Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15.11.2018
Executado por Ketzer (20-11-2018 05:50:29)
Executando a partir de C:\Users\Ketzer\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2018-08-10 16:15:07)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-4250199933-3618907985-1209464916-500 - Administrator - Disabled)
Convidado (S-1-5-21-4250199933-3618907985-1209464916-501 - Limited - Disabled)
Ketzer (S-1-5-21-4250199933-3618907985-1209464916-1000 - Administrator - Enabled) => C:\Users\Ketzer
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
AIDA64 Extreme v5.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.70 - FinalWire Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 2.21.0.25 - GOG.com)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.5.1 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
K-Lite Codec Pack 14.3.6 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.3.6 - KLCP)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Popcorn-Time (HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
SearchAwesome (HKLM-x32\...\ZGE0ZmI0NTBjMzU4NG) (Version: 13.14.1.308 (i1.0) - SearchAwesome) <==== ATENÇÃO
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Warsaw 2.6.4.2 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.6.4.2 - GAS Tecnologia)
WhiteClick (HKLM-x32\...\{205A0649-1314-4131-926C-86E8F69A2F32}) (Version: 4.0.0 - WhiteLLC)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2018-08-10] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {02DA8332-9A5F-4B83-848B-2E41307A1FFA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-16] (Microsoft Corporation)
Task: {20DEDE14-0EBA-40E7-8BDB-186D7264D3F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-10] (Google Inc.)
Task: {22198F6D-B8A8-470D-929B-B2438DA0C8FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-10] (Google Inc.)
Task: {3FC86223-056F-420E-92C6-C4666CE97636} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {430927CE-E6F5-4B35-8055-90C07AC75A2C} - System32\Tasks\{2785BEB5-9057-4BF9-AC08-FAB9ED19D740} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ketzer\Desktop\Wise Program Uninstaller\UnMonitor.exe" -d "C:\Users\Ketzer\Desktop\Wise Program Uninstaller"
Task: {45FCD904-7403-4A93-91CC-7858D4B8FFFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-16] (Microsoft Corporation)
Task: {5248EA32-EAD1-46DF-A6F6-4BF6D15F1532} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {65416E8B-F70D-4ED5-A4FC-7421F0CBFE91} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {67FD3E3E-309F-4DD7-B285-1AFC16F8CCED} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\Scheduler.exe [2018-07-06] (IObit)
Task: {7A0F9033-4D5A-4ACD-B9B4-0E6C44F7E4A7} - System32\Tasks\R@1n-KMS\Office365ProPlus => wmic [Argument = path OfficeSoftwareProtectionProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
Task: {836DFEA7-2EAB-4E56-9F6B-6E6BD746164E} - System32\Tasks\{9E7EBABC-67F8-4A9F-88C4-05F3100413B6} => C:\Users\Ketzer\Downloads\Darkest Dungeon_GOG\setup_darkest_dungeon_2.21.0.25.exe [2018-10-26] (GOG.com )
Task: {86D91B96-E6C0-4B79-9802-361681E72432} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-16] (Microsoft Corporation)
Task: {88535A04-BEFC-4B08-8819-E8609E1681A7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-16] (Microsoft Corporation)
Task: {97604D0D-12BA-46AB-B4FC-DF49A182CBE2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {AF98611C-BE57-46C4-9ADA-BEA11CF591F7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-16] (Microsoft Corporation)
Task: {B46B35EA-0C42-4764-858D-854058CB28E2} - System32\Tasks\{D4B6A30D-EBCB-40A6-8365-9CA193063E57} => C:\Users\Ketzer\Downloads\Darkest Dungeon_GOG\setup_darkest_dungeon_2.21.0.25.exe [2018-10-26] (GOG.com )
Task: {B75A363A-3F63-4CBD-811E-0D4667C3C1F8} - System32\Tasks\Driver Booster SkipUAC (Ketzer) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe [2018-07-06] (IObit)
Task: {C7C54578-E426-4BF4-BD14-7BB808925E74} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-19] (AVAST Software)
Task: {CABCBD1E-3DB5-4B4C-8D19-754DE5CA863D} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\Windows\TEMP\is-M25D4.tmp\corefixer.exe <==== ATENÇÃO
Task: {D4559048-C408-452A-A9DD-F45E26B0E89D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-16] (Microsoft Corporation)
Task: {F50EE3F0-95B3-4A92-A1EB-E641F0963AEF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-10-28] (AVAST Software)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2018-08-10 14:30 - 2018-08-10 14:30 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-09-15 19:51 - 2018-09-15 19:51 - 000026112 _____ () C:\Windows\KMS-R@1n.exe
2018-11-19 19:28 - 2018-11-19 19:28 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-11-20 04:31 - 2018-11-20 04:31 - 000342528 _____ () C:\ProgramData\Kolnixo\Medstring.dll
2018-11-19 19:29 - 2018-11-16 03:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-19 19:29 - 2018-11-16 03:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-11-19 19:28 - 2018-11-19 19:28 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-19 19:28 - 2018-11-19 19:28 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-19 19:27 - 2018-11-19 19:27 - 005724304 _____ () C:\Program Files\AVAST Software\Avast\defs\18111902\algo.dll
2018-11-19 19:28 - 2018-11-19 19:28 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-19 19:28 - 2018-11-19 19:28 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-19 19:28 - 2018-11-19 19:28 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-08-10 14:52 - 2018-08-10 14:52 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-10 14:25 - 2017-10-16 11:14 - 000442144 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.5.1\madExcept_.bpl
2018-08-10 14:25 - 2017-10-16 11:14 - 000210720 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.5.1\madBasic_.bpl
2018-08-10 14:25 - 2017-10-16 11:14 - 000059680 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.5.1\madDisAsm_.bpl
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2018-11-20 04:30 - 008389131 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 mydownloaddomain.com
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 360devtraking.website
127.0.0.1 dscdn.pw
127.0.0.1 bcnmonetize.go2affise.com
127.0.0.1 beautifllink.xyz
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ketzer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
Se uma entrada for incluída na fixlist, será removida.
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{EE3A59F0-5B45-4374-852E-99A288EFE524}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{4E6FF5E8-FA31-4E87-AE69-B872096CC78F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{6FC8BAAD-9B30-47FA-A574-EC117E49E56D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{A5BED699-1849-4E09-8B2A-C29E234E34DA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{98A8D300-E5EF-4370-A087-1C7989BF3FBA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{82AB3E81-BB8B-436A-9BA1-52D19A331A6D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{5A74A458-B2C1-46E0-B4B8-153B4B00F9B8}] => (Allow) C:\Users\Ketzer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{28332C00-CA64-4DF2-8759-3D55F6501B20}] => (Allow) C:\Users\Ketzer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{0DFB2A18-1B35-4C88-8CDB-E6A021DA6EB0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0A962896-0B70-4EF3-85B1-56A33B6AE75B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [{304DAE7F-0B58-4897-9E03-B64726DE08FC}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{848C9562-FAA8-4F0B-959E-09BFB17607FC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9F76AB40-1C62-45C8-B1AE-100391E09F54}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [TCP Query User{9175F1C2-2BC1-413C-B902-7C9C5F8D20F7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [UDP Query User{B65A4EB5-EC1B-46B3-A9DC-94CE7BA85CE1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [TCP Query User{155E5FDF-51C7-4F53-BF3E-34C61922D804}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F8A7FBD3-A860-42D0-9CD8-A3E9613F339D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe
FirewallRules: [TCP Query User{76E571E2-8E0C-4ED6-A04C-5BBC474163A0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe
FirewallRules: [UDP Query User{B832DDE9-7130-4C7F-A31C-2548E452086B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe
FirewallRules: [TCP Query User{6DB3FD07-2034-497D-A2B7-4DCC2691C9F5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0A61DB76-C2CD-4CA7-B431-A40A060BC240}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [{DD9F3BCB-74CE-4984-BF4D-3F9F32C6A8BF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{03EA5E30-6BB8-428A-8118-33B92E39F106}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3ED205D6-AD18-453F-97CE-B4E8F1E38F3B}] => (Allow) C:\Users\Ketzer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{4037027F-A9FA-4E4E-98CD-D504D7098FB0}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{560BB1C1-1B0D-4931-863D-6A8FB50128C5}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{9FF60EE8-D945-4693-B682-EB7D6326618E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6D2E6D23-D464-438E-923D-F6053B5B36D6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0F3C6569-7BD8-417E-8742-042C02B80347}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{2755B171-6694-4157-AF16-D2637CAAEB59}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
FirewallRules: [UDP Query User{BF506F1D-7EB3-4350-9A93-DCE2B8B6DAB2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
FirewallRules: [TCP Query User{149350AA-8032-42E7-9446-D3003943C17B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
FirewallRules: [UDP Query User{7800F5C8-3813-4AE6-BA6B-EA77AF4527D9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
FirewallRules: [TCP Query User{F614B583-F11D-485F-991E-56A62E720CCC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe
FirewallRules: [UDP Query User{82A8196F-D0BD-42C7-A83F-048D86AFBD6F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe
FirewallRules: [TCP Query User{8EE89C3E-4F74-4A32-8CC2-FCCD0C99D68D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe
FirewallRules: [UDP Query User{CB700C7B-D829-400C-96F1-523CF55AEA7D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe
FirewallRules: [TCP Query User{856AEE0D-A225-4128-B020-AB78D98C90F2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe
FirewallRules: [UDP Query User{473912AC-0F04-4566-BB26-3566CF183621}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe
FirewallRules: [TCP Query User{C318FBA5-0029-4723-B8FD-60EC95237E88}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe
FirewallRules: [UDP Query User{3DD8A48C-4B79-4665-9028-00F09C7D34BC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe
FirewallRules: [{DAF29D1A-BA64-4D43-9EAD-6038BFBB46BA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B00350F6-E400-4CF4-A4C2-A62BDDFC61A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{477AEE5E-BBF8-42BB-B94F-ED69BC57C6F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FD539468-B62D-4D87-A6DB-8FF86BB2047E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{816A12EF-AB22-456D-A0B3-2DDB833B27BA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe
FirewallRules: [UDP Query User{C5EF0592-0474-4DDF-8F51-DDF619DA63B5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe
FirewallRules: [TCP Query User{DF11CA0E-63E8-4022-A149-73AF2871FCF7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe
FirewallRules: [UDP Query User{04FCB95F-BF01-4701-9E55-A9F2A897E3A5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe
FirewallRules: [TCP Query User{DD208663-5D4C-42A8-B793-745A8BC418B4}C:\users\ketzer\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\ketzer\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [UDP Query User{8F97FBC2-48FF-47BB-BEE7-F44F70386027}C:\users\ketzer\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\ketzer\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [{1F7D61E7-5F93-44E2-A3C5-4509119A3422}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{2DEEF724-B469-4CAB-AA2F-4B57EBB81AD5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3172EB02-FDED-40AA-A5A7-0D8366F50E03}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
11-11-2018 17:23:35 Ponto de Verificação Agendado
14-11-2018 02:10:07 Windows Update
20-11-2018 04:50:27 Operação de restauração
20-11-2018 05:26:41 Removido WhiteClick
20-11-2018 05:28:27 Removido WhiteClick
20-11-2018 05:29:55 Removido WhiteClick
20-11-2018 05:30:18 Removido WhiteClick
20-11-2018 05:31:40 Removido WhiteClick
20-11-2018 05:36:18 Removido WhiteClick
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Warsaw - Driver (PP)
Description: Warsaw - Driver (PP)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wsddpp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (11/20/2018 05:45:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/20/2018 05:24:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/20/2018 05:24:21 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Erro não especificado durante a Restauração do Sistema: (Windows Update). Informações adicionais: 0x80070005.
Error: (11/20/2018 05:09:17 AM) (Source: System Restore) (EventID: 8209) (User: )
Description: A Restauração do Sistema não foi executada porque o sistema foi reiniciado, teve a energia interrompida ou parou de responder. Informações adicionais:(Operação de restauração).
Error: (11/20/2018 05:08:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/20/2018 05:05:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/20/2018 05:04:49 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Erro não especificado durante a Restauração do Sistema: (Windows Update). Informações adicionais: 0x80070005.
Error: (11/20/2018 04:34:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Erros de Sistema:
=============
Error: (11/20/2018 05:46:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço localNETService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (11/20/2018 05:25:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço localNETService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (11/20/2018 05:09:54 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: 490@01010004
Error: (11/20/2018 05:09:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço localNETService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (11/20/2018 05:06:57 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: 490@01010004
Error: (11/20/2018 05:05:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço localNETService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (11/20/2018 04:50:16 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: 490@01010004
Error: (11/20/2018 04:36:48 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: 490@01010004
CodeIntegrity:
===================================
Date: 2018-11-20 04:50:36.392
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-11-20 04:50:36.221
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscr64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:20:07.983
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:20:07.983
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:07:16.913
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:07:16.848
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:07:16.798
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:07:16.743
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentagem de memória em uso: 40%
RAM física total: 8104.6 MB
RAM física disponível: 4798.28 MB
Virtual Total: 16207.34 MB
Virtual disponível: 13243.4 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:481.19 GB) NTFS
Drive d: (Windows 7 ( x86) (CDROM) (Total:4.26 GB) (Free:0 GB) CDFS
Drive e: (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 51DDD560)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Ketzer (20-11-2018 05:50:29)
Executando a partir de C:\Users\Ketzer\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2018-08-10 16:15:07)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-4250199933-3618907985-1209464916-500 - Administrator - Disabled)
Convidado (S-1-5-21-4250199933-3618907985-1209464916-501 - Limited - Disabled)
Ketzer (S-1-5-21-4250199933-3618907985-1209464916-1000 - Administrator - Enabled) => C:\Users\Ketzer
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
AIDA64 Extreme v5.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.70 - FinalWire Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 2.21.0.25 - GOG.com)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.5.1 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
K-Lite Codec Pack 14.3.6 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.3.6 - KLCP)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Popcorn-Time (HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
SearchAwesome (HKLM-x32\...\ZGE0ZmI0NTBjMzU4NG) (Version: 13.14.1.308 (i1.0) - SearchAwesome) <==== ATENÇÃO
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Warsaw 2.6.4.2 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.6.4.2 - GAS Tecnologia)
WhiteClick (HKLM-x32\...\{205A0649-1314-4131-926C-86E8F69A2F32}) (Version: 4.0.0 - WhiteLLC)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2018-08-10] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {02DA8332-9A5F-4B83-848B-2E41307A1FFA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-16] (Microsoft Corporation)
Task: {20DEDE14-0EBA-40E7-8BDB-186D7264D3F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-10] (Google Inc.)
Task: {22198F6D-B8A8-470D-929B-B2438DA0C8FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-10] (Google Inc.)
Task: {3FC86223-056F-420E-92C6-C4666CE97636} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {430927CE-E6F5-4B35-8055-90C07AC75A2C} - System32\Tasks\{2785BEB5-9057-4BF9-AC08-FAB9ED19D740} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ketzer\Desktop\Wise Program Uninstaller\UnMonitor.exe" -d "C:\Users\Ketzer\Desktop\Wise Program Uninstaller"
Task: {45FCD904-7403-4A93-91CC-7858D4B8FFFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-16] (Microsoft Corporation)
Task: {5248EA32-EAD1-46DF-A6F6-4BF6D15F1532} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {65416E8B-F70D-4ED5-A4FC-7421F0CBFE91} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {67FD3E3E-309F-4DD7-B285-1AFC16F8CCED} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\Scheduler.exe [2018-07-06] (IObit)
Task: {7A0F9033-4D5A-4ACD-B9B4-0E6C44F7E4A7} - System32\Tasks\R@1n-KMS\Office365ProPlus => wmic [Argument = path OfficeSoftwareProtectionProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
Task: {836DFEA7-2EAB-4E56-9F6B-6E6BD746164E} - System32\Tasks\{9E7EBABC-67F8-4A9F-88C4-05F3100413B6} => C:\Users\Ketzer\Downloads\Darkest Dungeon_GOG\setup_darkest_dungeon_2.21.0.25.exe [2018-10-26] (GOG.com )
Task: {86D91B96-E6C0-4B79-9802-361681E72432} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-16] (Microsoft Corporation)
Task: {88535A04-BEFC-4B08-8819-E8609E1681A7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-16] (Microsoft Corporation)
Task: {97604D0D-12BA-46AB-B4FC-DF49A182CBE2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {AF98611C-BE57-46C4-9ADA-BEA11CF591F7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-16] (Microsoft Corporation)
Task: {B46B35EA-0C42-4764-858D-854058CB28E2} - System32\Tasks\{D4B6A30D-EBCB-40A6-8365-9CA193063E57} => C:\Users\Ketzer\Downloads\Darkest Dungeon_GOG\setup_darkest_dungeon_2.21.0.25.exe [2018-10-26] (GOG.com )
Task: {B75A363A-3F63-4CBD-811E-0D4667C3C1F8} - System32\Tasks\Driver Booster SkipUAC (Ketzer) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe [2018-07-06] (IObit)
Task: {C7C54578-E426-4BF4-BD14-7BB808925E74} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-19] (AVAST Software)
Task: {CABCBD1E-3DB5-4B4C-8D19-754DE5CA863D} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\Windows\TEMP\is-M25D4.tmp\corefixer.exe <==== ATENÇÃO
Task: {D4559048-C408-452A-A9DD-F45E26B0E89D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-16] (Microsoft Corporation)
Task: {F50EE3F0-95B3-4A92-A1EB-E641F0963AEF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-10-28] (AVAST Software)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2018-08-10 14:30 - 2018-08-10 14:30 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-09-15 19:51 - 2018-09-15 19:51 - 000026112 _____ () C:\Windows\KMS-R@1n.exe
2018-11-19 19:28 - 2018-11-19 19:28 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-11-20 04:31 - 2018-11-20 04:31 - 000342528 _____ () C:\ProgramData\Kolnixo\Medstring.dll
2018-11-19 19:29 - 2018-11-16 03:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-19 19:29 - 2018-11-16 03:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-11-19 19:28 - 2018-11-19 19:28 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-19 19:28 - 2018-11-19 19:28 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-19 19:27 - 2018-11-19 19:27 - 005724304 _____ () C:\Program Files\AVAST Software\Avast\defs\18111902\algo.dll
2018-11-19 19:28 - 2018-11-19 19:28 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-19 19:28 - 2018-11-19 19:28 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-19 19:28 - 2018-11-19 19:28 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-08-10 14:52 - 2018-08-10 14:52 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-10 14:25 - 2017-10-16 11:14 - 000442144 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.5.1\madExcept_.bpl
2018-08-10 14:25 - 2017-10-16 11:14 - 000210720 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.5.1\madBasic_.bpl
2018-08-10 14:25 - 2017-10-16 11:14 - 000059680 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.5.1\madDisAsm_.bpl
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2018-11-20 04:30 - 008389131 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 mydownloaddomain.com
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 360devtraking.website
127.0.0.1 dscdn.pw
127.0.0.1 bcnmonetize.go2affise.com
127.0.0.1 beautifllink.xyz
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-4250199933-3618907985-1209464916-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ketzer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
Se uma entrada for incluída na fixlist, será removida.
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{EE3A59F0-5B45-4374-852E-99A288EFE524}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{4E6FF5E8-FA31-4E87-AE69-B872096CC78F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{6FC8BAAD-9B30-47FA-A574-EC117E49E56D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{A5BED699-1849-4E09-8B2A-C29E234E34DA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{98A8D300-E5EF-4370-A087-1C7989BF3FBA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{82AB3E81-BB8B-436A-9BA1-52D19A331A6D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{5A74A458-B2C1-46E0-B4B8-153B4B00F9B8}] => (Allow) C:\Users\Ketzer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{28332C00-CA64-4DF2-8759-3D55F6501B20}] => (Allow) C:\Users\Ketzer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{0DFB2A18-1B35-4C88-8CDB-E6A021DA6EB0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0A962896-0B70-4EF3-85B1-56A33B6AE75B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [{304DAE7F-0B58-4897-9E03-B64726DE08FC}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{848C9562-FAA8-4F0B-959E-09BFB17607FC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9F76AB40-1C62-45C8-B1AE-100391E09F54}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [TCP Query User{9175F1C2-2BC1-413C-B902-7C9C5F8D20F7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [UDP Query User{B65A4EB5-EC1B-46B3-A9DC-94CE7BA85CE1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [TCP Query User{155E5FDF-51C7-4F53-BF3E-34C61922D804}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F8A7FBD3-A860-42D0-9CD8-A3E9613F339D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe
FirewallRules: [TCP Query User{76E571E2-8E0C-4ED6-A04C-5BBC474163A0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe
FirewallRules: [UDP Query User{B832DDE9-7130-4C7F-A31C-2548E452086B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe
FirewallRules: [TCP Query User{6DB3FD07-2034-497D-A2B7-4DCC2691C9F5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0A61DB76-C2CD-4CA7-B431-A40A060BC240}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [{DD9F3BCB-74CE-4984-BF4D-3F9F32C6A8BF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{03EA5E30-6BB8-428A-8118-33B92E39F106}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3ED205D6-AD18-453F-97CE-B4E8F1E38F3B}] => (Allow) C:\Users\Ketzer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{4037027F-A9FA-4E4E-98CD-D504D7098FB0}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{560BB1C1-1B0D-4931-863D-6A8FB50128C5}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{9FF60EE8-D945-4693-B682-EB7D6326618E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6D2E6D23-D464-438E-923D-F6053B5B36D6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0F3C6569-7BD8-417E-8742-042C02B80347}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{2755B171-6694-4157-AF16-D2637CAAEB59}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
FirewallRules: [UDP Query User{BF506F1D-7EB3-4350-9A93-DCE2B8B6DAB2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
FirewallRules: [TCP Query User{149350AA-8032-42E7-9446-D3003943C17B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
FirewallRules: [UDP Query User{7800F5C8-3813-4AE6-BA6B-EA77AF4527D9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
FirewallRules: [TCP Query User{F614B583-F11D-485F-991E-56A62E720CCC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe
FirewallRules: [UDP Query User{82A8196F-D0BD-42C7-A83F-048D86AFBD6F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe
FirewallRules: [TCP Query User{8EE89C3E-4F74-4A32-8CC2-FCCD0C99D68D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe
FirewallRules: [UDP Query User{CB700C7B-D829-400C-96F1-523CF55AEA7D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe
FirewallRules: [TCP Query User{856AEE0D-A225-4128-B020-AB78D98C90F2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe
FirewallRules: [UDP Query User{473912AC-0F04-4566-BB26-3566CF183621}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe
FirewallRules: [TCP Query User{C318FBA5-0029-4723-B8FD-60EC95237E88}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe
FirewallRules: [UDP Query User{3DD8A48C-4B79-4665-9028-00F09C7D34BC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe
FirewallRules: [{DAF29D1A-BA64-4D43-9EAD-6038BFBB46BA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B00350F6-E400-4CF4-A4C2-A62BDDFC61A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{477AEE5E-BBF8-42BB-B94F-ED69BC57C6F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FD539468-B62D-4D87-A6DB-8FF86BB2047E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{816A12EF-AB22-456D-A0B3-2DDB833B27BA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe
FirewallRules: [UDP Query User{C5EF0592-0474-4DDF-8F51-DDF619DA63B5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe
FirewallRules: [TCP Query User{DF11CA0E-63E8-4022-A149-73AF2871FCF7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe
FirewallRules: [UDP Query User{04FCB95F-BF01-4701-9E55-A9F2A897E3A5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe
FirewallRules: [TCP Query User{DD208663-5D4C-42A8-B793-745A8BC418B4}C:\users\ketzer\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\ketzer\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [UDP Query User{8F97FBC2-48FF-47BB-BEE7-F44F70386027}C:\users\ketzer\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\ketzer\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [{1F7D61E7-5F93-44E2-A3C5-4509119A3422}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{2DEEF724-B469-4CAB-AA2F-4B57EBB81AD5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3172EB02-FDED-40AA-A5A7-0D8366F50E03}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
11-11-2018 17:23:35 Ponto de Verificação Agendado
14-11-2018 02:10:07 Windows Update
20-11-2018 04:50:27 Operação de restauração
20-11-2018 05:26:41 Removido WhiteClick
20-11-2018 05:28:27 Removido WhiteClick
20-11-2018 05:29:55 Removido WhiteClick
20-11-2018 05:30:18 Removido WhiteClick
20-11-2018 05:31:40 Removido WhiteClick
20-11-2018 05:36:18 Removido WhiteClick
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Warsaw - Driver (PP)
Description: Warsaw - Driver (PP)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wsddpp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (11/20/2018 05:45:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/20/2018 05:24:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/20/2018 05:24:21 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Erro não especificado durante a Restauração do Sistema: (Windows Update). Informações adicionais: 0x80070005.
Error: (11/20/2018 05:09:17 AM) (Source: System Restore) (EventID: 8209) (User: )
Description: A Restauração do Sistema não foi executada porque o sistema foi reiniciado, teve a energia interrompida ou parou de responder. Informações adicionais:(Operação de restauração).
Error: (11/20/2018 05:08:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/20/2018 05:05:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/20/2018 05:04:49 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Erro não especificado durante a Restauração do Sistema: (Windows Update). Informações adicionais: 0x80070005.
Error: (11/20/2018 04:34:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Erros de Sistema:
=============
Error: (11/20/2018 05:46:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço localNETService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (11/20/2018 05:25:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço localNETService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (11/20/2018 05:09:54 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: 490@01010004
Error: (11/20/2018 05:09:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço localNETService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (11/20/2018 05:06:57 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: 490@01010004
Error: (11/20/2018 05:05:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço localNETService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (11/20/2018 04:50:16 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: 490@01010004
Error: (11/20/2018 04:36:48 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Falha inesperada. Erro: 490@01010004
CodeIntegrity:
===================================
Date: 2018-11-20 04:50:36.392
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-11-20 04:50:36.221
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscr64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:20:07.983
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:20:07.983
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:07:16.913
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:07:16.848
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:07:16.798
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-13 00:07:16.743
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentagem de memória em uso: 40%
RAM física total: 8104.6 MB
RAM física disponível: 4798.28 MB
Virtual Total: 16207.34 MB
Virtual disponível: 13243.4 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:481.19 GB) NTFS
Drive d: (Windows 7 ( x86) (CDROM) (Total:4.26 GB) (Free:0 GB) CDFS
Drive e: (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 51DDD560)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================