads_user_kernel.exe
ID do Relatório: 976c68dc-4c54-11e6-9902-0023aee12c5c
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (07/17/2016 02:32:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (07/17/2016 01:19:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (07/17/2016 12:40:21 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/16/2016 12:34:12 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/16/2016 12:29:52 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (07/15/2016 12:21:02 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/14/2016 10:58:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: League of Legends.exe, versão: 6.14.150.6647, carimbo de data/hora: 0x578008ad
Nome do módulo com falha: League of Legends.exe, versão: 6.14.150.6647, carimbo de data/hora: 0x578008ad
Código de exceção: 0xc0000409
Deslocamento da falha: 0x00f17a4f
ID do processo com falha: 0x1460
Hora de início do aplicativo com falha: 0xLeague of Legends.exe0
Caminho do aplicativo com falha: League of Legends.exe1
Caminho do módulo com falha: League of Legends.exe2
ID do Relatório: League of Legends.exe3
Nome completo do pacote com falha: League of Legends.exe4
ID do aplicativo relativo ao pacote com falha: League of Legends.exe5
Erros de Sistema:
=============
Error: (07/18/2016 11:03:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço SoftProvide foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (07/18/2016 11:03:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Privoxy (PrivoxyService) foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (07/18/2016 03:38:20 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (07/18/2016 03:35:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Assistente de Conectividade de Rede depende do serviço Auxiliar de IP, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058 = O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.
Error: (07/18/2016 03:30:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Configuração Automática de WWAN terminou com o erro:
%%997 = Operação de E/S sobreposta em andamento.
Error: (07/18/2016 03:30:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_43524 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (07/18/2016 03:30:04 AM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Windows.Media.Capture.Internal.AppCaptureShell
Error: (07/18/2016 12:45:23 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (07/18/2016 12:45:16 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (07/17/2016 08:10:03 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}
CodeIntegrity:
===================================
Date: 2016-07-18 11:10:18.855
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:10:18.840
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:10:18.820
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:10:17.677
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:10:17.659
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:09:11.087
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:09:11.063
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:09:10.666
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:09:10.644
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-18 11:09:10.239
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentagem de memória em uso: 54%
RAM física total: 3034.36 MB
RAM física disponível: 1380.25 MB
Virtual Total: 3866.36 MB
Virtual disponível: 2086.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:99.56 GB) (Free:17.11 GB) NTFS
Drive d: () (Fixed) (Total:197.99 GB) (Free:39.92 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E8000000)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=198 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================