Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:05-03-2016 01 Executado por Pedro (2016-03-30 12:42:31) Executando a partir de C:\Users\Pedro\Music\Pictures\Desktop Microsoft Windows 7 Home Basic Service Pack 1 (X86) (2011-05-07 20:33:57) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-3242213785-1770070969-4110494137-500 - Administrator - Disabled) Convidado (S-1-5-21-3242213785-1770070969-4110494137-501 - Limited - Disabled) => C:\Users\Convidado Pedro (S-1-5-21-3242213785-1770070969-4110494137-1000 - Administrator - Enabled) => C:\Users\Pedro ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Baidu Antivirus (Disabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.) Action Games, PokeWorks (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Action Games, PokeWorks) (Version: - ) Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.) Aeria Ignite (HKLM\...\{5CD2884E-CAD6-472A-9F7B-C56D4F978182}) (Version: - ) Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment) Akamai NetSession Interface (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation) Audiggle version 3.0.0.2 (HKLM\...\{FCAD9ED0-C00F-45FA-91DB-F89140EFAB3A}_is1) (Version: 3.0.0.2 - Audiggle LTD) Aurera-Global (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Aurera-Global) (Version: - ) Baidu App Store (HKLM\...\Baidu App Store 5.1.0.8859) (Version: 5.1.0.8859 - Baidu, Inc.) Baidu Browser (HKLM\...\Spark) (Version: 43.18 Preview - Baidu Inc.) Baidu PC Faster (HKLM\...\Baidu PC Faster 4.0.0.0) (Version: 5.0.9.107990 - Baidu Inc.) <==== ATENÇÃO BlueStacks App Player (HKLM\...\{6693B491-7BA8-4A42-A40C-B1BABC8C5339}) (Version: 2.1.7.5658 - BlueStack Systems, Inc.) BYOND (HKLM\...\BYOND) (Version: 501.1217 - BYOND) CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation) CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) CrossFire BR (HKLM\...\CrossFire BR_is1) (Version: V5148 - Z8Games.com) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden EagleGet version 2.0.2.8 (HKLM\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.2.8 - EagleGet) EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - FinalWire Ltd.) Fraps (remove only) (HKLM\...\Fraps) (Version: - ) GameMaker 8.1 (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\GameMaker81) (Version: - ) Gerenciador de Downloads (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\a54e16f5d00985b6) (Version: 0.9.3.106 - Level Up! Gerenciador) Giga Protection (HKLM\...\{516BB79B-2644-4AD1-A6C1-82DC377573D8}_is1) (Version: 5.6 - eyedrops digital) Godot Engine (HKLM\...\Steam App 404790) (Version: - Godot Engine) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Grand Chase History 3.0 (HKLM\...\{9D0C9F3A-DBA7-4A3E-B1A3-A3F57AA15321}_is1) (Version: 3.0 - History Games, Inc.) GraphicsGale FreeEdition version 2.04.03 (HKLM\...\GraphicsGale FreeEdition_is1) (Version: - HUMANBALANCE Ltd.) HyperCam 3 (HKLM\...\HyperCam 3 3.6.1311.20) (Version: 3.6.1311.20 - Solveig Multimedia) Instalador Naruto Revolution (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Instalador Naruto Revolution) (Version: - ) Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2008 - Intel Corporation) Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation) Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel) Internet Explorer (Version: 8 - Microsoft Corporation) Hidden Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) JS Pokemon (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\JS Pokemon) (Version: - ) Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kogama Launcher for Brazil (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\KogamaLauncherBR) (Version: 1.0.0.90 - Multiverse ApS) Launcher PNoX (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\Launcher PNoX) (Version: - ) Lightshot-5.3.0.0 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains) LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.420 - LogMeIn, Inc.) LogMeIn Hamachi (Version: 2.2.0.420 - LogMeIn, Inc.) Hidden LuaEdit 2010 (x86 - 3.0.10.0) (HKLM\...\LuaEdit 2010_is1) (Version: - Open Source) MegaProLib versão 1.0 (HKLM\...\{F922B4E6-04A5-464E-8C40-CB4887DEE0D4}_is1) (Version: 1.0 - Megaware Industrial Ltda) MEmu (HKLM\...\MEmu) (Version: 2.5.0 - Microvirt) Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - ) Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{3911CF56-9EF2-39BA-846A-C27BD3CD0685}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4805.1003 - Microsoft Corporation) Microsoft Office com Clique para Executar 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Português (Brasil) (HKLM\...\{90140011-0066-0416-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\OneDriveSetup.exe) (Version: 17.3.6301.0127 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{53EB5150-C3C6-45F0-A939-14FD85C0F17C}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) MotioninJoy ds3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.00005 - www.motioninjoy.com) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyProduct (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\MyProduct) (Version: - ) Notepad++ (HKLM\...\Notepad++) (Version: 6.6.4 - Notepad++ Team) Object Builder (HKLM\...\{F331D99A-2823-8BA5-3AEC-F0B2E975EE17}) (Version: - ) Object Builder (HKLM\...\ObjectBuilder) (Version: 0.3.4 - UNKNOWN) Office 15 Click-to-Run Extensibility Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden OtPokemonDBR versão 1.0 (HKLM\...\{AB47011F-3B6E-4DDE-B6DD-D88A09B24C29}_is1) (Version: 1.0 - OtPokemonDBR, Inc.) Pacote de Driver do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (12/06/2010 4.0.0000.00000) (HKLM\...\30B2813B1F17EF6D99360A190E7F0D3BA2F0DC3C) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.) Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.) PhotoScape (HKLM\...\PhotoScape) (Version: - ) PokeBrO Patcher (HKLM\...\PokeBrO Patcher) (Version: - ) PokeMIW (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\PokeMIW) (Version: - ) Pokémon Draw 1.10 (HKLM\...\Pokémon Draw 1.10) (Version: - ) Pokémon Rusty versão 1.0 (HKLM\...\{1C10F4AC-2AD3-494C-9070-7FBC85506105}_is1) (Version: 1.0 - Pokémon Rusty, Inc.) PokemonBR Launcher 5.0 (HKLM\...\PokemonBR Launcher 5.0) (Version: - ) PPSSPP version 0.9.8 (HKLM\...\PPSSPP_is1) (Version: 0.9.8 - ) PSky v2 (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\PSky v2) (Version: - ) PSky v4 (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\PSky v4) (Version: - ) PSoul versão 2.7.8 (HKLM\...\{5C5FB05F-B231-4A43-BD55-20A593AE740F}_is1) (Version: 2.7.8 - PSoul) RaidCall (HKLM\...\RaidCall) (Version: 9.0.4-1.0.2688.511 - raidcall.com.br) Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.) Remere's Map Editor (HKLM\...\{9CBEAEF3-C6BA-4F0F-8DC2-03B12BC8CF2F}) (Version: 2.1 - Remere) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.) RGSS-RTP Standard (HKLM\...\RGSS-RTP Standard) (Version: - ) ROTZ versão 0.1 (HKLM\...\{77428B89-375D-4A5E-880B-0AE47CFFC4C5}_is1) (Version: 0.1 - ROTZ) Software de dispositivo do Chipset Intel® (Version: 10.0.27 - Intel(R) Corporation) Hidden SQLite Expert Personal 3.5.92 (HKLM\...\SQLite Expert Personal 3_is1) (Version: - Bogdan Ureche) Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH) Tibia MULTI-ip changer (HKLM\...\TMIPC) (Version: - Asprate) Transformice (HKLM\...\Transformice) (Version: 1.0.0 - UNKNOWN) Unity Web Player (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Visualizador do Microsoft PowerPoint (HKLM\...\{95140000-00AF-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) Woody Woodpecker (HKLM\...\Woody Woodpecker) (Version: - ) ZentyalOnline (HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\ZentyalOnline) (Version: - ) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuthLib.dll () CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{20BEBD18-11D0-4470-AAE1-F34B9E8D9761}\InprocServer32 -> C:\Users\Pedro\AppData\Local\SkypePlugin\7.3.0.501\GatewayActiveX.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Pedro\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{5067957C-53ED-4A6D-90EA-DAE18CD69B10}\localserver32 -> C:\Users\Pedro\AppData\Local\SkypePlugin\7.3.0.501\PluginHost.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{9843d1f9-641f-5b9a-bc7c-f59bba9a8f25}\InprocServer32 -> C:\Program Files\EagleGet\npEagleget.dll (EagleGet) CustomCLSID: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000_Classes\CLSID\{B5322578-1624-4C26-BB8C-E366FFB9314F}\localserver32 -> C:\Users\Pedro\AppData\Local\SkypePlugin\7.3.0.501\GatewayVersion.exe (Skype Technologies S.A.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {1180A551-234D-498C-9643-A4DD3EA130F0} - System32\Tasks\{5FD893B0-2E60-4F38-94C7-89A2B3EA2358} => pcalua.exe -a "C:\Users\Pedro\Downloads\Pokerag Torrent\Pokerag\Setup Pokerag.exe" -d "C:\Users\Pedro\Downloads\Pokerag Torrent\Pokerag" Task: {1875310E-AAF4-42E4-A439-E1A27772EBFD} - System32\Tasks\{3461EFDE-E50E-414A-9EFD-3CB1BC644BBF} => pcalua.exe -a C:\Users\Pedro\Videos\YGOPro\vcredist_x86.exe -d C:\Users\Pedro\Videos\YGOPro Task: {2375F586-1009-41FB-B54E-30D8AF2B781D} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe Task: {2705470B-9926-471B-BA8C-13B89BFDBAE5} - System32\Tasks\{8717A7C0-B769-4C50-95B7-73C2277F4713} => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22] (LogMeIn Inc.) Task: {27D185B0-22A5-439F-959D-5FAAF79B70F9} - System32\Tasks\SparkUpdater => C:\Program Files\baidu\Baidu Browser\SparkUpdate.exe [2016-03-07] (Baidu.com, Inc.) Task: {4ADDB85F-AD3B-4957-A91D-7478BF6B7923} - System32\Tasks\{4BFECFF9-026F-45D7-BB29-920AEA3BA0A0} => pcalua.exe -a "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W\EDITOR ACCOUNT.exe" -d "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W" Task: {5CF6B9CB-7492-4330-B9B6-9B6AE868A757} - System32\Tasks\{ED0B2BBA-3AC4-4E74-BD14-E81B3E0C2CFD} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=12002 Task: {6104BBB5-6326-48B6-A9F5-78EC28F6FC1F} - System32\Tasks\{FB6D6DE5-BE95-471C-88C9-FD9DFC1CBD44} => pcalua.exe -a "C:\Users\Pedro\Music\Pictures\Desktop\PokeDraw 1.10.exe" -d C:\Users\Pedro\Music\Pictures\Desktop Task: {73934C9C-1146-41DD-A2AC-BF0376E3B32B} - System32\Tasks\{82E66198-122D-4035-925D-CA62F5856597} => C:\Program Files\Woody Woodpecker\Woody.exe Task: {74ED9048-8005-43B6-AF1A-C4D259067EB1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation) Task: {7B4549E5-E44F-4F70-85CB-DCEF00D457C5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-14] (Microsoft Corporation) Task: {7C468B9E-E732-4EAF-9B86-CE7381C5D585} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATENÇÃO Task: {86035E4B-C119-461E-B72B-6D79A0EB6060} - System32\Tasks\{8F4ED26C-333D-4242-8123-6906778E302B} => pcalua.exe -a "C:\Program Files\Sound+\uninstaller.exe" Task: {95C27F9F-43D4-4790-81B1-C961C37B7A7A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation) Task: {98446FC3-5CC5-40FF-9F17-216BB194C39E} - System32\Tasks\Baidu PC Faster Service => C:\Program Files\Baidu Security\PC Faster\5.0.0.0\PCFasterSvc.exe [2015-01-20] (Baidu Inc.) Task: {98C7606C-F8C6-4836-9F79-D6B75C6468E6} - System32\Tasks\{FE4E1454-D165-4B85-9590-077F50679EF1} => pcalua.exe -a "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W\NtoBlackW.exe" -d "C:\Users\Pedro\Music\Pictures\Desktop\Servidor NTO B&W" Task: {A2987A9A-2E72-4A1D-B329-DFB43E051994} - System32\Tasks\{8FDDF2C3-B03B-47D9-BB5A-275FF7D17E12} => pcalua.exe -a C:\Joymax\DMO\uninstaller.exe Task: {AC2E59C2-82DF-444A-B67B-4117577873E0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {B2B3C410-CB14-4341-961B-FD5C21186F5B} - System32\Tasks\Baidu PC Faster Update => C:\Program Files\Baidu Security\PC Faster\5.0.0.0\Updater.exe [2014-12-30] (Baidu Inc.) Task: {B949C4D9-8892-40A0-9C93-DAADC8720DE2} - System32\Tasks\{1761EF4C-843D-4DE7-995F-EA6B2209464B} => C:\Users\Pedro\Documents\PokeBrO\client.exe [2015-10-28] (PokeBRO Team ) Task: {BAF576F7-37FF-4962-ADD8-181E70780A3E} - System32\Tasks\{985A0C01-A32D-48AB-8E20-F81128337473} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.0.102/pt/go/help.faq.installer?LastError=1638 Task: {C0502A5D-C730-4FDA-BEC3-9BC94D65BD70} - System32\Tasks\{F7FCCFB8-651D-4C9F-85D6-BB6BD6A13298} => pcalua.exe -a C:\Users\Pedro\Downloads\tibia854.exe -d C:\Users\Pedro\Downloads Task: {C26ACFA3-BEA0-433E-91C4-544BF015F1F9} - System32\Tasks\{0CF05D02-075F-431D-AB7E-4BB725393AE7} => pcalua.exe -a "C:\Program Files\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe" Task: {CD2A489E-67B7-4BC3-BE00-79D883DD4D44} - System32\Tasks\{47A84119-E5E9-4CAF-8EEE-14487B752462} => C:\Users\Pedro\Documents\PokeBrO\client.exe [2015-10-28] (PokeBRO Team ) Task: {CFA96204-6E6B-4F1D-8E4C-A507FC93C881} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-04] (Adobe Systems Incorporated) Task: {D1C3B31A-B287-4F91-90F0-F3CCEFA50FB1} - System32\Tasks\{9FFCE146-453B-4C02-B4FD-3FFD36D61359} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.0.102/pt/abandoninstall?source=lightinstaller&page=tsMain Task: {D2F9188D-F287-47F9-A769-3004141FA48A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe Task: {E32C8F5B-B11F-40B4-96B6-2699973381A1} - \WPD\SqmUpload_S-1-5-21-3242213785-1770070969-4110494137-500 -> Nenhum Arquivo <==== ATENÇÃO Task: {F096DE85-0A8C-499D-99A4-BE97183252CA} - System32\Tasks\{3C3C4A99-CB40-44E7-8AD4-E483BF037D2F} => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22] (LogMeIn Inc.) Task: {F4A799B2-25B4-47A5-B4F7-4F3020341456} - System32\Tasks\{866ADB77-1BAF-4A10-AC0A-874A009BE39A} => pcalua.exe -a F:\Setup.exe -d F:\ Task: {F4C05A59-5C4B-4C98-BA1B-BC327BB5A1C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-12-30 15:08 - 2015-12-30 15:08 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll 2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 _____ () C:\Windows\system32\slc.dll 2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 _____ () C:\Windows\System32\slc.dll 2009-07-13 20:35 - 2011-08-09 12:00 - 00035840 _____ () c:\windows\system32\slc.dll 2015-08-31 21:54 - 2015-10-13 02:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll 2011-05-08 09:30 - 2015-12-08 19:19 - 00413936 _____ () c:\windows\system32\takeexternal.dll 2011-05-08 09:30 - 2015-12-08 19:19 - 00413936 _____ () c:\windows\system32\winsecsrv.dll 2014-04-15 06:51 - 2014-04-15 06:51 - 00594112 _____ () C:\Program Files\Baidu Security\PC Faster\5.0.0.0\sqlite.dll 2016-03-06 18:26 - 2016-03-07 13:39 - 00983352 _____ () C:\Program Files\baidu\Baidu Browser\Spark.exe 2016-03-29 12:34 - 2016-03-29 12:34 - 00099840 _____ () C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [134] AlternateDataStreams: C:\ProgramData\TEMP:6BE50C2B [486] AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:56E2E879 [134] AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:6BE50C2B [486] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\...\aeriagames.com -> hxxp://aeriagames.com ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-05-09 22:31 - 2015-06-29 20:26 - 00000039 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3242213785-1770070969-4110494137-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\startupfolder: C:^Users^Pedro^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 3.8.8.1435.lnk => C:\Windows\pss\PC App Store Uninstall 3.8.8.1435.lnk.Startup MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent MSCONFIG\startupreg: btcl => "C:\Users\Pedro\AppData\Roaming\dist13\btcl.exe" MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files\DAP\DAP.EXE" /STARTUP MSCONFIG\startupreg: EagleGet => C:\Program Files\EagleGet\Eagleget.exe -V MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey MSCONFIG\startupreg: PCAppStore_AppStoreDeskTool => "C:\Program Files\PC App Store\4.10.1.7752\AppStoreDeskTool.exe" MSCONFIG\startupreg: phx => C:\Users\Pedro\AppData\Roaming\phx\lm32.exe MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{18339852-CD09-4975-898A-CF182F8BA4C0}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{7002572A-1628-4357-A926-CEEB43C91CF5}] => (Allow) LPort=2869 FirewallRules: [{29589E20-3D81-4D73-B5A4-6EF8E79B3775}] => (Allow) LPort=1900 FirewallRules: [{A79E040C-6FC4-4A0D-9F48-ED001F97152B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{3A42E0D2-A21E-4852-BA3F-B649F25F86E8}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe FirewallRules: [TCP Query User{48A8BE6E-474E-4AF7-8882-27EB464DD71F}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe FirewallRules: [UDP Query User{FA70D2DE-2CFB-464F-B9BB-7D9E1D501DCE}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe FirewallRules: [TCP Query User{75B9E395-286C-42C5-B0F8-E2D101BBE638}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [UDP Query User{24801691-56D0-42A3-8FD8-CF7D776B8C78}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [{F6AFC031-6A22-41AE-AC68-6EF9A6EE266B}] => (Block) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [{CA73145D-5983-4145-82D3-9FA0A5936E38}] => (Block) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [{00377C04-1176-4918-BF3F-EE25F55C9E7B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{75E1EF01-E000-4E6A-A755-A10B21555DEE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{26B957B5-FDD4-45E3-A61D-9F77023F964C}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exe FirewallRules: [UDP Query User{E6286763-8B7E-4C9C-AD0E-9A34E19B21F4}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exe FirewallRules: [TCP Query User{41A24A07-F773-4217-850A-9F286E9F79A6}C:\windows\system32\igfxpers.exe] => (Block) C:\windows\system32\igfxpers.exe FirewallRules: [UDP Query User{F97150A1-A81E-4E71-8935-B214E6F1DEBF}C:\windows\system32\igfxpers.exe] => (Block) C:\windows\system32\igfxpers.exe FirewallRules: [TCP Query User{F73EFFA3-04FE-43BC-8278-CFAEB001A6AC}C:\windows\system32\dwm.exe] => (Allow) C:\windows\system32\dwm.exe FirewallRules: [UDP Query User{7BDB2AB4-A00F-4628-B83A-BA13CAA20346}C:\windows\system32\dwm.exe] => (Allow) C:\windows\system32\dwm.exe FirewallRules: [TCP Query User{4CAB0E0B-2C31-477C-AFC0-15F07B5883B6}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe FirewallRules: [UDP Query User{56EE4D0B-CCED-4104-ACFE-17BE4877CDAC}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe FirewallRules: [TCP Query User{8C8FAFD1-64E9-4799-9E32-73663EF55ACD}C:\windows\system32\userinit.exe] => (Allow) C:\windows\system32\userinit.exe FirewallRules: [UDP Query User{8D461C2D-DB95-42D1-A0BD-180C93C1A430}C:\windows\system32\userinit.exe] => (Allow) C:\windows\system32\userinit.exe FirewallRules: [{257FB637-63ED-464A-8143-7B7347765D8F}] => (Block) C:\windows\system32\userinit.exe FirewallRules: [{BEEE2221-6B47-424F-A951-06389ADEC84A}] => (Block) C:\windows\system32\userinit.exe FirewallRules: [{5986A744-97E8-4146-8F0F-E4DF354EF7C9}] => (Allow) LPort=7171 FirewallRules: [TCP Query User{F0FB66F2-E48E-428D-B385-0A8CA9306C8B}C:\program files\winrar\winrar.exe] => (Allow) C:\program files\winrar\winrar.exe FirewallRules: [UDP Query User{A3E28594-BE5B-411E-ADEC-333D37F80FDA}C:\program files\winrar\winrar.exe] => (Allow) C:\program files\winrar\winrar.exe FirewallRules: [{89F9C391-B02E-4822-8C6E-600280B313D2}] => (Block) C:\program files\winrar\winrar.exe FirewallRules: [{F2A904BD-4F26-4CA3-BF31-8B2F4F614215}] => (Block) C:\program files\winrar\winrar.exe FirewallRules: [TCP Query User{9D0638FB-EE5F-4072-B113-F623C7904EEA}C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe] => (Block) C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe FirewallRules: [UDP Query User{444F4B82-ACA9-4E7F-9526-CA025D527E3B}C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe] => (Block) C:\program files\asprate\tibia multi ip changer\tibia multi-ip changer.exe FirewallRules: [TCP Query User{0C9EB0DA-F5B3-436E-B2F4-BF6638A58D26}C:\windows\system32\megareg\megareg.exe] => (Block) C:\windows\system32\megareg\megareg.exe FirewallRules: [UDP Query User{35C5D209-076C-44D2-846A-292DB6D2F8A7}C:\windows\system32\megareg\megareg.exe] => (Block) C:\windows\system32\megareg\megareg.exe FirewallRules: [TCP Query User{62CF9471-1C44-4322-8EA0-BADBEBAE1161}C:\windows\regedit.exe] => (Block) C:\windows\regedit.exe FirewallRules: [UDP Query User{77BF6FA5-82EC-47FB-8894-394A1C58CF90}C:\windows\regedit.exe] => (Block) C:\windows\regedit.exe FirewallRules: [{E988F576-ECCB-4621-B003-126AA4744D4A}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\crossfire_downloader.exe FirewallRules: [{7AFE012F-1343-47DB-BA29-8733132CF63D}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\crossfire_downloader.exe FirewallRules: [{256D6FCE-5325-46F2-9465-8E1FFAB8054C}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\cfPT_downloader.exe FirewallRules: [{B124927E-71A8-4EE1-AEA4-8048002E41B3}] => (Allow) C:\Users\Pedro\Documents\My DAP Downloads\cfPT_downloader.exe FirewallRules: [TCP Query User{FE62C861-6E76-4D43-9A15-42CC4AC390AE}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe FirewallRules: [UDP Query User{0EBB8AC6-3BA1-4048-9497-FEC045363B39}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe FirewallRules: [{BFD67446-A5AE-4351-B8A0-5137C18A973F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{42F177BF-D2F6-4F7D-88C8-DC288473D42F}C:\program files\raidcall\raidcall.exe] => (Block) C:\program files\raidcall\raidcall.exe FirewallRules: [UDP Query User{4008B0D8-3E47-4BFF-A367-D06DB6FD9F34}C:\program files\raidcall\raidcall.exe] => (Block) C:\program files\raidcall\raidcall.exe FirewallRules: [{5AA85E3F-50A3-42C2-B7A0-F0ECD874845B}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{FF92B4B9-D5E1-46F1-A634-FBE13B724CC3}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{C84DA560-E130-469D-A951-DDAA4DB6EBED}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{EF5A8782-A06E-4592-BB21-17EC45646791}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{5BB658FD-36C5-417A-8A6C-3BDAC8FF8486}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{01A5E68C-B154-47D9-9CD2-75ACF359ED06}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{B06FBF41-3911-47A2-BB43-4758F9A7FD05}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{7527D2B7-855F-4649-B778-8B4731F22AFF}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{F6A4720B-E006-4301-9507-E3D69C5495D2}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{1369C2BC-384C-4288-AA06-879E4D8AEECC}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{26B76A1A-9932-47AE-9A5E-7A9322A2AD4F}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [TCP Query User{B7872C2A-166E-4F1D-81EE-D9616C0953DE}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [UDP Query User{74F91CED-A5C2-46E6-A311-0F830C20EF3C}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_2eb2bfd527e811c8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [TCP Query User{BFC01534-6852-4B51-9D0E-4FF6DE1DBA54}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [UDP Query User{E94F6D62-02B3-49D1-B61C-3BDE51288926}C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\pedro\appdata\local\apps\2.0\5h0q2t1r.tqb\x2je02a7.pt7\leve..tion_4f84b7a5873ddfc9_0000.0009_f3924e6b8098aac8\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [{0BD7BF26-8DCA-4ED0-8FF6-79EE22596993}] => (Allow) C:\Level Up! Games\Grand Chase\main.exe FirewallRules: [{F2DB3BDD-1033-473C-B118-19F8BAA0D369}] => (Allow) C:\Level Up! Games\Grand Chase\main.exe FirewallRules: [TCP Query User{8D8B806D-B322-4A32-83CB-7B5ED3E9129F}C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe] => (Block) C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe FirewallRules: [UDP Query User{5CE4BCD1-C422-45FC-B89E-C10B5C42E8E3}C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe] => (Block) C:\users\pedro\documents\yu-gi-oh pro\ygopro_vs.exe FirewallRules: [{8EC2C246-378F-4AF2-A9F2-7C024F747C14}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D7F6BA57-B47E-431A-A5C4-ED37EC633D71}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CC35B7E7-ABE2-44DA-BD48-94D5727B5901}] => (Allow) C:\Level Up! Games\Elsword\data\x2.exe FirewallRules: [{806F4EC7-65BB-4D80-8232-FA1881CB56DD}] => (Allow) C:\Level Up! Games\Elsword\data\x2.exe FirewallRules: [TCP Query User{C85B8A88-FB5F-4338-9D3F-41843C96555F}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{1E3A40E5-4D0D-4ADE-9640-7B02C3F6E194}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{75AB8967-492D-4271-8B8E-24992CF5F683}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [TCP Query User{842A841A-C839-4C2F-A9DA-AB9952781FF2}C:\users\pedro\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\pedro\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{BD6EC42A-5A2F-454F-B8D8-88F2CAAF257F}C:\users\pedro\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\pedro\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{3C2C258F-C6EC-49F7-BDC2-EF87B5A491E0}C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe] => (Block) C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe FirewallRules: [UDP Query User{58C91537-A1D1-4990-8B15-F1D955D96895}C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe] => (Block) C:\users\pedro\videos\ygopro\ygopro_vs_ai_debug.exe FirewallRules: [{19EE6CEF-8E8F-4921-A2D0-D2DFBC8E3E57}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe FirewallRules: [{91911B81-CD7B-4763-958E-A5BE42B2F32B}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe FirewallRules: [TCP Query User{992C69AD-B2ED-4E49-80C2-D546B889F914}C:\windows\system32\wuauclt.exe] => (Block) C:\windows\system32\wuauclt.exe FirewallRules: [UDP Query User{02F36BEA-F03F-4503-AD1C-BB05A62DDB71}C:\windows\system32\wuauclt.exe] => (Block) C:\windows\system32\wuauclt.exe FirewallRules: [TCP Query User{4924BBD9-6456-4518-A87C-AE46B78113B2}C:\program files\microsoft xbox 360 accessories\xboxstat.exe] => (Block) C:\program files\microsoft xbox 360 accessories\xboxstat.exe FirewallRules: [UDP Query User{B8D1609B-252C-45D5-862F-CE4BCE170463}C:\program files\microsoft xbox 360 accessories\xboxstat.exe] => (Block) C:\program files\microsoft xbox 360 accessories\xboxstat.exe FirewallRules: [TCP Query User{10F6CBC2-69A8-4D4D-AD68-C5DC2A73D92C}C:\windows\system32\taskmgr.exe] => (Block) C:\windows\system32\taskmgr.exe FirewallRules: [UDP Query User{1DA6FB6C-F0C6-46BA-A4D8-1D84C1FADB42}C:\windows\system32\taskmgr.exe] => (Block) C:\windows\system32\taskmgr.exe FirewallRules: [TCP Query User{889AB15C-88C7-4E95-9AA9-628595C865A7}C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe] => (Allow) C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe FirewallRules: [UDP Query User{6EE8C663-E964-4A1F-AB85-B47A49AAB5EA}C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe] => (Allow) C:\users\pedro\videos\coisas do nto\naruto white\theforgottenserver.exe FirewallRules: [{76A1A988-1199-4CE0-9F74-F4EB7F2C35CE}] => (Allow) LPort=7171 FirewallRules: [{99B9F3F5-9E2B-44B2-9246-F2E4B707661C}] => (Allow) LPort=7171 FirewallRules: [TCP Query User{6DA2B786-5857-457D-ADC7-C84222B9E6E4}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Block) C:\users\pedro\videos\yugioh\ygopro_vs.exe FirewallRules: [UDP Query User{32BED6BD-5C1B-454D-8671-97938A6C5B84}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Block) C:\users\pedro\videos\yugioh\ygopro_vs.exe FirewallRules: [{4B0AA30B-FB51-4979-BD8F-63E3224971CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{2B89606C-4826-4605-8CC7-33EE6EF2EB50}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{75BA2FD1-772A-4D2C-8710-9232DC079A1A}] => (Allow) C:\Level Up\Elsword\data\x2.exe FirewallRules: [{51DFFE9D-CA35-4848-8880-9ECDCDB434E3}] => (Allow) C:\Level Up\Elsword\data\x2.exe FirewallRules: [{F5AFD418-7092-4C18-B1AA-47C769FCC5B2}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe FirewallRules: [{77CCEEBB-FE06-4CD8-BAAC-41237B54DEA5}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe FirewallRules: [{08572770-1EFE-42A6-B54A-F6ADB33B5554}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe FirewallRules: [{8F63E0CA-31CD-4D02-939D-4528FC0B6977}] => (Allow) C:\Program Files\Z8Games\CrossFire BR\cfPT_launcher.exe FirewallRules: [TCP Query User{6E66DAD1-2E68-4D73-9F84-00BD8569DBFC}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs.exe FirewallRules: [UDP Query User{897E4704-ED6B-40C0-BCED-A3B5455EE168}C:\users\pedro\videos\yugioh\ygopro_vs.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs.exe FirewallRules: [TCP Query User{D5285E8D-6D32-4432-B7FC-E0B587BF42B6}C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe] => (Allow) C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe FirewallRules: [UDP Query User{2760885E-B6B7-4BC2-AF53-EBDE7C53405A}C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe] => (Allow) C:\users\pedro\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe FirewallRules: [{A92CABD5-A343-48E5-BA93-D2C151869705}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe FirewallRules: [{8EAB3115-916D-40C0-B248-92B28D54EFD8}] => (Allow) C:\Program Files\RaidCall.BR\rcplugin.exe FirewallRules: [{CAD1B620-AC7F-4425-88A9-45AC82EDA71D}] => (Allow) C:\Program Files\RaidCall.BR\raidcall.exe FirewallRules: [{8552804C-48C8-43AF-AA10-42F7D5EAAE24}] => (Allow) C:\Program Files\RaidCall.BR\raidcall.exe FirewallRules: [{4B066957-5534-4B23-9B50-685D580C8E9B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{05ACCD09-AF3C-4F8C-9508-ECDF7EF2A055}] => (Allow) C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [TCP Query User{869E63C8-CF45-445E-995B-EA925804965D}D:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr841n\easysetupassistant.exe FirewallRules: [UDP Query User{0DC4F09F-9AFC-4A31-84B1-8F4864D8056B}D:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr841n\easysetupassistant.exe FirewallRules: [TCP Query User{0938220A-BB5A-4EE4-9A86-5D362878A5B3}C:\program files\luaedit 2010\luaedit.exe] => (Block) C:\program files\luaedit 2010\luaedit.exe FirewallRules: [UDP Query User{3BF1F4F7-FDCB-4693-BC15-684ACF0AFE05}C:\program files\luaedit 2010\luaedit.exe] => (Block) C:\program files\luaedit 2010\luaedit.exe FirewallRules: [{C3B0B024-D1ED-4F5C-A8A4-D117BCED3D27}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\Steam.exe FirewallRules: [{178CB747-A071-4D4C-88A2-7F83CA866252}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\Steam.exe FirewallRules: [{CF189B11-BDE6-4A14-A0A1-24A65FF56CAA}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\bin\steamwebhelper.exe FirewallRules: [{7EC35FF6-E977-4DA5-AE39-4520656BAFE9}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\bin\steamwebhelper.exe FirewallRules: [{5629AF62-E3DA-42F4-9B2C-8CE1F48F7FB5}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\steamapps\common\Godot Engine\godot.windows.opt.tools.32.exe FirewallRules: [{F2874E78-410B-4AF8-B20A-14B672833535}] => (Allow) C:\Program Files\Steam\SteamApps\Steam\steamapps\common\Godot Engine\godot.windows.opt.tools.32.exe FirewallRules: [{B21283B7-D46C-4004-AB1A-649A012B5A43}] => (Allow) C:\Program Files\Grand Chase History\main.exe FirewallRules: [{DF11D711-54CD-4AB7-8EBE-DEAA2B1ED927}] => (Allow) C:\Program Files\Grand Chase History\main.exe FirewallRules: [TCP Query User{72467995-47EA-4C5E-A99A-6A225D646145}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Allow) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe FirewallRules: [UDP Query User{1A2D974C-CC72-48C8-9317-9C1A2D757781}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Allow) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe FirewallRules: [TCP Query User{67EEA94F-9FFF-4147-9CF9-E8F74C1012AE}C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe FirewallRules: [UDP Query User{593157D3-0A59-4664-9273-BF6000E0C791}C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe] => (Allow) C:\users\pedro\videos\yugioh\ygopro_vs_ai_debug.exe StandardProfile\AuthorizedApplications: [C:\Windows\system32\winlogon.exe] => enabled:@shell32.dll,-1 StandardProfile\AuthorizedApplications: [C:\Windows\system32\wininit.exe] => enabled:@shell32.dll,-1 ==================== Pontos de Restauração ========================= 24-03-2016 01:51:17 Windows Update 24-03-2016 11:46:01 Windows Update 25-03-2016 01:22:45 Windows Update 25-03-2016 10:40:06 Windows Update 26-03-2016 02:53:53 Windows Update 26-03-2016 11:05:58 Windows Update 27-03-2016 11:27:22 Windows Update 27-03-2016 19:00:40 Backup do Windows 27-03-2016 23:06:07 Windows Update 28-03-2016 12:31:50 Windows Update 28-03-2016 22:50:58 Windows Update 29-03-2016 12:37:40 Windows Update 29-03-2016 19:29:37 Installed Safari 29-03-2016 19:38:08 Removed Safari ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Unidade de disquete Description: Unidade de disquete Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318} Manufacturer: (Unidades de disquete padrão) Service: flpydisk Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Adaptador de Túnel Teredo da Microsoft Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/30/2016 12:40:26 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 148c Hora de Início: 01d18a9a6182fda7 Hora de Término: 4 Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe Id do Relatório: b8051328-f68d-11e5-bb5b-4487fcba7ef6 Error: (03/30/2016 12:39:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 1314 Hora de Início: 01d18a9a5449a285 Hora de Término: 3 Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe Id do Relatório: 9bdeda24-f68d-11e5-bb5b-4487fcba7ef6 Error: (03/30/2016 12:39:19 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 1078 Hora de Início: 01d18a9a08f2567c Hora de Término: 5 Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe Id do Relatório: 9045c79a-f68d-11e5-bb5b-4487fcba7ef6 Error: (03/30/2016 12:37:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 11b8 Hora de Início: 01d18a99f0476e95 Hora de Término: 3 Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe Id do Relatório: 43d0ab51-f68d-11e5-bb5b-4487fcba7ef6 Error: (03/30/2016 12:36:21 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 1620 Hora de Início: 01d18a99d09edf79 Hora de Término: 2 Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe Id do Relatório: 25da3f61-f68d-11e5-bb5b-4487fcba7ef6 Error: (03/30/2016 12:35:37 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa FRST.exe versão 5.3.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 1178 Hora de Início: 01d18a9990b5c4c8 Hora de Término: 4 Caminho do Aplicativo: C:\Users\Pedro\Music\Pictures\Desktop\FRST.exe Id do Relatório: 0ac8fcdb-f68d-11e5-bb5b-4487fcba7ef6 Error: (03/30/2016 12:23:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: SkypeUpdateEx.exe, versão: 0.0.0.0, carimbo de hora: 0x5668e9c7 Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento com falha: 0x6f0142c3 Identificação do processo com falha: 0x844 Hora de início do aplicativo com falha: 0xSkypeUpdateEx.exe0 Caminho do aplicativo com falha: SkypeUpdateEx.exe1 FCaminho do módulo de falhas: SkypeUpdateEx.exe2 Identificação do Relatório: SkypeUpdateEx.exe3 Error: (03/29/2016 08:11:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa CCleaner.exe versão 4.15.0.4725 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 17e8 Hora de Início: 01d18a0c49546fb6 Hora de Término: 65 Caminho do Aplicativo: C:\Program Files\CCleaner\CCleaner.exe Id do Relatório: 986b0e84-f603-11e5-92b6-4487fcba7ef6 Error: (03/29/2016 07:13:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: SkypeUpdateEx.exe, versão: 0.0.0.0, carimbo de hora: 0x5668e9c7 Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento com falha: 0x6fcf42c3 Identificação do processo com falha: 0x66c Hora de início do aplicativo com falha: 0xSkypeUpdateEx.exe0 Caminho do aplicativo com falha: SkypeUpdateEx.exe1 FCaminho do módulo de falhas: SkypeUpdateEx.exe2 Identificação do Relatório: SkypeUpdateEx.exe3 Error: (03/29/2016 07:05:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: ygopro_vs.exe, versão: 1.0.3.7, carimbo de hora: 0x31fd8b88 Nome do módulo de falhas: ygopro_vs.exe, versão: 1.0.3.7, carimbo de hora: 0x31fd8b88 Código de exceção: 0xc0000005 Deslocamento com falha: 0x000378b7 Identificação do processo com falha: 0x264 Hora de início do aplicativo com falha: 0xygopro_vs.exe0 Caminho do aplicativo com falha: ygopro_vs.exe1 FCaminho do módulo de falhas: ygopro_vs.exe2 Identificação do Relatório: ygopro_vs.exe3 Erros de Sistema: ============= Error: (03/30/2016 12:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço SkypeUpdateEx foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/30/2016 12:22:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Xbox Live Network Manager Service devido ao seguinte erro: %%2 Error: (03/30/2016 12:22:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Microsoft Antimalware Service terminou com o erro: %%-2147024894 Error: (03/29/2016 08:27:48 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço Baidu PC Faster Service 4.0.0.0 está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (03/29/2016 07:14:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço SkypeUpdateEx foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/29/2016 07:13:21 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (03/29/2016 07:12:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Xbox Live Network Manager Service devido ao seguinte erro: %%2 Error: (03/29/2016 07:12:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Microsoft Antimalware Service terminou com o erro: %%-2147024894 Error: (03/29/2016 04:30:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço SkypeUpdateEx foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/29/2016 04:28:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Xbox Live Network Manager Service devido ao seguinte erro: %%2 CodeIntegrity: =================================== Date: 2016-03-30 12:41:13.119 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system. Date: 2016-03-30 12:41:12.855 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system. Date: 2016-03-29 15:52:42.819 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system. Date: 2016-03-29 15:52:42.622 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system. Date: 2016-03-29 15:51:37.981 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system. Date: 2016-03-29 15:51:37.811 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system. Date: 2016-03-29 15:48:13.334 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system. Date: 2016-03-29 15:48:13.134 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system. Date: 2016-03-29 14:02:01.533 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system. Date: 2016-03-29 14:02:01.221 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz Percentagem de memória em uso: 54% RAM física total: 1911.12 MB RAM física disponível: 864.19 MB Virtual Total: 3822.23 MB Virtual disponível: 2799.1 MB ==================== Drives ================================ Drive c: (Win7) (Fixed) (Total:465.76 GB) (Free:345.62 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] Drive d: (CD105A4) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 27E1EF72) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================