Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 20-08-2016 Executado por GB (20-08-2016 23:01:19) Executando a partir de C:\Users\GB\Downloads Windows 10 Pro Versão 1511 (X64) (2016-03-25 02:14:59) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-488963722-1836260774-652181733-500 - Administrator - Disabled) Convidado (S-1-5-21-488963722-1836260774-652181733-501 - Limited - Disabled) DefaultAccount (S-1-5-21-488963722-1836260774-652181733-503 - Limited - Disabled) GB (S-1-5-21-488963722-1836260774-652181733-1001 - Administrator - Enabled) => C:\Users\GB ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-488963722-1836260774-652181733-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.) 5KPlayer 3.6 (HKLM-x32\...\5KPlayer_is1) (Version: - DearMob, Inc.) 7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated) Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) Advanced IP Scanner 2.4 (HKLM-x32\...\{595E36A6-B259-4722-9B3C-9C9685C519A8}) (Version: 2.4.2601 - Famatech) Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden Akamai NetSession Interface (HKU\S-1-5-21-488963722-1836260774-652181733-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Ansel (Version: 372.54 - NVIDIA Corporation) Hidden Atualizações da NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Aurakingdom.to Private (HKLM-x32\...\{381097FA-30AE-4BAE-A279-3AD271D644EA}) (Version: 1.3.0 - Aurakingdom.to) AuraKingdom-ES (HKLM-x32\...\AuraKingdom-ES) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Beat Blades Haruka version 1.2 (HKLM-x32\...\{D3B9DE87-250F-4215-BCD4-B6494EFC8061}_is1) (Version: 1.2 - Mangagamer) Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden CABAL2 (US) (HKLM-x32\...\CABAL2US) (Version: - ESTsoft Corp.) Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation) Creative Pack Volume 1 (HKLM\...\{997BE27F-A97F-4EF4-B841-D20ABF1CD6DC}) (Version: 4.0.0 - Corel Corporation) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd) DARK SOULS III version final (HKLM-x32\...\DARK SOULS III_is1) (Version: final - Asaya) Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated) Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden GameRanger (HKU\S-1-5-21-488963722-1836260774-652181733-1001\...\GameRanger) (Version: - GameRanger Technologies) GDMO (HKLM-x32\...\DMO_GSP) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Grim Fandango Remastered (HKLM-x32\...\Grim Fandango Remastered_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.1 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Hollywood FX Volumes 1-3 (HKLM\...\{48C2040D-B49F-4B4D-AE4A-0DCED3305692}) (Version: 3.0 - Corel Corporation) IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich) iZotope Music & Speech Cleaner (HKLM-x32\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) Jogos Level Up (HKU\S-1-5-21-488963722-1836260774-652181733-1001\...\bda992e0694a5bbb) (Version: 0.9.4.4 - Level Up) Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version: - Lexmark International, Inc.) LoLReplay2 (HKLM-x32\...\{9D5BAC5A-EDBF-4A34-AC2D-139C84B7E050}_is1) (Version: v2.0.1 - Aequus Gaming Ltd.) MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT) NewBlue Effects (HKLM\...\{C68BAB1A-C7DF-4D81-83FC-981B31921924}) (Version: 2.0.0 - Corel Corporation) Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.) NVIDIA Driver de áudio HD 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Driver de gráficos 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.54 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Painel de controle da NVIDIA 372.54 (Version: 372.54 - NVIDIA Corporation) Hidden Pinnacle MyDVD (HKLM-x32\...\{E6D07A42-38B7-4AAF-A857-2DF7177244D7}) (Version: 1.0 - Pinnacle) Pinnacle MyDVD (x32 Version: 1.0.089 - Corel Corporation) Hidden Pinnacle Studio 19 - Install Manager (HKLM\...\{891ED714-E54D-4BE1-8DE8-4EE54D9BB402}) (Version: 19.1.245 - Corel Corporation) Pinnacle Studio 19 - Standard Content Pack (HKLM\...\{91D1B712-604F-49C8-943F-FD257D647161}) (Version: 19.0 - Corel Corporation) Pinnacle Studio 19 (HKLM\...\{CF91A83C-B84F-43CE-BCCE-7247E6137173}) (Version: 19.0.1.245 - Corel Corporation) Plantronics® GameCom 780/788 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 3.20.0001 - Plantronics) Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.5.0 - Popcorn Time) <==== ATENÇÃO Python 2.7.11 (64-bit) (HKLM\...\{16E52445-1392-469F-9ADB-FC03AF00CD62}) (Version: 2.7.11150 - Python Software Foundation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.) Riders of Icarus (HKLM\...\Steam App 442080) (Version: - WeMade) RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain) RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain) ScoreFitter Volumes 1-2 (HKLM\...\{5CA29919-6361-4A17-91C5-6819E43794B1}) (Version: 3.0 - Corel Corporation) Sexy Beach Premium Resort (HKLM-x32\...\Sexy Beach Premium Resort_is1) (Version: - ) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.) Smite Level Up Brazil (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF313}) (Version: 3.14.3548.2 - Hi-Rez Studios) Spotify (HKU\S-1-5-21-488963722-1836260774-652181733-1001\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.23.2.4686 - Enigma Software Group, LLC) SpyHunter v4.22.8.4668 (HKLM-x32\...\SpyHunter v4.22.8.46684.22.8.4668) (Version: 4.22.8.4668 - Friends in War) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SWFPlayer 2.6.2.0 (HKLM-x32\...\SWFPlayer_is1) (Version: 2.6.2.0 - Michael Faust, Alpha Interactive) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) Title Extreme (HKLM\...\{3B519225-B4B2-40B7-A431-3C6AAE2831B4}) (Version: 3.0 - Corel Corporation) TorrentsTime Media Player (HKLM\...\TorrentsTime Media Player_is1) (Version: 1.1.9.5 - Torrents Time) Tree of Savior (English Ver.) (HKLM\...\Steam App 372000) (Version: - IMCGAMES Co.,Ltd.) Twin Saga (HKLM-x32\...\Twin Saga) (Version: - ) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version: - Microsoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1-2) (Version: 1.0.11.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.11.1 (Version: 1.0.11.1 - LunarG, Inc.) Hidden Warcraft III (HKLM-x32\...\Warcraft III) (Version: - ) Warcraft III: All Products (HKU\S-1-5-21-488963722-1836260774-652181733-1001\...\Warcraft III) (Version: - ) Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation) Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation) Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-488963722-1836260774-652181733-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\GB\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {102E00C8-9212-4477-B43E-55B0FF12919B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-24] (Google Inc.) Task: {33FC8299-357B-4E64-A9D4-66AD2C9D5537} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {4C93B1A5-88E1-458C-9D9E-5CF94BBF6549} - System32\Tasks\{F15AB80B-E158-4128-A9D5-3A6A6F7EF781} => pcalua.exe -a "C:\Program Files (x86)\Lexmark 1200 Series\Install\x64\Uninst.exe" Task: {68D7386E-4BA5-44F1-952D-2C650596D90C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {7E24C7F1-7C30-43BD-A48F-5FB738DB7908} - System32\Tasks\{CF11A73D-9E22-48DA-8C4E-E80D58C20EC5} => pcalua.exe -a C:\ProgramData\Uninstall\{E6D07A42-38B7-4AAF-A857-2DF7177244D7}\setup.exe -c /x {E6D07A42-38B7-4AAF-A857-2DF7177244D7} {lang}=ENU Task: {92EDA9B2-1F4C-47EC-8819-BCFBB00E5254} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {9468CD04-A8B1-46ED-B18E-B62B4DE8FBA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-24] (Google Inc.) Task: {B2192A76-B32A-4D6A-9A2D-6C167637E17E} - System32\Tasks\{25FF0224-7C53-429F-8B94-DF72A81BE0E2} => pcalua.exe -a C:\Users\GB\AppData\Roaming\Nox\bin\Nox_unload.exe Task: {B8F65FDC-6DFD-4778-9201-F3BDE153DB02} - System32\Tasks\Phakichreenash Adapter => C:\Program Files (x86)\Phakichreenash\PhakichreenashadapterTs.exe Task: {FD53EB46-F304-4338-B3B9-20FFDAB3F194} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat [2015-06-22] () <==== ATENÇÃO (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-13 11:52 - 2016-06-14 17:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-07-13 11:52 - 2016-06-14 17:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-07-13 11:52 - 2016-06-14 17:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-07-13 11:52 - 2016-06-14 17:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-07-13 11:52 - 2016-06-14 17:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-07-13 11:52 - 2016-06-14 17:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-07-13 11:52 - 2016-06-14 17:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-07-13 11:52 - 2016-06-14 17:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-07-13 11:41 - 2016-07-01 01:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-07-13 11:41 - 2016-07-01 01:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-19 18:22 - 2016-05-19 18:22 - 00959168 _____ () C:\Users\GB\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-01-12 05:21 - 2016-01-12 05:21 - 08901800 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2016-04-19 04:09 - 2016-04-19 04:09 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-21 19:48 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-13 11:42 - 2016-07-01 00:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-07-13 11:42 - 2016-07-01 00:49 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2016-08-16 12:47 - 2016-08-16 12:47 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-08-16 12:47 - 2016-08-16 12:47 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-03 15:30 - 2016-06-03 15:30 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-03-25 09:13 - 2016-03-25 09:14 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-06-28 18:17 - 2016-06-28 18:18 - 03790336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe 2016-03-25 00:10 - 2016-03-25 00:13 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-07-13 11:41 - 2016-07-01 00:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-07-13 11:40 - 2016-07-01 00:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-07-13 11:41 - 2016-07-01 00:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-07-13 11:41 - 2016-07-01 00:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-04-23 16:04 - 2016-02-25 18:35 - 03843584 _____ () C:\Program Files (x86)\TorrentsTime Media Player\bin\torrent.dll 2016-04-19 04:09 - 2016-04-19 04:09 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 04:09 - 2016-04-19 04:09 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-03-24 23:40 - 2016-06-14 17:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-05-19 18:22 - 2016-05-19 18:22 - 00679624 _____ () C:\Users\GB\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-01-12 05:21 - 2016-01-12 05:21 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2016-08-08 18:49 - 2016-08-02 21:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll 2016-08-08 18:49 - 2016-08-02 21:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-488963722-1836260774-652181733-1001\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-488963722-1836260774-652181733-1001\...\aeriagames.com -> hxxp://aeriagames.com ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2016-03-24 18:09 - 2016-03-24 18:07 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-488963722-1836260774-652181733-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\GB\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{3dab0e34-8eee-4165-b914-fffb7a079e6f}.jpg DNS Servers: 192.168.25.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{FC93AFE2-4528-4F0B-821E-814EDFA999F8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{BE494CB8-FA4F-4085-859D-A62CE3EC6237}C:\users\gb\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gb\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{A99C0D5F-ACD9-40B4-90B2-87C0FD8BBF27}C:\users\gb\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gb\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{FC02D4E3-BE53-4224-9635-721FA4290990}C:\users\gb\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gb\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{F82FA979-FC32-4AC9-ACF9-F196A08AC8EC}C:\users\gb\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gb\appdata\roaming\spotify\spotify.exe FirewallRules: [{3D1B9323-A346-4466-A1ED-750FCD2B0209}] => (Allow) C:\AeriaGames\AuraKingdom-ES\game.bin FirewallRules: [{BD49197F-C682-4E0B-89FA-5BACAD277DB0}] => (Allow) C:\AeriaGames\AuraKingdom-ES\game.bin FirewallRules: [{7F32112E-E583-4FD3-973C-B1A9BFF8B8A3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{76C17444-F14F-4702-A8C7-EA35E32179EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F2511515-9FE9-46F1-9450-150DAEB9C6AE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{81F09991-5603-458B-AEBE-DE0FB958D628}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{0B24361C-9AB2-4CE0-B5F4-004E9AF5AF93}C:\program files (x86)\cabal2 (us)\c2launcher.exe] => (Allow) C:\program files (x86)\cabal2 (us)\c2launcher.exe FirewallRules: [UDP Query User{7D4192E3-8638-41B7-B5EA-9AF1F4F1FB11}C:\program files (x86)\cabal2 (us)\c2launcher.exe] => (Allow) C:\program files (x86)\cabal2 (us)\c2launcher.exe FirewallRules: [TCP Query User{B3888342-00A7-45A8-8C1C-F166A36A2A20}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{46B7D3F9-51F2-4294-A7DF-C2084B1619DA}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{6D8AE184-C6D2-4F31-B4D6-48986D6BD7B1}] => (Allow) C:\Users\GB\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7F64BFE9-A3FB-4229-91D5-D1721F740B67}] => (Allow) C:\Users\GB\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{ECD80DAC-50F3-4552-A8A4-9B54DD1977E8}] => (Allow) C:\Users\GB\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C5B60F4E-CD9E-4741-A90C-898AEE2C6766}] => (Allow) C:\Users\GB\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{590EDD96-B91B-4BD6-A4D7-5A2944F6173B}] => (Allow) C:\Users\GB\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3B69C40E-05FE-4B9C-B11C-2B69B7E0085A}] => (Allow) C:\Users\GB\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8DD5C089-6831-40D3-9E75-0CECB6F96C3B}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{03204B83-0D1C-47E6-B91C-BB50F32B1ECD}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{B95E2197-9D82-4B1F-B387-8DADBF02163F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{170B2F5F-69E3-4FFF-B33B-70F11DAF4847}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{500B551D-3BEC-4143-9A07-2CE46BDEFDCD}] => (Allow) C:\Users\GB\Downloads\Aurakingdom.to Private-FILES\game.bin FirewallRules: [{9E65168D-2F86-4567-BC1E-648BA3C673BF}] => (Allow) C:\Users\GB\Downloads\Aurakingdom.to Private-FILES\game.bin FirewallRules: [{B89E7B68-5948-4C0B-ACF6-0BB993E1EE5F}] => (Allow) C:\Windows\syswow64\lxczcoms.exe FirewallRules: [{66DCE062-A859-4007-866B-41D0CB5CFE6D}] => (Allow) C:\Windows\syswow64\lxczcoms.exe FirewallRules: [{E467C9B7-503B-4D56-905B-B1D572E6E2C6}] => (Allow) C:\Windows\System32\lxczcoms.exe FirewallRules: [{54312065-4D79-43C4-9175-EBB254242EEA}] => (Allow) C:\Windows\System32\lxczcoms.exe FirewallRules: [TCP Query User{644E9749-8F0E-4424-8F8E-DD3354608060}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe FirewallRules: [UDP Query User{7E4415E8-1A33-4A88-B529-0AA862E71B9C}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe FirewallRules: [{9518A744-E0B8-4E83-A0C5-82D009A4BED6}] => (Allow) C:\Program Files (x86)\Garena Plus\Room\garena_room.exe FirewallRules: [TCP Query User{776F31C3-1179-4AE5-8AD3-B7C66FB74569}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe FirewallRules: [UDP Query User{4AE40954-32D9-4B16-8C9A-0762140B50C6}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe FirewallRules: [TCP Query User{1CD95D89-70F3-4B3A-81D6-76E500C708BE}C:\program files (x86)\warcraft iii\lancraft.exe] => (Allow) C:\program files (x86)\warcraft iii\lancraft.exe FirewallRules: [UDP Query User{50843D0F-B75A-4F92-A1C6-96C889EA1547}C:\program files (x86)\warcraft iii\lancraft.exe] => (Allow) C:\program files (x86)\warcraft iii\lancraft.exe FirewallRules: [{A43EC8CB-2B10-4E69-9349-22051FF69DDC}] => (Block) C:\program files (x86)\warcraft iii\lancraft.exe FirewallRules: [{411315F4-7C44-4FD8-A1D2-7E7867C412DB}] => (Block) C:\program files (x86)\warcraft iii\lancraft.exe FirewallRules: [TCP Query User{FE3B5170-10A7-4703-A0ED-CAC468911615}C:\users\gb\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\gb\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [UDP Query User{26E7A460-4FB9-4A48-962C-BECE5B313507}C:\users\gb\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\gb\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [{513318AF-58F5-474D-B0FC-797F3C011E70}] => (Block) C:\users\gb\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [{B419A576-7DEA-44CB-83C4-DD181B44B302}] => (Block) C:\users\gb\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [{0D3A22F2-7CA4-4AAB-A23F-5861C1E4A7CA}] => (Allow) C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exe FirewallRules: [{4253B093-496F-4D69-8500-CE6B12F6C99C}] => (Allow) C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exe FirewallRules: [TCP Query User{039F364C-3A9E-43BA-9FE8-2806E33E9843}C:\users\gb\downloads\momcest trainer 0.10d\momcest trainer 0.10d windows.exe] => (Allow) C:\users\gb\downloads\momcest trainer 0.10d\momcest trainer 0.10d windows.exe FirewallRules: [UDP Query User{C34077DA-DA93-4B66-87A1-BC831346CA40}C:\users\gb\downloads\momcest trainer 0.10d\momcest trainer 0.10d windows.exe] => (Allow) C:\users\gb\downloads\momcest trainer 0.10d\momcest trainer 0.10d windows.exe FirewallRules: [{09BB54AC-B27A-410A-A5B1-32619DE7A8CD}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [{79254748-FF05-4005-B000-05A75DDE7A03}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [TCP Query User{80980082-E596-4E60-973F-08AE4A044C63}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [UDP Query User{0F9D869D-CD55-4347-A788-CBABA998A4C9}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [{A854210B-C829-4E31-8EE1-2D46E57D0FD2}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [{68F892DF-9BF8-457F-9EE4-B9FE1721CC71}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [TCP Query User{6DB17922-7FE3-4B7A-AC43-6F78CC367C32}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{8B5DB6A4-8C8D-47A1-8639-943469B9E7E6}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{857FB9EA-210F-4262-B535-C9BA1DF6A56B}] => (Block) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{6FF145DA-6BC9-440F-B94E-E83007CFC82B}] => (Block) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{72610F31-E9CF-4FDF-A3D8-499D916EE3EF}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{785EA297-D263-4BB7-9718-120FED0401F9}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{66071E1C-00D9-4A52-B0C3-D6ED04F84E52}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{760B7008-FB5E-4201-95F9-D04280B82356}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{84966095-31A1-4CEA-A744-C4670CE410B5}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{97FC24BB-FCE5-4A78-A120-BE02C46DD57A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{BE5A80A6-64D2-4DAF-8CAA-8E821FD6010F}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{E54F6C95-BEC3-4261-B1FF-3D88BE4B19B2}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{EE59E7A7-5B75-41E3-947A-405B98386AFC}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{9B0A9E14-2A00-4401-B8AC-1489B15B8683}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{64E87F2F-F6C4-4956-9475-CC94A0A54C2C}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{009F6146-2479-481F-A867-912D754A487F}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{31C0CC59-B9B5-40DA-9E6F-F82A18E3C58E}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\RM.exe FirewallRules: [{1203D483-0EE1-4597-8344-11E276B834BC}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\RM.exe FirewallRules: [{5F5E6FB5-63B0-42AF-BA19-482F412AC9E4}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\NGStudio.exe FirewallRules: [{EACD26FD-EB7D-4473-A9E2-78AB4862CA80}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\NGStudio.exe FirewallRules: [{DB138EAE-1028-446A-856F-F4BD5D7DF265}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\UMI.exe FirewallRules: [{B28CB4DF-B57D-4C5C-BB73-E7965170AD56}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\UMI.exe FirewallRules: [{20116DDA-E379-42E3-B5FD-97C2174F0946}] => (Allow) LPort=8317 FirewallRules: [{31EDC035-6C37-4DD2-A286-DB07F30EFF60}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{ECD727A2-9677-43C0-A65C-3838E4521FAE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DD90B823-339E-4661-8541-7EBB1FF1E6E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{C9C2E387-64BC-4D97-AA11-BEBE526B3F7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{674F5013-2DB3-4B8F-A5EF-8A1050D52ADA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7375930D-1DB9-40F9-B1D7-0CCDD656C042}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{AA20A97C-B856-48D4-8CDD-3A50DBE8E698}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8F9EEDA4-A01D-4AAD-83C1-44EC6D6731D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Riders of Icarus\Bin32\nxsteam.exe FirewallRules: [{FE21B23B-623A-475B-990E-E37E349CBD22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Riders of Icarus\Bin32\nxsteam.exe FirewallRules: [TCP Query User{C38F433D-0917-4237-9A64-D943237DCFB4}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe FirewallRules: [UDP Query User{AB33F26C-E8F3-4797-9188-AB662082A49F}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe FirewallRules: [TCP Query User{18BBC22B-ACD8-4CC7-B3E7-4680443152B1}C:\users\gb\downloads\hfs.exe] => (Allow) C:\users\gb\downloads\hfs.exe FirewallRules: [UDP Query User{FB0C5E05-3460-4136-98CB-24B2818E595E}C:\users\gb\downloads\hfs.exe] => (Allow) C:\users\gb\downloads\hfs.exe FirewallRules: [TCP Query User{CD10073C-F8DA-4007-8E38-372BF630D7DF}C:\users\gb\appdata\local\apps\2.0\g6qnjjzx.vtt\dq2c9rrx.rb6\leve..tion_3af41edd49c109a3_0000.0009_68082bad8b8cd4e1\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\gb\appdata\local\apps\2.0\g6qnjjzx.vtt\dq2c9rrx.rb6\leve..tion_3af41edd49c109a3_0000.0009_68082bad8b8cd4e1\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [UDP Query User{76CA69E8-7779-4404-8B85-C9A8C10C903D}C:\users\gb\appdata\local\apps\2.0\g6qnjjzx.vtt\dq2c9rrx.rb6\leve..tion_3af41edd49c109a3_0000.0009_68082bad8b8cd4e1\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\gb\appdata\local\apps\2.0\g6qnjjzx.vtt\dq2c9rrx.rb6\leve..tion_3af41edd49c109a3_0000.0009_68082bad8b8cd4e1\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [TCP Query User{4096F26B-DBB4-4D0A-BAA0-329DC4019C9F}C:\program files (x86)\hi-rez studios\hirezgames\smite levelup brazil\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite levelup brazil\binaries\win32\smite.exe FirewallRules: [UDP Query User{897BAB84-FD2F-47CA-8448-7BB9E6319F7C}C:\program files (x86)\hi-rez studios\hirezgames\smite levelup brazil\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite levelup brazil\binaries\win32\smite.exe FirewallRules: [TCP Query User{35179FD3-B707-4EC7-846E-34C3747CE231}C:\program files (x86)\lolreplay2\lolreplay2.exe] => (Allow) C:\program files (x86)\lolreplay2\lolreplay2.exe FirewallRules: [UDP Query User{7F47E507-6207-4696-9C9A-9511CA2E76F9}C:\program files (x86)\lolreplay2\lolreplay2.exe] => (Allow) C:\program files (x86)\lolreplay2\lolreplay2.exe FirewallRules: [{BC7D859E-F59F-4308-9CAB-1B0EDD4BF4A4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{57CB6003-E6FE-4280-88A7-5E6D244B269B}C:\users\gb\downloads\saviine server\saviine_server.exe] => (Allow) C:\users\gb\downloads\saviine server\saviine_server.exe FirewallRules: [UDP Query User{79D84068-ED30-4929-85DE-5CCBF1AEBF07}C:\users\gb\downloads\saviine server\saviine_server.exe] => (Allow) C:\users\gb\downloads\saviine server\saviine_server.exe FirewallRules: [TCP Query User{39D73B6B-71EA-4282-B1BD-2C4B6C736954}C:\users\gb\desktop\saviine server\saviine_server.exe] => (Allow) C:\users\gb\desktop\saviine server\saviine_server.exe FirewallRules: [UDP Query User{CE6A52FA-37C9-436D-A6A4-6578DE8416C5}C:\users\gb\desktop\saviine server\saviine_server.exe] => (Allow) C:\users\gb\desktop\saviine server\saviine_server.exe FirewallRules: [{487A2AFE-9295-4398-BC8C-C0BB16767D39}] => (Allow) C:\Users\GB\AppData\Roaming\Nox\bin\Nox.exe FirewallRules: [{4D41ED6A-AB3B-4CB2-8582-D00DD715497E}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe FirewallRules: [{98E1458B-C0FF-4223-94C6-28D516B5D739}] => (Allow) C:\AeriaGames\TwinSaga\game.bin FirewallRules: [{1A31A119-BC4C-47C5-BEBF-CABB342D6E20}] => (Allow) C:\AeriaGames\TwinSaga\game.bin FirewallRules: [TCP Query User{AC7E3894-313D-4A54-A4F5-0413B9B4B255}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{26FABC6D-0269-47DB-8963-611DE79C310C}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{D67AC2B2-ECAF-4E8D-A3A8-EFFD0FACEFE8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{639AA611-006B-429F-BF10-6261CCDF9EAF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe ==================== Pontos de Restauração ========================= 07-08-2016 08:20:32 Installed Python 2.7.11 (64-bit) 12-08-2016 23:50:40 Installed Pokemon Uranium 1.0 14-08-2016 17:27:35 Installed Pokemon Uranium 1.0 17-08-2016 18:17:30 Removeu League of Legends 17-08-2016 21:45:59 DirectX instalado 20-08-2016 20:17:57 DirectX instalado 20-08-2016 20:19:59 DirectX instalado ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Realtek PCIe GBE Family Controller Description: Realtek PCIe GBE Family Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: rt640x64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (08/20/2016 08:21:39 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Falha na geração de contexto de ativação para "1". Erro no arquivo de manifesto ou de política 2", na linha 3. Sintaxe XMl inválida. Error: (08/20/2016 08:20:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary esgiguard. System Error: O sistema não pode encontrar o arquivo especificado. . Error: (08/20/2016 08:20:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (08/20/2016 08:18:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary esgiguard. System Error: O sistema não pode encontrar o arquivo especificado. . Error: (08/20/2016 08:18:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (08/20/2016 06:09:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa GFExperience.exe versão 2.11.4.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 182c Hora de Início: 01d1fb27020fa881 Hora de Término: 1 Caminho do Aplicativo: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe ID do Relatório: 65b0301a-671a-11e6-b180-d5a01c651417 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (08/20/2016 03:47:56 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073422333 Error: (08/19/2016 05:06:34 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073422333 Error: (08/18/2016 09:26:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa GFExperience.exe versão 2.11.4.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 1cc8 Hora de Início: 01d1f9b02ffa2f4a Hora de Término: 2 Caminho do Aplicativo: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe ID do Relatório: 855037d9-65a3-11e6-b180-d5a01c651417 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (08/18/2016 09:25:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa GFExperience.exe versão 2.11.4.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 165c Hora de Início: 01d1f9b0079f9ef7 Hora de Término: 2 Caminho do Aplicativo: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe ID do Relatório: 688b2bc2-65a3-11e6-b180-d5a01c651417 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (08/18/2016 09:27:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Steam Client Service devido ao seguinte erro: %%1053 = O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (08/18/2016 09:27:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Steam Client Service. Error: (08/18/2016 07:00:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_3aeee0. Error: (08/18/2016 07:00:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Armazenamento de Dados de Usuário_3aeee0. Error: (08/18/2016 07:00:37 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Armazenamento de Dados de Usuário_3aeee0, mas essa ação falhou com o seguinte erro: %%1056 = Uma cópia deste serviço já está sendo executada. Error: (08/18/2016 07:00:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Acesso a Dados de Usuário_3aeee0 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (08/18/2016 07:00:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Armazenamento de Dados de Usuário_3aeee0 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (08/18/2016 07:00:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Dados de Contato_3aeee0 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (08/18/2016 07:00:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_3aeee0 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (08/18/2016 06:06:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Phakichreenash Adapter devido ao seguinte erro: %%2 = O sistema não pode encontrar o arquivo especificado. CodeIntegrity: =================================== Date: 2016-08-18 18:16:12.191 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-08-18 01:07:08.389 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-17 17:53:55.785 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-08-12 18:10:59.582 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-08-11 13:53:36.929 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-08-10 05:03:56.873 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-10 01:16:20.374 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-05 20:33:03.248 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-08-04 19:16:27.986 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-08-02 19:38:43.513 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz Percentagem de memória em uso: 22% RAM física total: 16335.79 MB RAM física disponível: 12702.77 MB Virtual Total: 18767.79 MB Virtual disponível: 14859.16 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:930.97 GB) (Free:230.21 GB) NTFS Drive i: (BUGA BUGA) (Fixed) (Total:931.51 GB) (Free:219.29 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 02BBBD22) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 7EE00BC8) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================