Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 18-01-2017
Executado por yago (21-01-2017 20:57:43)
Executando a partir de E:\
Windows 10 Pro (X64) (2015-12-15 23:16:46)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-695995042-426092677-1864771339-500 - Administrator - Disabled)
Convidado (S-1-5-21-695995042-426092677-1864771339-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-695995042-426092677-1864771339-503 - Limited - Disabled)
yago (S-1-5-21-695995042-426092677-1864771339-1001 - Administrator - Enabled) => C:\Users\yago
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.2.0 - IObit)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
Atualizações da NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattleStick (HKLM\...\Steam App 394380) (Version: - Pinterac)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Combat Arms (HKLM-x32\...\Combat Arms) (Version: - )
Counter-Strike Global Offensive No-Steam (HKLM-x32\...\Counter-Strike Global Offensive_is1) (Version: 1.34.8.0 - Valve Software)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio)
emoj.io (HKLM\...\Steam App 530900) (Version: - Hassey Enterprises, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IdleMaster (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
Infinity (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\Infinity) (Version: 2.3.1 - Daring Development Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
League client alpha (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
League Of Guessing (HKLM\...\Steam App 524900) (Version: - PinchPoint)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
MegaTrainer Ultimate version 1.1.2 (HKLM-x32\...\{68A5CFDB-E05C-46BC-B2EB-988D1E2C2444}_is1) (Version: 1.1.2 - MegaDev)
Microsoft Build Tools 2015 (HKLM-x32\...\{d21da0dd-4ba4-4838-ba58-64cf7a77131a}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\MK LOL) (Version: - )
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
NVIDIA Driver de áudio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Driver de gráficos 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Painel de controle da NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
Proteção de Tela de League (HKLM-x32\...\LolScreenSaver) (Version: W0.1.19-0.11.13-beta - Riot Games)
Punch Club (HKLM\...\UHVuY2hDbHVi_is1) (Version: 1 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.8 - Rockstar Games)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SunGod_AIR (HKLM-x32\...\SunGod.AIR) (Version: 0.0.0 - UNKNOWN)
SunGod_AIR (x32 Version: 0.0.0 - UNKNOWN) Hidden
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
Timberman (HKLM-x32\...\Steam App 398710) (Version: - Digital Melody)
Undertale (HKLM-x32\...\VW5kZXJ0YWxl_is1) (Version: 1 - )
Unity Web Player (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Smartly Dressed Games)
Victor Vran (HKLM-x32\...\Victor Vran_is1) (Version: - )
Warface (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\{094FAADD-5A39-4C64-911A-B4C9AD818484}_is1) (Version: 1.1.392.90 - Level Up! Games)
WARMODE (HKLM-x32\...\Steam App 391460) (Version: - WARTEAM)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0317EF5D-C43B-436E-876F-9D55FCAAA451} - \WinTaske -> Nenhum Arquivo <==== ATENÇÃO
Task: {2E3F2421-0A9D-410A-9B79-577A0D8FAA26} - System32\Tasks\Driver Booster SkipUAC (yago) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {30924DD2-5C3D-4AE0-A39B-8961D1A70751} - System32\Tasks\update-S-1-5-21-695995042-426092677-1864771339-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {4CE2FBD5-8071-4FCB-B49E-EA0BE3A3ABAA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {4CF40765-9068-408A-9E34-98DAD34B05D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {7EEC570F-6218-4219-A7C4-CC88CADADA60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {8989B82B-4A17-4B3C-9EEE-CCF7A3888FA6} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {A5B1B157-E6CC-4F9C-9959-41B32DA8D670} - System32\Tasks\ASC9_PerformanceMonitor => E:\Advanced SystemCare\Monitor.exe [2016-03-04] (IObit)
Task: {B3546742-2995-4826-A501-DE3B6182C657} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {B99DE358-6455-4641-A34F-4D5356A6DF30} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic [Argument = path OfficeSoftwareProtectionProduct where (ID="6f327760-8c5c-417c-9b61-836a98287e0c") call Activate]
Task: {D25FCEA4-5C83-4D0B-9559-ADB406D385E5} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {E160CB30-99C1-4089-8014-01EA575FAF65} - System32\Tasks\ASC9_SkipUac_yago => E:\Advanced SystemCare\ASC.exe [2016-03-09] (IObit)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\ASC9_SkipUac_yago.job => E:\Advanced SystemCare\ASC.exe
Task: C:\Windows\Tasks\update-S-1-5-21-695995042-426092677-1864771339-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2016-01-13 15:46 - 2015-07-14 22:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-11-08 22:27 - 2016-10-25 03:15 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-09-23 19:05 - 2016-09-23 19:05 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2016-07-24 21:33 - 2016-07-24 22:36 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-23 19:05 - 2016-09-23 19:05 - 00004608 _____ () C:\Windows\KMS-R@1nhook.exe
2015-12-25 17:31 - 2016-09-23 19:05 - 00007168 _____ () C:\Windows\KMS-QADhook.dll
2016-12-14 12:21 - 2016-11-19 06:24 - 02495776 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-12-14 12:21 - 2016-11-19 06:24 - 02495776 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-01-13 15:44 - 2015-09-17 01:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-12-14 12:21 - 2016-11-19 02:09 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-12-14 12:20 - 2016-11-19 02:06 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-14 12:20 - 2016-11-19 02:06 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-13 15:45 - 2015-09-17 01:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 12:49 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2016-06-28 18:25 - 2016-06-28 18:25 - 69521920 _____ () C:\Users\yago\AppData\Roaming\java\SYSDESKTOP-FFCBHDM.exe
2016-04-01 12:30 - 2016-04-01 12:30 - 01308224 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2017-01-11 03:34 - 2017-01-11 03:34 - 02780664 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.35\deploy\LoLLauncher.exe
2017-01-11 03:34 - 2017-01-11 03:34 - 05051896 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.75\deploy\LoLPatcher.exe
2016-09-22 03:40 - 2016-09-22 03:40 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.238\deploy\LolClient.exe
2016-03-12 00:33 - 2015-12-23 18:32 - 00355616 _____ () E:\Advanced SystemCare\madExcept_.bpl
2016-03-12 00:33 - 2015-12-23 18:32 - 00190240 _____ () E:\Advanced SystemCare\madBasic_.bpl
2016-03-12 00:33 - 2015-12-23 18:32 - 00057632 _____ () E:\Advanced SystemCare\madDisAsm_.bpl
2016-03-12 00:32 - 2015-12-28 13:50 - 00899872 _____ () E:\Advanced SystemCare\webres.dll
2016-03-12 00:32 - 2015-12-28 13:49 - 00629536 _____ () E:\Advanced SystemCare\ProductStatistics.dll
2017-01-11 03:34 - 2017-01-11 03:34 - 00606712 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.75\deploy\RiotLauncher.dll
2016-09-22 03:03 - 2016-09-22 03:03 - 04887216 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.238\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2016-09-22 03:02 - 2016-09-22 03:02 - 19397808 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.238\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2016-12-14 17:01 - 2016-12-08 03:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 17:01 - 2016-12-08 03:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2017-01-11 17:24 - 2017-01-11 17:24 - 17835096 _____ () C:\Users\yago\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DpsiBSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SL2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpsiBSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SL2Svc => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\100sexlinks.com -> 100sexlinks.com
Existem ainda 4788 sites a mais.
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-07-10 07:04 - 2015-07-10 07:02 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-695995042-426092677-1864771339-1001\Control Panel\Desktop\\Wallpaper -> E:\Riot_Games_Dark_Star_Thresh_Wallpaper_3840x1800.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: AdvancedSystemCareService9 => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: KMS-R@1n => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LolScreenSaverService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SimcakeSVC => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: VIAKaraokeService => 2
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\Run: => "EADM"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{68816DF1-2BC6-423D-B1D7-A6BCBFB20093}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{79178D03-F920-4C08-88AD-6A8D5990721B}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{83BFFB11-7FDA-4E86-8841-CA7D8A2B4C49}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED20A103-FA72-4990-AB37-04FAA8FA2159}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA6150A6-DD41-4E58-B821-B8326DAD4AE3}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5D2A6CCC-CBC9-4693-9794-C1475405665D}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6021B9FD-26A9-4DA8-BA31-B5A02B412212}] => C:\Users\yago\Steam\Steam.exe
FirewallRules: [{99463632-22E0-40F1-B5A1-0A72BD323EF5}] => C:\Users\yago\Steam\Steam.exe
FirewallRules: [{462B4265-8E9F-4017-ACAF-E5FA9DB0721E}] => C:\Users\yago\Steam\bin\steamwebhelper.exe
FirewallRules: [{C8B34E9C-1FBB-4007-8FB1-B414F151A86A}] => C:\Users\yago\Steam\bin\steamwebhelper.exe
FirewallRules: [{51389E64-6F3C-4420-91E5-2727BFF4487E}] => E:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{3A21961B-17F0-4940-A16C-1FEA24AD0CF3}] => E:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{1B8F7702-7438-4623-BA1F-27D6C4AF31CD}] => E:\SteamLibrary\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{EBE7C613-2BCD-430F-A0AD-9632FCC6579C}] => E:\SteamLibrary\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{AC8B8820-F78D-4BD9-8D3D-E225FD23B968}] => E:\SteamLibrary\steamapps\common\WARMODE\warmode.exe
FirewallRules: [{D0497DCB-2119-4B31-9F66-5B7F85827655}] => E:\SteamLibrary\steamapps\common\WARMODE\warmode.exe
FirewallRules: [{CCD6509A-5BD7-4151-A8B0-AE570BACB28D}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FC0C8B04-A443-4025-8141-56582986A654}] => E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5F90AC8C-DCB6-4C1C-AA84-6CA21CC2A33E}] => E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F4DC551C-85CF-4399-8972-B0834070053A}] => LPort=8126
FirewallRules: [{04586902-9D8A-4567-889C-68220E1BA039}] => E:\SteamLibrary\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{A509D487-5DE7-4A8E-BEBA-8D1E26A96536}] => E:\SteamLibrary\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [NETDIS-ND_DATAGRAM-In-TCPo] => c:\windows\system32\wnba\csrss.exe
FirewallRules: [{3AAC09C9-0CCC-4C9D-B049-FAC8C226303C}] => E:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{2969AF07-35B9-43FA-8C96-EDBC560C7E9C}] => E:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{5BB03E68-7687-45D7-9014-42C240A396FE}] => E:\SteamLibrary\steamapps\common\Timberman\Timberman.exe
FirewallRules: [{7C1D2FDB-C2C5-4551-A203-8F56D0B68C2E}] => E:\SteamLibrary\steamapps\common\Timberman\Timberman.exe
FirewallRules: [TCP Query User{FA78BA4B-F77B-4FB2-877E-836D1622E4F0}E:\hearthstone\hearthstone.exe] => E:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{2FAA0F26-DCD7-4966-86C3-A53AA366FF29}E:\hearthstone\hearthstone.exe] => E:\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{800FD44A-CE86-49C1-A65E-8BF3A44A30B8}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe] => E:\steamlibrary\steamapps\common\aftermath\aftermath.exe
FirewallRules: [UDP Query User{A111CAF7-CD91-40AF-9C94-21736D81D5BF}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe] => E:\steamlibrary\steamapps\common\aftermath\aftermath.exe
FirewallRules: [{303B8DEA-B5FF-4C8B-BFD1-8E88AE9E590A}] => E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{311BAEBE-D0D2-41CB-BF78-18071BB996C4}] => E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{A7188275-B552-4C8A-ACC1-F4E1D41F284C}C:\users\yago\appdata\roaming\spotify\spotify.exe] => C:\users\yago\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1B16DB2A-AE65-4D4B-B5BD-3AA2D9FCB605}C:\users\yago\appdata\roaming\spotify\spotify.exe] => C:\users\yago\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{40AFC0B0-F95E-4B63-98A6-A93791E27612}C:\users\yago\appdata\roaming\spotify\spotify.exe] => C:\users\yago\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{01658E45-AACE-4A2C-B5C1-62C62CF31036}C:\users\yago\appdata\roaming\spotify\spotify.exe] => C:\users\yago\appdata\roaming\spotify\spotify.exe
FirewallRules: [{01DC9544-C3E5-49DB-A8A1-FAE219F93E9E}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{21FB91E7-70F2-4FF0-A67E-0500D64F5DFE}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E44F7787-71A2-4B7C-B083-0EEA13A87BCA}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7030ADDF-6741-40BF-8817-2396B5039BF0}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D7972650-3E8E-4173-970D-ABD96BF98D5A}] => E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{82D49899-4353-4E01-99A2-44DA28BE2890}] => E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{86607C0D-17B8-4820-83A3-241149D5A340}] => E:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{1E93C6B1-4B82-4FFB-A26D-732CD09B7888}] => E:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{1138A534-09B6-4B73-AE93-57C6CBA876B6}E:\igg-huniecam.studio.v1.02\huniecamstudio.exe] => E:\igg-huniecam.studio.v1.02\huniecamstudio.exe
FirewallRules: [UDP Query User{B3742F79-ADAB-492F-89B6-8A50AFA28D09}E:\igg-huniecam.studio.v1.02\huniecamstudio.exe] => E:\igg-huniecam.studio.v1.02\huniecamstudio.exe
FirewallRules: [{971A2EAF-F311-4DEC-A02E-EF8993817006}] => C:\Windows\KMS-R@1n.exe
FirewallRules: [{FEA30626-1000-40BD-96CF-E707CDABEC2C}] => C:\Windows\KMS-R@1n.exe
FirewallRules: [TCP Query User{43560F6A-C603-4D7D-A86A-1F78DD9F9741}C:\users\yago\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => C:\users\yago\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [UDP Query User{376B97D7-EDBD-4FAD-B360-E302E4782D40}C:\users\yago\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => C:\users\yago\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [TCP Query User{7A082AFE-7182-468F-8CCC-1726BB4D1DDB}E:\utorrent.exe] => E:\utorrent.exe
FirewallRules: [UDP Query User{859CEB52-27A5-4619-942F-72C1A155F1A7}E:\utorrent.exe] => E:\utorrent.exe
FirewallRules: [TCP Query User{36928431-E7DB-4017-A37F-DCA1AEAE2024}E:\delicious.pretty.girls.mahjong.solitaire.v1.0.1\deliciouspgms.exe] => E:\delicious.pretty.girls.mahjong.solitaire.v1.0.1\deliciouspgms.exe
FirewallRules: [UDP Query User{33082963-D026-4D00-9671-8F6D89390CC8}E:\delicious.pretty.girls.mahjong.solitaire.v1.0.1\deliciouspgms.exe] => E:\delicious.pretty.girls.mahjong.solitaire.v1.0.1\deliciouspgms.exe
FirewallRules: [TCP Query User{54D033D5-749D-4C60-B4BB-0FC51EE19923}E:\zumbiblockultimate 2.1.1\zumbiblocksultimate.exe] => E:\zumbiblockultimate 2.1.1\zumbiblocksultimate.exe
FirewallRules: [UDP Query User{36F178C3-F089-4F78-853C-BFC22D21AAD4}E:\zumbiblockultimate 2.1.1\zumbiblocksultimate.exe] => E:\zumbiblockultimate 2.1.1\zumbiblocksultimate.exe
FirewallRules: [TCP Query User{38F4A87B-9FA5-48A3-95BD-81EBF90AAFD5}E:\galgun.double.peace\binaries\win64\gg2game.exe] => E:\galgun.double.peace\binaries\win64\gg2game.exe
FirewallRules: [UDP Query User{E35B3822-0D4E-4E26-B0CD-69E8B481E9B8}E:\galgun.double.peace\binaries\win64\gg2game.exe] => E:\galgun.double.peace\binaries\win64\gg2game.exe
FirewallRules: [{FCA26013-A9F9-4AD4-AC0B-330761C04B74}] => E:\SteamLibrary\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{F667C414-2EF9-42E0-B650-1D7D1EAF53C4}] => E:\SteamLibrary\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{83D6A4A7-84CA-4D05-8675-21984D0BC20B}] => E:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{886549B4-4585-496C-9BC4-725B6A4B2884}] => E:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{9764BADE-BE60-4F86-809D-E82D6A940AAC}] => E:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{58BC4E19-3C2B-48E4-A396-15EF328B533E}] => E:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [TCP Query User{8385E669-1A00-484B-A8A2-449C87C4E6F2}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{ECCAB065-0CFE-48FE-A9CD-2AB0E7349425}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{CA84C429-492E-40F5-97B1-F193FF1D23AF}E:\super.star.v1.20\game.exe] => E:\super.star.v1.20\game.exe
FirewallRules: [UDP Query User{ECC0AD9B-0C10-43C5-ABFF-F904D5182AB6}E:\super.star.v1.20\game.exe] => E:\super.star.v1.20\game.exe
FirewallRules: [{7CEA72BC-76A8-47D3-B36C-E5C92413E6DA}] => E:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A4E8319C-DC59-47A7-A49F-0CCB51AEF61A}] => E:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{82314780-EF9C-4790-8922-DCDDBC0AA26E}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E5B35A09-D986-44C2-B65C-B08FB158356F}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FF643BCF-5627-4D90-8F9A-2D51AD9B4818}E:\super.star.v1.20\game.exe] => E:\super.star.v1.20\game.exe
FirewallRules: [UDP Query User{AD08F3E3-A179-408A-81F4-ACD5F598DC00}E:\super.star.v1.20\game.exe] => E:\super.star.v1.20\game.exe
FirewallRules: [{F70E8756-CEBF-405C-AFA8-1D2D0559D3B7}] => E:\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{F215FEB2-C841-4B40-99D0-6BE942E16E91}] => E:\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{0BDDDBD3-4E9C-42C4-8DDD-160F299F2007}E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{7B1171D9-3AB0-45BF-9137-258F3CCDBCFE}E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{8B7ED8F6-A551-40CD-BE88-998D205E74D7}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{08BE55B4-5AD8-4A50-8B1C-346395305B90}] => C:\Users\yago\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{32096D36-32DD-4CA0-8A06-649D0461E888}] => C:\Users\yago\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F0784BEB-5081-4455-8530-657B07BC03B7}] => E:\SteamLibrary\steamapps\common\League Of Guessing\LOG.exe
FirewallRules: [{41F51329-634E-49D3-8639-3BF4D64F8E7F}] => E:\SteamLibrary\steamapps\common\League Of Guessing\LOG.exe
FirewallRules: [{10EBD468-7FB5-4A91-8B16-4467C0DFE823}] => E:\SteamLibrary\steamapps\common\BattleStick\BattleStick.exe
FirewallRules: [{D9CB4279-CF22-4EE7-908C-02A1D8BA4553}] => E:\SteamLibrary\steamapps\common\BattleStick\BattleStick.exe
FirewallRules: [{69EA3E6A-E2E4-440F-BBC7-C8239CC8EDE9}] => E:\SteamLibrary\steamapps\common\emoojio\main.exe
FirewallRules: [{34067BD6-626B-4E10-BFAF-CFDE2050EBDA}] => E:\SteamLibrary\steamapps\common\emoojio\main.exe
==================== Pontos de Restauração =========================
13-01-2017 18:33:07 Ponto de Verificação Agendado
21-01-2017 15:22:30 DirectX instalado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/21/2017 03:32:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: VictorVranSteam.exe, versão: 2.6.0.0, carimbo de data/hora: 0x57bc8715
Nome do módulo com falha: d3d11.dll, versão: 10.0.10240.17113, carimbo de data/hora: 0x57cf9086
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0013f105
ID do processo com falha: 0x1620
Hora de início do aplicativo com falha: 0x01d2741ca566a78a
Caminho do aplicativo com falha: E:\Victor Vran\VictorVranSteam.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\d3d11.dll
ID do Relatório: 9f590704-f35d-44df-a6c2-234e191263cd
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (01/21/2017 03:22:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/21/2017 08:35:38 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (2036) Falha na recuperação/restauração do banco de dados com erro inesperado -1032.
Error: (01/21/2017 08:35:38 AM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (2036) Falha ao tentar abrir o arquivo "C:\Windows\system32\edb.log" para acesso de leitura/gravação com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (01/21/2017 08:35:28 AM) (Source: ESENT) (EventID: 439) (User: )
Description: SettingSyncHost (2036) Não é possível gravar um cabeçalho oculto do arquivo C:\Windows\system32\edb.chk. Erro -1032.
Error: (01/21/2017 08:35:28 AM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (2036) Falha ao tentar abrir o arquivo "C:\Windows\system32\edb.chk" para acesso de leitura/gravação com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (01/21/2017 08:35:18 AM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (2036) Falha ao tentar abrir o arquivo "C:\Windows\system32\edb.chk" para acesso de leitura/gravação com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (01/21/2017 08:35:08 AM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (2036) Falha ao tentar abrir o arquivo "C:\Windows\system32\edb.chk" para acesso de leitura/gravação com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (01/21/2017 08:34:58 AM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (2036) Falha ao tentar abrir o arquivo "C:\Windows\system32\edb.chk" para acesso de leitura/gravação com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (01/21/2017 08:34:48 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (2036) Falha na recuperação/restauração do banco de dados com erro inesperado -1032.
Erros de Sistema:
=============
Error: (01/21/2017 03:26:18 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso.
Error: (01/21/2017 03:26:16 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso.
Error: (01/21/2017 03:23:12 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso.
Error: (01/21/2017 03:23:11 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso.
Error: (01/21/2017 03:05:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Origin Web Helper Service devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (01/21/2017 03:05:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Origin Web Helper Service.
Error: (01/21/2017 03:04:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Assistente de Conectividade de Rede depende do serviço Auxiliar de IP, mas não foi possível iniciá-lo devido ao seguinte erro:
O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.
Error: (01/21/2017 03:04:06 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORIDADE NT)
Description: 32212256844608534269419232
Error: (01/21/2017 03:04:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 14:23:12 do dia 21/01/2017 não era esperado.
Error: (01/21/2017 09:49:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2017-01-20 19:42:18.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 02:38:57.898
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-18 09:33:40.002
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-17 19:37:02.196
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-16 00:28:56.469
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\netutils.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-15 13:32:20.426
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-14 09:12:21.528
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-14 03:38:01.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptbase.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-13 11:02:44.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-12 05:45:33.461
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\netapi32.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU G2030 @ 3.00GHz
Percentagem de memória em uso: 51%
RAM física total: 6090.04 MB
RAM física disponível: 2945.74 MB
Virtual Total: 8522.04 MB
Virtual disponível: 4524.52 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.66 GB) (Free:34.15 GB) NTFS
Drive e: () (Fixed) (Total:368.01 GB) (Free:36.62 GB) NTFS
Drive g: (Victor Vran) (CDROM) (Total:4.16 GB) (Free:0 GB) CDFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1D5D5AB8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por yago (21-01-2017 20:57:43)
Executando a partir de E:\
Windows 10 Pro (X64) (2015-12-15 23:16:46)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-695995042-426092677-1864771339-500 - Administrator - Disabled)
Convidado (S-1-5-21-695995042-426092677-1864771339-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-695995042-426092677-1864771339-503 - Limited - Disabled)
yago (S-1-5-21-695995042-426092677-1864771339-1001 - Administrator - Enabled) => C:\Users\yago
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.2.0 - IObit)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
Atualizações da NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattleStick (HKLM\...\Steam App 394380) (Version: - Pinterac)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Combat Arms (HKLM-x32\...\Combat Arms) (Version: - )
Counter-Strike Global Offensive No-Steam (HKLM-x32\...\Counter-Strike Global Offensive_is1) (Version: 1.34.8.0 - Valve Software)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio)
emoj.io (HKLM\...\Steam App 530900) (Version: - Hassey Enterprises, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IdleMaster (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
Infinity (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\Infinity) (Version: 2.3.1 - Daring Development Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
League client alpha (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
League Of Guessing (HKLM\...\Steam App 524900) (Version: - PinchPoint)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
MegaTrainer Ultimate version 1.1.2 (HKLM-x32\...\{68A5CFDB-E05C-46BC-B2EB-988D1E2C2444}_is1) (Version: 1.1.2 - MegaDev)
Microsoft Build Tools 2015 (HKLM-x32\...\{d21da0dd-4ba4-4838-ba58-64cf7a77131a}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\MK LOL) (Version: - )
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
NVIDIA Driver de áudio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Driver de gráficos 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Painel de controle da NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
Proteção de Tela de League (HKLM-x32\...\LolScreenSaver) (Version: W0.1.19-0.11.13-beta - Riot Games)
Punch Club (HKLM\...\UHVuY2hDbHVi_is1) (Version: 1 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.8 - Rockstar Games)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SunGod_AIR (HKLM-x32\...\SunGod.AIR) (Version: 0.0.0 - UNKNOWN)
SunGod_AIR (x32 Version: 0.0.0 - UNKNOWN) Hidden
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
Timberman (HKLM-x32\...\Steam App 398710) (Version: - Digital Melody)
Undertale (HKLM-x32\...\VW5kZXJ0YWxl_is1) (Version: 1 - )
Unity Web Player (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Smartly Dressed Games)
Victor Vran (HKLM-x32\...\Victor Vran_is1) (Version: - )
Warface (HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\{094FAADD-5A39-4C64-911A-B4C9AD818484}_is1) (Version: 1.1.392.90 - Level Up! Games)
WARMODE (HKLM-x32\...\Steam App 391460) (Version: - WARTEAM)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0317EF5D-C43B-436E-876F-9D55FCAAA451} - \WinTaske -> Nenhum Arquivo <==== ATENÇÃO
Task: {2E3F2421-0A9D-410A-9B79-577A0D8FAA26} - System32\Tasks\Driver Booster SkipUAC (yago) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {30924DD2-5C3D-4AE0-A39B-8961D1A70751} - System32\Tasks\update-S-1-5-21-695995042-426092677-1864771339-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {4CE2FBD5-8071-4FCB-B49E-EA0BE3A3ABAA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {4CF40765-9068-408A-9E34-98DAD34B05D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {7EEC570F-6218-4219-A7C4-CC88CADADA60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {8989B82B-4A17-4B3C-9EEE-CCF7A3888FA6} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {A5B1B157-E6CC-4F9C-9959-41B32DA8D670} - System32\Tasks\ASC9_PerformanceMonitor => E:\Advanced SystemCare\Monitor.exe [2016-03-04] (IObit)
Task: {B3546742-2995-4826-A501-DE3B6182C657} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {B99DE358-6455-4641-A34F-4D5356A6DF30} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic [Argument = path OfficeSoftwareProtectionProduct where (ID="6f327760-8c5c-417c-9b61-836a98287e0c") call Activate]
Task: {D25FCEA4-5C83-4D0B-9559-ADB406D385E5} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {E160CB30-99C1-4089-8014-01EA575FAF65} - System32\Tasks\ASC9_SkipUac_yago => E:\Advanced SystemCare\ASC.exe [2016-03-09] (IObit)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\ASC9_SkipUac_yago.job => E:\Advanced SystemCare\ASC.exe
Task: C:\Windows\Tasks\update-S-1-5-21-695995042-426092677-1864771339-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2016-01-13 15:46 - 2015-07-14 22:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-11-08 22:27 - 2016-10-25 03:15 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-09-23 19:05 - 2016-09-23 19:05 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2016-07-24 21:33 - 2016-07-24 22:36 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-23 19:05 - 2016-09-23 19:05 - 00004608 _____ () C:\Windows\KMS-R@1nhook.exe
2015-12-25 17:31 - 2016-09-23 19:05 - 00007168 _____ () C:\Windows\KMS-QADhook.dll
2016-12-14 12:21 - 2016-11-19 06:24 - 02495776 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-12-14 12:21 - 2016-11-19 06:24 - 02495776 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-01-13 15:44 - 2015-09-17 01:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-12-14 12:21 - 2016-11-19 02:09 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-12-14 12:20 - 2016-11-19 02:06 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-14 12:20 - 2016-11-19 02:06 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-13 15:45 - 2015-09-17 01:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 12:49 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2016-06-28 18:25 - 2016-06-28 18:25 - 69521920 _____ () C:\Users\yago\AppData\Roaming\java\SYSDESKTOP-FFCBHDM.exe
2016-04-01 12:30 - 2016-04-01 12:30 - 01308224 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2017-01-11 03:34 - 2017-01-11 03:34 - 02780664 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.35\deploy\LoLLauncher.exe
2017-01-11 03:34 - 2017-01-11 03:34 - 05051896 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.75\deploy\LoLPatcher.exe
2016-09-22 03:40 - 2016-09-22 03:40 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.238\deploy\LolClient.exe
2016-03-12 00:33 - 2015-12-23 18:32 - 00355616 _____ () E:\Advanced SystemCare\madExcept_.bpl
2016-03-12 00:33 - 2015-12-23 18:32 - 00190240 _____ () E:\Advanced SystemCare\madBasic_.bpl
2016-03-12 00:33 - 2015-12-23 18:32 - 00057632 _____ () E:\Advanced SystemCare\madDisAsm_.bpl
2016-03-12 00:32 - 2015-12-28 13:50 - 00899872 _____ () E:\Advanced SystemCare\webres.dll
2016-03-12 00:32 - 2015-12-28 13:49 - 00629536 _____ () E:\Advanced SystemCare\ProductStatistics.dll
2017-01-11 03:34 - 2017-01-11 03:34 - 00606712 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.75\deploy\RiotLauncher.dll
2016-09-22 03:03 - 2016-09-22 03:03 - 04887216 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.238\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2016-09-22 03:02 - 2016-09-22 03:02 - 19397808 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.238\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2016-12-14 17:01 - 2016-12-08 03:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 17:01 - 2016-12-08 03:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2017-01-11 17:24 - 2017-01-11 17:24 - 17835096 _____ () C:\Users\yago\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DpsiBSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SL2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpsiBSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SL2Svc => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\100sexlinks.com -> 100sexlinks.com
Existem ainda 4788 sites a mais.
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-07-10 07:04 - 2015-07-10 07:02 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-695995042-426092677-1864771339-1001\Control Panel\Desktop\\Wallpaper -> E:\Riot_Games_Dark_Star_Thresh_Wallpaper_3840x1800.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: AdvancedSystemCareService9 => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: KMS-R@1n => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LolScreenSaverService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SimcakeSVC => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: VIAKaraokeService => 2
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-695995042-426092677-1864771339-1001\...\StartupApproved\Run: => "EADM"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{68816DF1-2BC6-423D-B1D7-A6BCBFB20093}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{79178D03-F920-4C08-88AD-6A8D5990721B}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{83BFFB11-7FDA-4E86-8841-CA7D8A2B4C49}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED20A103-FA72-4990-AB37-04FAA8FA2159}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA6150A6-DD41-4E58-B821-B8326DAD4AE3}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5D2A6CCC-CBC9-4693-9794-C1475405665D}] => C:\Users\yago\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6021B9FD-26A9-4DA8-BA31-B5A02B412212}] => C:\Users\yago\Steam\Steam.exe
FirewallRules: [{99463632-22E0-40F1-B5A1-0A72BD323EF5}] => C:\Users\yago\Steam\Steam.exe
FirewallRules: [{462B4265-8E9F-4017-ACAF-E5FA9DB0721E}] => C:\Users\yago\Steam\bin\steamwebhelper.exe
FirewallRules: [{C8B34E9C-1FBB-4007-8FB1-B414F151A86A}] => C:\Users\yago\Steam\bin\steamwebhelper.exe
FirewallRules: [{51389E64-6F3C-4420-91E5-2727BFF4487E}] => E:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{3A21961B-17F0-4940-A16C-1FEA24AD0CF3}] => E:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{1B8F7702-7438-4623-BA1F-27D6C4AF31CD}] => E:\SteamLibrary\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{EBE7C613-2BCD-430F-A0AD-9632FCC6579C}] => E:\SteamLibrary\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{AC8B8820-F78D-4BD9-8D3D-E225FD23B968}] => E:\SteamLibrary\steamapps\common\WARMODE\warmode.exe
FirewallRules: [{D0497DCB-2119-4B31-9F66-5B7F85827655}] => E:\SteamLibrary\steamapps\common\WARMODE\warmode.exe
FirewallRules: [{CCD6509A-5BD7-4151-A8B0-AE570BACB28D}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FC0C8B04-A443-4025-8141-56582986A654}] => E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5F90AC8C-DCB6-4C1C-AA84-6CA21CC2A33E}] => E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F4DC551C-85CF-4399-8972-B0834070053A}] => LPort=8126
FirewallRules: [{04586902-9D8A-4567-889C-68220E1BA039}] => E:\SteamLibrary\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{A509D487-5DE7-4A8E-BEBA-8D1E26A96536}] => E:\SteamLibrary\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [NETDIS-ND_DATAGRAM-In-TCPo] => c:\windows\system32\wnba\csrss.exe
FirewallRules: [{3AAC09C9-0CCC-4C9D-B049-FAC8C226303C}] => E:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{2969AF07-35B9-43FA-8C96-EDBC560C7E9C}] => E:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{5BB03E68-7687-45D7-9014-42C240A396FE}] => E:\SteamLibrary\steamapps\common\Timberman\Timberman.exe
FirewallRules: [{7C1D2FDB-C2C5-4551-A203-8F56D0B68C2E}] => E:\SteamLibrary\steamapps\common\Timberman\Timberman.exe
FirewallRules: [TCP Query User{FA78BA4B-F77B-4FB2-877E-836D1622E4F0}E:\hearthstone\hearthstone.exe] => E:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{2FAA0F26-DCD7-4966-86C3-A53AA366FF29}E:\hearthstone\hearthstone.exe] => E:\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{800FD44A-CE86-49C1-A65E-8BF3A44A30B8}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe] => E:\steamlibrary\steamapps\common\aftermath\aftermath.exe
FirewallRules: [UDP Query User{A111CAF7-CD91-40AF-9C94-21736D81D5BF}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe] => E:\steamlibrary\steamapps\common\aftermath\aftermath.exe
FirewallRules: [{303B8DEA-B5FF-4C8B-BFD1-8E88AE9E590A}] => E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{311BAEBE-D0D2-41CB-BF78-18071BB996C4}] => E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{A7188275-B552-4C8A-ACC1-F4E1D41F284C}C:\users\yago\appdata\roaming\spotify\spotify.exe] => C:\users\yago\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1B16DB2A-AE65-4D4B-B5BD-3AA2D9FCB605}C:\users\yago\appdata\roaming\spotify\spotify.exe] => C:\users\yago\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{40AFC0B0-F95E-4B63-98A6-A93791E27612}C:\users\yago\appdata\roaming\spotify\spotify.exe] => C:\users\yago\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{01658E45-AACE-4A2C-B5C1-62C62CF31036}C:\users\yago\appdata\roaming\spotify\spotify.exe] => C:\users\yago\appdata\roaming\spotify\spotify.exe
FirewallRules: [{01DC9544-C3E5-49DB-A8A1-FAE219F93E9E}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{21FB91E7-70F2-4FF0-A67E-0500D64F5DFE}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E44F7787-71A2-4B7C-B083-0EEA13A87BCA}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7030ADDF-6741-40BF-8817-2396B5039BF0}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D7972650-3E8E-4173-970D-ABD96BF98D5A}] => E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{82D49899-4353-4E01-99A2-44DA28BE2890}] => E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{86607C0D-17B8-4820-83A3-241149D5A340}] => E:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{1E93C6B1-4B82-4FFB-A26D-732CD09B7888}] => E:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{1138A534-09B6-4B73-AE93-57C6CBA876B6}E:\igg-huniecam.studio.v1.02\huniecamstudio.exe] => E:\igg-huniecam.studio.v1.02\huniecamstudio.exe
FirewallRules: [UDP Query User{B3742F79-ADAB-492F-89B6-8A50AFA28D09}E:\igg-huniecam.studio.v1.02\huniecamstudio.exe] => E:\igg-huniecam.studio.v1.02\huniecamstudio.exe
FirewallRules: [{971A2EAF-F311-4DEC-A02E-EF8993817006}] => C:\Windows\KMS-R@1n.exe
FirewallRules: [{FEA30626-1000-40BD-96CF-E707CDABEC2C}] => C:\Windows\KMS-R@1n.exe
FirewallRules: [TCP Query User{43560F6A-C603-4D7D-A86A-1F78DD9F9741}C:\users\yago\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => C:\users\yago\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [UDP Query User{376B97D7-EDBD-4FAD-B360-E302E4782D40}C:\users\yago\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => C:\users\yago\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [TCP Query User{7A082AFE-7182-468F-8CCC-1726BB4D1DDB}E:\utorrent.exe] => E:\utorrent.exe
FirewallRules: [UDP Query User{859CEB52-27A5-4619-942F-72C1A155F1A7}E:\utorrent.exe] => E:\utorrent.exe
FirewallRules: [TCP Query User{36928431-E7DB-4017-A37F-DCA1AEAE2024}E:\delicious.pretty.girls.mahjong.solitaire.v1.0.1\deliciouspgms.exe] => E:\delicious.pretty.girls.mahjong.solitaire.v1.0.1\deliciouspgms.exe
FirewallRules: [UDP Query User{33082963-D026-4D00-9671-8F6D89390CC8}E:\delicious.pretty.girls.mahjong.solitaire.v1.0.1\deliciouspgms.exe] => E:\delicious.pretty.girls.mahjong.solitaire.v1.0.1\deliciouspgms.exe
FirewallRules: [TCP Query User{54D033D5-749D-4C60-B4BB-0FC51EE19923}E:\zumbiblockultimate 2.1.1\zumbiblocksultimate.exe] => E:\zumbiblockultimate 2.1.1\zumbiblocksultimate.exe
FirewallRules: [UDP Query User{36F178C3-F089-4F78-853C-BFC22D21AAD4}E:\zumbiblockultimate 2.1.1\zumbiblocksultimate.exe] => E:\zumbiblockultimate 2.1.1\zumbiblocksultimate.exe
FirewallRules: [TCP Query User{38F4A87B-9FA5-48A3-95BD-81EBF90AAFD5}E:\galgun.double.peace\binaries\win64\gg2game.exe] => E:\galgun.double.peace\binaries\win64\gg2game.exe
FirewallRules: [UDP Query User{E35B3822-0D4E-4E26-B0CD-69E8B481E9B8}E:\galgun.double.peace\binaries\win64\gg2game.exe] => E:\galgun.double.peace\binaries\win64\gg2game.exe
FirewallRules: [{FCA26013-A9F9-4AD4-AC0B-330761C04B74}] => E:\SteamLibrary\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{F667C414-2EF9-42E0-B650-1D7D1EAF53C4}] => E:\SteamLibrary\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{83D6A4A7-84CA-4D05-8675-21984D0BC20B}] => E:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{886549B4-4585-496C-9BC4-725B6A4B2884}] => E:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{9764BADE-BE60-4F86-809D-E82D6A940AAC}] => E:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{58BC4E19-3C2B-48E4-A396-15EF328B533E}] => E:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [TCP Query User{8385E669-1A00-484B-A8A2-449C87C4E6F2}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{ECCAB065-0CFE-48FE-A9CD-2AB0E7349425}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{CA84C429-492E-40F5-97B1-F193FF1D23AF}E:\super.star.v1.20\game.exe] => E:\super.star.v1.20\game.exe
FirewallRules: [UDP Query User{ECC0AD9B-0C10-43C5-ABFF-F904D5182AB6}E:\super.star.v1.20\game.exe] => E:\super.star.v1.20\game.exe
FirewallRules: [{7CEA72BC-76A8-47D3-B36C-E5C92413E6DA}] => E:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A4E8319C-DC59-47A7-A49F-0CCB51AEF61A}] => E:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{82314780-EF9C-4790-8922-DCDDBC0AA26E}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E5B35A09-D986-44C2-B65C-B08FB158356F}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FF643BCF-5627-4D90-8F9A-2D51AD9B4818}E:\super.star.v1.20\game.exe] => E:\super.star.v1.20\game.exe
FirewallRules: [UDP Query User{AD08F3E3-A179-408A-81F4-ACD5F598DC00}E:\super.star.v1.20\game.exe] => E:\super.star.v1.20\game.exe
FirewallRules: [{F70E8756-CEBF-405C-AFA8-1D2D0559D3B7}] => E:\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{F215FEB2-C841-4B40-99D0-6BE942E16E91}] => E:\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{0BDDDBD3-4E9C-42C4-8DDD-160F299F2007}E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{7B1171D9-3AB0-45BF-9137-258F3CCDBCFE}E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => E:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{8B7ED8F6-A551-40CD-BE88-998D205E74D7}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{08BE55B4-5AD8-4A50-8B1C-346395305B90}] => C:\Users\yago\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{32096D36-32DD-4CA0-8A06-649D0461E888}] => C:\Users\yago\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F0784BEB-5081-4455-8530-657B07BC03B7}] => E:\SteamLibrary\steamapps\common\League Of Guessing\LOG.exe
FirewallRules: [{41F51329-634E-49D3-8639-3BF4D64F8E7F}] => E:\SteamLibrary\steamapps\common\League Of Guessing\LOG.exe
FirewallRules: [{10EBD468-7FB5-4A91-8B16-4467C0DFE823}] => E:\SteamLibrary\steamapps\common\BattleStick\BattleStick.exe
FirewallRules: [{D9CB4279-CF22-4EE7-908C-02A1D8BA4553}] => E:\SteamLibrary\steamapps\common\BattleStick\BattleStick.exe
FirewallRules: [{69EA3E6A-E2E4-440F-BBC7-C8239CC8EDE9}] => E:\SteamLibrary\steamapps\common\emoojio\main.exe
FirewallRules: [{34067BD6-626B-4E10-BFAF-CFDE2050EBDA}] => E:\SteamLibrary\steamapps\common\emoojio\main.exe
==================== Pontos de Restauração =========================
13-01-2017 18:33:07 Ponto de Verificação Agendado
21-01-2017 15:22:30 DirectX instalado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/21/2017 03:32:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: VictorVranSteam.exe, versão: 2.6.0.0, carimbo de data/hora: 0x57bc8715
Nome do módulo com falha: d3d11.dll, versão: 10.0.10240.17113, carimbo de data/hora: 0x57cf9086
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0013f105
ID do processo com falha: 0x1620
Hora de início do aplicativo com falha: 0x01d2741ca566a78a
Caminho do aplicativo com falha: E:\Victor Vran\VictorVranSteam.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\d3d11.dll
ID do Relatório: 9f590704-f35d-44df-a6c2-234e191263cd
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (01/21/2017 03:22:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/21/2017 08:35:38 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (2036) Falha na recuperação/restauração do banco de dados com erro inesperado -1032.
Error: (01/21/2017 08:35:38 AM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (2036) Falha ao tentar abrir o arquivo "C:\Windows\system32\edb.log" para acesso de leitura/gravação com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (01/21/2017 08:35:28 AM) (Source: ESENT) (EventID: 439) (User: )
Description: SettingSyncHost (2036) Não é possível gravar um cabeçalho oculto do arquivo C:\Windows\system32\edb.chk. Erro -1032.
Error: (01/21/2017 08:35:28 AM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (2036) Falha ao tentar abrir o arquivo "C:\Windows\system32\edb.chk" para acesso de leitura/gravação com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (01/21/2017 08:35:18 AM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (2036) Falha ao tentar abrir o arquivo "C:\Windows\system32\edb.chk" para acesso de leitura/gravação com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (01/21/2017 08:35:08 AM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (2036) Falha ao tentar abrir o arquivo "C:\Windows\system32\edb.chk" para acesso de leitura/gravação com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (01/21/2017 08:34:58 AM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (2036) Falha ao tentar abrir o arquivo "C:\Windows\system32\edb.chk" para acesso de leitura/gravação com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8).
Error: (01/21/2017 08:34:48 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (2036) Falha na recuperação/restauração do banco de dados com erro inesperado -1032.
Erros de Sistema:
=============
Error: (01/21/2017 03:26:18 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso.
Error: (01/21/2017 03:26:16 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso.
Error: (01/21/2017 03:23:12 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso.
Error: (01/21/2017 03:23:11 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso.
Error: (01/21/2017 03:05:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Origin Web Helper Service devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (01/21/2017 03:05:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Origin Web Helper Service.
Error: (01/21/2017 03:04:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Assistente de Conectividade de Rede depende do serviço Auxiliar de IP, mas não foi possível iniciá-lo devido ao seguinte erro:
O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.
Error: (01/21/2017 03:04:06 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORIDADE NT)
Description: 32212256844608534269419232
Error: (01/21/2017 03:04:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 14:23:12 do dia 21/01/2017 não era esperado.
Error: (01/21/2017 09:49:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2017-01-20 19:42:18.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 02:38:57.898
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-18 09:33:40.002
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-17 19:37:02.196
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-16 00:28:56.469
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\netutils.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-15 13:32:20.426
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-14 09:12:21.528
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-14 03:38:01.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptbase.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-13 11:02:44.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-12 05:45:33.461
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\netapi32.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU G2030 @ 3.00GHz
Percentagem de memória em uso: 51%
RAM física total: 6090.04 MB
RAM física disponível: 2945.74 MB
Virtual Total: 8522.04 MB
Virtual disponível: 4524.52 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.66 GB) (Free:34.15 GB) NTFS
Drive e: () (Fixed) (Total:368.01 GB) (Free:36.62 GB) NTFS
Drive g: (Victor Vran) (CDROM) (Total:4.16 GB) (Free:0 GB) CDFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1D5D5AB8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================