Resultado do exame Adicional Farbar Recovery Scan Tool (x64) VersÃ£o: 15-03-2017
Executado por Eduardo Araujo (18-03-2017 19:38:59)
Executando a partir de C:\Users\Eduardo Araujo\Desktop
Windows 10 Home Single Language VersÃ£o 1607 (X64) (2016-08-11 15:45:33)
Modo da InicializaÃ§Ã£o: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1148400818-420560846-2234732976-500 - Administrator - Disabled)
Convidado (S-1-5-21-1148400818-420560846-2234732976-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1148400818-420560846-2234732976-503 - Limited - Disabled)
Eduardo Araujo (S-1-5-21-1148400818-420560846-2234732976-1001 - Administrator - Enabled) => C:\Users\Eduardo Araujo

==================== Central de SeguranÃ§a ========================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicaÃ§Ã£o "Oculto" podem ser adicionados Ã  fixlist para desocultÃ¡-los. Os programas adwares devem ser desinstalados manualmente.)

ÂµTorrent (HKU\S-1-5-21-1148400818-420560846-2234732976-1001\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - Â© The Computer Guy Tony)
AVG (HKLM\...\AvgZen) (Version: 1.162.2.62416 - AVG Technologies)
AVG (Version: 1.162.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.74.1 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.2.3008 - AVG Technologies)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FMW 1 (Version: 1.172.2 - AVG Technologies) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
IMVU Avatar Chat Software (HKU\S-1-5-21-1148400818-420560846-2234732976-1001\...\IMVU Avatar chat client software BETA) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
iVIDI Plugin 1.3 (HKLM-x32\...\iVIDI Plugin) (Version: 1.3 - iVIDI Plugin, Inc.) <==== ATENÃÃO
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1148400818-420560846-2234732976-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Mode (HKLM-x32\...\MovieMode) (Version: 2.7.33 - GenTechnologies Apps, LLC) <==== ATENÃÃO
Mozilla Firefox 52.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 pt-BR)) (Version: 52.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.0.6270 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1) (Version: 1 - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Priston Tale 2 version 1.2.1 (HKLM-x32\...\{AE0FE7EB-B148-421C-9E94-D78FEC90D3D4}_is1) (Version: 1.2.1 - priston 2)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
RealDownloader (x32 Version: 18.1.0.1233 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.12 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0208 - REALTEK Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TouchPadCtrlSetup2.4 (HKLM-x32\...\InstallShield_{5CBC3702-8747-4575-9785-659248BB7BB3}) (Version: 2.4 - TPCtrl)
TouchPadCtrlSetup2.4 (x32 Version: 2.4 - TPCtrl) Hidden
Unity Web Player (HKU\S-1-5-21-1148400818-420560846-2234732976-1001\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1148400818-420560846-2234732976-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1148400818-420560846-2234732976-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1148400818-420560846-2234732976-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1148400818-420560846-2234732976-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1148400818-420560846-2234732976-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1148400818-420560846-2234732976-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1148400818-420560846-2234732976-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Eduardo Araujo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1148400818-420560846-2234732976-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Eduardo Araujo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1148400818-420560846-2234732976-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

Task: {012F9327-9868-4A5A-A36F-BA19BDFBD01D} - System32\Tasks\{0CEA5097-9C4B-4E28-865E-3CB0995DE7F9} => Firefox.exe hxxp://ui.skype.com/ui/0/7.12.0.101/pt/abandoninstall?page=tsProgressBar
Task: {048834FD-7A01-47E1-9DAE-9BE60BE59E06} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe 
Task: {0530637F-933E-4EDC-8019-9A2DA17D25AF} - System32\Tasks\{22DB2A33-4CB1-47F7-8577-D0AC524E0D66} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.16.0.105/pt/abandoninstall?page=tsProgressBar
Task: {060E9ADC-45C3-4EEA-A0CF-173C2BBD43EC} - System32\Tasks\{54B2870D-89E7-4BA6-8AB6-16A3DEC77478} => pcalua.exe -a "C:\Users\Eduardo Araujo\Downloads\_ISDel.exe" -d "C:\Users\Eduardo Araujo\Downloads"
Task: {0BFAA468-1928-4A3C-860F-FCA06F93C62A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-03-08] (AVG Technologies CZ, s.r.o.)
Task: {0F652A5A-0CEA-455C-8EED-F7AEBA4A8FD5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {134D5A3E-66CE-400F-9913-FCFBA7EBACC5} - System32\Tasks\RNUpgradeHelperLogonPrompt_Eduardo Araujo => C:\Users\Eduardo Araujo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.06\agent\rnupgagent.exe [2017-03-15] (RealNetworks, Inc.)
Task: {1EDF2D29-BEC1-4559-8379-8E722F3B31A1} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat [2015-06-22] () <==== ATENÃÃO
Task: {250A963C-BE1D-4F57-978D-CD65DBC41043} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÃÃO
Task: {2782A954-1A79-4108-9603-467CA853D335} - \WPD\SqmUpload_S-1-5-21-1148400818-420560846-2234732976-1001 -> Nenhum Arquivo <==== ATENÃÃO
Task: {2945243D-197A-47CA-B793-E1E9092C1360} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe 
Task: {2E1B126F-D82F-4C2B-89CC-44AC4948F793} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1148400818-420560846-2234732976-1001Core => C:\Users\Eduardo Araujo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-04] (Facebook Inc.)
Task: {31028E6E-4C37-4457-BE34-AB5E11E02EC3} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {36AF4902-029D-490C-B0FF-A4465A2EEFFA} - System32\Tasks\MySearchDial => C:\Users\EDUARD~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE  <==== ATENÃÃO
Task: {374FCEDE-92FF-4918-B0D1-D924EC731302} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1148400818-420560846-2234732976-1001UA => C:\Users\Eduardo Araujo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-04] (Facebook Inc.)
Task: {3F16D037-BECD-41BE-B28A-46D9D7CF5C7C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÃÃO
Task: {40452216-5269-4417-AADF-6DDAB3504AB2} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe  <==== ATENÃÃO
Task: {49B4D0DE-70B8-4907-AA51-AF0A68D616E3} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1148400818-420560846-2234732976-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {51EE1A46-BE1C-4537-812C-A63E6F67338F} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Eduardo Araujo) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe 
Task: {5F073AD1-0DAF-41C4-8105-106CAC45AF17} - System32\Tasks\RNUpgradeHelperResumePrompt_Eduardo Araujo => C:\Users\Eduardo Araujo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.06\agent\rnupgagent.exe [2017-03-15] (RealNetworks, Inc.)
Task: {61FA3451-7D3E-4B29-9A56-3D7C6A529764} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe  <==== ATENÃÃO
Task: {6261D12A-929B-4624-A1D3-2528A29403AE} - System32\Tasks\{BD334BCC-F4CF-42E0-9DAB-0BBA303FACD5} => pcalua.exe -a H:\autorun.exe -d H:\
Task: {68CEF930-95A8-4107-B779-8145285F23F6} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavUpdater.exe 
Task: {6EA2FBFF-4C62-482E-B2CE-055085C9714B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {73E52A88-EF11-409F-8096-04916EC208C2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÃÃO
Task: {75D86C57-CA4F-4A80-B046-8CBF235444D8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {81D1ABE6-3155-4389-98F8-23637F634459} - System32\Tasks\{AB460C7C-D3D5-40AA-8B03-F8E92C323A2A} => pcalua.exe -a "C:\Users\Eduardo Araujo\Downloads\The.Matrix.Path.Of.Neo.PC.Game(djDEVASTATEâ¢)\Matrix3.exe" -d "C:\Users\Eduardo Araujo\Downloads\The.Matrix.Path.Of.Neo.PC.Game(djDEVASTATEâ¢)"
Task: {8BB87224-853D-4B59-9002-E2ECCC3560A2} - System32\Tasks\{2F2F3173-80CF-4339-947F-BC3FE2595D23} => pcalua.exe -a "C:\Program Files (x86)\CAPCOM\biohazard 4\launcher.exe" -d "C:\Program Files (x86)\CAPCOM\biohazard 4"
Task: {8C1500A1-103D-4CFE-81FD-780063D8669F} - System32\Tasks\{209008E6-4EEB-48CC-AD1D-08C3E09DCD1C} => pcalua.exe -a "C:\Users\Eduardo Araujo\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1106.exe"
Task: {932A0F35-0D24-4C65-864F-3EA307E4EAEA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÃÃO
Task: {93D19A68-68F5-48B1-B8A5-93C87399C7CE} - System32\Tasks\{B217DE2F-7809-4A5B-B8FA-A726DDF9A52F} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.16.0.105/pt/abandoninstall?page=tsProgressBar
Task: {986E448C-0112-444A-B7A5-A6C42FB83522} - System32\Tasks\ReclaimerUpdateFiles_Eduardo Araujo => C:\Users\Eduardo Araujo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.06\agent\rnupgagent.exe [2017-03-15] (RealNetworks, Inc.)
Task: {9D51531D-3436-4925-8E93-C49207EF1CFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A4BBD93A-DAC4-40E0-9B61-FE74B9853B80} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÃÃO
Task: {A92710E1-3359-43E4-9C9F-FC84BFDC9F63} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-16] (Microsoft Corporation)
Task: {AC6B91D7-BC3E-42BE-A126-4F85CBA0C232} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÃÃO
Task: {AC76820C-C7AA-4DF1-971D-443E822E8F3B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÃÃO
Task: {AF85CDDA-B05B-4F3F-A354-C843A5430E71} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÃÃO
Task: {B0A14256-C4B2-4151-BFAD-6B82D9EE0977} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.)
Task: {B89A8091-7735-42E5-A2DC-97A2AB22B1B1} - System32\Tasks\Touchpad => C:\Program Files\TPCtrl\TPCtrl.exe [2013-02-21] (TP Microelectronic)
Task: {BE10BA3C-2DA5-4BCA-BC4E-8801FBF36E74} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe 
Task: {C0E2A583-874B-4F02-8585-7FD2E3747546} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe 
Task: {C71DB4F7-99A0-4D4F-9FF4-742ECF154B2F} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe 
Task: {C95BB0EF-750F-4A54-B735-550FD56A5B63} - System32\Tasks\Plus-HD-4.4-chromeinstaller => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-chromeinstaller.exe 
Task: {CD119EE4-60F7-425C-8E7A-A98705A98183} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÃÃO
Task: {D4B293AE-C663-46A0-8785-EA3B461FA412} - \DealPly -> Nenhum Arquivo <==== ATENÃÃO
Task: {D710D02D-102E-44DB-B65A-04827FB8E712} - System32\Tasks\ReclaimerUpdateXML_Eduardo Araujo => C:\Users\Eduardo Araujo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.06\agent\rnupgagent.exe [2017-03-15] (RealNetworks, Inc.)
Task: {D7CE8928-0C8C-47D0-9F2D-FD511BEDA0E2} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1148400818-420560846-2234732976-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2015-09-16] (RealNetworks, Inc.)
Task: {DC7A3F7A-0AD4-4B59-AC27-498EBEF38EEA} - System32\Tasks\{F00672C3-7A91-4EBF-AE5B-A87875BCB1DE} => pcalua.exe -a "C:\Users\Eduardo Araujo\Downloads\GTA_Rio_De_Janeiro_BETA v2.0 httprockstaredition.blogspot.com.br.exe" -d "C:\Users\Eduardo Araujo\Downloads"
Task: {DE37FCE4-5724-4B68-A940-24ECA2B33CB8} - System32\Tasks\SaveSense => C:\Users\EDUARD~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE  <==== ATENÃÃO
Task: {E44D2B4F-AB3D-4F91-B189-944DE5037EE2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated)
Task: {E653C953-94B5-4B81-A836-8F4C5F5018C4} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1148400818-420560846-2234732976-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {E8EB8329-7F96-4A8B-9B9A-04A6D0F0DE3B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÃÃO
Task: {EB0F4D27-4981-4CEF-9631-37BC7E556A62} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {ED2C445C-E7E4-45A1-BAA5-7E5E9A8B4D75} - System32\Tasks\Funmoods => C:\Users\EDUARD~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE  <==== ATENÃÃO
Task: {F2B05AD0-1BDD-477E-B5A3-D811EA86F666} - System32\Tasks\{908D2EEC-3ABB-4B41-B2F4-73DFA39D3C5D} => pcalua.exe -a "C:\Program Files (x86)\Activision\Call of Duty 2\cod2sp_s.exe" -d "C:\Program Files (x86)\Activision\Call of Duty 2\"
Task: {F623E9E5-9B8B-4FF5-A1CC-792867E8F345} - System32\Tasks\{AA622A4B-6BDC-4AE2-B91D-D78B7FFA0C53} => pcalua.exe -a "C:\Users\Eduardo Araujo\Downloads\Assassins.Creed.2008.PC.DVD[ISO]\Assassins Creed Jerusalem English Patch\7z465.exe" -d "C:\Users\Eduardo Araujo\Downloads\Assassins.Creed.2008.PC.DVD[ISO]\Assassins Creed Jerusalem English Patch"
Task: {FAC4BCF4-FBC0-4FEF-83A9-D9B13C34F55E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÃÃO

(Se uma entrada for incluÃ­da na fixlist, o arquivo da tarefa (.job) serÃ¡ movido. O arquivo que estÃ¡ sendo executado pela tarefa nÃ£o serÃ¡ movido.)

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1148400818-420560846-2234732976-1001Core.job => C:\Users\Eduardo Araujo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1148400818-420560846-2234732976-1001UA.job => C:\Users\Eduardo Araujo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Funmoods.job => C:\Users\EDUARD~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATENÃÃO
Task: C:\WINDOWS\Tasks\MySearchDial.job => C:\Users\EDUARD~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATENÃÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-chromeinstaller.exe Ì£/installcrx /crxinstalltype=0 /agentregpath='Plus-HD-4.4' /extensionfilepath C:\Program Files (x86)\Plus-HD-4.4\39676.crx' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=2D2681A175604C1A8F96B208CA8C9942IE /verifier=7503ac6f6e49398466071ca206e92869 /installerversion=1_31_153 /installerfullversion=1.31.153.1 /installationtime=1388787385 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com <==== ATENÃÃO
Task: C:\WINDOWS\Tasks\SaveSense.job => C:\Users\EDUARD~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATENÃÃO
Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATENÃÃO
Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATENÃÃO
Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Eduardo Araujo).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== MÃ³dulos Carregados (Whitelisted) ==============

2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 20:34 - 2016-12-09 07:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-16 18:26 - 2015-09-16 18:26 - 00033088 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2016-12-01 10:47 - 2017-02-24 09:47 - 00075136 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-12-14 20:34 - 2016-12-09 07:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-16 16:37 - 2016-09-07 01:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 08:53 - 2016-12-21 04:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 08:52 - 2016-12-21 03:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 08:52 - 2016-12-21 03:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 08:52 - 2016-12-21 03:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 08:52 - 2016-12-21 03:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 08:52 - 2016-12-21 03:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 08:52 - 2016-12-21 03:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-05 18:18 - 2016-07-05 18:18 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2017-03-13 09:41 - 2017-03-13 09:50 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 09:41 - 2017-03-13 09:50 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 09:41 - 2017-03-13 09:50 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 09:41 - 2017-03-13 09:50 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2017-03-17 23:11 - 2017-03-17 23:15 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_24.27.17008.0_x64__8wekyb3d8bbwe\XboxApp.exe
2017-03-17 23:11 - 2017-03-17 23:15 - 37021184 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_24.27.17008.0_x64__8wekyb3d8bbwe\XboxApp.dll
2016-11-11 06:26 - 2016-11-11 06:42 - 00879104 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_24.27.17008.0_x64__8wekyb3d8bbwe\sqlite3.dll
2016-07-30 12:19 - 2016-07-30 12:45 - 01651112 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_24.27.17008.0_x64__8wekyb3d8bbwe\winsdkfb.dll
2015-07-10 00:08 - 2015-07-10 00:08 - 00098656 _____ () C:\Program Files\DriverSetupUtility\FUB\LiveUpdateChecker.exe
2015-09-16 18:26 - 2015-09-16 18:26 - 00037720 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2015-09-16 18:26 - 2015-09-16 18:26 - 00039768 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-09-16 18:26 - 2015-09-16 18:26 - 00037728 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2017-02-24 10:42 - 2017-02-24 10:40 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-07-05 18:13 - 2016-07-05 18:13 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-08-20 02:52 - 2015-09-21 05:23 - 00653096 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll
2016-07-05 18:18 - 2016-07-05 18:18 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2017-02-24 11:06 - 2017-02-24 11:06 - 00171208 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-02-24 11:06 - 2017-02-24 11:06 - 48936448 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-03-08 20:14 - 2017-03-08 20:14 - 00656040 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2013-05-13 13:54 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-12-14 20:34 - 2016-12-09 07:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluÃ­da na fixlist, somente o ADS serÃ¡ removido.)

AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [346]
AlternateDataStreams: C:\Users\Todos os UsuÃ¡rios\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\Users\Todos os UsuÃ¡rios\MTA San Andreas All:NT2 [346]

==================== Modo de SeguranÃ§a (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O valor "AlternateShell" serÃ¡ restaurado.)


==================== AssociaÃ§Ã£o (Whitelisted) ===============

(Se uma entrada for incluÃ­da na fixlist, o Ã­tem no Registro serÃ¡ restaurado para o padrÃ£o ou removido.)


==================== Internet Explorer confiÃ¡vel/restrito ===============

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro.)

IE trusted site: HKU\S-1-5-21-1148400818-420560846-2234732976-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1148400818-420560846-2234732976-1001\...\bb.com.br -> www.bb.com.br

==================== Hosts ConteÃºdo: ==========================

(Se necessÃ¡rio, a diretiva Hosts: pode ser incluÃ­da na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2017-02-12 13:12 - 00001236 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1                   thislineskipsanyemptylines
127.0.0.1                   mirillis.com
127.0.0.1                   www.mirillis.com
127.0.0.1                   serwer2.paka-service.com
127.0.0.1                   ns386119.ovh.net
127.0.0.1                   mirillis.pl
127.0.0.1                   www.ovh.com
127.0.0.1                   176.31.241.10
127.0.0.1                  91.121.143.139

==================== Outras Ãreas ============================

(Atualmente nÃ£o hÃ¡ nenhuma correÃ§Ã£o automÃ¡tica para esta seÃ§Ã£o.)

HKU\S-1-5-21-1148400818-420560846-2234732976-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eduardo Araujo\Downloads\konan-akatsuki-1366x768.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
Firewall do Windows estÃ¡ habilitado.

==================== MSCONFIG/TASK MANAGER Ã­tens desabilitados ==

MSCONFIG\Services: ACTION_SVC => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: COMLiveService => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) ME Service => 2
MSCONFIG\Services: iumsvc => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: PLFlash DeviceIoControl Service => 2
MSCONFIG\Services: RealPlayer Cloud Service => 2
MSCONFIG\Services: RealPlayerUpdateSvc => 2
MSCONFIG\Services: RealTimes Desktop Service => 2
MSCONFIG\Services: UNS => 2
HKLM\...\StartupApproved\StartupFolder: => "RealPlayer Cloud Service UI.lnk"
HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKU\S-1-5-21-1148400818-420560846-2234732976-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1148400818-420560846-2234732976-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{6C6C7F46-2E5E-4144-92C8-816789AE995B}C:\program files (x86)\rocksteady studios\batman arkham asylum - game of the year edition\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\rocksteady studios\batman arkham asylum - game of the year edition\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{0A16D799-C863-42E4-8101-6F16106BCE2E}C:\program files (x86)\rocksteady studios\batman arkham asylum - game of the year edition\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\rocksteady studios\batman arkham asylum - game of the year edition\binaries\shippingpc-bmgame.exe
FirewallRules: [{1E2152BB-67F4-48D6-B55A-A921EFCBF1D4}] => (Block) C:\games\payday 2\game\payday2_win32_release.exe
FirewallRules: [{81D2600C-A4D6-413C-A96A-E4FD9C2730E3}] => (Block) C:\games\payday 2\game\payday2_win32_release.exe
FirewallRules: [UDP Query User{217AB46F-86C4-4063-9FE4-66D7EA337B40}C:\games\payday 2\game\payday2_win32_release.exe] => (Allow) C:\games\payday 2\game\payday2_win32_release.exe
FirewallRules: [TCP Query User{F454A4A1-B1EA-4B73-80C8-7910B2578578}C:\games\payday 2\game\payday2_win32_release.exe] => (Allow) C:\games\payday 2\game\payday2_win32_release.exe
FirewallRules: [{658C2603-6CBC-47DC-B800-43FBCAAE1458}] => (Block) C:\program files (x86)\ultimate control\ucontrol.exe
FirewallRules: [{78130390-012A-43AE-ADC4-79A0ED937B72}] => (Block) C:\program files (x86)\ultimate control\ucontrol.exe
FirewallRules: [UDP Query User{E594F246-669D-4A19-8865-79AEADA6940F}C:\program files (x86)\ultimate control\ucontrol.exe] => (Allow) C:\program files (x86)\ultimate control\ucontrol.exe
FirewallRules: [TCP Query User{E294F88B-A9CE-4C09-8035-1C492A8FEDDC}C:\program files (x86)\ultimate control\ucontrol.exe] => (Allow) C:\program files (x86)\ultimate control\ucontrol.exe
FirewallRules: [{98E5CC9C-00B1-4B1F-B9D0-BE457B4C3283}] => (Block) C:\program files (x86)\mobile gamepad server\mobile gamepad.exe
FirewallRules: [{9E8493A5-0641-4F19-A7A0-36979D67C381}] => (Block) C:\program files (x86)\mobile gamepad server\mobile gamepad.exe
FirewallRules: [UDP Query User{EFCF5ADC-F3A3-4815-AEA6-58FC3A1E3F59}C:\program files (x86)\mobile gamepad server\mobile gamepad.exe] => (Allow) C:\program files (x86)\mobile gamepad server\mobile gamepad.exe
FirewallRules: [TCP Query User{1D14B971-40B7-47A5-B97F-2954A0BA01C0}C:\program files (x86)\mobile gamepad server\mobile gamepad.exe] => (Allow) C:\program files (x86)\mobile gamepad server\mobile gamepad.exe
FirewallRules: [UDP Query User{CD44CAA9-DDC1-470E-94A7-94B7CA622093}C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe] => (Block) C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe
FirewallRules: [TCP Query User{51AFF897-DBDF-430A-B5ED-85B2F74DFB58}C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe] => (Block) C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe
FirewallRules: [UDP Query User{BE72868D-54B4-454C-9A4C-B5BBCFC66C4F}C:\users\eduardo araujo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\eduardo araujo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{30C2253A-768F-4647-9BEA-48DCDCB770CA}C:\users\eduardo araujo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\eduardo araujo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{6DF25C3C-9A64-437F-87B0-552E3C09AC0D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{34D8FF01-4775-4BD8-8838-289D8AAC5B64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{98C8758D-C23B-4171-A926-04174701C6F9}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [TCP Query User{63CED2A8-BCE2-48DB-89DB-D7266CEAD4E6}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [{7FF823C0-53DE-4D82-A362-1E83EE098308}] => (Allow) C:\Users\Eduardo Araujo\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{F8D028B2-BBE8-42E9-BE7C-BA77B8F06794}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [TCP Query User{B608703F-0584-43CB-AEA3-C83273F65118}C:\program files (x86)\r.g. mechanics\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) C:\program files (x86)\r.g. mechanics\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{22A80E4C-BAF6-437B-935C-5FCF39722F42}C:\program files (x86)\r.g. mechanics\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) C:\program files (x86)\r.g. mechanics\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{C8478C09-1C2D-4886-93A9-5BA22C94D8FB}C:\games\counter-strike\hltv.exe] => (Allow) C:\games\counter-strike\hltv.exe
FirewallRules: [UDP Query User{BC65B8A8-5D0D-4CB4-A81E-4A68FF666413}C:\games\counter-strike\hltv.exe] => (Allow) C:\games\counter-strike\hltv.exe
FirewallRules: [TCP Query User{6712A9B0-EFB0-4D74-9892-AD8352F1D219}C:\users\eduardo araujo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\eduardo araujo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{BA573273-C50F-47BB-9C9E-554A7329D80A}C:\users\eduardo araujo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\eduardo araujo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{1842B009-4899-42DA-9730-C4E99283336A}] => (Allow) C:\Program Files (x86)\Priston Tale 2\PT2Start.exe
FirewallRules: [{C2926771-C369-4859-A7D6-96D947FED133}] => (Allow) C:\Program Files (x86)\Priston Tale 2\PT2Start.exe
FirewallRules: [{995F733E-3CED-48F0-8CA2-B91F185DC1B7}] => (Allow) C:\Program Files (x86)\Priston Tale 2\PT2Start.exe
FirewallRules: [{ECD25EC0-0CAD-4FC0-A05C-B9D382387E3A}] => (Allow) C:\Program Files (x86)\Priston Tale 2\PT2Start.exe
FirewallRules: [TCP Query User{62CEE251-8DA6-45B3-97C2-8440C168DF36}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{1C3DFBFF-346A-45B5-9D7F-03EB9972D32B}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [TCP Query User{88BAF03C-F3A4-4D78-8529-EDA55431BE90}C:\users\eduardo araujo\cs-2016\hl.exe] => (Allow) C:\users\eduardo araujo\cs-2016\hl.exe
FirewallRules: [UDP Query User{29C45174-180D-41F7-9629-A5420BAF0CB4}C:\users\eduardo araujo\cs-2016\hl.exe] => (Allow) C:\users\eduardo araujo\cs-2016\hl.exe
FirewallRules: [TCP Query User{5ECE9B2C-BCC2-4A87-8CBD-1694811CE495}C:\users\eduardo araujo\cs-2016\hlds.exe] => (Allow) C:\users\eduardo araujo\cs-2016\hlds.exe
FirewallRules: [UDP Query User{CD571FD1-03D1-4114-AC96-1724E1A7E680}C:\users\eduardo araujo\cs-2016\hlds.exe] => (Allow) C:\users\eduardo araujo\cs-2016\hlds.exe
FirewallRules: [TCP Query User{6B8AAF3A-A920-42C2-8576-FA296291EF09}C:\games\resident evil 5 - gold edition\launcher.exe] => (Block) C:\games\resident evil 5 - gold edition\launcher.exe
FirewallRules: [UDP Query User{D787323E-0535-4BCB-AEE1-EA0F17E5FE96}C:\games\resident evil 5 - gold edition\launcher.exe] => (Block) C:\games\resident evil 5 - gold edition\launcher.exe
FirewallRules: [{A73F6F69-5C4E-4B11-8670-92ED224FDF8D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{875807B7-68A4-46DB-9CDE-26ECD7B5DB36}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{EB6AA459-0B7B-4FD6-B568-DB47D764E723}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{3358F16C-9BEB-4886-98C1-A6BC3BB63B8D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{099DBED5-41A7-491B-8CE8-8B4C24C22BDF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{BDAAF4D3-897D-42E3-8DD4-44AC57CB704E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{50C23495-255E-459B-9967-B868A5B421C1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{6F1C3318-7FEC-46EA-81E7-8AA9FE733750}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{A7E59009-0657-4AF8-80ED-B13F1302FB03}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [TCP Query User{182A4933-8701-408D-B5E5-78A17162516F}C:\users\eduardo araujo\desktop\the stomping land by chacal\the stomping land by chacal\binaries\win32\udk.exe] => (Allow) C:\users\eduardo araujo\desktop\the stomping land by chacal\the stomping land by chacal\binaries\win32\udk.exe
FirewallRules: [UDP Query User{C0503C98-BE1D-4F5E-818D-D44183C88BEA}C:\users\eduardo araujo\desktop\the stomping land by chacal\the stomping land by chacal\binaries\win32\udk.exe] => (Allow) C:\users\eduardo araujo\desktop\the stomping land by chacal\the stomping land by chacal\binaries\win32\udk.exe
FirewallRules: [TCP Query User{95057489-ECA2-4EB8-845C-C65008490983}C:\users\eduardo araujo\desktop\the_stomping_land_alpha_v0.5.6\the stomping land\binaries\win32\udk.exe] => (Allow) C:\users\eduardo araujo\desktop\the_stomping_land_alpha_v0.5.6\the stomping land\binaries\win32\udk.exe
FirewallRules: [UDP Query User{1F45B714-98EF-4AA5-8A7F-A973188399F6}C:\users\eduardo araujo\desktop\the_stomping_land_alpha_v0.5.6\the stomping land\binaries\win32\udk.exe] => (Allow) C:\users\eduardo araujo\desktop\the_stomping_land_alpha_v0.5.6\the stomping land\binaries\win32\udk.exe
FirewallRules: [{9F1F7C57-B349-4DC1-BB88-C42CC1DDB19B}] => (Block) C:\Program Files\Mirillis\Action!\Action.exe
FirewallRules: [{D7CE42C9-E2C2-45B9-B801-CE9C03F8D0B8}] => (Block) C:\Program Files (x86)\Mirillis\Action!\Action.exe
FirewallRules: [{6E26A077-88EA-4B4F-8CBD-1ABF8692E98E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9414EB3A-2DE7-442D-842D-DC56A2C3743F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CAD9CC25-82EB-4AEB-A756-A60A59CBD06E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4BDC3BA4-5E30-4836-97E0-AC14BA59B569}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

==================== Pontos de RestauraÃ§Ã£o =========================

16-03-2017 17:45:49 Windows Update
18-03-2017 11:06:23 Installed Advanced Archive Password Recovery

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (03/18/2017 07:34:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa FRST64.exe versÃ£o 15.3.2017.0 parou de interagir com o Windows e foi fechado. Para ver se hÃ¡ mais informaÃ§Ãµes disponÃ­veis sobre o problema, verifique o histÃ³rico de problemas no painel de controle SeguranÃ§a e ManutenÃ§Ã£o.

ID do Processo: f88

Hora de InÃ­cio: 01d2a037ba563268

Hora de TÃ©rmino: 4294967295

Caminho do Aplicativo: C:\Users\Eduardo Araujo\Downloads\FRST64.exe

ID do RelatÃ³rio: 0aee744e-0c2b-11e7-80b2-00e04cce1347

Nome completo do pacote com falha: 

ID do aplicativo relativo ao pacote com falha:

Error: (03/18/2017 12:01:23 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status (unknown) para SECURITY_PRODUCT_STATE_ON (erro %3).

Error: (03/18/2017 12:01:23 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status (unknown) para SECURITY_PRODUCT_STATE_ON (erro %3).

Error: (03/18/2017 11:06:54 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos ServiÃ§os de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.

System Error:
Acesso negado.
.

Error: (03/16/2017 08:44:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Eduardo)
Description: O pacote Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI foi terminado porque levou muito tempo para ser suspenso.

Error: (03/16/2017 07:32:17 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/16/2017 07:32:17 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/16/2017 07:31:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15656

Error: (03/16/2017 07:31:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15656

Error: (03/16/2017 07:31:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Erros de Sistema:
=============
Error: (03/18/2017 11:20:55 AM) (Source: DCOM) (EventID: 10000) (User: Eduardo)
Description: NÃ£o Ã© possÃ­vel iniciar o servidor DCOM: {7B37E4E2-C62F-4914-9620-8FB5062718CC}. O erro:
"193"
Aconteceu ao iniciar este comando:
C:\Users\Eduardo Araujo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /cci /client=Personal -Embedding

Error: (03/18/2017 11:20:55 AM) (Source: DCOM) (EventID: 10000) (User: Eduardo)
Description: NÃ£o Ã© possÃ­vel iniciar o servidor DCOM: {7B37E4E2-C62F-4914-9620-8FB5062718CC}. O erro:
"193"
Aconteceu ao iniciar este comando:
C:\Users\Eduardo Araujo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /cci /client=Personal -Embedding

Error: (03/18/2017 11:20:55 AM) (Source: DCOM) (EventID: 10000) (User: Eduardo)
Description: NÃ£o Ã© possÃ­vel iniciar o servidor DCOM: {7B37E4E2-C62F-4914-9620-8FB5062718CC}. O erro:
"193"
Aconteceu ao iniciar este comando:
C:\Users\Eduardo Araujo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /cci /client=Personal -Embedding

Error: (03/18/2017 11:20:55 AM) (Source: DCOM) (EventID: 10000) (User: Eduardo)
Description: NÃ£o Ã© possÃ­vel iniciar o servidor DCOM: {7B37E4E2-C62F-4914-9620-8FB5062718CC}. O erro:
"193"
Aconteceu ao iniciar este comando:
C:\Users\Eduardo Araujo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /cci /client=Personal -Embedding

Error: (03/18/2017 11:20:55 AM) (Source: DCOM) (EventID: 10000) (User: Eduardo)
Description: NÃ£o Ã© possÃ­vel iniciar o servidor DCOM: {7B37E4E2-C62F-4914-9620-8FB5062718CC}. O erro:
"193"
Aconteceu ao iniciar este comando:
C:\Users\Eduardo Araujo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /cci /client=Personal -Embedding

Error: (03/18/2017 11:12:36 AM) (Source: DCOM) (EventID: 10000) (User: Eduardo)
Description: NÃ£o Ã© possÃ­vel iniciar o servidor DCOM: {7B37E4E2-C62F-4914-9620-8FB5062718CC}. O erro:
"193"
Aconteceu ao iniciar este comando:
C:\Users\Eduardo Araujo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /cci /client=Personal -Embedding

Error: (03/18/2017 11:12:36 AM) (Source: DCOM) (EventID: 10000) (User: Eduardo)
Description: NÃ£o Ã© possÃ­vel iniciar o servidor DCOM: {7B37E4E2-C62F-4914-9620-8FB5062718CC}. O erro:
"193"
Aconteceu ao iniciar este comando:
C:\Users\Eduardo Araujo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /cci /client=Personal -Embedding

Error: (03/18/2017 11:12:36 AM) (Source: DCOM) (EventID: 10000) (User: Eduardo)
Description: NÃ£o Ã© possÃ­vel iniciar o servidor DCOM: {7B37E4E2-C62F-4914-9620-8FB5062718CC}. O erro:
"193"
Aconteceu ao iniciar este comando:
C:\Users\Eduardo Araujo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /cci /client=Personal -Embedding

Error: (03/18/2017 11:12:36 AM) (Source: DCOM) (EventID: 10000) (User: Eduardo)
Description: NÃ£o Ã© possÃ­vel iniciar o servidor DCOM: {7B37E4E2-C62F-4914-9620-8FB5062718CC}. O erro:
"193"
Aconteceu ao iniciar este comando:
C:\Users\Eduardo Araujo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /cci /client=Personal -Embedding

Error: (03/18/2017 11:12:36 AM) (Source: DCOM) (EventID: 10000) (User: Eduardo)
Description: NÃ£o Ã© possÃ­vel iniciar o servidor DCOM: {7B37E4E2-C62F-4914-9620-8FB5062718CC}. O erro:
"193"
Aconteceu ao iniciar este comando:
C:\Users\Eduardo Araujo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /cci /client=Personal -Embedding


==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentagem de memória em uso: 81%
RAM física total: 1886.6 MB
RAM física disponível: 343.5 MB
Virtual Total: 3742.6 MB
Virtual disponível: 1087.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:449.82 GB) (Free:63.25 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5D3E22A0)

Partition: GPT.

==================== Fim de Addition.txt ============================