Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 13-10-2016
Executado por Ediney (16-10-2016 02:01:05)
Executando a partir de C:\Users\Ediney\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-09-20 02:36:19)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-220628775-1336217688-2625631472-500 - Administrator - Disabled)
Convidado (S-1-5-21-220628775-1336217688-2625631472-501 - Limited - Disabled)
Ediney (S-1-5-21-220628775-1336217688-2625631472-1000 - Administrator - Enabled) => C:\Users\Ediney
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-220628775-1336217688-2625631472-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Ansel (Version: 372.90 - NVIDIA Corporation) Hidden
Atualizações da NVIDIA 2.11.4.1 (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrossFire BR (HKLM-x32\...\CrossFire BR_is1) (Version: V5167 - Z8Games.com)
CrystalDiskInfo 7.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
DEMO DO FIFA 17 (HKLM-x32\...\{39C00B2C-EA3C-4A6B-AECF-DADA0F09C2AE}) (Version: 1.0.45.26330 - Electronic Arts)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.519 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.6 (PTB) (HKLM\...\{12EFB522-416F-383C-9DB6-5FFDFBBA35CD}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Hotfix Rollup (KB3088957) (HKLM\...\{CF6C84AD-61BB-3CCB-BFB6-EF69218ADB9C}) (Version: 4.6.00106 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
NVIDIA Driver de áudio HD 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Driver de gráficos 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.1.1.35466 - Electronic Arts, Inc.)
Painel de controle da NVIDIA 372.90 (Version: 372.90 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.9.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.822 - Nome de sua empresa:)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
VMware Workstation (HKLM\...\{5FCB317B-2ABC-4AB1-871D-1675492F9A68}) (Version: 12.5.0 - VMware, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Аrdamаx Kеylogger 4.6 (HKU\S-1-5-21-220628775-1336217688-2625631472-1000\...\Аrdamаx Kеylogger 4.6) (Version: - )
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {07DCB026-D8EF-47DE-9AE8-423AAFA2A185} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20] (Google Inc.)
Task: {090C0A1A-EDAD-436D-BE19-8E57A3A9F952} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {434BB4F5-1CA1-499F-AAA2-0836C4EE8D0E} - System32\Tasks\update-S-1-5-21-220628775-1336217688-2625631472-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {BD074DB2-80C9-47EB-940C-732ACA8E1DFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20] (Google Inc.)
Task: {F8704369-743B-4DC6-862E-3A554924C97D} - System32\Tasks\{3E9E8CC4-97C5-4FB6-8E09-403AF50D65F3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.18.0.112&LastError=404
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-220628775-1336217688-2625631472-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Ediney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdamаx Kеylogger 4.6\Аrdamаx Kеylogger 4.6.lnk -> C:\ProgramData\PSJ\PSJ.exe (Nenhum Arquivo) <===== Cyrillic
==================== Módulos Carregados (Whitelisted) ==============
2016-09-20 02:29 - 2016-09-16 20:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-09 18:37 - 2016-06-14 23:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-10-09 19:04 - 2016-06-14 23:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-10-09 18:37 - 2016-06-14 23:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-10-09 18:37 - 2016-06-14 23:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-10-08 17:36 - 2016-10-08 17:36 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-09-24 19:20 - 2016-09-24 19:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-10-09 19:04 - 2016-06-14 23:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-10-09 19:04 - 2016-06-14 23:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-10-09 19:04 - 2016-06-14 23:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-10-09 18:37 - 2016-06-14 23:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-10-09 19:04 - 2016-06-14 23:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-10-09 19:04 - 2016-06-14 23:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-10-03 18:17 - 2016-09-25 04:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-03 18:17 - 2016-09-25 04:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2016-08-19 06:12 - 2016-08-19 06:12 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-10-09 18:37 - 2016-06-14 23:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-20 02:52 - 2016-10-16 01:50 - 00619840 _____ () C:\Users\Ediney\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
2016-09-26 04:46 - 2016-09-26 04:46 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-10-16 01:45 - 2016-09-07 18:42 - 50656768 _____ () C:\Users\Ediney\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2016-10-16 01:45 - 2016-09-07 18:42 - 01874944 _____ () C:\Users\Ediney\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2016-10-16 01:45 - 2016-09-07 18:42 - 00075264 _____ () C:\Users\Ediney\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2009-06-10 19:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-220628775-1336217688-2625631472-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ediney\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.10.1 - 192.168.71.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\startupfolder: C:^Users^Ediney^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^af67c582929ad1ee4ea68323920740c3.exe => C:\Windows\pss\af67c582929ad1ee4ea68323920740c3.exe.Startup
MSCONFIG\startupreg: af67c582929ad1ee4ea68323920740c3 => "C:\Users\Ediney\AppData\Roaming\svchost.exe" ..
MSCONFIG\startupreg: DarkComet RAT => C:\ProgramData\Microsoft\Windows\Start Menu\DCSCMIN\IMDCSC.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: uTorrent => "C:\Users\Ediney\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{2D6ADF06-64B7-4124-B687-64E99ACA517A}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{453408E0-8300-40C3-BE00-464E3A67AF20}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{6E97EE71-05D8-4B0C-ABDB-91FB2DE747C5}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{24D15417-75B5-4581-B007-104E77300AA9}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{031A612A-6148-42C9-A37D-AC3748D356A5}D:\jogos\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{167725B3-DF96-4F60-AA6C-B9F9175D5338}D:\jogos\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{2C3975C6-20EE-42C1-B218-D9181EE4B881}D:\jogos\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{17F76427-A6C7-4C62-8D76-47DE7451B8E9}D:\jogos\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [{FF88BA65-61E9-4FE8-817B-92A735040B63}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B8AFB6BB-55EE-4FF1-85B6-1A047188902B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{41743451-BC28-4A29-99A4-A09E719BDA58}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{FBEDF636-3593-4E43-A500-4C18D7361E0E}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{E3FDEC62-E754-461C-9BA7-34C9FA09D81B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [TCP Query User{9E3A18BE-8A7F-4D6D-9680-E6E5F84ED322}C:\users\ediney\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ediney\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{438E5025-CEAE-40A5-956C-A5F0B7087B60}C:\users\ediney\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ediney\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{BD6CFBEB-9570-46E4-ABF2-AAECDF519AB9}] => (Allow) D:\Steam\steamapps\common\Miscreated\Miscreated.exe
FirewallRules: [{5E9A9502-25F6-4522-9466-6AC8081E62B4}] => (Allow) D:\Steam\steamapps\common\Miscreated\Miscreated.exe
FirewallRules: [{4A11155D-286B-46A9-84A4-4261658C18E1}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0A9FA658-A615-4A89-B23E-6F13047092F0}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1B3492A9-C602-4AD6-A851-B2C187401F56}] => (Allow) D:\Steam\steamapps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{BC20F325-01DA-45EE-BE41-51B58B139ABF}] => (Allow) D:\Steam\steamapps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{7B0210C3-8ACC-4711-A4C7-FC4A39DB5DCD}] => (Allow) D:\Steam\steamapps\common\Miscreated\EasyAntiCheat\EasyAntiCheat_x64.dll
FirewallRules: [{98EBB023-9250-4223-8EFE-41C670D95AD5}] => (Allow) D:\Steam\steamapps\common\Miscreated\EasyAntiCheat\EasyAntiCheat_x64.dll
FirewallRules: [{CAB73AA4-9F0E-4085-A715-6280A83CE90B}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{B4D82DBC-9ABE-47F5-B565-30BEB8E89878}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{E42CEED8-29D9-4E46-8215-F91D0C2C3BE0}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FB6AA16B-C7CA-4D5B-9CA4-14E5728538EE}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{29A29725-E2CC-4A41-855C-28EF0F786C97}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{EFEDADD1-AB4D-4636-89BD-D0BB7BAD46EF}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{805C3E94-0F13-4BDA-95CE-EC919A0E762B}] => (Allow) D:\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{46D618FC-0F5D-4BA1-B2BC-0DD095FE7194}] => (Allow) D:\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{14BB987C-4E1C-4E33-A4BC-2689B4E2ACDC}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AC660C2F-B9D6-468C-A422-56DD7BF2FB1E}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A4AB5325-3981-4C7D-A42E-8385439BF557}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A38CFFD2-3D32-4913-B585-B3EE4D0FDB68}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{534C4DD8-CCEE-4FD4-AB87-A8FE192CDF78}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C5402284-0B5A-4879-9111-2F9FC2922EEB}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{0FC1A624-6548-40FC-953E-ED521428D100}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{49AC4BA5-E71F-4B4B-A6E1-ADC4383111CB}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{5E71074A-D263-49E5-817B-6814527ECB26}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AE93C53A-5419-44EE-A379-E78C0310C08A}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E28C60C3-B6BC-463E-ACD1-2A64407371CF}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{96DC4969-0C30-4D1F-9C37-986D80B70D77}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6CC75F1B-C68A-4349-8600-D707FC48F913}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 17 DEMO\FIFASetup\fifaconfig.exe
FirewallRules: [{15A37276-67E0-44CC-8A60-8505D0EA0810}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 17 DEMO\FIFASetup\fifaconfig.exe
FirewallRules: [TCP Query User{58E3D45B-977C-4357-B0D2-8134F82BA38F}D:\jogos\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CC6C4717-2DB4-4DEA-84A8-4517D5F4476B}D:\jogos\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [{60399B8E-F251-448E-A5F2-E23ECBC97B78}] => (Allow) D:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F825120B-852E-45FB-8BB7-9638B9EE54D2}] => (Allow) D:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{8A6D0673-5FD8-4682-9343-7474045C06C6}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Block) D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{18B3EE79-7AB1-4BE5-8CB7-EE277F312925}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Block) D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{B87614DD-926F-4DF6-BDD8-7260A3A08DF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{965FED1C-0905-42AE-A86F-6EE7B78D96CF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{788C2FB5-1CD3-4ED5-B500-35DA77DBEFB1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{68278185-7E30-4555-9CDC-A2E710BECE01}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EC51C293-C57F-4D96-9F11-7C7BD53B34AA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{76E3D910-7832-4E77-A562-EC80F975DDF1}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{FA613681-3CA4-4C63-8B99-E246FB6E96F9}] => (Allow) D:\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{56050E11-3A27-4F7A-860D-46F95F272BCD}] => (Allow) D:\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{1CBD8454-7679-4FFB-BF9E-097601E7638B}] => (Allow) D:\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1E375889-FC68-4D66-9ECE-CEE89570CCD7}] => (Allow) D:\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1A6F14EE-8AFE-4807-AA15-ECAF43C61DF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BC3FB70D-5D3F-412D-9002-990F54BEF9F6}] => (Allow) D:\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{EA1A5973-C1F7-4CDD-BC77-86B1A06559BC}] => (Allow) D:\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [TCP Query User{95EB2F5E-7A14-449E-A9C6-304500C573CC}D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe] => (Allow) D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe
FirewallRules: [UDP Query User{1EF97FC9-F1EF-4820-A2D0-EDDD6A598A7A}D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe] => (Allow) D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe
FirewallRules: [TCP Query User{B403786C-787B-4A96-83CE-B36806DCF056}D:\jogos\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B0765108-28C0-4F16-A588-04CC451481F9}D:\jogos\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{06E9EA93-17E6-4B52-B9FF-003B018C8564}D:\origin games\battlefield 4\bf4.exe] => (Allow) D:\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{741D7992-B9BB-4875-99F7-6B6FECB8E0F0}D:\origin games\battlefield 4\bf4.exe] => (Allow) D:\origin games\battlefield 4\bf4.exe
FirewallRules: [{EDFA793C-BD64-461F-9760-049A882853A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BEF227A1-8E13-4671-8569-F481D8316036}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{925E193A-891D-4BBB-8AE2-B838EB15E424}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BB2CA534-B1C2-4376-B0AE-1204F93F6894}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DB0D0A02-320C-4A39-AC9D-1FC74C85865C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4AF1CAF9-6493-4371-96E5-71378B850453}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6966FBB3-F9BF-4B47-97E6-FD4250C662C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CF4E293F-CACE-4EFE-964F-E4D5D92E3D83}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{9851E43A-92AE-4920-A3D5-8A03DC89F58E}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{81CBE27D-0660-4D91-B641-75CB0722FA72}] => (Allow) D:\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{C8BFEAD2-D15B-4B6C-AE2D-3EE91F925710}] => (Allow) D:\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{3842F6B2-7240-4CCE-8EA9-FA368249533B}] => (Allow) D:\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{05A6EA33-399D-4F43-A9F3-8C1E58B06480}] => (Allow) D:\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
==================== Pontos de Restauração =========================
08-10-2016 13:49:56 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
08-10-2016 13:50:12 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
15-10-2016 19:58:33 Ponto de Verificação Agendado
15-10-2016 20:36:15 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
15-10-2016 20:36:38 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Controlador de barramento SM
Description: Controlador de barramento SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controlador de comunicação PCI simples
Description: Controlador de comunicação PCI simples
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (10/16/2016 01:52:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/16/2016 01:41:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/15/2016 08:55:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/15/2016 03:28:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: setup.exe_unknown, versão: 0.0.0.0, carimbo de hora: 0x57d87fc5
Nome do módulo de falhas: NVI2.DLL, versão: 2.1002.224.1962, carimbo de hora: 0x57d880dc
Código de exceção: 0x40000015
Deslocamento com falha: 0x00278476
Identificação do processo com falha: 0x16f8
Hora de início do aplicativo com falha: 0x01d22707d54f4625
Caminho do aplicativo com falha: C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe
FCaminho do módulo de falhas: C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{76AC56C3-ED7C-4725-88BE-E7B022A22A71}\NVI2.DLL
Identificação do Relatório: b91d7224-92fc-11e6-88f5-005056c00008
Error: (10/15/2016 02:41:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/15/2016 01:58:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: backdoor.exe, versão: 0.0.0.0, carimbo de hora: 0x4a8e0cf6
Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento com falha: 0x02151c00
Identificação do processo com falha: 0xaac
Hora de início do aplicativo com falha: 0x01d226ebcc6773f4
Caminho do aplicativo com falha: C:\Users\Ediney\Desktop\backdoor.exe
FCaminho do módulo de falhas: unknown
Identificação do Relatório: 2e454c63-92f0-11e6-8d99-005056c00008
Error: (10/14/2016 12:10:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de hora: 0x57fed9f2
Nome do módulo de falhas: steamwebhelper.exe, versão: 3.65.13.80, carimbo de hora: 0x57fed9f2
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00037b59
Identificação do processo com falha: 0x1208
Hora de início do aplicativo com falha: 0x01d225c01ecec344
Caminho do aplicativo com falha: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FCaminho do módulo de falhas: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Identificação do Relatório: 6d7fd8e7-91b3-11e6-8d99-005056c00008
Error: (10/12/2016 11:32:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Nome do módulo de falhas: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00037b59
Identificação do processo com falha: 0xc60
Hora de início do aplicativo com falha: 0x01d224defc6503a2
Caminho do aplicativo com falha: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FCaminho do módulo de falhas: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Identificação do Relatório: e5a7052d-90e4-11e6-8d99-005056c00008
Error: (10/12/2016 09:18:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Nome do módulo de falhas: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00037b59
Identificação do processo com falha: 0xf64
Hora de início do aplicativo com falha: 0x01d2243a25148d7b
Caminho do aplicativo com falha: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FCaminho do módulo de falhas: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Identificação do Relatório: 38aa67c9-90d2-11e6-8d99-005056c00008
Error: (10/12/2016 01:38:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Nome do módulo de falhas: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00037b59
Identificação do processo com falha: 0x1e84
Hora de início do aplicativo com falha: 0x01d2242b27d5502d
Caminho do aplicativo com falha: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FCaminho do módulo de falhas: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Identificação do Relatório: 6273ca32-902d-11e6-8d99-005056c00008
Erros de Sistema:
=============
Error: (10/16/2016 01:51:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
Error: (10/16/2016 01:51:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Origin Web Helper Service devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (10/16/2016 01:51:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Origin Web Helper Service.
Error: (10/16/2016 01:50:27 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: A estrutura do sistema de arquivos está corrompida e inutilizável.
Execute o utilitário chkdsk no volume C:.
Error: (10/16/2016 01:50:27 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume3 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro.
Error: (10/16/2016 01:41:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
Error: (10/16/2016 01:40:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Origin Web Helper Service devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (10/16/2016 01:40:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Origin Web Helper Service.
Error: (10/16/2016 01:39:47 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: A estrutura do sistema de arquivos está corrompida e inutilizável.
Execute o utilitário chkdsk no volume C:.
Error: (10/16/2016 01:39:47 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume3 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentagem de memória em uso: 29%
RAM física total: 12251.94 MB
RAM física disponível: 8626 MB
Virtual Total: 24502.06 MB
Virtual disponível: 21006.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:298.09 GB) (Free:151.07 GB) NTFS
Drive d: () (Fixed) (Total:698.15 GB) (Free:54.3 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 5A3C1CB0)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0C8E0EE9)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Ediney (16-10-2016 02:01:05)
Executando a partir de C:\Users\Ediney\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-09-20 02:36:19)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-220628775-1336217688-2625631472-500 - Administrator - Disabled)
Convidado (S-1-5-21-220628775-1336217688-2625631472-501 - Limited - Disabled)
Ediney (S-1-5-21-220628775-1336217688-2625631472-1000 - Administrator - Enabled) => C:\Users\Ediney
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-220628775-1336217688-2625631472-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Ansel (Version: 372.90 - NVIDIA Corporation) Hidden
Atualizações da NVIDIA 2.11.4.1 (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrossFire BR (HKLM-x32\...\CrossFire BR_is1) (Version: V5167 - Z8Games.com)
CrystalDiskInfo 7.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
DEMO DO FIFA 17 (HKLM-x32\...\{39C00B2C-EA3C-4A6B-AECF-DADA0F09C2AE}) (Version: 1.0.45.26330 - Electronic Arts)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.519 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.6 (PTB) (HKLM\...\{12EFB522-416F-383C-9DB6-5FFDFBBA35CD}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Hotfix Rollup (KB3088957) (HKLM\...\{CF6C84AD-61BB-3CCB-BFB6-EF69218ADB9C}) (Version: 4.6.00106 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
NVIDIA Driver de áudio HD 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Driver de gráficos 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.1.1.35466 - Electronic Arts, Inc.)
Painel de controle da NVIDIA 372.90 (Version: 372.90 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.9.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.822 - Nome de sua empresa:)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
VMware Workstation (HKLM\...\{5FCB317B-2ABC-4AB1-871D-1675492F9A68}) (Version: 12.5.0 - VMware, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Аrdamаx Kеylogger 4.6 (HKU\S-1-5-21-220628775-1336217688-2625631472-1000\...\Аrdamаx Kеylogger 4.6) (Version: - )
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {07DCB026-D8EF-47DE-9AE8-423AAFA2A185} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20] (Google Inc.)
Task: {090C0A1A-EDAD-436D-BE19-8E57A3A9F952} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {434BB4F5-1CA1-499F-AAA2-0836C4EE8D0E} - System32\Tasks\update-S-1-5-21-220628775-1336217688-2625631472-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {BD074DB2-80C9-47EB-940C-732ACA8E1DFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20] (Google Inc.)
Task: {F8704369-743B-4DC6-862E-3A554924C97D} - System32\Tasks\{3E9E8CC4-97C5-4FB6-8E09-403AF50D65F3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.18.0.112&LastError=404
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-220628775-1336217688-2625631472-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Ediney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdamаx Kеylogger 4.6\Аrdamаx Kеylogger 4.6.lnk -> C:\ProgramData\PSJ\PSJ.exe (Nenhum Arquivo) <===== Cyrillic
==================== Módulos Carregados (Whitelisted) ==============
2016-09-20 02:29 - 2016-09-16 20:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-09 18:37 - 2016-06-14 23:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-10-09 19:04 - 2016-06-14 23:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-10-09 18:37 - 2016-06-14 23:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-10-09 18:37 - 2016-06-14 23:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-10-08 17:36 - 2016-10-08 17:36 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-09-24 19:20 - 2016-09-24 19:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-10-09 19:04 - 2016-06-14 23:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-10-09 19:04 - 2016-06-14 23:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-10-09 19:04 - 2016-06-14 23:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-10-09 18:37 - 2016-06-14 23:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-10-09 19:04 - 2016-06-14 23:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-10-09 19:04 - 2016-06-14 23:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-10-03 18:17 - 2016-09-25 04:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-03 18:17 - 2016-09-25 04:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2016-08-19 06:12 - 2016-08-19 06:12 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-10-09 18:37 - 2016-06-14 23:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-20 02:52 - 2016-10-16 01:50 - 00619840 _____ () C:\Users\Ediney\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
2016-09-26 04:46 - 2016-09-26 04:46 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-10-16 01:45 - 2016-09-07 18:42 - 50656768 _____ () C:\Users\Ediney\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2016-10-16 01:45 - 2016-09-07 18:42 - 01874944 _____ () C:\Users\Ediney\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2016-10-16 01:45 - 2016-09-07 18:42 - 00075264 _____ () C:\Users\Ediney\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2009-06-10 19:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-220628775-1336217688-2625631472-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ediney\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.10.1 - 192.168.71.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\startupfolder: C:^Users^Ediney^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^af67c582929ad1ee4ea68323920740c3.exe => C:\Windows\pss\af67c582929ad1ee4ea68323920740c3.exe.Startup
MSCONFIG\startupreg: af67c582929ad1ee4ea68323920740c3 => "C:\Users\Ediney\AppData\Roaming\svchost.exe" ..
MSCONFIG\startupreg: DarkComet RAT => C:\ProgramData\Microsoft\Windows\Start Menu\DCSCMIN\IMDCSC.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: uTorrent => "C:\Users\Ediney\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{2D6ADF06-64B7-4124-B687-64E99ACA517A}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{453408E0-8300-40C3-BE00-464E3A67AF20}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{6E97EE71-05D8-4B0C-ABDB-91FB2DE747C5}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{24D15417-75B5-4581-B007-104E77300AA9}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{031A612A-6148-42C9-A37D-AC3748D356A5}D:\jogos\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{167725B3-DF96-4F60-AA6C-B9F9175D5338}D:\jogos\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{2C3975C6-20EE-42C1-B218-D9181EE4B881}D:\jogos\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{17F76427-A6C7-4C62-8D76-47DE7451B8E9}D:\jogos\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [{FF88BA65-61E9-4FE8-817B-92A735040B63}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B8AFB6BB-55EE-4FF1-85B6-1A047188902B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{41743451-BC28-4A29-99A4-A09E719BDA58}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{FBEDF636-3593-4E43-A500-4C18D7361E0E}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{E3FDEC62-E754-461C-9BA7-34C9FA09D81B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [TCP Query User{9E3A18BE-8A7F-4D6D-9680-E6E5F84ED322}C:\users\ediney\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ediney\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{438E5025-CEAE-40A5-956C-A5F0B7087B60}C:\users\ediney\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ediney\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{BD6CFBEB-9570-46E4-ABF2-AAECDF519AB9}] => (Allow) D:\Steam\steamapps\common\Miscreated\Miscreated.exe
FirewallRules: [{5E9A9502-25F6-4522-9466-6AC8081E62B4}] => (Allow) D:\Steam\steamapps\common\Miscreated\Miscreated.exe
FirewallRules: [{4A11155D-286B-46A9-84A4-4261658C18E1}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0A9FA658-A615-4A89-B23E-6F13047092F0}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1B3492A9-C602-4AD6-A851-B2C187401F56}] => (Allow) D:\Steam\steamapps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{BC20F325-01DA-45EE-BE41-51B58B139ABF}] => (Allow) D:\Steam\steamapps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{7B0210C3-8ACC-4711-A4C7-FC4A39DB5DCD}] => (Allow) D:\Steam\steamapps\common\Miscreated\EasyAntiCheat\EasyAntiCheat_x64.dll
FirewallRules: [{98EBB023-9250-4223-8EFE-41C670D95AD5}] => (Allow) D:\Steam\steamapps\common\Miscreated\EasyAntiCheat\EasyAntiCheat_x64.dll
FirewallRules: [{CAB73AA4-9F0E-4085-A715-6280A83CE90B}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{B4D82DBC-9ABE-47F5-B565-30BEB8E89878}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{E42CEED8-29D9-4E46-8215-F91D0C2C3BE0}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FB6AA16B-C7CA-4D5B-9CA4-14E5728538EE}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{29A29725-E2CC-4A41-855C-28EF0F786C97}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{EFEDADD1-AB4D-4636-89BD-D0BB7BAD46EF}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{805C3E94-0F13-4BDA-95CE-EC919A0E762B}] => (Allow) D:\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{46D618FC-0F5D-4BA1-B2BC-0DD095FE7194}] => (Allow) D:\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{14BB987C-4E1C-4E33-A4BC-2689B4E2ACDC}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AC660C2F-B9D6-468C-A422-56DD7BF2FB1E}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A4AB5325-3981-4C7D-A42E-8385439BF557}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A38CFFD2-3D32-4913-B585-B3EE4D0FDB68}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{534C4DD8-CCEE-4FD4-AB87-A8FE192CDF78}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C5402284-0B5A-4879-9111-2F9FC2922EEB}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{0FC1A624-6548-40FC-953E-ED521428D100}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{49AC4BA5-E71F-4B4B-A6E1-ADC4383111CB}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{5E71074A-D263-49E5-817B-6814527ECB26}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AE93C53A-5419-44EE-A379-E78C0310C08A}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E28C60C3-B6BC-463E-ACD1-2A64407371CF}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{96DC4969-0C30-4D1F-9C37-986D80B70D77}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6CC75F1B-C68A-4349-8600-D707FC48F913}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 17 DEMO\FIFASetup\fifaconfig.exe
FirewallRules: [{15A37276-67E0-44CC-8A60-8505D0EA0810}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 17 DEMO\FIFASetup\fifaconfig.exe
FirewallRules: [TCP Query User{58E3D45B-977C-4357-B0D2-8134F82BA38F}D:\jogos\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CC6C4717-2DB4-4DEA-84A8-4517D5F4476B}D:\jogos\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [{60399B8E-F251-448E-A5F2-E23ECBC97B78}] => (Allow) D:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F825120B-852E-45FB-8BB7-9638B9EE54D2}] => (Allow) D:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{8A6D0673-5FD8-4682-9343-7474045C06C6}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Block) D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{18B3EE79-7AB1-4BE5-8CB7-EE277F312925}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Block) D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{B87614DD-926F-4DF6-BDD8-7260A3A08DF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{965FED1C-0905-42AE-A86F-6EE7B78D96CF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{788C2FB5-1CD3-4ED5-B500-35DA77DBEFB1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{68278185-7E30-4555-9CDC-A2E710BECE01}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EC51C293-C57F-4D96-9F11-7C7BD53B34AA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{76E3D910-7832-4E77-A562-EC80F975DDF1}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{FA613681-3CA4-4C63-8B99-E246FB6E96F9}] => (Allow) D:\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{56050E11-3A27-4F7A-860D-46F95F272BCD}] => (Allow) D:\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{1CBD8454-7679-4FFB-BF9E-097601E7638B}] => (Allow) D:\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1E375889-FC68-4D66-9ECE-CEE89570CCD7}] => (Allow) D:\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1A6F14EE-8AFE-4807-AA15-ECAF43C61DF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BC3FB70D-5D3F-412D-9002-990F54BEF9F6}] => (Allow) D:\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{EA1A5973-C1F7-4CDD-BC77-86B1A06559BC}] => (Allow) D:\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [TCP Query User{95EB2F5E-7A14-449E-A9C6-304500C573CC}D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe] => (Allow) D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe
FirewallRules: [UDP Query User{1EF97FC9-F1EF-4820-A2D0-EDDD6A598A7A}D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe] => (Allow) D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe
FirewallRules: [TCP Query User{B403786C-787B-4A96-83CE-B36806DCF056}D:\jogos\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B0765108-28C0-4F16-A588-04CC451481F9}D:\jogos\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) D:\jogos\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{06E9EA93-17E6-4B52-B9FF-003B018C8564}D:\origin games\battlefield 4\bf4.exe] => (Allow) D:\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{741D7992-B9BB-4875-99F7-6B6FECB8E0F0}D:\origin games\battlefield 4\bf4.exe] => (Allow) D:\origin games\battlefield 4\bf4.exe
FirewallRules: [{EDFA793C-BD64-461F-9760-049A882853A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BEF227A1-8E13-4671-8569-F481D8316036}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{925E193A-891D-4BBB-8AE2-B838EB15E424}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BB2CA534-B1C2-4376-B0AE-1204F93F6894}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DB0D0A02-320C-4A39-AC9D-1FC74C85865C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4AF1CAF9-6493-4371-96E5-71378B850453}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6966FBB3-F9BF-4B47-97E6-FD4250C662C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CF4E293F-CACE-4EFE-964F-E4D5D92E3D83}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{9851E43A-92AE-4920-A3D5-8A03DC89F58E}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{81CBE27D-0660-4D91-B641-75CB0722FA72}] => (Allow) D:\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{C8BFEAD2-D15B-4B6C-AE2D-3EE91F925710}] => (Allow) D:\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{3842F6B2-7240-4CCE-8EA9-FA368249533B}] => (Allow) D:\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{05A6EA33-399D-4F43-A9F3-8C1E58B06480}] => (Allow) D:\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
==================== Pontos de Restauração =========================
08-10-2016 13:49:56 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
08-10-2016 13:50:12 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
15-10-2016 19:58:33 Ponto de Verificação Agendado
15-10-2016 20:36:15 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
15-10-2016 20:36:38 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Controlador de barramento SM
Description: Controlador de barramento SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controlador de comunicação PCI simples
Description: Controlador de comunicação PCI simples
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (10/16/2016 01:52:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/16/2016 01:41:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/15/2016 08:55:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/15/2016 03:28:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: setup.exe_unknown, versão: 0.0.0.0, carimbo de hora: 0x57d87fc5
Nome do módulo de falhas: NVI2.DLL, versão: 2.1002.224.1962, carimbo de hora: 0x57d880dc
Código de exceção: 0x40000015
Deslocamento com falha: 0x00278476
Identificação do processo com falha: 0x16f8
Hora de início do aplicativo com falha: 0x01d22707d54f4625
Caminho do aplicativo com falha: C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe
FCaminho do módulo de falhas: C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{76AC56C3-ED7C-4725-88BE-E7B022A22A71}\NVI2.DLL
Identificação do Relatório: b91d7224-92fc-11e6-88f5-005056c00008
Error: (10/15/2016 02:41:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/15/2016 01:58:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: backdoor.exe, versão: 0.0.0.0, carimbo de hora: 0x4a8e0cf6
Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento com falha: 0x02151c00
Identificação do processo com falha: 0xaac
Hora de início do aplicativo com falha: 0x01d226ebcc6773f4
Caminho do aplicativo com falha: C:\Users\Ediney\Desktop\backdoor.exe
FCaminho do módulo de falhas: unknown
Identificação do Relatório: 2e454c63-92f0-11e6-8d99-005056c00008
Error: (10/14/2016 12:10:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de hora: 0x57fed9f2
Nome do módulo de falhas: steamwebhelper.exe, versão: 3.65.13.80, carimbo de hora: 0x57fed9f2
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00037b59
Identificação do processo com falha: 0x1208
Hora de início do aplicativo com falha: 0x01d225c01ecec344
Caminho do aplicativo com falha: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FCaminho do módulo de falhas: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Identificação do Relatório: 6d7fd8e7-91b3-11e6-8d99-005056c00008
Error: (10/12/2016 11:32:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Nome do módulo de falhas: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00037b59
Identificação do processo com falha: 0xc60
Hora de início do aplicativo com falha: 0x01d224defc6503a2
Caminho do aplicativo com falha: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FCaminho do módulo de falhas: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Identificação do Relatório: e5a7052d-90e4-11e6-8d99-005056c00008
Error: (10/12/2016 09:18:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Nome do módulo de falhas: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00037b59
Identificação do processo com falha: 0xf64
Hora de início do aplicativo com falha: 0x01d2243a25148d7b
Caminho do aplicativo com falha: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FCaminho do módulo de falhas: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Identificação do Relatório: 38aa67c9-90d2-11e6-8d99-005056c00008
Error: (10/12/2016 01:38:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Nome do módulo de falhas: steamwebhelper.exe, versão: 3.64.58.36, carimbo de hora: 0x57f8258b
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00037b59
Identificação do processo com falha: 0x1e84
Hora de início do aplicativo com falha: 0x01d2242b27d5502d
Caminho do aplicativo com falha: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FCaminho do módulo de falhas: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Identificação do Relatório: 6273ca32-902d-11e6-8d99-005056c00008
Erros de Sistema:
=============
Error: (10/16/2016 01:51:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
Error: (10/16/2016 01:51:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Origin Web Helper Service devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (10/16/2016 01:51:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Origin Web Helper Service.
Error: (10/16/2016 01:50:27 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: A estrutura do sistema de arquivos está corrompida e inutilizável.
Execute o utilitário chkdsk no volume C:.
Error: (10/16/2016 01:50:27 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume3 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro.
Error: (10/16/2016 01:41:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
Error: (10/16/2016 01:40:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Origin Web Helper Service devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (10/16/2016 01:40:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Origin Web Helper Service.
Error: (10/16/2016 01:39:47 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: A estrutura do sistema de arquivos está corrompida e inutilizável.
Execute o utilitário chkdsk no volume C:.
Error: (10/16/2016 01:39:47 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume3 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentagem de memória em uso: 29%
RAM física total: 12251.94 MB
RAM física disponível: 8626 MB
Virtual Total: 24502.06 MB
Virtual disponível: 21006.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:298.09 GB) (Free:151.07 GB) NTFS
Drive d: () (Fixed) (Total:698.15 GB) (Free:54.3 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 5A3C1CB0)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0C8E0EE9)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================