Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015 Ran by PC Cliente (2015-09-02 19:30:11) Running from C:\Users\PC Cliente\Desktop\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-4172556941-2147603661-2269563554-500 - Administrator - Disabled) Convidado (S-1-5-21-4172556941-2147603661-2269563554-501 - Limited - Disabled) DefaultAccount (S-1-5-21-4172556941-2147603661-2269563554-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4172556941-2147603661-2269563554-1004 - Limited - Enabled) PC Cliente (S-1-5-21-4172556941-2147603661-2269563554-1000 - Administrator - Enabled) => C:\Users\PC Cliente ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.23 - GIGABYTE) µTorrent (HKU\S-1-5-21-4172556941-2147603661-2269563554-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.) 3TB+Unlock B11.0919.1 (HKLM-x32\...\{17630FD1-B14A-4CA5-A627-B6B5F7DD41CF}) (Version: 1.00.0001 - GIGABYTE) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Aftermath version 1.0 (HKLM-x32\...\{024D0ADC-6846-4B7A-B12F-D571DF826068}}_is1) (Version: 1.0 - Free Reign Entertainment) Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.) Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft) Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft) Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft) Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft) Atualizações da NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6125 - AVG Technologies) AVG 2015 (Version: 15.0.4409 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.6125 - AVG Technologies) Hidden AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.6.294 - AVG Technologies) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform) Content Manager (HKLM-x32\...\{B64BC516-2406-43AE-A21A-1E387A2343B1}) (Version: 2.61 - Magellan) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Driver Magician 3.5 (HKLM-x32\...\Driver Magician_is1) (Version: - GoldSolution Software, Inc.) Dropbox (HKU\S-1-5-21-4172556941-2147603661-2269563554-1000\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.) Easy Tune 6 B12.0309.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B12.0309.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FormatFactory 3.00 (HKLM-x32\...\FormatFactory) (Version: 3.00 - Free Time) Free MP3 Cutter 2.0 (HKLM-x32\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: 2.0 - PolySoft Solutions) GadgetPack (remove only) (HKLM-x32\...\GadgetPack) (Version: - ) Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.) Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.) Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) K-Lite Codec Pack 8.9.2 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.9.2 - ) Leapforce Extension Native Host (HKLM-x32\...\{C15F26C8-6656-4A6A-A586-42872E7FFA2D}) (Version: 1.1.6 - Leapforce) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios) Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA Driver de áudio HD 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA Driver de gráficos 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.) Painel de controle da NVIDIA 353.62 (Version: 353.62 - NVIDIA Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com) SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden SI Service (HKLM-x32\...\SI Service) (Version: 1.0.5.0 - CNB Technologies LLC) Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-4172556941-2147603661-2269563554-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) System Requirements Lab CYRI (HKLM-x32\...\{E5F05232-96B6-4552-A480-785A60A94B21}) (Version: 5.0.6.0 - Husdawg, LLC) TeamSpeak 3 Client (HKU\S-1-5-21-4172556941-2147603661-2269563554-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - ) Unity Web Player (HKU\S-1-5-21-4172556941-2147603661-2269563554-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll No File CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll No File CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\PC Cliente\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 20-08-2015 13:38:27 Windows Update 20-08-2015 13:39:33 Windows Update 31-08-2015 08:26:52 Ponto de Verificação Agendado ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 08:04 - 2015-08-07 11:47 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation) Task: {0583C3EA-2AF1-41AA-9ACE-B8F892174296} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000Core => C:\Users\PC Cliente\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.) Task: {0B176D9C-56A0-46C9-942F-FDDB02485F6B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation) Task: {13EDE0EB-A44B-4DB2-B963-FD96921B007C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {14AC86B4-8734-4CC1-AB73-09C01DDA01F5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {181B52B6-788C-45E1-9A6E-B4E774B35613} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {1E47C8EB-CABA-4982-B7CA-AD32E5E270CA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {26E49D8A-79AE-45BA-9254-B25061A21732} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1001UA => C:\Users\Bianca\AppData\Local\Google\Update\GoogleUpdate.exe Task: {28CBC33A-FECB-4BF4-BC64-FFD4106DE7FB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {2A0E1724-55F7-48DA-8A78-E1E02BDC356F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000UA => C:\Users\PC Cliente\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {2B32B5C6-78C1-4972-9A11-2EA9EF7B1276} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {3494DA09-AD03-4AF8-A2D6-D1B43D35D587} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION Task: {3828A624-EA85-4CF5-8B13-71BBBF5DC108} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {39AF6B79-2AD0-4F2E-BF50-41B64D85A812} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {3CFB6F9F-DF93-4C2C-9230-9AA6AB57E516} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {3FAB9130-D4D5-4C1D-877A-80279BCEB7CB} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {3FAF649D-C309-46D7-B1EA-57F9847286CB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {4085E745-6FC3-4F55-8D26-AE8795143B06} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation) Task: {48E39C6C-77D4-4B80-9176-6FFC025D650E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {4B56694E-FFF1-4996-9910-5C4EBF7D59DB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {4C3A1E2E-3ABF-443E-966E-D19EBF490A49} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {5667A191-7580-479E-BACA-8BB52BCEF3FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {5D7FFB76-C995-424B-946C-87FBE2607C73} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1001Core => C:\Users\Bianca\AppData\Local\Google\Update\GoogleUpdate.exe Task: {65559CD2-09C0-4F42-B857-0F79FF4315A7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000UA => C:\Users\PC Cliente\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.) Task: {6A729C37-D417-4ECA-A342-A044E31E2ACF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {70A2D579-B41F-4FE7-8D71-B6D472607C5A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {76CBD79C-63AA-4171-ABB6-6403A460E94D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd) Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance Task: {7CCA9672-5A68-4BA2-BC08-344742BFEC8E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {84BEDED8-3CE2-4281-AAA6-A26C2D7EF5CA} - System32\Tasks\0415tbUpdateInfo => C:\ProgramData\Avg_Update_0415tb\0415tb_AVG-Secure-Search-Update_0415tb.exe Task: {863FBA0F-4914-47EE-9939-17215B9E5E5B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {89966340-E54F-4662-819D-3B945879942B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {8A379342-D024-4B3B-A7C7-EF1361EE5D69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated) Task: {8D9B4702-D206-4EA9-8CD4-D73098B71046} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000UA => C:\Users\PC Cliente\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-29] (Facebook Inc.) Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-05] (Microsoft Corporation) Task: {9C03ABFA-933B-4AC3-972E-1D880A9572F3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {A28708C6-59D0-4774-99C4-8EE23120AC27} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {A91FE0D7-D5EC-430A-AC13-B0BBA986F340} - System32\Tasks\{32B80D70-D0AA-4639-B8FB-82C42666CEBE} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/570 Task: {B528BAC5-23E3-4504-8647-EB0B8FD8CF20} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation) Task: {C9DB4855-81C2-409B-9202-000E113925CD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {D0AA6EA2-AF8B-436B-B7F3-2D5C3F01D1E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000Core => C:\Users\PC Cliente\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {D3B65579-4A33-44C7-A211-5B5E05D32501} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {DC3EF85B-9261-45DC-9272-1A665018A3BD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {DE1049B7-F1E7-4F9D-91CB-2E919C97E558} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {E47B5CE0-3F8D-4D24-9135-622E3155273F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {E8B9B7C0-D278-4D63-8ED1-5A9E011F6D15} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {EDD73F23-EED8-45D1-9352-AD1DFE9B157D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {F460DC1C-5F0A-4030-9EC6-4D8FDE6F2DA5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {FA25B688-CFFD-4814-9A4C-EB76C137F84E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {FCC1DD4D-F0F9-4773-B12E-8CBF74FFCC25} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {FEC21ECC-1987-4FC4-86D4-E2C20061D78A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {FF93CC14-A155-498A-8A50-D364A7A6BED0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000Core => C:\Users\PC Cliente\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-29] (Facebook Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000Core.job => C:\Users\PC Cliente\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000UA.job => C:\Users\PC Cliente\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000Core.job => C:\Users\PC Cliente\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000UA.job => C:\Users\PC Cliente\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000Core.job => C:\Users\PC Cliente\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1000UA.job => C:\Users\PC Cliente\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1001Core.job => C:\Users\Bianca\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4172556941-2147603661-2269563554-1001UA.job => C:\Users\Bianca\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-05 23:56 - 2015-08-05 23:56 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-07-07 16:47 - 2015-08-26 13:27 - 01205136 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 2015-08-06 00:04 - 2015-07-22 22:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-08-20 13:38 - 2015-08-11 06:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-08-26 13:28 - 2015-08-26 13:27 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe 2015-09-02 09:03 - 2015-08-18 04:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-09-02 09:03 - 2015-08-18 04:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2012-06-12 10:12 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll 2015-07-10 07:59 - 2015-07-10 07:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 07:59 - 2015-07-10 07:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-08-11 17:45 - 2015-08-02 22:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 08:00 - 2015-07-10 13:49 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-08-20 13:38 - 2015-08-11 05:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-08-11 17:45 - 2015-08-02 22:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 08:00 - 2015-07-10 13:49 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2014-12-09 17:35 - 2015-08-26 13:27 - 03175312 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe 2015-08-26 13:28 - 2015-08-26 13:27 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\log4cplusU.dll 2014-12-09 17:35 - 2015-08-26 13:27 - 40638864 _____ () C:\Program Files (x86)\AVG Web TuneUp\libcef.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\libcef.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\libGLESv2.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\platforms\qwindows.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\libEGL.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\imageformats\qgif.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\imageformats\qico.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\imageformats\qjpeg.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\imageformats\qmng.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\imageformats\qsvg.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\imageformats\qtiff.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\qml\QtQuick.2\qtquick2plugin.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\qml\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-08-28 15:40 - 2015-08-28 15:40 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6119\qml\QtQml\Models.2\modelsplugin.dll 2015-08-09 17:41 - 2015-08-09 17:41 - 00172032 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e45c9f4202ae49fa622f0e0f36eb2457\IsdiInterop.ni.dll 2012-06-12 10:25 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-06-12 10:21 - 2011-12-16 10:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-08-21 19:56 - 2015-08-18 02:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll 2015-08-21 19:56 - 2015-08-18 02:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-4172556941-2147603661-2269563554-1000\...\bb.com.br -> hxxps://seg.bb.com.br ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4172556941-2147603661-2269563554-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: D_Link_DWA-125 => 2 MSCONFIG\Services: D_Link_DWA-125_WPS => 2 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NAUpdate => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Spooler => 2 MSCONFIG\Services: TabletInputService => 3 MSCONFIG\Services: VIAKaraokeService => 2 MSCONFIG\Services: WinDefend => 3 MSCONFIG\Services: WinRM => 3 MSCONFIG\Services: WPCSvc => 3 MSCONFIG\startupfolder: C:^Users^PC Cliente^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: CmTray => "C:\Program Files (x86)\Content Manager\launchCM.exe" MSCONFIG\startupreg: D-Link D-Link DWA-125 => C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" MSCONFIG\startupreg: SkyDrive => "C:\Users\PC Cliente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background MSCONFIG\startupreg: Spotify => "C:\Users\PC Cliente\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\PC Cliente\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: uTorrent => "C:\Users\PC Cliente\Desktop\Downloads\instaladores\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" MSCONFIG\startupreg: WZCSLDR2 => C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{94862F0D-13AE-4FC1-A329-D934215B9797}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{235E05DB-D5AF-4CA3-A382-7D30BA065E3D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{5E2C38B0-D79D-44EE-B502-FC8CDD69ADD8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{6D267E2F-E3E7-4117-BF4B-9EED5D3E0ED9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{A1D78EA9-C710-4156-BF77-8E3F501C954E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{E9DA04AE-ADF0-4CA2-9A7A-D5FC046C2ED7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{3E8AC73A-C8F3-49E2-B796-96FE5D89CE97}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{4F130CDB-1140-4EF1-B5DB-8102FCAA36BA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [UDP Query User{1E19EA00-0351-4F76-B06E-2B1C278E84FB}C:\users\pc cliente\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\pc cliente\appdata\local\popcorn time\nw.exe FirewallRules: [TCP Query User{B8668ED1-D7B5-47B6-9734-AC19056CBAA8}C:\users\pc cliente\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\pc cliente\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{761C5447-F6CC-443D-9C5E-71E18D0ED3E4}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{FF065F71-C65E-45C2-BACA-2CFEB6B78983}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [{4C8C386E-9113-4EAB-955C-35FBBB4B4F4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{41635F8E-005E-4006-BB64-9BB7F39D3A49}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{7FE70081-C443-44F1-A757-F66F78D2EF09}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{D65C1D60-8B68-4F2A-A577-6C9049053FD7}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{7A72ED28-CAC1-438F-9D26-9D39029D6574}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{58B7BC72-3B7C-472A-AA6D-5954FC33A92B}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{EA2FCFEC-1D2B-47D6-99DD-648D7DF3F36A}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{0C1D0F48-3560-41AA-836F-96C6AE6FA918}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{BA00BA34-0B23-4E25-A57A-7BCBF3D29532}C:\users\pc cliente\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc cliente\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{FABE1373-559B-4BB5-AAB7-E13F62963C33}C:\users\pc cliente\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc cliente\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{47E93F07-8E48-40F8-B0DE-1DE531D663A8}C:\users\pc cliente\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc cliente\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{AD3F83FE-DE94-4A86-9247-C27BD213D369}C:\users\pc cliente\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc cliente\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{5785F464-434E-43B5-A1BA-C2FFB98DA44B}C:\users\pc cliente\documents\aftermath\amlauncher.exe.new.exe] => (Block) C:\users\pc cliente\documents\aftermath\amlauncher.exe.new.exe FirewallRules: [TCP Query User{C59F33EA-D1DB-4F37-A035-1ED9D27A7DFD}C:\users\pc cliente\documents\aftermath\amlauncher.exe.new.exe] => (Block) C:\users\pc cliente\documents\aftermath\amlauncher.exe.new.exe FirewallRules: [UDP Query User{C68AB50D-47EA-47AA-B735-D0AE62587CD2}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{A7418106-11B1-4120-A18B-7543B5427FC8}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [{02E8F557-A17F-4CD8-8760-B0098B8C2369}] => (Allow) C:\Program Files (x86)\Heroes of the Storm\Versions\Base34846\HeroesOfTheStorm.exe FirewallRules: [{C97D5E38-E6C9-4B49-9456-5A0A1B06F128}] => (Allow) C:\Program Files (x86)\Heroes of the Storm\Versions\Base34846\HeroesOfTheStorm.exe FirewallRules: [{2EF7D104-DD7C-437F-B30E-0A1BEBBE0AAE}] => (Allow) C:\Users\PC Cliente\Documents\Aftermath\Aftermath.exe FirewallRules: [UDP Query User{4006FEEC-B85D-458E-85A0-F3C7FC426220}C:\users\pc cliente\documents\aftermath\amlauncher.exe] => (Allow) C:\users\pc cliente\documents\aftermath\amlauncher.exe FirewallRules: [TCP Query User{4C29F233-8DAA-4297-80C5-593FEEB73BB0}C:\users\pc cliente\documents\aftermath\amlauncher.exe] => (Allow) C:\users\pc cliente\documents\aftermath\amlauncher.exe FirewallRules: [UDP Query User{06066FCA-21D3-4B82-A1B4-D70457841E9B}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{C7794420-548C-4A1D-8FB7-A6467271F736}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{5E5D43BD-ACAA-424E-A8DB-872360B41B48}C:\users\pc cliente\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\pc cliente\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{E81E6B73-DA5E-4BED-AD49-1CD656465A3C}C:\users\pc cliente\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\pc cliente\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{B65BD2D0-1424-42FF-B317-1AA09B965221}] => (Allow) LPort=1900 FirewallRules: [{BE36942F-81D4-4741-8396-D7426ABC4339}] => (Allow) LPort=2869 FirewallRules: [{65DA4789-3071-4CF5-B51D-42BA5EA0FC7F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [UDP Query User{0C81212A-B58C-49A6-856C-DB2EC0710044}C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{2D6D1628-FE4C-4BB4-BF0A-425628AD9961}C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe FirewallRules: [{A58D60A4-2C2D-417E-B4BF-57F3F20074CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{F996DCE6-AA52-415A-9A4C-EEA1AA69E637}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{D8CBF0FF-FEE0-4485-AB0D-51EA561C9745}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{E6827E89-649F-4D9D-9A12-B172A6A6EF29}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{B36A5A96-20E5-49C9-B328-0B4DA1787440}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{D86AA7D0-1020-4370-AE8E-182899357C96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{FE7E6494-8545-40AD-98D9-8CA8BBB854F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{C918D369-77D2-4368-8602-BF2AC5FF4E98}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{7A5E72A3-5249-4DC1-B594-D923FC3E8E18}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{4D05E2B5-0290-4552-A784-4241759F5411}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{10BB9FDF-0AC4-4F86-B7D3-12B68F0CE0FA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{5C0874D7-FE99-4D44-BCD6-B3C774BBA6A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{631C2E00-3EF3-4B31-9518-BFB65BAC11E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe FirewallRules: [{B3A9E69F-5FB7-479A-B36D-0FF349803E3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe FirewallRules: [UDP Query User{83D943C5-41FF-4135-9635-D58D73E08630}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{A399970F-71A5-4E5A-ADE9-3B30585D11F7}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe FirewallRules: [{19DDF842-2BDC-4384-B8E9-0E99CDE77E4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe FirewallRules: [{7D5E531A-4A27-44A0-BE0B-021698CB5082}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe FirewallRules: [{257D8CB1-D44F-4541-8FE3-094B01C2690F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{C7ED253E-A150-4AC9-B4D2-FF32C399DBAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{F6B0E9EF-D598-4D70-BC76-6AFEA34B2987}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{325D6E5F-3D06-4061-8B04-3940DB8E73E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{02E404FC-E3E3-4751-894B-BCF94E44540B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe FirewallRules: [{7759B5BA-EFE1-495D-A085-6C89BBB2ACF1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe FirewallRules: [{6F07C5CB-4493-49F9-9673-CB94CE65F57C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{B7BE2655-953D-47A9-9413-43CB3402CB10}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [UDP Query User{DC20453D-01D3-4925-B241-79D2CB3E83FB}C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{F4DE4CC3-040A-4DFA-810B-797645385952}C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{EA7F898D-4294-4928-BFDF-27775DAA2F56}C:\program files (x86)\heroes of the storm\versions\base33182\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33182\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{DA4FDB62-4287-429F-913D-33016C84EC26}C:\program files (x86)\heroes of the storm\versions\base33182\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33182\heroesofthestorm_x64.exe FirewallRules: [{A85D5A3B-ED13-4081-ADF0-E283697DAE42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{54E63C4C-E240-4B9B-AE5E-BE338C194B2B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{21AE67AD-DBF5-4FF5-8CFE-A7B6E58BF9F8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{4B27CF36-60DA-4C9A-9D92-E66013324C2A}C:\users\pc cliente\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\pc cliente\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [TCP Query User{0DF8553E-3DF2-432F-AE9B-3E47F4635BFF}C:\users\pc cliente\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\pc cliente\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{8D7A2009-BE75-428B-AE17-7A7DF811A131}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe FirewallRules: [{AD235531-0799-4820-9758-1135E9E2F4C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe FirewallRules: [{79CC8DF0-CE81-441E-8584-D87C2FDD6D25}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe FirewallRules: [{93BB2C7A-728E-4CC6-A45E-DD99776084E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe FirewallRules: [{79B65F3C-81AC-41AC-8CF8-98F3AA16DEB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe FirewallRules: [{3E5CA1C6-7907-4BFE-B3D9-8F3F7127C351}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe FirewallRules: [UDP Query User{B844A0AF-4B58-4B35-ADE0-BC229C0B2DEE}C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{84E6EC15-3F8A-4BFE-9966-869E84EEA132}C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm_x64.exe FirewallRules: [{DD2D2FDB-5E6D-4F7F-A10A-D2E4057CDC00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe FirewallRules: [{3FCC85F9-CE99-4FB5-A15F-259AE7AB5CAE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe FirewallRules: [UDP Query User{C4BBF217-4B5B-4AFC-8B64-402FDDB02518}C:\program files (x86)\heroes of the storm\versions\base32455\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base32455\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{0D4FFE36-040F-4CB3-A42C-F0CFA9BA21B5}C:\program files (x86)\heroes of the storm\versions\base32455\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base32455\heroesofthestorm_x64.exe FirewallRules: [{3FFE16FA-4E4C-4307-9D9A-6703D43BC742}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{317831F8-50F5-4F0A-A09B-30766EDC6FC3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{16668E71-2924-46FE-8B94-4389B00DA671}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe FirewallRules: [{059DDBE8-3F54-4642-9AC3-193AC6B901B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe FirewallRules: [{F03B5143-A0E6-4787-86AF-E7210B99D38C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe FirewallRules: [{943BDAC4-260C-4978-BB45-262D1701B53F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe FirewallRules: [{C26CA676-4DD9-4FB3-955B-76A793F98FD0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe FirewallRules: [{5D7A3F0F-62B6-4874-846A-38715795C79E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe FirewallRules: [{3A1602CD-2C99-4BB3-BCA1-C1548270490B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe FirewallRules: [{17DB7548-0FF2-42E3-AFAE-817E08506A58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe FirewallRules: [{3F91827F-CF59-4A99-8FA5-9E41DB04DD2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe FirewallRules: [{DD3DB50F-A8D8-4300-B593-4C3632ACDC89}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe FirewallRules: [{DC622FEE-B66C-4BEC-826B-E6D33E417896}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe FirewallRules: [{7547C724-CDD1-4C1B-9DA1-E7ACEABB63FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe FirewallRules: [{BF936077-962B-430A-A1CA-42EAD418BD6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe FirewallRules: [{EFCB8C0F-C9F4-4201-B83A-12222F14A736}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe FirewallRules: [{3DA864F2-AC08-4D71-B9E7-1F8E16FBE6F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{374EDF4F-64B4-4E5D-B644-210E19A0AA98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [UDP Query User{F40D5CB9-C579-4DDC-A826-BD1E87B28307}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe FirewallRules: [TCP Query User{45A66B96-F8DB-4259-A703-03E42A8BC41F}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe FirewallRules: [{F7BFFCAA-B015-44E8-82A6-53839554D040}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe FirewallRules: [{0B897883-5175-4387-BE89-B5B1A4109366}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe FirewallRules: [{ABDBC6F8-A0E6-44C0-A28B-8317F35963D9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{9E48225D-5FF6-4077-9ED9-088A8573577F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{CF83B93C-5D76-4E42-AD0B-6B8D844B833D}] => (Allow) C:\Users\PC Cliente\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{FF65B935-B584-47A2-BD61-A16F9E55D7D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe FirewallRules: [{384AEC06-C3AB-4BD1-A76D-E8F8CC9B4781}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe FirewallRules: [UDP Query User{DB509F4A-2BF7-4EFC-BF09-0B1A6DE61B98}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{5E057304-21CB-4E63-96B4-04C706572947}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{3607D7EC-64C8-450E-98BC-F2BE38D40A6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\MR.exe FirewallRules: [{F5E82D50-19A0-46D9-8AA6-3CD0B69E6564}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\MR.exe FirewallRules: [{6860E02D-2FF8-422A-8BF1-7D205CB35DB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\MR.exe FirewallRules: [{8F1BD336-C2EB-4949-AADA-4BA078DFEE66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\MR.exe FirewallRules: [{A22C4FF0-230C-493B-8843-1CED0824A42D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\MR.exe FirewallRules: [{5C904637-8E86-4EB1-A96A-7EB60CC045FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\MR.exe FirewallRules: [{398AE7EF-C113-41D7-AEF7-FF1161CA5E14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\MR.exe FirewallRules: [{A404FB53-6538-41B0-9963-39988C65A81D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\MR.exe FirewallRules: [{D9BCE1AD-3A67-4E3A-B34A-7FCEBA40D458}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{398F32AE-42E4-4F8A-8978-2E31BFCAECA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{14DB3596-A03B-4731-AD49-F90D76F56639}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{5EA07EDF-4730-430D-9642-FC4B8514E1C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{54FD9CC3-AAC3-47B6-9DC7-66A04EC9FF1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{4EAC6F0E-A31C-4313-BDB5-CEB1D47F187D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{A8D8A883-FDD4-4ABC-95B0-D285F7E99006}] => (Allow) C:\Users\PC Cliente\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3584E726-E73F-4840-814C-E1CB2C2843FB}] => (Allow) C:\Users\PC Cliente\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{64077328-01B7-4A4A-8FF0-7CF5E73DE377}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{ACF03338-53B1-4672-B85A-57706E8DBFEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6FAB2C1E-EF8C-47B0-A109-62CD026DD3C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{C3690143-3E87-4EB0-AFAF-C42719163584}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{2D297A64-EAC1-43D9-BBBA-A5EA45169E6B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{A5C16191-0C97-4278-9B3E-DC1BCC4FE711}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{5A901F44-F7D8-4891-84E9-362747091962}] => (Allow) C:\Users\PC Cliente\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{526F1FB5-3C36-45B9-833D-16B31F3A46C2}] => (Allow) C:\Users\PC Cliente\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6641FD59-44BA-4ADB-A607-39DE68466802}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{177D5FA1-BFD9-4B98-82C3-B861B1FCBD3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{F96A9DD8-B50E-448B-9564-281560FC3F9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{9BB2A284-DEF0-4297-B74F-95BB9D480915}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{52788E72-419A-4011-B07F-8C52F1084070}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D0EB5FE2-44CE-412B-8CAE-69209C7C2DE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C5C9FA6F-01E3-4C22-A282-8173C525D213}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{842F876E-8A8B-45FE-91BE-852E7DFFB876}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{EA3E1848-3A53-47AF-9BFF-4A2B0BD781FC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E9B7CD9D-5B1F-4079-B0AA-2A921B2780A1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{F6E323D9-A457-472C-A55F-829887A22B84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{29FE5DD4-9504-4DC7-8F9E-E0F1549316EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{D6408488-A008-4C8D-BCB0-DA6DF95CDC14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{C71F691E-B9C2-461A-8A26-A17EFB970249}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{655EC266-9282-4B94-A1F2-0417C6BD9E3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{D893F788-FEE9-4356-830F-0221475A50A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Motor Rock\RRR3d.exe FirewallRules: [{34C2ACDA-3B9A-4FA4-BD41-473B7A3E0432}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe FirewallRules: [{83F2E93B-0B0D-4D58-A237-60E651BE1A97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe FirewallRules: [{D5D8B6BC-27E9-4599-BDD7-A5F1F647E124}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfarebeta\Binaries\Win64\UDKEditor.exe FirewallRules: [{E2745721-A6FE-4AD0-A3D5-409798121A17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfarebeta\Binaries\Win64\UDKEditor.exe FirewallRules: [{7B63C51F-99BD-4E53-9BBA-AFB3EB1C49D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfarebeta\Binaries\Win32\UDK.exe FirewallRules: [{3649A044-A6AB-41DF-A004-F8259883BE71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfarebeta\Binaries\Win32\UDK.exe FirewallRules: [{50485B6F-4C03-4193-AA92-A9BA1616B59C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{E0B8CF4E-BE9B-4398-8E26-F83637070DF5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{4B22BAB4-643F-4C6A-BFEA-39D1772BF30C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{A439F462-C494-4592-BA61-F5229C4C1340}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{BA150935-82E9-473B-9160-EABBF8349169}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{7520BBEA-A6C8-4539-8CBC-3416BD81BE08}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{3E7090C6-5F3C-4620-9A4F-1B5F0165301E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{94077C63-0CEF-46C5-B1F6-C4E1A6E6E7F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E31D2416-2E2C-4CD0-898B-7BC5B4BCCB3D}] => (Allow) C:\Users\PC Cliente\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{21396DCF-15E6-42DF-9E9A-E57AE909B182}] => (Allow) C:\Users\PC Cliente\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{F3D478F8-BE0B-49B7-8C20-2FEE7732BA9F}] => (Allow) C:\Users\PC Cliente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{D4B6DF7F-4CA4-4FAE-80DB-96F2FAE9B633}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe FirewallRules: [{7E770F8D-206B-477E-A600-AF5E19C36969}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe FirewallRules: [{2C93232E-D6C7-4A12-A340-EEB39C0F2031}] => (Allow) C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{D6CB0A3C-034E-4365-B834-692202628BAA}] => (Allow) C:\Users\PC Cliente\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [UDP Query User{CA554741-A665-4066-85D2-ED3456383814}C:\program files (x86)\gigabyte\updmanager\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\gbtupd.exe FirewallRules: [TCP Query User{5EA9BC49-0278-472C-B496-E44B149D200F}C:\program files (x86)\gigabyte\updmanager\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\gbtupd.exe FirewallRules: [UDP Query User{C1DEBB0C-3352-48C1-BB1B-6461AF8289CC}C:\program files (x86)\gigabyte\updmanager\runupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\runupd.exe FirewallRules: [TCP Query User{F02B3987-6884-4DFB-9411-64F103245B32}C:\program files (x86)\gigabyte\updmanager\runupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\runupd.exe FirewallRules: [UDP Query User{EF2BFB1F-DAF9-4A43-9175-604285F6B9B2}C:\program files (x86)\gigabyte\updmanager\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\gbtupd.exe FirewallRules: [TCP Query User{5977DA48-0BEA-4BB3-9A20-64EDCED72F40}C:\program files (x86)\gigabyte\updmanager\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\gbtupd.exe FirewallRules: [UDP Query User{480D36B8-CE66-4346-A394-6E85B9753B08}C:\program files (x86)\gigabyte\updmanager\runupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\runupd.exe FirewallRules: [TCP Query User{3AFD091B-8745-4694-9EE1-443E2A027C2D}C:\program files (x86)\gigabyte\updmanager\runupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\runupd.exe FirewallRules: [TCP Query User{4C9A8730-4EAB-4665-AC1B-189EAD2D24AA}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{47AC579D-5328-47A6-B494-BA99A175337E}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe FirewallRules: [{8087DDD3-08C8-49D8-950C-5667FFB17C95}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{FF9BD2DB-8E76-4EFA-9A77-A3028568E762}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{AC9052CA-ACF7-4111-A407-2430643B597E}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{ADE44DF4-B9BA-4DD7-B018-D0A0729B8745}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{CD385180-F7C8-4C32-A056-97EB3D348B00}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe ==================== Faulty Device Manager Devices ============= Name: Microsoft PS/2 Mouse Description: Microsoft PS/2 Mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teclado Padrão PS/2 Description: Teclado Padrão PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (teclados padrões) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: USB Device(VID_1f3a_PID_efe8) Description: USB Device(VID_1f3a_PID_efe8) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: USB Devices Service: usbUDisc Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/02/2015 06:58:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: OHub.exe, versão: 16.0.6121.2376, carimbo de data/hora: 0x55d7a527 Nome do módulo com falha: Mso30Imm.dll, versão: 16.0.6118.1000, carimbo de data/hora: 0x55d39fcf Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000012535 ID do processo com falha: 0x2048 Hora de início do aplicativo com falha: 0xOHub.exe0 Caminho do aplicativo com falha: OHub.exe1 Caminho do módulo com falha: OHub.exe2 ID do Relatório: OHub.exe3 Nome completo do pacote com falha: OHub.exe4 ID do aplicativo relativo ao pacote com falha: OHub.exe5 Error: (09/02/2015 06:40:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-BEB) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (09/02/2015 06:40:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-BEB) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (09/02/2015 08:35:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: OHub.exe, versão: 16.0.6121.2376, carimbo de data/hora: 0x55d7a527 Nome do módulo com falha: Mso30Imm.dll, versão: 16.0.6118.1000, carimbo de data/hora: 0x55d39fcf Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000012535 ID do processo com falha: 0x2188 Hora de início do aplicativo com falha: 0xOHub.exe0 Caminho do aplicativo com falha: OHub.exe1 Caminho do módulo com falha: OHub.exe2 ID do Relatório: OHub.exe3 Nome completo do pacote com falha: OHub.exe4 ID do aplicativo relativo ao pacote com falha: OHub.exe5 Error: (09/01/2015 10:36:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-BEB) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (09/01/2015 04:26:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-BEB) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (09/01/2015 01:10:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: LogonUI.exe, versão: 10.0.10240.16384, carimbo de data/hora: 0x559f398c Nome do módulo com falha: Windows.UI.Xaml.dll, versão: 10.0.10240.16431, carimbo de data/hora: 0x55c9bf27 Código de exceção: 0xc000027b Deslocamento da falha: 0x0000000000497bdf ID do processo com falha: 0xb98 Hora de início do aplicativo com falha: 0xLogonUI.exe0 Caminho do aplicativo com falha: LogonUI.exe1 Caminho do módulo com falha: LogonUI.exe2 ID do Relatório: LogonUI.exe3 Nome completo do pacote com falha: LogonUI.exe4 ID do aplicativo relativo ao pacote com falha: LogonUI.exe5 Error: (09/01/2015 01:10:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-BEB) Description: Falha na ativação do aplicativo Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (09/01/2015 09:16:18 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: OHub.exe, versão: 16.0.6121.2376, carimbo de data/hora: 0x55d7a527 Nome do módulo com falha: Mso30Imm.dll, versão: 16.0.6118.1000, carimbo de data/hora: 0x55d39fcf Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000012535 ID do processo com falha: 0x1c8c Hora de início do aplicativo com falha: 0xOHub.exe0 Caminho do aplicativo com falha: OHub.exe1 Caminho do módulo com falha: OHub.exe2 ID do Relatório: OHub.exe3 Nome completo do pacote com falha: OHub.exe4 ID do aplicativo relativo ao pacote com falha: OHub.exe5 Error: (08/31/2015 08:48:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-BEB) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. System errors: ============= Error: (09/02/2015 06:59:45 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (09/02/2015 06:44:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: %%193 Error: (09/02/2015 06:44:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: %%193 Error: (09/02/2015 06:43:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: %%193 Error: (09/02/2015 06:43:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Listener Adapter Net.Tcp depende do serviço Serviço de Compartilhamento de Porta Net.Tcp, mas não foi possível iniciá-lo devido ao seguinte erro: %%1058 Error: (09/02/2015 06:40:15 PM) (Source: DCOM) (EventID: 10010) (User: PC-BEB) Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca Error: (09/02/2015 06:40:15 PM) (Source: DCOM) (EventID: 10010) (User: PC-BEB) Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca Error: (09/02/2015 06:40:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_Session4 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (09/02/2015 12:38:54 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (09/01/2015 10:36:47 PM) (Source: DCOM) (EventID: 10010) (User: PC-BEB) Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca Microsoft Office: ========================= CodeIntegrity: =================================== Date: 2015-08-23 16:43:12.627 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-23 16:43:12.580 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-23 16:43:12.523 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-23 16:43:12.376 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-23 16:43:12.320 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-23 16:43:12.241 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-23 16:43:10.967 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-23 16:43:10.426 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-23 16:41:38.371 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-23 16:41:38.333 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz Percentage of memory in use: 37% Total physical RAM: 8154.13 MB Available physical RAM: 5120.34 MB Total Virtual: 16346.13 MB Available Virtual: 12799.6 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.22 GB) (Free:200.46 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1C86668B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== End of Addition.txt ============================