cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-03-2017
Executado por joaov (25-03-2017 17:28:07)
Executando a partir de C:\Users\joaov\Downloads
Windows 10 Home Versão 1607 (X64) (2016-10-30 13:40:43)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1001025675-1286570401-1186891124-500 - Administrator - Disabled)
Convidado (S-1-5-21-1001025675-1286570401-1186891124-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1001025675-1286570401-1186891124-503 - Limited - Disabled)
joaov (S-1-5-21-1001025675-1286570401-1186891124-1001 - Administrator - Enabled) => C:\Users\joaov

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-1001025675-1286570401-1186891124-1001\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATENÇÃO
Application Profiles (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Baidu Browser (HKLM-x32\...\Spark) (Version: 43.23 Preview - Baidu Inc.)
Baidu PC Faster (HKLM-x32\...\Baidu PC Faster 5.1.0.0) (Version: 5.1.3.131061 - Baidu, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlazBlue: Chronophantasma Extend (HKLM\...\YmxhemJsdWVjaHJvbm9waGFudGFzbWFleHRlbmQ_is1) (Version: 1 - )
BlazBlue: Continuum Shift Extend (HKLM\...\Steam App 294810) (Version: - Arc System Works)
Castlevania: Lords of Shadow 2 (HKLM-x32\...\Q2FzdGxldmFuaWFMb3Jkc29mU2hhZG93Mg==_is1) (Version: 1 - )
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
CosmicBreak_US (HKLM-x32\...\{DF46F74C-46D2-4740-99B0-6D89D81D389A}) (Version: 1.00.0000 - CyberStep, Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.1.0.0 - Electronic Arts)
Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
Dark Souls III (HKLM-x32\...\Dark Souls III_is1) (Version: - )
Darksiders II: Deathinitive Edition (HKLM\...\Steam App 388410) (Version: - Gunfire Games)
Darksiders Warmastered Edition (HKLM-x32\...\Darksiders Warmastered Edition_is1) (Version: - )
Devil May Cry 3: Special Edition (HKLM\...\Steam App 6550) (Version: - CAPCOM Co., Ltd.)
Devil May Cry 4 Special Edition (HKLM-x32\...\Devil May Cry 4 Special Edition_is1) (Version: - )
Dishonored (HKLM-x32\...\Dishonored_is1) (Version: - )
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExitLag (HKLM-x32\...\{31E1803D-6745-43B8-895F-AF9A73F4224E}_is1) (Version: 1.5.1 - SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA)
For Honor Open Beta (HKLM\...\Steam App 572600) (Version: - Ubisoft Montreal)
Fran Bow (HKLM-x32\...\1438948561_is1) (Version: 2.2.0.3 - GOG.com)
Furi (HKLM-x32\...\Furi_is1) (Version: - )
Gamersclub Anti Cheat (HKLM-x32\...\{C14C05CA-F9F5-45C3-9C23-43E10AF71897}) (Version: 1.00 - EMACLab)
God Eater Resurrection (HKLM-x32\...\{63981F26-1FA0-4916-AB20-F11E35166539}_is1) (Version: - BANDAI NAMCO)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Jotun (HKLM-x32\...\1458127099_is1) (Version: 2.1.0.3 - GOG.com)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
METAL GEAR RISING: REVENGEANCE (HKLM\...\Steam App 235460) (Version: - PlatinumGames)
Microsoft OneDrive (HKU\S-1-5-21-1001025675-1286570401-1186891124-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MicroVolts Surge (HKLM\...\Steam App 109400) (Version: - NQ Games)
Mozilla Firefox 50.1.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pt-BR)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
My Game Long Name (HKLM\...\UDK-b1afa228-7702-4724-bf6d-8ea51b3c6cee) (Version: - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-c1ec80e1-3cf5-4b3c-8141-4369477f3b24) (Version: - Epic Games, Inc.)
namehelp (HKLM-x32\...\{77936389-BD8F-4888-9234-6D9E423ADF56}) (Version: 1.0.0 - Aqualab)
ONE PIECE BURNING BLOOD (HKLM-x32\...\ONE PIECE BURNING BLOOD_is1) (Version: - )
Onigiri_US (HKLM-x32\...\{E5A8486E-4E03-4F59-A44A-88399E341F41}) (Version: 1.00.0000 - CyberStep, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
Portal 2 (HKLM-x32\...\Portal 2_is1) (Version: - R.G. Mechanics, spider91)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12943.90 - raidcall.com)
Remember Me (HKLM-x32\...\Remember Me_is1) (Version: 1.0.1 - Capcom)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Fighter V (HKLM\...\c3RyZWV0ZmlnaHRlcnY_is1) (Version: 1 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
Undertale (HKLM-x32\...\1456487183_is1) (Version: 2.0.0.2 - GOG.com)
Unity Web Player (HKU\S-1-5-21-1001025675-1286570401-1186891124-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
vSnapshot 1.0.0.0 (HKLM\...\{F772C08D-9F61-45c6-982F-ADDEEE0D92C6}) (Version: 1.0.0.0 - ShenZhen Zhihuimen Techology co,.Ltd)
Warframe (HKLM\...\Steam App 230410) (Version: - Digital Extremes)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATENÇÃO

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

HKU\S-1-5-21-1001025675-1286570401-1186891124-1001\...\ChromeHTML: -> C:\Program Files (x86)\Boxfat\Application\chrome.exe (Google Inc.) <==== ATENÇÃO

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0109BBFC-4CA8-4521-9FE6-3073736D0F8F} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] ()
Task: {11B0B507-7DFC-4DBA-B2D9-F09E3A4A3B66} - System32\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} => C:\Program Files (x86)\tools\update\tools_update.exe [2016-07-04] ()
Task: {257CCF2E-6E41-4589-B7F1-546F15207C9A} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\joaov\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {27B64B58-E1CF-43AE-BB43-EF7F6024A706} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-24] (Google Inc.)
Task: {2F4FBFAB-913A-4257-B75E-CB580AEF305C} - System32\Tasks\WmKnAwCwf4 => C:\Program Files (x86)\ywj122VCNJ\updengine.exe [2017-03-13] () <==== ATENÇÃO
Task: {357C8C7B-DC76-4E31-9164-56AA61B0F8E0} - System32\Tasks\Coodierzary Agent => C:\Program Files (x86)\Zerhhawocult\xckqsh.exe [2017-03-21] (Glarysoft Ltd)
Task: {418C7533-6D7C-459E-ABDF-983E5A5985AB} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js"
Task: {59AE89DA-078A-4522-B573-53493FFAB046} - System32\Tasks\Baidu PC Faster Service => C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [2015-05-13] (Baidu, Inc.)
Task: {772F8346-E056-4CE6-AF6B-FB0D539B7A1D} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [2016-01-15] (Baidu.com, Inc.)
Task: {8C5D6BEA-85E7-4D61-AE05-EF79454E94DB} - System32\Tasks\Prowerdomreersaly => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=SAMSUNGXHD103SI_S23ZJ50Z813455&v=20170321 /q <==== ATENÇÃO
Task: {A7F09760-6133-4C11-B8F2-96840D66393C} - System32\Tasks\newsonlineonlynetxoussm => Chrome.exe newsonlineonly.net/xoussm <==== ATENÇÃO
Task: {AE5132D2-ACD5-44B1-9A4B-F942D5AB8161} - System32\Tasks\{52F20821-F072-4CCC-B046-3857E6A8D33C} => pcalua.exe -a "C:\Program Files (x86)\The Stanley Parable\Launcher.exe" -d "C:\Program Files (x86)\The Stanley Parable"
Task: {AF1E0192-A22E-4249-861A-AE3844DCBA13} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\PC Faster\5.1.0.0\Updater.exe [2015-05-07] (Baidu, Inc.)
Task: {C4EB29A0-AA74-46D6-9F74-5E251A073F17} - System32\Tasks\R@1n-KMS\Windows64Core => wmic
Task: {E2E1BEAC-1626-4514-89F2-16AAD03ACD0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-24] (Google Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}.job => C:\Program Files (x86)\tools\update\tools_update.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\joaov\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Boxfat\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\joaov\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Boxfat\Application\chrome.exe (Google Inc.)

ShortcutWithArgument: C:\Users\joaov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490197165&z=2431570b89e53d96983286bgdzdtfe8g3t9meg2q2o&from=che0812&uid=SAMSUNGXHD103SI_S23ZJ50Z813455
ShortcutWithArgument: C:\Users\joaov\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811035"
ShortcutWithArgument: C:\Users\joaov\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490197165&z=2431570b89e53d96983286bgdzdtfe8g3t9meg2q2o&from=che0812&uid=SAMSUNGXHD103SI_S23ZJ50Z813455
ShortcutWithArgument: C:\Users\joaov\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490197165&z=2431570b89e53d96983286bgdzdtfe8g3t9meg2q2o&from=che0812&uid=SAMSUNGXHD103SI_S23ZJ50Z813455
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Boxfat\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1490197165&z=2431570b89e53d96983286bgdzdtfe8g3t9meg2q2o&from=che0812&uid=SAMSUNGXHD103SI_S23ZJ50Z813455
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490197165&z=2431570b89e53d96983286bgdzdtfe8g3t9meg2q2o&from=che0812&uid=SAMSUNGXHD103SI_S23ZJ50Z813455
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Boxfat\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1490197165&z=2431570b89e53d96983286bgdzdtfe8g3t9meg2q2o&from=che0812&uid=SAMSUNGXHD103SI_S23ZJ50Z813455
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490197165&z=2431570b89e53d96983286bgdzdtfe8g3t9meg2q2o&from=che0812&uid=SAMSUNGXHD103SI_S23ZJ50Z813455

==================== Módulos Carregados (Whitelisted) ==============

2017-03-21 20:41 - 2017-03-21 20:41 - 00306688 _____ () C:\Program Files (x86)\Coodierzary Agent\local64spl.dll
2012-10-08 15:06 - 2012-10-08 15:06 - 00156672 _____ () C:\Program Files (x86)\Aqualab\namehelp\nssm.exe
2016-10-24 12:05 - 2016-10-24 12:05 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2015-12-25 05:42 - 2015-12-25 05:42 - 00141960 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
2016-12-24 00:30 - 2016-12-24 00:30 - 00152264 _____ () C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshotServ.exe
2017-03-21 20:45 - 2016-11-10 04:19 - 05091840 _____ () C:\Users\joaov\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
2012-10-08 15:06 - 2012-10-08 15:06 - 00033792 _____ () C:\Program Files (x86)\Aqualab\namehelp\namehelp.exe
2017-03-22 12:41 - 2017-03-20 05:35 - 00109744 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-16 21:16 - 2017-03-04 04:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 03934344 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\Calendar.exe
2015-12-25 05:42 - 2015-12-25 05:42 - 00148104 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarEntry.dll
2017-03-16 21:16 - 2017-03-04 04:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-16 21:16 - 2017-03-04 04:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-30 11:03 - 2016-10-30 11:03 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 21:18 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 21:16 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 21:16 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 21:16 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-16 21:16 - 2017-03-04 03:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-16 21:16 - 2017-03-04 03:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-16 21:16 - 2017-03-04 03:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-13 12:38 - 2017-03-13 12:38 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 12:38 - 2017-03-13 12:38 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 12:38 - 2017-03-13 12:38 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 12:38 - 2017-03-13 12:38 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2017-03-16 14:40 - 2017-03-16 14:44 - 03879424 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-03-22 12:45 - 2016-05-22 23:37 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 00543368 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPTask.dll
2015-12-25 05:42 - 2015-12-25 05:42 - 00406664 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPNet.dll
2015-12-25 05:41 - 2015-12-25 05:41 - 00428680 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPDR.dll
2017-03-13 17:46 - 2017-03-13 17:46 - 01009152 _____ () C:\Program Files (x86)\ywj122VCNJ\kl.dll
2016-12-24 00:30 - 2016-12-24 00:30 - 00574152 _____ () C:\Program Files (x86)\vSnapshot\1.0.0.0\Updata.dll
2017-03-21 20:45 - 2016-03-06 04:40 - 00083456 _____ () C:\Users\joaov\AppData\Roaming\WMPNetworkAcSvc\Interface.dll
2012-10-08 15:06 - 2012-10-08 15:06 - 00040960 _____ () C:\Program Files (x86)\Aqualab\namehelp\_socket.pyd
2012-10-08 15:06 - 2012-10-08 15:06 - 00721920 _____ () C:\Program Files (x86)\Aqualab\namehelp\_ssl.pyd
2012-10-08 15:06 - 2012-10-08 15:06 - 00285184 _____ () C:\Program Files (x86)\Aqualab\namehelp\_hashlib.pyd
2012-10-08 15:06 - 2012-10-08 15:06 - 00009728 _____ () C:\Program Files (x86)\Aqualab\namehelp\select.pyd
2012-10-08 15:06 - 2012-10-08 15:06 - 00686592 _____ () C:\Program Files (x86)\Aqualab\namehelp\unicodedata.pyd
2012-10-08 15:06 - 2012-10-08 15:06 - 00074240 _____ () C:\Program Files (x86)\Aqualab\namehelp\_ctypes.pyd
2017-03-22 12:48 - 2017-03-21 23:23 - 00106496 _____ () c:\programdata\microsoft\phone tools\corecon\12.0\addons\sdkfilesver.dll
2017-03-22 12:45 - 2016-05-22 23:37 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2016-10-24 14:16 - 2017-03-09 21:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-10-24 14:16 - 2016-08-31 22:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-10-24 14:16 - 2017-03-22 21:52 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2016-10-24 14:16 - 2016-08-31 22:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-10-24 14:16 - 2016-08-31 22:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-10-24 14:16 - 2016-01-27 04:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-10-24 14:16 - 2016-01-27 04:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-10-24 14:16 - 2016-01-27 04:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-10-24 14:16 - 2016-01-27 04:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-10-24 14:16 - 2016-01-27 04:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-10-24 14:16 - 2017-03-22 21:52 - 00839456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-24 14:16 - 2016-07-04 19:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-12 18:27 - 2017-01-30 18:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-10-24 14:16 - 2017-03-22 21:52 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-03-22 12:48 - 2017-03-21 23:23 - 00106496 _____ () C:\ProgramData\Microsoft\Phone Tools\CoreCon\12.0\addons\SDKFilesVer.dll
2016-10-24 14:16 - 2015-09-24 20:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-03-22 12:48 - 2017-03-09 02:31 - 02187096 _____ () C:\Program Files (x86)\Boxfat\Application\libglesv2.dll
2017-03-22 12:48 - 2017-03-09 02:31 - 00086360 _____ () C:\Program Files (x86)\Boxfat\Application\libegl.dll
2017-03-22 12:59 - 2017-03-03 11:25 - 17784920 _____ () C:\Users\joaov\AppData\Local\Boxfat\User Data\PepperFlash\25.0.0.127\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-10-30 04:24 - 2015-10-30 04:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1001025675-1286570401-1186891124-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\joaov\Downloads\devil-may-cry-vergil-wallpaper-20.jpg
DNS Servers: 189.5.128.63 - 189.5.128.68
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4A5A8C95-23FA-4ED3-9FCE-0903C08C9F0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{700C8316-EC11-4C5B-B11C-7C4C4427595F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{41F25BF3-45A1-4E29-923D-B2FEA5E9995C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5694C427-9E78-4B34-95DB-28271074319F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{55376F05-3600-46BF-B0FA-B1E906D814BF}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{037D309B-0F73-4EC1-97D7-319B76E8FD79}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{20194951-69F0-42A1-8D3E-255C8CE3924C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Continuum Shift Extend\BBCSE.exe
FirewallRules: [{EF9EB6CA-D998-425B-B223-2ADCBCA73A57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Continuum Shift Extend\BBCSE.exe
FirewallRules: [{F4650CB1-2144-4678-AC87-03373B23A42E}] => (Allow) C:\Users\joaov\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3B3B0D8A-6F0B-46EE-AAE2-6ADDA6F183AC}] => (Allow) C:\Users\joaov\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A87AB376-5626-45FC-A6B2-4F32C98466CF}] => (Allow) C:\Users\joaov\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F0434949-125D-497A-AA1F-BCE0F37E11BF}] => (Allow) C:\Users\joaov\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C972549E-6263-4EAA-A363-3AAA6424546B}] => (Allow) C:\Users\joaov\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8717F8FB-FFF2-4957-84E0-79F9164B61B7}] => (Allow) C:\Users\joaov\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{BECAD395-4A77-4F3E-888C-71D18E98AB95}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{E704F62C-E963-4D54-9910-69C68FC2BF5E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{10B65B2B-2522-4310-B58A-6163678BD162}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
FirewallRules: [{A2584FD4-954E-47F8-BB38-40C036198A15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
FirewallRules: [{C09288A6-2AA5-43FE-9797-4FB6A3550F2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BA3D9424-222B-4705-B28B-FFE17A7CFECF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DAB52017-AC04-4F05-8C05-C88AB3D434F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devil May Cry 3\dmc3se.exe
FirewallRules: [{1A46751B-638A-4B50-A4FA-6C79CBDA5D50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devil May Cry 3\dmc3se.exe
FirewallRules: [{E7329C77-BA0D-4CF6-A465-E3BB63E04558}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devil May Cry 3\GPadCfg.exe
FirewallRules: [{9435BE32-28F8-471D-AE9E-8DFA1F10F818}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devil May Cry 3\GPadCfg.exe
FirewallRules: [TCP Query User{43FAED20-8C8F-47D8-A1A1-99B07A0BF069}C:\cyberstep\cosmicbreak2\programs\cosmic_x64.exe] => (Allow) C:\cyberstep\cosmicbreak2\programs\cosmic_x64.exe
FirewallRules: [UDP Query User{6F4168CC-C400-455B-AE2D-355379BF79AE}C:\cyberstep\cosmicbreak2\programs\cosmic_x64.exe] => (Allow) C:\cyberstep\cosmicbreak2\programs\cosmic_x64.exe
FirewallRules: [TCP Query User{C94B6920-8379-4C49-8F25-0574C92C72E2}C:\hanpurple\soulworker\soulworker100.exe] => (Allow) C:\hanpurple\soulworker\soulworker100.exe
FirewallRules: [UDP Query User{2AEA35BE-9714-4357-B454-B3BA1956E9CE}C:\hanpurple\soulworker\soulworker100.exe] => (Allow) C:\hanpurple\soulworker\soulworker100.exe
FirewallRules: [{F73CCDB2-B44B-49A2-81B7-99590F4F6C4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MicroVolts\Launcher.exe
FirewallRules: [{F2001535-4630-4838-981E-C63E44DDF01A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MicroVolts\Launcher.exe
FirewallRules: [{A6D88E8D-B391-47D3-AE43-F66E79278957}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{76C43C06-9B11-4093-B45C-2F2189DF8E04}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{587DBB54-D4B5-4CA0-97D9-BBCB0E08E61D}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{88C7E518-D8B1-4744-9213-41A030BA4141}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{F5CDE8CB-160E-4880-A164-B0606F59F043}C:\program files (x86)\r.g. mechanics\portal 2\portal2.exe] => (Allow) C:\program files (x86)\r.g. mechanics\portal 2\portal2.exe
FirewallRules: [UDP Query User{DF4EFD36-865C-4F78-B916-542AFD9FFAA1}C:\program files (x86)\r.g. mechanics\portal 2\portal2.exe] => (Allow) C:\program files (x86)\r.g. mechanics\portal 2\portal2.exe
FirewallRules: [TCP Query User{F642F2A0-0204-4956-B6A5-22B9E178F4AB}C:\program files (x86)\the stanley parable\stanley.exe] => (Allow) C:\program files (x86)\the stanley parable\stanley.exe
FirewallRules: [UDP Query User{79EB871C-8E46-4223-BB3D-8269E1134B80}C:\program files (x86)\the stanley parable\stanley.exe] => (Allow) C:\program files (x86)\the stanley parable\stanley.exe
FirewallRules: [{B86D9CF6-57F1-4DFB-BDC5-48F7F0E0C77E}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{E8D56A6E-C3E2-4BDA-9C24-2627C3D81406}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{629E6917-6E98-40BA-8692-ABE133DA6FB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{379B441D-2A59-494D-B496-6BE3BD0D970A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{61DEBFCD-EC72-4E6B-B80D-CE6A26D6A3B6}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{67266F56-BA14-41DC-9B3F-7D87762FBBCF}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{25A2A2EC-6566-4A6F-A8B8-D5A94915225B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{92835341-774B-44D2-AC2D-DE1489FF4322}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8C98FAF7-45DA-4A1D-8534-10F6FC867232}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3DDD6253-A463-4010-A981-730C046E4B57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{340171A9-71A1-44F0-875F-C4BA49B32867}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{FDD634F9-BC09-44F1-8948-187F725C5E7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{696C6CC0-B4DC-4C7D-852B-4390EC6741BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{922D3B83-8F06-4983-A17C-4186A3C51925}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{665C5584-9648-4A64-8D76-E90207C9435F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{D388588D-B952-43A0-BA1F-E7AC7F82AD6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1A32E230-8CF9-40A4-9DD9-A9ACAA01C051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{9674F48E-176B-4E63-8EA5-064B7B09A4C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3A29B338-2501-468C-AD6F-C015B96C4D59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C2D62157-1281-48C5-8E2E-26DBC14A338B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{42A111F1-565B-462B-B23E-CBFF17391C61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{62B650F5-FE81-492D-9AF5-9C8C66DA552B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{98B0F88A-326F-40E3-97F2-D9B97C4BDEBE}] => (Allow) C:\Users\joaov\Desktop\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{A27BB3CE-BAB5-4A23-A1CB-6B6719B68CAC}] => (Allow) C:\Users\joaov\Desktop\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [TCP Query User{09565DEC-ABE1-4448-B281-24F7BE94BE2D}C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe] => (Allow) C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe
FirewallRules: [UDP Query User{3FB94160-8B72-4C70-9126-5B51A06B3877}C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe] => (Allow) C:\program files (x86)\emaclab\gamersclub anti cheat\gclauncher.exe
FirewallRules: [TCP Query User{D8841702-C7F1-455E-94FB-EAC6A213D3B0}C:\users\joaov\downloads\antichamber\binaries\win32\udk.exe] => (Allow) C:\users\joaov\downloads\antichamber\binaries\win32\udk.exe
FirewallRules: [UDP Query User{794B37E5-9E66-49BD-B3D5-F60FF8B18D8D}C:\users\joaov\downloads\antichamber\binaries\win32\udk.exe] => (Allow) C:\users\joaov\downloads\antichamber\binaries\win32\udk.exe
FirewallRules: [{BE55C216-47B1-4C4D-B930-28971F68758F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\For Honor Open Beta\forhonor.exe
FirewallRules: [{FE18AC7E-1FFC-4A1B-ADE8-C0481820D106}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\For Honor Open Beta\forhonor.exe
FirewallRules: [{FDD3DBEF-B4DC-44F7-9BBD-4E6A76D78273}] => (Allow) 㩃啜敳獲橜慯癯䅜灰慄慴剜慯業杮獜湳獜湳攮數
FirewallRules: [{984CFC17-D47C-43F0-82D5-992B8D220CFB}] => (Allow) 㩃啜敳獲橜慯癯䅜灰慄慴剜慯業杮獜湳獜癡略⹰硥e
FirewallRules: [{BD4B0287-AFD1-45DB-BE2C-B8084AADB79F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A2722372-CD0F-4BCE-9E40-BA616C8D7EE0}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{E6E4EFA0-B4CD-4FBD-9EBE-364B7EA7C38D}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{C321E674-3607-4C3A-BC02-6B3D9E0031D6}] => (Allow) C:\Program Files (x86)\Boxfat\Application\chrome.exe

==================== Pontos de Restauração =========================

15-03-2017 20:02:29 Windows Update
18-03-2017 20:28:03 Windows Update
20-03-2017 14:40:58 Installed Survey Bypasser V 2.8
24-03-2017 22:53:22 Removed BikaQ Rss

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (03/25/2017 03:28:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LeagueClientUx.exe versão 7.6.180.7093 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 214c

Hora de Início: 01d2a5956442407d

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.59\deploy\LeagueClientUx.exe

ID do Relatório: d014d2c4-1188-11e7-9fe6-bc5ff439f28c

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (03/25/2017 03:26:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LeagueClientUx.exe versão 7.6.180.7093 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 176c

Hora de Início: 01d2a59506155a21

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.59\deploy\LeagueClientUx.exe

ID do Relatório: 879528cc-1188-11e7-9fe6-bc5ff439f28c

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (03/25/2017 10:38:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "c:\program files (x86)\vsnapshot\1.0.0.0\vSnapshot.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (03/25/2017 12:06:25 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "WmiApRpl" na DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (03/25/2017 12:06:25 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL rdyboost do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.

Error: (03/25/2017 12:06:25 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status.

Error: (03/25/2017 12:06:25 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "MSDTC" na DLL "C:\WINDOWS\system32\msdtcuiu.DLL". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (03/25/2017 12:06:25 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "Lsa" na DLL "C:\Windows\System32\Secur32.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (03/25/2017 12:06:25 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "ESENT" na DLL "C:\WINDOWS\system32\esentprf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (03/25/2017 12:06:25 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.


Erros de Sistema:
=============
Error: (03/25/2017 03:28:12 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (03/25/2017 03:26:09 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (03/25/2017 02:51:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter.

Código: 8 0x0 0x0

Error: (03/25/2017 02:51:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter.

Código: 2 0xdeaddeed 0xeeec

Error: (03/25/2017 02:51:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter.

Código: 1 0xc 0x4

Error: (03/25/2017 01:53:44 PM) (Source: bowser) (EventID: 8003) (User: )
Description: O localizador mestre recebeu uma notificação de servidor do computador USER-PC
que acredita ser o localizador mestre do domínio no transporte NetBT_Tcpip_{768312B1-0B6E-4966-9446-14F1CBF64092}.
O localizador mestre está parando ou está sendo forçada uma eleição.

Error: (03/25/2017 10:32:26 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (03/25/2017 12:26:17 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (03/24/2017 11:21:46 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (03/24/2017 11:08:53 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5ILSTN4)
Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
e APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
ao usuário DESKTOP-5ILSTN4\joaov SID (S-1-5-21-1001025675-1286570401-1186891124-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.


CodeIntegrity:
===================================
Date: 2017-03-25 17:20:36.553
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-25 17:07:52.148
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-25 16:22:04.168
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-25 16:07:51.949
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-25 15:22:51.904
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-25 15:07:51.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-25 14:52:14.184
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-25 14:22:51.931
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-25 14:03:43.567
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-25 13:41:03.512
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Informações da Memória ===========================

Processador: AMD A10-7860K Radeon R7, 12 Compute Cores 4C+8G
Percentagem de memória em uso: 43%
RAM física total: 7108.04 MB
RAM física disponível: 3988.64 MB
Virtual Total: 8260.04 MB
Virtual disponível: 4366.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.02 GB) (Free:335.24 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 21FD5F57)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité