Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 17-10-2016
Executado por Pipano (26-10-2016 00:31:34)
Executando a partir de C:\Users\Pipano\Downloads
Windows 7 Home Premium (X64) (2016-07-08 23:20:00)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2774441584-2175777879-4090157555-500 - Administrator - Disabled)
Convidado (S-1-5-21-2774441584-2175777879-4090157555-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2774441584-2175777879-4090157555-1002 - Limited - Enabled)
Pipano (S-1-5-21-2774441584-2175777879-4090157555-1000 - Administrator - Enabled) => C:\Users\Pipano
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version: - Sandbox Interactive GmbH)
Atualizações da NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Battlerite (HKLM\...\Steam App 504370) (Version: - Stunlock Studios)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Discord (HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4243 - DLL-Files.com Client)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Gamersclub Anti Cheat (HKLM-x32\...\{C14C05CA-F9F5-45C3-9C23-43E10AF71897}) (Version: 1.00 - EMACLab)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
K-Lite Mega Codec Pack 12.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.3.0 - KLCP)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
Live-RO (HKLM-x32\...\Live-RO) (Version: - )
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 pt-BR)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Mu (HKLM-x32\...\{F57CEB84-3D22-4657-8EDA-F8CD5217B83E}) (Version: 0.68 - )
MU LEGEND GLOBAL CBT (HKLM-x32\...\{MU2GB92C-VH2O-Z2AQ-N26J-M2VJEWJEUE52}_is1) (Version: 1.0.0.0 - Webzen)
NVIDIA Driver de áudio HD 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Driver de gráficos 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.69 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.69 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OX-RO versão 1.0 (HKLM-x32\...\{C6E31EAD-E955-4278-BBD7-9945C9CC2283}_is1) (Version: 1.0 - )
Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation)
Painel de controle da NVIDIA 368.69 (Version: 368.69 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7865 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 5.30 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.4 - win.rar GmbH)
YellowSend (HKLM-x32\...\YSPackage) (Version: - CMI Limited) <==== ATENÇÃO
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {079D4B3E-DA6E-4262-B797-5C230DD8D88D} - System32\Tasks\psv_San-Ex => /c regedit.exe /s "C:\ProgramData\Quoteex\Istech.reg" & del "C:\ProgramData\Quoteex\Istech.reg" & SCHTASKS /Delete /TN "psv_San-Ex" /F <==== ATENÇÃO
Task: {3D57688C-E7AA-4E7C-A619-12A9CC557ABE} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {49AFEDC0-6B82-4E75-BBA7-19A7B62B46EA} - System32\Tasks\Fholeckersory Mapper => C:\Program Files (x86)\Ckidoiedhihuly\kadagh.exe [2016-10-25] (Glarysoft Ltd)
Task: {70410CCD-D43E-47AB-A7A6-B6E22547130E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {AB32A179-C206-40F4-BFCE-8B20DD3719D6} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-08-01] ()
Task: {ABCDEEE9-B35D-41C5-9315-234EFC8E4560} - System32\Tasks\{3F3E177D-7434-40DE-BCBF-59D44FCA1E61} => Chrome.exe hxxp://ui.skype.com/ui/0/7.27.85.101/pt/abandoninstall?page=tsMain
Task: {D00D835E-B4E3-4272-BE40-03E9E3DEB708} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-08] (Google Inc.)
Task: {E6FEF5F7-6EA6-473C-A0DE-20BF14994F30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-08] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\Pipano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\Users\Pipano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\Pipano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\Users\Pipano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
==================== Módulos Carregados (Whitelisted) ==============
2016-07-08 22:38 - 2016-06-29 16:37 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-10-25 23:52 - 2016-10-22 22:08 - 03786752 _____ () C:\ProgramData\Logic Handler\set.exe
2016-09-26 05:00 - 2016-09-28 06:08 - 00057856 _____ () C:\ProgramData\NetworkPacketManitor\Nettrans.exe
2016-07-08 23:00 - 2016-06-29 20:44 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-08-31 22:55 - 2016-08-31 23:09 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-08 23:00 - 2016-06-29 20:44 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-10-25 23:52 - 2016-10-25 23:52 - 00358912 _____ () C:\ProgramData\Quoteex\Dentotone.dll
2016-10-25 20:40 - 2016-10-24 11:06 - 31066304 _____ () C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.205\pepflashplayer.dll
2016-10-25 23:58 - 2016-10-25 23:58 - 00277504 _____ () c:\program files (x86)\ckidoiedhihuly\thavuywifiiedreports.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-08 23:06 - 1999-12-31 22:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2016-10-25 23:53 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 201.17.128.197 - 201.17.128.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Discord => C:\Users\Pipano\AppData\Local\Discord\app-0.0.296\Discord.exe
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{BF1BDB7E-EC49-4680-BE6A-C5940FFA6E91}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{24FBC9AA-D89F-4EF0-ADF3-4F37FAF8E426}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0B4F69D6-A5A7-4DE6-93C9-C79369467F40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A072AF36-41F7-48E8-97AC-91BA7D89C9E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{54D170B1-07CC-4BBC-965F-78F2FC5F68DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DE31BFF5-71C8-4FC3-AD3F-3A484354EB5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B2171E54-7670-490B-BE76-FBBF841B0A5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A8E4A984-B4A4-4EFC-B49F-E9FAFDA000DD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AB9D4DEE-B322-485C-968B-8109F0AFBABE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{831AC65A-6E9A-4791-8021-C93FF0C600C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DC6B4952-3B59-41F3-8949-5A5C79D225E3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E6B2B5BC-F71D-4D9B-8C6F-62EC72DBEEC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DD9E3699-54BB-461C-815A-E585E608C57D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{3FFBD736-4E25-4D27-8CC7-BC5D53A9876E}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [UDP Query User{0695D75A-BEE4-43F5-9F50-D9A9C811DB85}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [TCP Query User{0A060D8A-1980-4B55-896E-34E6D6918700}C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D933056F-AA26-4551-88C2-87CA2FD80BC1}C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
FirewallRules: [{03B3B093-A920-477F-8C50-0395DDDD9FEB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AE170F84-D6AC-4125-A506-6D217501375F}] => (Allow) C:\Users\Pipano\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{D70BF02B-E37B-4A61-A6D2-C70EDB4BE39A}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{1380F2A6-B268-4FEC-9CE0-6089387724ED}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4981E98B-63E5-4D0D-89BB-169017893467}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{60E3D7C0-777D-4EB2-8B49-3117517D48C4}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6656E53D-16CF-4282-AC55-E6BF97E9E4DD}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{60B119C9-7593-4BE7-A217-A98CC2636EA7}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{55271598-970A-4E31-B2F8-C831E544F458}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EC826B4B-ED70-44F6-82E1-0F35C57ED876}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0766A648-5BB1-4A92-B1BE-DAE85502D28D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{02C0A9AC-0124-4B4F-A756-8AF7D26E7609}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{43705B8E-0C86-415B-BADB-989F98B5A064}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0B1FDB63-1F46-45E9-B1D2-D7D3CC9409BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{80E7EDB9-F79C-49C2-B427-816CF9BABEAD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EA828D8F-4D5E-44CA-9461-E95A3471C741}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{2D816EA3-3BCD-4DB7-9D2B-1CC0A7DECAE9}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{20560FCB-BE62-497B-A57D-2A0071A73D1A}C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe] => (Allow) C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe
FirewallRules: [UDP Query User{53A8B5E7-FD42-4B25-A4B0-0C809961E443}C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe] => (Allow) C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe
FirewallRules: [{FFF7DB20-B339-4F55-A2E5-C5F8FA605884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{4B1D5208-3499-4139-8405-AB3A1D14B9E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{C3B54AA0-9D84-4332-94E4-2DF6A7FCA642}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{42C36BD4-200B-4689-A46B-E92C23FB7A16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{F6121E27-0810-4E66-92D7-CD9FDCE5AF50}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{0BC776A2-ED10-40FB-951E-9CCC7525730B}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{D9B7A359-C6A7-4DE8-AC89-5E1230A2B024}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3C368C6D-6040-4930-AF28-444A7CA4A033}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9284B427-ED55-4602-8FC2-95DFE69A7963}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{6EFF09F3-4038-47A7-99D2-2CA31CB34D3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{46776A25-4A62-41CD-A700-73F51238011E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B45FF220-ABA3-499F-9EFC-F56E2ECD343C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{408D5727-D804-407C-B2A9-E944B6FEE160}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{85476B44-072E-4C4B-AD54-D7DAC20D71F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D40D748F-045C-4D1D-B185-6601EBE11BBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{32A1ED47-E104-4E57-AE61-7CF765412FD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA71B753-C678-42CE-90B8-9B6389D28490}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5F31537F-0264-43EE-80FF-D53496E27568}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3D7BF60C-651A-41D3-B062-6DFBB54DF485}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E58B14F8-38D9-4F38-9FED-93D7401E8CC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A27F7F5A-63F4-47B4-BD31-ED5937D62278}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{825992B6-2F6F-4F02-9C28-F026A4D1C78D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{17229D14-4BED-4EA2-BED9-97A685AB31A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
22-10-2016 11:39:04 Ponto de Verificação Agendado
25-10-2016 23:19:53 DirectX instalado
25-10-2016 23:27:06 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
25-10-2016 23:57:23 Removed Traffic Exchange
26-10-2016 00:16:15 Removed Online.io Application
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (10/26/2016 12:26:44 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:26:44 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:26:34 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:26:34 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Erros de Sistema:
=============
Error: (10/26/2016 12:16:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Rapid Storage Technology foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (10/26/2016 12:13:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Network Packet Manitor suspenso ao iniciar.
Error: (10/26/2016 12:13:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Background Logic Handler suspenso ao iniciar.
Error: (10/26/2016 12:11:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (60000 milissegundos) ao aguardar a conexão do serviço Hi-Rez Studios Authenticate and Update Service.
Error: (10/26/2016 12:10:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 00:09:26 às 26/10/2016 não era esperado.
Error: (10/26/2016 12:09:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (60000 milissegundos) ao aguardar a conexão do serviço Hi-Rez Studios Authenticate and Update Service.
Error: (10/25/2016 11:59:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço Prikadom está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (10/25/2016 11:23:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: O servidor {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} não se registrou com o DCOM dentro do tempo limite requerido.
Error: (10/24/2016 10:46:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Rapid Storage Technology foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (10/24/2016 10:21:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Rapid Storage Technology foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
CodeIntegrity:
===================================
Date: 2016-07-08 21:04:51.048
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-08 21:04:51.032
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-08 20:51:13.232
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-08 20:51:13.216
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentagem de memória em uso: 32%
RAM física total: 8088.79 MB
RAM física disponível: 5448.09 MB
Virtual Total: 16175.72 MB
Virtual disponível: 13597.02 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:700.83 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5D9FE1A4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Pipano (26-10-2016 00:31:34)
Executando a partir de C:\Users\Pipano\Downloads
Windows 7 Home Premium (X64) (2016-07-08 23:20:00)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2774441584-2175777879-4090157555-500 - Administrator - Disabled)
Convidado (S-1-5-21-2774441584-2175777879-4090157555-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2774441584-2175777879-4090157555-1002 - Limited - Enabled)
Pipano (S-1-5-21-2774441584-2175777879-4090157555-1000 - Administrator - Enabled) => C:\Users\Pipano
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version: - Sandbox Interactive GmbH)
Atualizações da NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Battlerite (HKLM\...\Steam App 504370) (Version: - Stunlock Studios)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Discord (HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4243 - DLL-Files.com Client)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Gamersclub Anti Cheat (HKLM-x32\...\{C14C05CA-F9F5-45C3-9C23-43E10AF71897}) (Version: 1.00 - EMACLab)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
K-Lite Mega Codec Pack 12.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.3.0 - KLCP)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
Live-RO (HKLM-x32\...\Live-RO) (Version: - )
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 pt-BR)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Mu (HKLM-x32\...\{F57CEB84-3D22-4657-8EDA-F8CD5217B83E}) (Version: 0.68 - )
MU LEGEND GLOBAL CBT (HKLM-x32\...\{MU2GB92C-VH2O-Z2AQ-N26J-M2VJEWJEUE52}_is1) (Version: 1.0.0.0 - Webzen)
NVIDIA Driver de áudio HD 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Driver de gráficos 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.69 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.69 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OX-RO versão 1.0 (HKLM-x32\...\{C6E31EAD-E955-4278-BBD7-9945C9CC2283}_is1) (Version: 1.0 - )
Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation)
Painel de controle da NVIDIA 368.69 (Version: 368.69 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7865 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 5.30 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.4 - win.rar GmbH)
YellowSend (HKLM-x32\...\YSPackage) (Version: - CMI Limited) <==== ATENÇÃO
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {079D4B3E-DA6E-4262-B797-5C230DD8D88D} - System32\Tasks\psv_San-Ex => /c regedit.exe /s "C:\ProgramData\Quoteex\Istech.reg" & del "C:\ProgramData\Quoteex\Istech.reg" & SCHTASKS /Delete /TN "psv_San-Ex" /F <==== ATENÇÃO
Task: {3D57688C-E7AA-4E7C-A619-12A9CC557ABE} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {49AFEDC0-6B82-4E75-BBA7-19A7B62B46EA} - System32\Tasks\Fholeckersory Mapper => C:\Program Files (x86)\Ckidoiedhihuly\kadagh.exe [2016-10-25] (Glarysoft Ltd)
Task: {70410CCD-D43E-47AB-A7A6-B6E22547130E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {AB32A179-C206-40F4-BFCE-8B20DD3719D6} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-08-01] ()
Task: {ABCDEEE9-B35D-41C5-9315-234EFC8E4560} - System32\Tasks\{3F3E177D-7434-40DE-BCBF-59D44FCA1E61} => Chrome.exe hxxp://ui.skype.com/ui/0/7.27.85.101/pt/abandoninstall?page=tsMain
Task: {D00D835E-B4E3-4272-BE40-03E9E3DEB708} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-08] (Google Inc.)
Task: {E6FEF5F7-6EA6-473C-A0DE-20BF14994F30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-08] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\Pipano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\Users\Pipano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\Pipano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\Users\Pipano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
==================== Módulos Carregados (Whitelisted) ==============
2016-07-08 22:38 - 2016-06-29 16:37 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-10-25 23:52 - 2016-10-22 22:08 - 03786752 _____ () C:\ProgramData\Logic Handler\set.exe
2016-09-26 05:00 - 2016-09-28 06:08 - 00057856 _____ () C:\ProgramData\NetworkPacketManitor\Nettrans.exe
2016-07-08 23:00 - 2016-06-29 20:44 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-08-31 22:55 - 2016-08-31 23:09 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-08 23:00 - 2016-06-29 20:44 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-10-25 23:52 - 2016-10-25 23:52 - 00358912 _____ () C:\ProgramData\Quoteex\Dentotone.dll
2016-10-25 20:40 - 2016-10-24 11:06 - 31066304 _____ () C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.205\pepflashplayer.dll
2016-10-25 23:58 - 2016-10-25 23:58 - 00277504 _____ () c:\program files (x86)\ckidoiedhihuly\thavuywifiiedreports.dll
2016-07-08 23:00 - 2016-06-29 20:44 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-08 23:06 - 1999-12-31 22:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2016-10-25 23:53 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 201.17.128.197 - 201.17.128.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Discord => C:\Users\Pipano\AppData\Local\Discord\app-0.0.296\Discord.exe
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{BF1BDB7E-EC49-4680-BE6A-C5940FFA6E91}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{24FBC9AA-D89F-4EF0-ADF3-4F37FAF8E426}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0B4F69D6-A5A7-4DE6-93C9-C79369467F40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A072AF36-41F7-48E8-97AC-91BA7D89C9E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{54D170B1-07CC-4BBC-965F-78F2FC5F68DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DE31BFF5-71C8-4FC3-AD3F-3A484354EB5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B2171E54-7670-490B-BE76-FBBF841B0A5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A8E4A984-B4A4-4EFC-B49F-E9FAFDA000DD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AB9D4DEE-B322-485C-968B-8109F0AFBABE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{831AC65A-6E9A-4791-8021-C93FF0C600C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DC6B4952-3B59-41F3-8949-5A5C79D225E3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E6B2B5BC-F71D-4D9B-8C6F-62EC72DBEEC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DD9E3699-54BB-461C-815A-E585E608C57D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{3FFBD736-4E25-4D27-8CC7-BC5D53A9876E}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [UDP Query User{0695D75A-BEE4-43F5-9F50-D9A9C811DB85}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [TCP Query User{0A060D8A-1980-4B55-896E-34E6D6918700}C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D933056F-AA26-4551-88C2-87CA2FD80BC1}C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
FirewallRules: [{03B3B093-A920-477F-8C50-0395DDDD9FEB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AE170F84-D6AC-4125-A506-6D217501375F}] => (Allow) C:\Users\Pipano\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{D70BF02B-E37B-4A61-A6D2-C70EDB4BE39A}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{1380F2A6-B268-4FEC-9CE0-6089387724ED}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4981E98B-63E5-4D0D-89BB-169017893467}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{60E3D7C0-777D-4EB2-8B49-3117517D48C4}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6656E53D-16CF-4282-AC55-E6BF97E9E4DD}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{60B119C9-7593-4BE7-A217-A98CC2636EA7}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{55271598-970A-4E31-B2F8-C831E544F458}] => (Allow) C:\Users\Pipano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EC826B4B-ED70-44F6-82E1-0F35C57ED876}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0766A648-5BB1-4A92-B1BE-DAE85502D28D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{02C0A9AC-0124-4B4F-A756-8AF7D26E7609}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{43705B8E-0C86-415B-BADB-989F98B5A064}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0B1FDB63-1F46-45E9-B1D2-D7D3CC9409BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{80E7EDB9-F79C-49C2-B427-816CF9BABEAD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EA828D8F-4D5E-44CA-9461-E95A3471C741}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{2D816EA3-3BCD-4DB7-9D2B-1CC0A7DECAE9}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{20560FCB-BE62-497B-A57D-2A0071A73D1A}C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe] => (Allow) C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe
FirewallRules: [UDP Query User{53A8B5E7-FD42-4B25-A4B0-0C809961E443}C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe] => (Allow) C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe
FirewallRules: [{FFF7DB20-B339-4F55-A2E5-C5F8FA605884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{4B1D5208-3499-4139-8405-AB3A1D14B9E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{C3B54AA0-9D84-4332-94E4-2DF6A7FCA642}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{42C36BD4-200B-4689-A46B-E92C23FB7A16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{F6121E27-0810-4E66-92D7-CD9FDCE5AF50}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{0BC776A2-ED10-40FB-951E-9CCC7525730B}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{D9B7A359-C6A7-4DE8-AC89-5E1230A2B024}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3C368C6D-6040-4930-AF28-444A7CA4A033}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9284B427-ED55-4602-8FC2-95DFE69A7963}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{6EFF09F3-4038-47A7-99D2-2CA31CB34D3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{46776A25-4A62-41CD-A700-73F51238011E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B45FF220-ABA3-499F-9EFC-F56E2ECD343C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{408D5727-D804-407C-B2A9-E944B6FEE160}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{85476B44-072E-4C4B-AD54-D7DAC20D71F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D40D748F-045C-4D1D-B185-6601EBE11BBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{32A1ED47-E104-4E57-AE61-7CF765412FD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA71B753-C678-42CE-90B8-9B6389D28490}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5F31537F-0264-43EE-80FF-D53496E27568}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3D7BF60C-651A-41D3-B062-6DFBB54DF485}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E58B14F8-38D9-4F38-9FED-93D7401E8CC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A27F7F5A-63F4-47B4-BD31-ED5937D62278}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{825992B6-2F6F-4F02-9C28-F026A4D1C78D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{17229D14-4BED-4EA2-BED9-97A685AB31A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
22-10-2016 11:39:04 Ponto de Verificação Agendado
25-10-2016 23:19:53 DirectX instalado
25-10-2016 23:27:06 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
25-10-2016 23:57:23 Removed Traffic Exchange
26-10-2016 00:16:15 Removed Online.io Application
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (10/26/2016 12:26:44 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:26:44 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:26:34 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:26:34 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Error: (10/26/2016 12:22:11 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (476) SUS20ClientDataStore: Não é possível ler o cabeçalho do arquivo de log C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Erro -546.
Erros de Sistema:
=============
Error: (10/26/2016 12:16:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Rapid Storage Technology foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (10/26/2016 12:13:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Network Packet Manitor suspenso ao iniciar.
Error: (10/26/2016 12:13:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Background Logic Handler suspenso ao iniciar.
Error: (10/26/2016 12:11:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (60000 milissegundos) ao aguardar a conexão do serviço Hi-Rez Studios Authenticate and Update Service.
Error: (10/26/2016 12:10:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 00:09:26 às 26/10/2016 não era esperado.
Error: (10/26/2016 12:09:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (60000 milissegundos) ao aguardar a conexão do serviço Hi-Rez Studios Authenticate and Update Service.
Error: (10/25/2016 11:59:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço Prikadom está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
Error: (10/25/2016 11:23:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: O servidor {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} não se registrou com o DCOM dentro do tempo limite requerido.
Error: (10/24/2016 10:46:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Rapid Storage Technology foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (10/24/2016 10:21:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Rapid Storage Technology foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
CodeIntegrity:
===================================
Date: 2016-07-08 21:04:51.048
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-08 21:04:51.032
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-08 20:51:13.232
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-08 20:51:13.216
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentagem de memória em uso: 32%
RAM física total: 8088.79 MB
RAM física disponível: 5448.09 MB
Virtual Total: 16175.72 MB
Virtual disponível: 13597.02 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:700.83 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5D9FE1A4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================