Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 23-07-2017 Executado por Samuel (24-07-2017 14:48:37) Executando a partir de C:\Users\Samuel\Downloads Windows 7 Professional Service Pack 1 (X64) (2016-12-03 17:04:48) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-4171944306-1169924234-1463198045-500 - Administrator - Disabled) Convidado (S-1-5-21-4171944306-1169924234-1463198045-501 - Limited - Disabled) Samuel (S-1-5-21-4171944306-1169924234-1463198045-1000 - Administrator - Enabled) => C:\Users\Samuel ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-4171944306-1169924234-1463198045-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.) Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.18.0 - Mirillis) Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.) Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) Atualizações da NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 3.3.0.1175 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.235.19 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) CrossFire BR (HKLM-x32\...\CrossFire BR_is1) (Version: V5176 - Z8Games.com) D3DGear (HKLM\...\D3DGear_is1) (Version: 4.9.8.1958 - D3DGear Technologies) Driver Sweeper versão 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net) Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden HP Deskjet 3510 series Ajuda (HKLM-x32\...\{949C49A5-91B7-40D2-AF9A-15681454074A}) (Version: 28.0.0 - Hewlett Packard) HP Deskjet 3510 series Estudo de aprimoramento de produtos (HKLM\...\{34B5B8D3-4106-4713-AAE1-DAE898EEB21C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3510 series Software básico do dispositivo (HKLM\...\{B332BF47-16DD-476D-AE00-31DC6DE5B87A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.31.6 - JMicron Technology Corp.) Jogos Level Up (HKU\S-1-5-21-4171944306-1169924234-1463198045-1000\...\bda992e0694a5bbb) (Version: 0.9.4.4 - Level Up) K-Lite Codec Pack 10.6.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.0 - ) League of Legends (HKLM-x32\...\{8CCCD0E7-56E4-45FB-B3FB-9F5183C2F4F0}) (Version: 4.1.2 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.) Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Language Pack 2010 - Portuguese/Português (HKLM-x32\...\Office14.OMUI.pt-pt) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MTA:SA v1.5.3 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.3 - Multi Theft Auto) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3 - Notepad++ Team) NVIDIA Driver de áudio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA Driver de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation) NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.105.324.0 - Overwolf Ltd.) Overwolf.Setup.VC100CRTx86.Dist (HKLM-x32\...\{8989DBC1-E87B-448F-9147-57EEEC5A24A5}) (Version: 1.0.0 - Overwolf) Hidden Pacote de Driver do Windows - Qualcomm Atheros (L1C) Net (07/16/2013 2.1.0.21) (HKLM\...\CFA8C781935BBBD2BD90701FB00A6374099AB913) (Version: 07/16/2013 2.1.0.21 - Qualcomm Atheros) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Painel de controle da NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden PaintTool SAI (HKLM-x32\...\PaintTool SAI1.1.0) (Version: 1.1.0 - Eddie Sekiguchi Softwares) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden PointBlank (HKU\S-1-5-21-4171944306-1169924234-1463198045-1000\...\PointBlank) (Version: 2.1.0 - Ongame S.A & Zepetto) <==== ATENÇÃO RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.8-1.0.3150.5 - raidcall.com.ru) RAR Password Finder (HKLM-x32\...\RAR Password Finder) (Version: - ) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0816-0000-0000000FF1CE}_Office14.OMUI.pt-pt_{95604CB2-E3F3-40FD-B90D-2DB0F144F4A2}) (Version: - Microsoft) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.) Software de dispositivo do Chipset Intel® (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) Vegas Pro 12.0 (64-bit) (HKLM\...\{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}) (Version: 12.0.563 - Sony) VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare) Wondershare PDFelement 6 Pro(Build 6.1.0) (HKLM-x32\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.1.0.2364 - Wondershare Software Co.,Ltd.) Zula (HKLM-x32\...\22DF2438-3A2E-4E99-BA0E-3272968F0290_is1) (Version: 1.11-170508.15806 - XCloudGame) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-01-01] () ContextMenuHandlers01: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (Alexander Roshal) ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Nenhum Arquivo ContextMenuHandlers02: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers03: [GB3ContextMenu] -> {3A488FE8-9916-4F36-BDFF-3DED559142E5} => C:\Program Files (x86)\IObit\Game Booster 3\GBV3ContextMenu.dll [2011-11-29] (IObit) ContextMenuHandlers04: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-04-09] (Intel Corporation) ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation) ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (Alexander Roshal) ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Nenhum Arquivo ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {02E4A525-A489-41C6-8E63-398C20F27D31} - System32\Tasks\SmartGameBooster SkipUAC (Samuel) => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\SgbMain.exe Task: {06E256C4-C500-483D-AA98-918D0E08A8EE} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-07-17] (Overwolf LTD) Task: {0ACE50BA-2FA5-456E-B936-8799BDBBB19A} - System32\Tasks\{AEF8A251-0B2A-4C87-B56C-DA6771EEA1DB} => C:\Users\Samuel\Desktop\GTA IV\Grand Theft Auto IV\GTAIV.exe Task: {109CF0DC-38A2-40AA-88EF-C16D5EA2740D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation) Task: {13D31C44-C3EE-4FAE-A5B7-EF4DFDE76F42} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation) Task: {2493CB7C-1F3B-46E3-A885-7E9CC0EAF6D6} - System32\Tasks\{F505C881-0C9D-4AA7-AF0B-1B168AFD004B} => C:\Users\Samuel\Desktop\GTA IV\Grand Theft Auto IV\GTAIV.exe Task: {3C7F4765-EE4B-4320-B902-C0EE4C7B292A} - System32\Tasks\{18ED6195-FAFF-4A26-BC22-B48FA6FD8094} => C:\ongame\Pointblank\PBLauncher.exe [2013-10-21] (Zepetto Co.) Task: {3ED8023E-56CD-4BFC-B3FC-671C4A7C3B86} - System32\Tasks\{FFAF649F-3834-433F-86E7-52CC29665146} => C:\Program Files\Sandboxie\Start.exe Task: {454B2637-F9D9-42EC-AE0F-C24BE1308009} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {46EB2C37-C501-42C2-8CE3-0358DE7733D5} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {47263160-A8BF-4232-A63B-1A1B0AD8D2B5} - System32\Tasks\{42AF5F4D-03A2-4E64-8942-DA5434AEE4D0} => C:\Users\Samuel\Desktop\GTA-SA\samp.exe Task: {510DFFED-BEB2-4A92-8D78-0887A2222018} - System32\Tasks\{88259982-92F8-42BF-B4A1-FB3F9D6B546D} => C:\Program Files (x86)\RockstarGames\GTA-SA By MukaGamer\Gta Top\gta_sa.exe Task: {626EB6A1-FBC4-436D-AAE1-39E2E77CA5C8} - System32\Tasks\{F30234C0-7B6F-4220-9E80-5850BD3E0CBD} => C:\Windows\system32\pcalua.exe -a "C:\Users\Samuel\Desktop\Rar Password Finder\SETUP.EXE" -d "C:\Users\Samuel\Desktop\Rar Password Finder" Task: {6BB8B9A7-EFE7-439E-B168-FD1A4472ED91} - System32\Tasks\SYSSAMUELPC50 => C:\Windows\SysWOW64\Java\etlrb25t.avh.vbs [2017-05-27] () Task: {84B2B564-AA94-47AF-AACF-612BDF325626} - System32\Tasks\{56A419B9-2A1C-4708-ADB2-EDD987930C8D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Samuel\Desktop\Alci's IMG Editor 1.5 [www.modsgtasa.com.br]\Alci's IMG Editor 1.5.exe" -d "C:\Users\Samuel\Desktop\Alci's IMG Editor 1.5 [www.modsgtasa.com.br]" Task: {867FD9DE-5A0C-4D94-8C2E-DE6D192437E1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation) Task: {87166A49-B98B-439B-9F9D-FC548BAB6B1F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation) Task: {89809923-940A-4569-9411-2747D2FA6A0A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation) Task: {9058D935-62A1-40DF-BE3F-261B72133B80} - System32\Tasks\{D84ABF3B-16A1-4F93-8107-766086E37DE0} => C:\Windows\system32\pcalua.exe -a C:\Users\Samuel\Desktop\TXD\txdworkshop.exe -d C:\Users\Samuel\Desktop\TXD Task: {9063DC5B-FDD9-484B-A90C-E81CC527D663} - System32\Tasks\{3240E8D5-778B-421E-A0FD-9EB6C1933B87} => C:\Windows\system32\pcalua.exe -a "C:\Users\Samuel\Downloads\Mod Policial GTA SA NO-NUMPAD.exe" -d C:\Users\Samuel\Downloads Task: {997CAC54-9DBF-47BB-8A6C-6C17FF15AA46} - System32\Tasks\{480C3E86-189C-40E4-B791-4B74190764A8} => C:\Users\Samuel\AppData\Roaming\uTorrent\uTorrent.exe [2017-07-03] (BitTorrent Inc.) Task: {AA361357-DE29-48D6-861C-AC46698CB896} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd) Task: {BBE947DD-6871-4A30-9846-78930365045C} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Samuel) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe Task: {C2113DC3-664D-44C4-A69F-B21A79516B1A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation) Task: {C4E58C34-FA83-49CC-81D6-DE3D8FDE4788} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-20] (Google Inc.) Task: {CAB75A55-BBAF-40F0-B578-BAAB64BC1A1D} - System32\Tasks\{59063589-BC5A-4B8C-A9E4-5DCD5F090B3A} => C:\Program Files (x86)\RockstarGames\GTA-SA By MukaGamer\Gta Top\gta_sa.exe Task: {CD886F99-60EC-493F-8545-9CFD26B670CF} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-08-19] (SlimWare Utilities, Inc.) Task: {CEA27EB3-AC1B-487D-ADF8-6E5453110B61} - System32\Tasks\{0D485420-E6FC-45EF-AFC9-D8D4C4496186} => C:\Program Files\Sandboxie\Start.exe Task: {CF467F8B-845E-48C9-8C4B-0F3700492F09} - System32\Tasks\{0A97C5A4-7AF0-4990-9E36-3E46492933D3} => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [1999-12-31] (VIA) Task: {D25B25D6-5425-4786-A241-DBD0551CD35C} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2017-01-11] () Task: {E0996EDA-B081-49AB-AB71-BCFF116079E2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation) Task: {E1E94815-4E88-4427-B873-C89C25A6B6B1} - System32\Tasks\{88D3DADA-A17A-45EF-97C0-0BC2A1316326} => C:\Program Files\Sandboxie\Start.exe Task: {F04FC6A1-2171-4BEE-9515-07B5CEEF574E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-20] (Google Inc.) Task: {F1767767-40F5-499F-BC1E-80C9570A947C} - System32\Tasks\Driver Booster SkipUAC (Samuel) => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe Task: {F4154884-5D8C-4354-9098-6C67F3FF425B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Samuel).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Samuel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Módulos Carregados (Whitelisted) ============== 2017-05-21 18:12 - 2016-11-14 08:15 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2017-05-21 18:45 - 2017-06-21 04:07 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-07-20 20:52 - 2017-06-23 00:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll 2017-07-20 20:52 - 2017-06-23 00:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll 2017-07-12 02:01 - 2017-06-29 13:05 - 31133696 _____ () C:\Users\Samuel\AppData\Local\Google\Chrome\User Data\PepperFlash\26.0.0.137\pepflashplayer.dll 2017-05-21 18:45 - 2017-06-21 04:07 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData:NT [40] AlternateDataStreams: C:\ProgramData:NT2 [432] AlternateDataStreams: C:\Users\All Users:NT [40] AlternateDataStreams: C:\Users\All Users:NT2 [432] AlternateDataStreams: C:\Users\Todos os Usuários:NT [40] AlternateDataStreams: C:\Users\Todos os Usuários:NT2 [432] AlternateDataStreams: C:\ProgramData\Application Data:NT [40] AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432] AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT [40] AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT2 [432] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432] AlternateDataStreams: C:\Users\Samuel\Dados de aplicativos:NT [40] AlternateDataStreams: C:\Users\Samuel\Dados de aplicativos:NT2 [432] AlternateDataStreams: C:\Users\Samuel\AppData\Roaming:NT [40] AlternateDataStreams: C:\Users\Samuel\AppData\Roaming:NT2 [432] AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT [40] AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT2 [432] AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT [40] AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT2 [432] AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT [40] AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT2 [432] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2017-07-10 18:02 - 00001473 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 bandicam.com 127.0.0.1 ssl.bandisoft.com 127.0.0.1 thislineskipsanyemptylines 127.0.0.1 thislineskipsanyemptylines 127.0.0.1 thislineskipsanyemptylines 127.0.0.1 thislineskipsanyemptylines 127.0.0.1 thislineskipsanyemptylines 127.0.0.1 thislineskipsanyemptylines 127.0.0.1 thislineskipsanyemptylines 127.0.0.1 thislineskipsanyemptylines 127.0.0.1 thislineskipsanyemptylines 127.0.0.1 thislineskipsanyemptylines ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-4171944306-1169924234-1463198045-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Samuel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\startupfolder: C:^Users^Samuel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recortes de Ecrã e Iniciador do OneNote 2010.lnk => C:\Windows\pss\Recortes de Ecrã e Iniciador do OneNote 2010.lnk.Startup MSCONFIG\startupfolder: C:^Users^Samuel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WO Mic Client.lnk => C:\Windows\pss\WO Mic Client.lnk.Startup MSCONFIG\startupreg: (default) => MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: Chromium => c:\users\samuel\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe" MSCONFIG\startupreg: HP Deskjet 3510 series (NET) => "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "BR385FB0WT05Y8:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1 MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe" MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe" MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: uTorrent => "C:\Users\Samuel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe MSCONFIG\startupreg: XMouseButtonControl => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe /notportable MSCONFIG\startupreg: Xvid => powershell.exe -nologo -WindowStyle hidden -Noninteractive -NoProfile -ExecutionPolicy Bypass -File "C:\Program Files (x86)\Xvid\CheckUpdate.ps1" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{44E2588A-FEB9-414D-9F29-29816D11CD23}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe FirewallRules: [{C7BAEDC5-3E91-4DCB-9558-EB87C3414464}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{8703FF2A-6163-4E48-A5E7-7FF0798BF360}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe FirewallRules: [{249AD0F2-D805-48F0-A905-147084A70978}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe FirewallRules: [{DCBD3544-979F-4743-AC3B-8BA31417CAAB}] => (Allow) C:\ongame\Pointblank\PointBlank.exe FirewallRules: [{14F630BC-669C-4386-84BC-76D1F8D1F073}] => (Allow) C:\ongame\Pointblank\PointBlank.exe FirewallRules: [{918B1F6A-166A-4CB6-8E41-8E8799F91772}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B1F2BBE1-A86D-44BB-A990-E7ECD62C82B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A15888F4-00CC-4B8C-A289-91E0EECC1E2C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{DC30A7D5-9F83-44AE-9E03-EAA592812879}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{17CD62BD-6AFF-4CC7-8A06-8E595F99B60F}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe FirewallRules: [{40B068E9-2D49-4AF3-A4DB-421AEAF6337C}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{2DE7C05F-01C9-4838-957A-C0A57664C155}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{152079BB-70F2-4518-8728-5F31E706AEFE}] => (Allow) C:\ongame\Pointblank\PointBlank.exe FirewallRules: [{DFE93E79-B6DF-4330-BC8D-BC7EA273E422}] => (Allow) C:\ongame\Pointblank\PointBlank.exe FirewallRules: [{A4BA7E66-9300-4A00-AB8C-FA5433DC3432}] => (Allow) C:\Users\Samuel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1792BD17-BD7D-4372-B453-9EED9CE183FC}] => (Allow) C:\Users\Samuel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{CD33A718-1B55-4C3C-BFB2-465CB4687209}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe FirewallRules: [UDP Query User{4F8E3F3E-D5FE-481D-AD52-CE6A4311303D}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe FirewallRules: [{FADF2399-6788-472C-B9BC-00DCA9A591D2}] => (Block) C:\games\counter-strike\hl.exe FirewallRules: [{FF01CC11-D8CC-472F-9E9D-C286873178B5}] => (Block) C:\games\counter-strike\hl.exe FirewallRules: [TCP Query User{77EF5649-9D6B-42CB-B4D2-1D0D9FA2BB10}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe FirewallRules: [UDP Query User{4C7B7635-6410-45DB-800A-0F5D760FBA60}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe FirewallRules: [{89669056-3142-4E0A-BA9E-DF7BB50FE679}] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe FirewallRules: [{095DF56E-C636-46CC-8C3E-B3626B8A90AB}] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe FirewallRules: [{F0399FB2-7C29-4E74-A962-3A751DF81CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{E2597C6A-0FE9-4D24-AF06-A7F7D867BE0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{986B7416-F15E-429C-AD47-9A6810C0DDD1}C:\program files (x86)\rockstargames\mta-sa\gta_sa.exe] => (Allow) C:\program files (x86)\rockstargames\mta-sa\gta_sa.exe FirewallRules: [UDP Query User{CFE55FD5-0E39-4D40-A3BA-552E261D4C2C}C:\program files (x86)\rockstargames\mta-sa\gta_sa.exe] => (Allow) C:\program files (x86)\rockstargames\mta-sa\gta_sa.exe FirewallRules: [{A84886CB-3C49-49D2-84ED-12370C168D55}] => (Block) C:\program files (x86)\rockstargames\mta-sa\gta_sa.exe FirewallRules: [{89AF4A76-B68B-41E3-8479-012D637B5A33}] => (Block) C:\program files (x86)\rockstargames\mta-sa\gta_sa.exe FirewallRules: [TCP Query User{5D6E9C3E-5F97-46D3-BFAD-6C286D415FA2}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{135A4356-3E2C-46BA-85AE-966AB6EA57BB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [TCP Query User{5EF5CA73-521D-44B6-BDD8-EF4B2CB3B79A}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe FirewallRules: [UDP Query User{9AFF4A08-C472-40E4-B13D-D96120302302}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe FirewallRules: [{87CD735F-EABA-4892-82AF-1009E1B7C4AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{1FFF2CF4-6F19-48F4-A60F-8CC32B043F8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{EE7975A4-F0AD-458A-95FD-70347568CF12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{51DAD258-2466-41C4-B44D-5BDC08867187}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{BF0993F3-BDF1-49BA-9BC6-C08A5D6BAEB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{F65A73A3-94E6-4AEE-B665-82387966030F}C:\windows\syswow64\java\syssamuelpc50.exe] => (Block) C:\windows\syswow64\java\syssamuelpc50.exe FirewallRules: [UDP Query User{D83FA487-0BF8-4EF1-994D-152B91A436F5}C:\windows\syswow64\java\syssamuelpc50.exe] => (Block) C:\windows\syswow64\java\syssamuelpc50.exe FirewallRules: [TCP Query User{558BBADB-C8DA-4B5D-880F-0498875AAC88}C:\windows\syswow64\java\syssamuelpc50.exe] => (Block) C:\windows\syswow64\java\syssamuelpc50.exe FirewallRules: [UDP Query User{A1644929-9B34-4126-8CCC-E46A17FA7A0D}C:\windows\syswow64\java\syssamuelpc50.exe] => (Block) C:\windows\syswow64\java\syssamuelpc50.exe FirewallRules: [{413FB67F-7F46-4CD7-9334-3FAB5C36C672}] => (Allow) C:\Users\Samuel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CF03C4E1-A2E8-47DD-B39E-11A27E81E614}] => (Allow) C:\Users\Samuel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{79398770-35A0-40DB-B12A-1E500140392A}] => (Allow) C:\Users\Samuel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5B5F89C8-A3B8-4982-BC09-B2C873A138A1}] => (Allow) C:\Users\Samuel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8FE84940-1313-44B6-ABCC-4E250C65B9DC}] => (Allow) C:\Users\Samuel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E9237BE2-2ADF-4364-ABFD-93A7BE67A3A3}] => (Allow) C:\Users\Samuel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{E564D30D-15F3-4C7F-9C47-A40E55C45FE8}C:\users\samuel\desktop\servertop\samp-server.exe] => (Allow) C:\users\samuel\desktop\servertop\samp-server.exe FirewallRules: [UDP Query User{E4A8E8B6-1F9F-4A59-A587-0FC9CAEC6AB3}C:\users\samuel\desktop\servertop\samp-server.exe] => (Allow) C:\users\samuel\desktop\servertop\samp-server.exe FirewallRules: [TCP Query User{7A08421B-27FA-44F7-A7BA-205C2E2933F0}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\javaw.exe FirewallRules: [UDP Query User{A6331B83-FB34-4E47-8CF8-BD322557D205}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\javaw.exe FirewallRules: [TCP Query User{8FD753D7-0AA2-41B4-99F7-0B283C3D0314}C:\users\samuel\appdata\local\apps\2.0\cw6ldd5e.l7h\hgqgy770.3a2\leve..tion_3af41edd49c109a3_0000.0009_68082bad8b8cd4e1\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\samuel\appdata\local\apps\2.0\cw6ldd5e.l7h\hgqgy770.3a2\leve..tion_3af41edd49c109a3_0000.0009_68082bad8b8cd4e1\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [UDP Query User{A21A04CD-0041-4CDE-8CFD-CA61394A149B}C:\users\samuel\appdata\local\apps\2.0\cw6ldd5e.l7h\hgqgy770.3a2\leve..tion_3af41edd49c109a3_0000.0009_68082bad8b8cd4e1\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\samuel\appdata\local\apps\2.0\cw6ldd5e.l7h\hgqgy770.3a2\leve..tion_3af41edd49c109a3_0000.0009_68082bad8b8cd4e1\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [{556D8175-0E58-4676-8F8C-079A680B22B3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= 23-07-2017 14:12:57 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Hamachi Network Interface Description: Hamachi Network Interface Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: LogMeIn, Inc. Service: hamachi Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: MpKslcd3acfa1 Description: MpKslcd3acfa1 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: MpKslcd3acfa1 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (07/21/2017 10:48:42 AM) (Source: LogMeIn Guardian) (EventID: 104) (User: AUTORIDADE NT) Description: LogMeIn Guardian has detected a problem with the LogMeIn software installed on this machine. The problem is locally identified by the following reference ID: 'b200495274a3087aaabb9f68076e059a'. Error: (07/20/2017 11:52:26 AM) (Source: LogMeIn Guardian) (EventID: 104) (User: AUTORIDADE NT) Description: LogMeIn Guardian has detected a problem with the LogMeIn software installed on this machine. The problem is locally identified by the following reference ID: 'b200495274a3087aaabb9f68076e059a'. Error: (07/19/2017 04:10:53 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa vegas120.exe versão 12.0.0.563 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 123c Hora de Início: 01d300c2160e7441 Hora de Término: 153 Caminho do Aplicativo: C:\Program Files\Sony\Vegas Pro 12.0\vegas120.exe Id do Relatório: f9b4a7f3-6cb5-11e7-aa00-eca86bb4ed17 Error: (07/19/2017 10:39:06 AM) (Source: LogMeIn Guardian) (EventID: 104) (User: AUTORIDADE NT) Description: LogMeIn Guardian has detected a problem with the LogMeIn software installed on this machine. The problem is locally identified by the following reference ID: 'b200495274a3087aaabb9f68076e059a'. Error: (07/19/2017 10:32:35 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa vegas120.exe versão 12.0.0.563 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 1078 Hora de Início: 01d3009294822bb3 Hora de Término: 80 Caminho do Aplicativo: C:\Program Files\Sony\Vegas Pro 12.0\vegas120.exe Id do Relatório: b8074154-6c86-11e7-a89c-eca86bb4ed17 Error: (07/19/2017 10:26:04 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa vegas120.exe versão 12.0.0.563 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 10e8 Hora de Início: 01d3008f2a80f2e2 Hora de Término: 115 Caminho do Aplicativo: C:\Program Files\Sony\Vegas Pro 12.0\vegas120.exe Id do Relatório: 48fa3fc9-6c85-11e7-a89c-eca86bb4ed17 Error: (07/18/2017 06:12:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: Lanzador.exe, versão: 1.18.0.0, carimbo de hora: 0x5314c683 Nome do módulo de falhas: apu2enc.dll, versão: 0.0.0.0, carimbo de hora: 0x530e0844 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00001369 Identificação do processo com falha: 0x1218 Hora de início do aplicativo com falha: 0x01d3000a9005f2a5 Caminho do aplicativo com falha: C:\Program Files (x86)\Mirillis\Action!\Lanzador.exe FCaminho do módulo de falhas: C:\Program Files (x86)\Mirillis\Action!\apu2enc.dll Identificação do Relatório: d1756fa7-6bfd-11e7-a89c-eca86bb4ed17 Error: (07/18/2017 02:32:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: SlimDrivers.exe, versão: 2.3.1.0, carimbo de hora: 0x55d4df2d Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23807, carimbo de hora: 0x5915f8e8 Código de exceção: 0xc0000005 Deslocamento com falha: 0x0002e49b Identificação do processo com falha: 0x7e4 Hora de início do aplicativo com falha: 0x01d2ffeb03afa1e6 Caminho do aplicativo com falha: C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe FCaminho do módulo de falhas: C:\Windows\SysWOW64\ntdll.dll Identificação do Relatório: 079e1543-6bdf-11e7-a89c-eca86bb4ed17 Error: (07/17/2017 11:28:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: Lanzador.exe, versão: 1.18.0.0, carimbo de hora: 0x5314c683 Nome do módulo de falhas: apu2enc.dll, versão: 0.0.0.0, carimbo de hora: 0x530e0844 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00001233 Identificação do processo com falha: 0x1204 Hora de início do aplicativo com falha: 0x01d2ff08e5da4d3f Caminho do aplicativo com falha: C:\Program Files (x86)\Mirillis\Action!\Lanzador.exe FCaminho do módulo de falhas: C:\Program Files (x86)\Mirillis\Action!\apu2enc.dll Identificação do Relatório: 246a463d-6afc-11e7-9973-eca86bb4ed17 Error: (07/17/2017 01:39:47 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: javaw.exe, versão: 8.0.1310.11, carimbo de hora: 0x58c8fc02 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23807, carimbo de hora: 0x5915fdce Código de exceção: 0xc0000374 Deslocamento com falha: 0x00000000000bf3e2 Identificação do processo com falha: 0xb30 Hora de início do aplicativo com falha: 0x01d2feb6b642f517 Caminho do aplicativo com falha: C:\Program Files\Java\jre1.8.0_131\bin\javaw.exe FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll Identificação do Relatório: f5c8753d-6aa9-11e7-b980-eca86bb4ed17 Erros de Sistema: ============= Error: (07/24/2017 12:08:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço LogMeIn Hamachi Tunneling Engine devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (07/24/2017 12:08:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço LogMeIn Hamachi Tunneling Engine. Error: (07/24/2017 12:07:13 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 17:58:26 às ‎23/‎07/‎2017 não era esperado. Error: (07/23/2017 05:13:15 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 15:49:55 às ‎23/‎07/‎2017 não era esperado. Error: (07/22/2017 12:56:10 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 70. Error: (07/21/2017 10:45:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço LogMeIn Hamachi Tunneling Engine devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (07/21/2017 10:45:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço LogMeIn Hamachi Tunneling Engine. Error: (07/20/2017 07:20:15 PM) (Source: volsnap) (EventID: 36) (User: ) Description: As cópias de sombra do volume C: foram anuladas porque o armazenamento de cópia de sombra não pôde crescer devido a um limite imposto pelo usuário. Error: (07/20/2017 02:59:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Serviço Windows Update suspenso ao iniciar. Error: (07/20/2017 02:53:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço LogMeIn Hamachi Tunneling Engine devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. CodeIntegrity: =================================== Date: 2017-01-13 15:46:51.882 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-13 15:46:51.851 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-13 15:46:51.804 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\womic.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-13 15:46:51.773 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\womic.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-13 15:46:51.742 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\womic.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-13 15:46:51.711 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\womic.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-13 15:46:51.695 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\womic.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-13 15:46:51.664 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\womic.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-13 15:46:51.633 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\womic.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-13 15:46:51.602 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\womic.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz Percentagem de memória em uso: 42% RAM física total: 6108.7 MB RAM física disponível: 3540.4 MB Virtual Total: 12215.57 MB Virtual disponível: 9603.56 MB ==================== Drives ================================ Drive c: (DADOS) (Fixed) (Total:464.84 GB) (Free:105.11 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4E59A2FC) Partition 1: (Active) - (Size=464.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) Partition 3: (Not Active) - (Size=492 MB) - (Type=27) ==================== Fim de Addition.txt ============================