Zeniker
2017-02-23, 06:28
Yesterday avast started to detect a vbs malware whenever the Opera or Google Chrome was open, howerer it doesn't happen with firefox. I ran Avast scan and it detected several files infected with the same virus i think, some of those in the Windows folder. Here's the farbar log.
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 19-02-2017
Executado por Guilherme (administrador) em GUILHERME-NOTE (22-02-2017 05:44:09)
Executando a partir de C:\Users\Guilherme\Desktop
Perfis Carregados: UpdatusUser & Guilherme (Perfis Disponíveis: UpdatusUser & Guilherme & Administrador)
Platform: Windows 10 Home Single Language (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Opera)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
() C:\Windows\System32\igfxTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.17020_none_1152834562020692\TiWorker.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() D:\Games\Crypt of the NecroDancer\unins000.exe
() C:\Users\Guilherme\AppData\Local\Temp\_iu14D2N.tmp
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [396688 2015-07-17] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348712 2015-11-01] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
Winlogon\Notify\ GbPluginUni-x32: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [X]
HKU\S-1-5-21-3040258654-2525527317-1144640668-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Run: [Google Update] => C:\Users\Guilherme\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-18] (Valve Corporation)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Run: [Spotify Web Helper] => C:\Users\Guilherme\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Run: [Spotify] => C:\Users\Guilherme\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\RunOnce: [Uninstall C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\RunOnce: [Uninstall C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\RunOnce: [Uninstall C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-26] (AVAST Software)
Startup: C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-01-31]
ShortcutTarget: Curse.lnk -> C:\Users\Guilherme\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
GroupPolicy: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\..\Interfaces\{185f0d10-ace8-4f9b-9b2b-b13488d7d565}: [DhcpNameServer] 201.21.192.161 201.21.192.166
Tcpip\..\Interfaces\{fa2d569b-cdc1-4147-a5a5-2fdf68d294d5}: [DhcpNameServer] 201.21.192.161 201.21.192.166
Internet Explorer:
==================
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-12] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-20] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll => Nenhum Arquivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-20] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: 8x4uo2vf.default
FF ProfilePath: C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\kp37pia3.dev-edition-default [2016-12-17]
FF Extension: (Adblock Plus) - C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\kp37pia3.dev-edition-default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF ProfilePath: C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\8x4uo2vf.default [2016-12-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-14]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-11-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3040258654-2525527317-1144640668-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3040258654-2525527317-1144640668-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1418085823&from=smt&uid=ST2000DM001-1CH164_W1E5G644XXXXW1E5G644"
CHR Profile: C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default [2017-02-21]
CHR Extension: (Google Apresentações) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-24]
CHR Extension: (Google Docs) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-24]
CHR Extension: (Google Drive) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24]
CHR Extension: (Adblock Plus) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-30]
CHR Extension: (Google Search) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Planilhas do Google) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-24]
CHR Extension: (Documentos Google off-line) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Avast Online Security) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <não encontrado (a)>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <não encontrado (a)>
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Guilherme\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-10-28]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [Arquivo não assinado]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-26] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-07-21] (ELAN Microelectronics Corp.)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-10-10] (Hi-Rez Studios) [Arquivo não assinado]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-07-28] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2120712 2016-06-03] (Electronic Arts)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [139264 2016-07-27] (Microsoft Corporation) [Arquivo não assinado]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2016-08-03] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-26] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-26] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-26] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-26] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-26] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2016-07-24] (GAS Tecnologia)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2015-08-06] (LogMeIn Inc.)
R2 IntelHaxm; C:\WINDOWS\system32\DRIVERS\IntelHaxm.sys [96776 2015-11-16] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2016-01-23] (hxxp://libusb-win32.sourceforge.net)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [127456 2016-03-04] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205784 2016-03-04] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-02-22 05:45 - 2017-02-22 05:45 - 05198336 _____ (AVAST Software) C:\Users\Guilherme\Desktop\aswMBR.exe
2017-02-22 05:44 - 2017-02-22 05:50 - 00023985 _____ C:\Users\Guilherme\Desktop\FRST.txt
2017-02-22 05:42 - 2017-02-22 05:44 - 00000000 ____D C:\FRST
2017-02-22 05:42 - 2017-02-22 05:42 - 02422784 _____ (Farbar) C:\Users\Guilherme\Desktop\FRST64.exe
2017-02-22 05:37 - 2017-02-22 05:37 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-GUILHERME-NOTE-Windows-10-Home-Single-Language-(64-bit).dat
2017-02-22 05:37 - 2017-02-22 05:37 - 00000000 ____D C:\RegBackup
2017-02-22 05:36 - 2017-02-22 05:36 - 00018004 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2017-02-22 05:36 - 2017-02-22 05:36 - 00002314 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2017-02-22 05:36 - 2017-02-22 05:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2017-02-22 05:36 - 2017-02-22 05:36 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2017-02-22 05:35 - 2017-02-22 05:36 - 05766144 _____ (Tweaking.com) C:\Users\Guilherme\Desktop\tweaking.com_registry_backup_setup.exe
2017-02-22 05:26 - 2017-02-22 05:26 - 00016148 _____ C:\WINDOWS\system32\GUILHERME-NOTE_Guilherme_HistoryPrediction.bin
2017-01-31 10:35 - 2017-01-31 10:35 - 00020542 _____ C:\Users\Guilherme\Downloads\segundaViaDoc.pdf
2017-01-28 18:18 - 2017-01-28 18:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-02-22 05:51 - 2015-10-24 21:41 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\BitTorrent
2017-02-22 05:47 - 2015-07-30 19:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 05:40 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-22 05:35 - 2015-10-24 21:11 - 00000075 _____ C:\Users\Guilherme\AppData\Roaming\sp_data.sys
2017-02-22 05:34 - 2015-07-30 19:42 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-22 05:33 - 2016-02-03 16:55 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-02-22 05:33 - 2015-10-27 18:24 - 02238952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-22 05:33 - 2015-09-10 02:05 - 02278134 _____ C:\WINDOWS\system32\prfh0416.dat
2017-02-22 05:33 - 2015-09-10 02:05 - 00664324 _____ C:\WINDOWS\system32\prfc0416.dat
2017-02-22 05:33 - 2014-03-29 14:22 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-02-22 05:32 - 2015-11-01 14:12 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A98DCBA0-4827-44CB-80EA-350247BCB4A2}
2017-02-22 05:27 - 2016-10-27 18:31 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-02-22 05:27 - 2015-10-27 18:32 - 00000000 __SHD C:\Users\Guilherme\IntelGraphicsProfiles
2017-02-22 05:27 - 2015-10-27 18:00 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-22 05:26 - 2016-04-15 20:06 - 00000093 _____ C:\HaxLogs.txt
2017-02-22 05:26 - 2015-07-30 18:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-22 02:27 - 2013-08-22 10:36 - 00000000 ____D C:\Users\Default.migrated
2017-02-22 00:07 - 2015-10-24 21:29 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Skype
2017-02-22 00:07 - 2015-07-10 06:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-02-22 00:06 - 2016-06-03 19:09 - 00000000 ____D C:\Users\Guilherme\AppData\Local\Spotify
2017-02-22 00:01 - 2015-10-24 22:53 - 00000426 _____ C:\WINDOWS\Tasks\update-sys.job
2017-02-21 23:31 - 2015-10-24 22:53 - 00000426 _____ C:\WINDOWS\Tasks\update-S-1-5-21-3040258654-2525527317-1144640668-1002.job
2017-02-21 20:48 - 2016-06-03 19:06 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Spotify
2017-02-20 20:24 - 2017-01-05 21:44 - 00003296 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-20 20:24 - 2015-10-27 18:40 - 00002387 _____ C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-09 21:47 - 2016-06-28 21:22 - 00003974 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1467159759
2017-02-09 21:47 - 2016-06-28 21:22 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-09 21:47 - 2016-06-28 21:20 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-07 00:11 - 2015-10-24 21:24 - 00002477 _____ C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-05 23:36 - 2016-10-01 22:26 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Audacity
2017-02-02 19:06 - 2016-09-13 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-02 19:06 - 2015-10-24 21:28 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2017-02-02 19:06 - 2015-10-24 21:28 - 00000000 ____D C:\ProgramData\Skype
2017-02-01 13:51 - 2016-04-09 12:43 - 00000000 ____D C:\Users\Guilherme\Desktop\App
2017-01-30 18:19 - 2015-11-01 11:38 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-30 14:35 - 2016-01-23 11:19 - 00000000 ____D C:\Users\Guilherme\Desktop\Jogos
2017-01-30 14:35 - 2015-10-25 23:50 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-29 17:29 - 2015-10-27 18:06 - 00000000 ____D C:\Users\UpdatusUser
2017-01-28 18:18 - 2015-10-25 12:07 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-28 14:44 - 2015-11-10 18:39 - 00000000 ____D C:\Users\Guilherme\Documents\CnWizards
2017-01-27 23:17 - 2015-11-09 17:40 - 00000000 ____D C:\Users\Todos os Usuários\Embarcadero
2017-01-27 23:17 - 2015-11-09 17:40 - 00000000 ____D C:\ProgramData\Embarcadero
2017-01-27 15:52 - 2015-10-27 18:06 - 00000000 ____D C:\Users\Guilherme
==================== Arquivos na raiz de alguns diretórios =======
2015-10-24 21:11 - 2017-02-22 05:35 - 0000075 _____ () C:\Users\Guilherme\AppData\Roaming\sp_data.sys
2016-08-14 20:08 - 2016-08-14 20:08 - 0000000 ___SH () C:\Users\Guilherme\AppData\Local\LumaEmu
2016-11-17 18:19 - 2016-11-17 18:19 - 0002421 _____ () C:\Users\Guilherme\AppData\Local\recently-used.xbel
2015-10-24 22:53 - 2015-10-24 22:53 - 0000003 _____ () C:\Users\Guilherme\AppData\Local\updater.log
2015-10-24 22:53 - 2016-08-07 03:07 - 0000424 _____ () C:\Users\Guilherme\AppData\Local\UserProducts.xml
2013-12-18 14:55 - 2012-09-07 08:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-18 14:55 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-18 14:55 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Alguns arquivos em TEMP:
====================
2015-11-15 16:42 - 2015-11-15 16:42 - 0079736 _____ (AppWork GmbH) C:\Users\Guilherme\AppData\Local\Temp\130920901306023245.exe
2015-11-15 16:42 - 2015-11-15 16:42 - 0872476 _____ (Web installer ) C:\Users\Guilherme\AppData\Local\Temp\13092090138792059536.exe
2016-09-23 03:46 - 2000-04-06 07:00 - 0263168 ____N () C:\Users\Guilherme\AppData\Local\Temp\binkw32.dll
2016-09-23 03:46 - 2001-05-09 21:19 - 0352256 ____N (Blizzard Entertainment) C:\Users\Guilherme\AppData\Local\Temp\d2l_Install.exe
2016-02-17 17:44 - 2016-02-17 17:44 - 0000000 _____ () C:\Users\Guilherme\AppData\Local\Temp\GURDACB.exe
2016-01-04 17:06 - 2016-01-04 17:07 - 24814584 _____ (ArenaNet) C:\Users\Guilherme\AppData\Local\Temp\Gw2.exe
2016-10-13 19:23 - 2016-10-13 19:23 - 16701440 ____N () C:\Users\Guilherme\AppData\Local\Temp\javagiac0.2182347912007514.dll
2016-08-23 22:04 - 2016-08-23 22:04 - 16701440 ____N () C:\Users\Guilherme\AppData\Local\Temp\javagiac0.30589597969029025.dll
2016-07-24 22:19 - 2016-07-24 22:19 - 0741440 _____ (Oracle Corporation) C:\Users\Guilherme\AppData\Local\Temp\jre-8u101-windows-au.exe
2015-10-07 15:17 - 2015-10-07 15:17 - 0585824 _____ (Oracle Corporation) C:\Users\Guilherme\AppData\Local\Temp\jre-8u65-windows-au.exe
2016-01-20 21:55 - 2016-01-20 21:55 - 0644704 _____ (Oracle Corporation) C:\Users\Guilherme\AppData\Local\Temp\jre-8u71-windows-au.exe
2016-02-13 09:54 - 2016-02-13 09:54 - 0736352 _____ (Oracle Corporation) C:\Users\Guilherme\AppData\Local\Temp\jre-8u73-windows-au.exe
2015-09-01 08:11 - 2015-09-01 08:11 - 0120336 _____ (McAfee, Inc.) C:\Users\Guilherme\AppData\Local\Temp\McCSPInstall.dll
2015-11-01 11:20 - 2015-09-01 08:11 - 0162120 _____ (McAfee Inc.) C:\Users\Guilherme\AppData\Local\Temp\mccspuninstall.exe
2016-09-27 10:29 - 2016-09-27 10:29 - 0040448 ____N () C:\Users\Guilherme\AppData\Local\Temp\proxy_vole146836755875676782.dll
2016-09-27 10:28 - 2016-09-27 10:28 - 0040448 ____N () C:\Users\Guilherme\AppData\Local\Temp\proxy_vole4981657535685034036.dll
2016-09-27 10:29 - 2016-09-27 10:29 - 0040448 ____N () C:\Users\Guilherme\AppData\Local\Temp\proxy_vole6307089412700812183.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-02-19 16:26
==================== Fim de FRST.txt ============================
Addition Log:
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 19-02-2017
Executado por Guilherme (22-02-2017 05:51:58)
Executando a partir de C:\Users\Guilherme\Desktop
Windows 10 Home Single Language (X64) (2015-10-27 21:31:29)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3040258654-2525527317-1144640668-500 - Administrator - Disabled) => C:\Users\Administrator
Convidado (S-1-5-21-3040258654-2525527317-1144640668-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-3040258654-2525527317-1144640668-503 - Limited - Disabled)
Guilherme (S-1-5-21-3040258654-2525527317-1144640668-1002 - Administrator - Enabled) => C:\Users\Guilherme
HomeGroupUser$ (S-1-5-21-3040258654-2525527317-1144640668-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3040258654-2525527317-1144640668-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
99Vidas (HKLM\...\Steam App 557040) (Version: - QUByte Interactive)
Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
ASUS Backtracker (HKLM-x32\...\{C15C060C-ED1C-49EB-83B3-F7C0FD1CD661}) (Version: 3.0.3 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.7 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5710.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Build Tools for Windows 10 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CnPack IDE Wizards (HKLM-x32\...\CnWizards) (Version: 1.0.5.693 - CnPack Team)
CodeBlocks (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
CodedUITestUAP (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant)
Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Dead Space™ (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts)
Deus Ex Human Revolution Directors Cut version 2.0.66.0 (HKLM-x32\...\Deus Ex Human Revolution Directors Cut_is1) (Version: 2.0.66.0 - Mr DJ)
Devil May Cry 4 (HKLM-x32\...\Steam App 45700) (Version: - Capcom)
Discord (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Disgaea PC (HKLM\...\Steam App 405900) (Version: - Nippon Ichi Software, Inc.)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dustforce (HKLM-x32\...\Steam App 65300) (Version: - Hitbox Team)
ELAN Touchpad 11.5.20.3_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.20.3 - ELAN Microelectronic Corp.)
Embarcadero RAD Studio XE7 (HKLM-x32\...\{70A0BF24-4DD3-42C9-81A5-43C5644F5834}_is1) (Version: 21.0.17707.5020 - Lsuper)
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Firefox Developer Edition 45.0a2 (x86 pt-BR) (HKLM-x32\...\Firefox Developer Edition 45.0a2 (x86 pt-BR)) (Version: 45.0a2 - Mozilla)
Firestorm Launcher version 1.3 (HKLM-x32\...\{008D5963-9A73-4472-8C16-A5BF04491B9D}_is1) (Version: 1.3 - Firestorm)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.269.0 - International GeoGebra Institute)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hyper Light Drifter (HKLM-x32\...\1452863689_is1) (Version: 2.6.0.8 - GOG.com)
IDE Tools for Windows 10 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
IDE Tools for Windows 10 (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{30F3FF94-225B-4319-A13C-E307FFDA3CFB}) (Version: 6.0.1 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 8 Update 73 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.14393.33 - Microsoft) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Magicka (HKLM\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Mediatek Bluetooth (HKLM\...\{E0B1ECF5-766A-5464-BFE2-2C1BED6A49FB}) (Version: 11.0.748.2 - Mediatek)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Speech Platform SDK (x64) v11.0 (HKLM\...\{53D682B6-5381-4B44-B590-584AAD0460C0}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Speech Platform SDK (x86) v11.0 (HKLM-x32\...\{A946A6CC-E9F2-44A8-9A8D-095C756AF4EB}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{dfcbf7c4-6232-423c-b43c-38d118e2378f}) (Version: 14.0.24720.41 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Momodora: Reverie Under the Moonlight (HKLM\...\Steam App 428550) (Version: - Bombservice)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.0.5833 - Mozilla)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
MySQL Workbench 6.3 CE (HKLM\...\{0D901124-B910-4985-9D4F-AC5C2FEF7493}) (Version: 6.3.7 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.5 - Notepad++ Team)
NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 43.0.2442.806 (HKLM-x32\...\Opera 43.0.2442.806) (Version: 43.0.2442.806 - Opera Software)
Oracle VM VirtualBox 5.0.16 (HKLM\...\{F2E958A1-9215-4C7D-9A2E-F0740B8CA5B7}) (Version: 5.0.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Pacote de Direcionamento do Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM-x32\...\{34A6EAAA-8D75-4775-A982-FBC793C4A868}) (Version: 4.6.01055 - Microsoft Corporation)
Painel de controle da NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Professionald 2015 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
Python 2.7.12 (Anaconda2 4.1.1 64-bit) (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Python 2.7.12 (Anaconda2 4.1.1 64-bit)) (Version: 4.1.1 - Continuum Analytics, Inc.)
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Roleplaying City Map Generator 5.40 (HKLM-x32\...\{3B585A53-CC41-4969-A7CB-F0E5D34ACA08}) (Version: 5.4.0.0 - )
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version: - Enterbrain, Inc.)
RRPG Firecast (HKLM-x32\...\{EB4C3686-A52C-4F40-9D53-F8571CC5FD5D}_is1) (Version: 7 - AlyssonRPG)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
SDK do Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM-x32\...\{5C233FE7-872F-4526-87AF-0E8D8AE00DEB}) (Version: 4.6.01055 - Microsoft Corporation)
Secure Download Manager (HKLM-x32\...\{F0858165-B8DB-4347-89B8-6D9F882B9BF3}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.9.0.16 - GOG.com)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
SourceTree (HKLM-x32\...\SourceTree 1.9.6.1) (Version: 1.9.6.1 - Atlassian)
SourceTree (x32 Version: 1.9.6.1 - Atlassian) Hidden
Spotify (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TalonRO Client (HKLM-x32\...\TalonRO_is1) (Version: 2.0 - TalonRO)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Tiled (HKLM-x32\...\{8C09C5E0-D123-49E9-926A-5A81513A25EE}) (Version: 0.17.1 - mapeditor.org)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
TypeScript Power Tool (x32 Version: 1.7.6.0 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.6.0 (HKLM-x32\...\{5ee9a47a-3630-4016-b76d-dc752e9218dd}) (Version: 1.7.24809.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
WinAppDeploy (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Windows 10 IoT Core Dashboard (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\2c4529525b7e166a) (Version: 1.0.1608.1003 - Windows 10 IoT Core)
Windows Driver Package - ASUS (ATP) Mouse (10/31/2013 1.0.0.191) (HKLM\...\15591935E93BF0A0E42CA53B578EE5E630971E15) (Version: 10/31/2013 1.0.0.191 - ASUS)
Windows SDK AddOn (HKLM-x32\...\{45D392D2-5956-4646-9CA6-83CBF67507B6}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.24-1 - Bitnami)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {076F7AEB-CB16-4C39-B6AD-7AF0D84CC122} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {0BBB8BCE-B9C8-4466-BAE0-FBFD1617B2F8} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {1ACC39EB-D7BF-440F-9478-5F1F5AA2B219} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {1EB7CF1F-8529-42C4-BFF9-0610FCBBE27A} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {25C30DA3-04C0-4DBE-97D2-A495D4844B68} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {2AF3646E-0564-4F20-9F1C-A23655106DB3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-26] (AVAST Software)
Task: {4015100D-83DE-40EC-B5E5-F296E74BF4D2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {5145C73D-2A5B-4203-B693-F7759064FE78} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {573F27BB-CD64-450F-83C4-9303BF29941F} - System32\Tasks\SafeZone scheduled Autoupdate 1455485946 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {587BB18C-0389-495F-9807-33212B50E3FA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {5C8BB0C1-D3B3-4D3D-953D-F8225D91B8C5} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {6E286273-3F62-402D-80FA-055926CB5473} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {712FC852-B2ED-4B60-BB01-42C88CC0605A} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {79967A12-F86E-436A-A082-2D733828D896} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3040258654-2525527317-1144640668-1002Core => C:\Users\Guilherme\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-24] (Google Inc.)
Task: {A4B6D2AB-B9F6-4EA0-AD11-2F44D29FE556} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3040258654-2525527317-1144640668-1002UA => C:\Users\Guilherme\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-24] (Google Inc.)
Task: {A6EA4B90-80A6-494F-A983-A55FD06F904D} - System32\Tasks\{6CA3CC62-928C-4FF4-B0FB-31199B921F3F} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {A9028622-2D2C-4D52-B2BE-BE65D4BCC767} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {AF0D1740-4539-41C5-A87B-0227C9E31CB6} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {B6D0320B-1E91-4B6F-9789-AEB809182133} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
Task: {BAA4A7F1-FDE3-47A1-B178-532D0FFB0F95} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-29] ()
Task: {BDB0608F-7AD3-42E6-9DBF-830B8BEF38EB} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMKMGMKJMJOJOMHMJMCNGMMMJJHMCNLMNMOJLMCNGMMJMMJMCNMJHMKMNJMMLJOJLMGMHMOMNJJNJICMIMCNGMCNOMHMFMOMOMCNPMCNOMPMNMLMPMFMPMCNPMCNOMPMNMLMPMCNNMJNPICMPMFMFMNMMMMMJNHICMEKMICNJJCKJNBJCMILKIGJDJHJKJNICJKJJNKJCMJNNICMJNDJCMNJNIJNMJCMPM (a entrada de dados tem 41 mais caracteres).
Task: {CA40B574-6760-4D88-A39E-897FB3867519} - System32\Tasks\update-S-1-5-21-3040258654-2525527317-1144640668-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {D4050526-C85B-4727-9629-66E8EC3BCB49} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {E7D72BDE-7AE1-438D-97D6-77E14CC51A37} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {F04BE228-640C-4740-8575-1D2EBB1DC3D8} - System32\Tasks\Opera scheduled Autoupdate 1467159759 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-06] (Opera Software)
Task: {F200B5E8-1625-4AEC-AFA1-0BA0988E8DC1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {FC6B6BC0-A5E2-4AE6-A37D-59415556544A} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\McAfee Remediation (Prepare).job => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3040258654-2525527317-1144640668-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\Guilherme\Anaconda2\Scripts\activate.bat C:\Users\Guilherme\Anaconda2
==================== Módulos Carregados (Whitelisted) ==============
2015-09-10 02:08 - 2015-09-10 02:08 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-10-27 18:01 - 2015-07-13 14:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2016-08-27 12:03 - 2016-08-03 02:44 - 02495776 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-08-29 20:01 - 2013-08-29 20:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2016-08-27 12:03 - 2016-08-03 02:44 - 02495776 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-04-15 17:13 - 2015-04-15 17:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-10-27 18:36 - 2015-10-27 18:36 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-08-27 12:04 - 2016-08-03 01:34 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-27 12:04 - 2015-11-25 01:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-27 12:04 - 2016-08-03 01:31 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-27 18:36 - 2015-10-27 18:36 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 00:13 - 2015-09-10 02:07 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\Windows\System32\igfxTray.exe
2016-08-27 12:03 - 2016-03-16 01:46 - 02642272 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-08-27 12:03 - 2016-03-16 01:46 - 02107744 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2017-02-22 05:31 - 2016-05-15 11:16 - 01327184 ____N () C:\Users\Guilherme\AppData\Local\Temp\_iu14D2N.tmp
2016-09-26 23:51 - 2016-09-26 23:51 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-21 23:08 - 2017-02-21 23:08 - 05989072 _____ () C:\Program Files\AVAST Software\Avast\defs\17022101\algo.dll
2016-09-26 23:51 - 2016-09-26 23:51 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2013-10-09 00:41 - 2013-10-09 00:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 22:23 - 2013-09-09 22:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-09-26 23:51 - 2016-09-26 23:51 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-04 03:14 - 2016-09-04 03:14 - 00747520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Vbeb7089b#\02522fd092d881ca09d470946bc046e8\Microsoft.VisualStudio.Threading.ni.dll
2016-09-04 03:14 - 2016-09-04 03:14 - 00052224 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Vd43b287e#\35d8963e28bd478ec40e0d46fcab1f0a\Microsoft.VisualStudio.Validation.ni.dll
2013-04-27 14:24 - 2013-04-27 14:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2017-02-09 21:47 - 2017-02-06 03:29 - 39820376 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\opera_browser.dll
2014-03-29 14:15 - 2013-09-16 16:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-02-09 21:47 - 2017-02-06 03:29 - 45837912 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\opera_child.dll
2017-02-09 21:47 - 2017-02-06 03:29 - 01930328 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\libglesv2.dll
2017-02-09 21:47 - 2017-02-06 03:29 - 00087640 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\libegl.dll
2015-06-08 16:06 - 2015-06-08 16:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\System32:DA3B8AF1_Uni.gbp [2]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:r0d3jo5 [20]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1270]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE restricted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\skype.com -> hxxps://apps.skype.com
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2016-03-02 21:18 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Guilherme\Pictures\118156.jpg
DNS Servers: 201.21.192.161 - 201.21.192.166
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: Ds3Service => 2
HKLM\...\StartupApproved\StartupFolder: => "ScpToolkit Tray Notifications.lnk"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Diebold - Warsaw"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8E3994B149A099EB717863317060641F"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "RoboForm"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "Spotify Web Helper"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DE12D2C3-3458-4B34-B1F8-97DD53D6DE72}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{DA22B1C9-E8CB-437D-82A0-DB35D63EA8B4}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{0931B61C-340E-4839-9B02-DFB96CC41E8D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4F5E4992-D41F-41E9-BC32-CF5A872C5258}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2BFBD6E9-230B-43A7-8E16-C81E61931EDE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C8D57F68-74B2-41D5-937D-C66E999822BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{97834B26-15C0-4122-A138-E837EF88F7AF}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{389D6039-F232-4654-9549-688ADC772473}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B486233B-EDB2-479B-844E-C151D903C86B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{DC80A1D9-D7AF-42BA-94C4-022350CEA18A}] => (Allow) C:\Users\Guilherme\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2C32981C-E208-40CE-A688-18FB85D8EC3F}] => (Allow) C:\Users\Guilherme\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1B885182-2C0E-4E3C-A900-D216A2A1C5F9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B4F014BA-B7BB-44E8-A329-21785B14F130}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{384A1B77-B050-4C7C-9F48-725795DAFED6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5DE274E9-538C-411C-A8D7-5BDF66BC93E5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9B541573-172B-4F40-B240-F9DAB7880D71}] => (Allow) D:\SteamLibrary\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{5C04C042-D52E-4783-9F28-4CC647E4D8DE}] => (Allow) D:\SteamLibrary\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{92A88604-011B-44EE-BD42-8E8ED1C22A85}] => (Allow) C:\Program Files (x86)\Embarcadero\Studio\15.0\bin\bds.exe
FirewallRules: [{C9A0DC45-876B-4134-BEE9-97D03F7156F4}] => (Allow) C:\Program Files (x86)\Embarcadero\Studio\15.0\bin\dbkw64_19_0.exe
FirewallRules: [TCP Query User{E8AE3515-29A5-47FE-9BC4-DF66B584B19D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{C8677CB6-2179-4AB2-BC10-8329DB7A05C8}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{EBDB20D3-B701-4049-BBD3-9D7DD0FF217E}C:\level up\smite\binaries\win32\smite.exe] => (Allow) C:\level up\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{1F6B28F5-4EFE-474C-A637-47C141BDCB77}C:\level up\smite\binaries\win32\smite.exe] => (Allow) C:\level up\smite\binaries\win32\smite.exe
FirewallRules: [{B391A776-6A57-4A54-8603-69A67CFE076E}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [{BA0F831F-D832-414C-878D-9BC5343642BD}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [TCP Query User{EAC1BB14-473A-42FB-BEB4-BAB10B8DE36D}C:\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [UDP Query User{B15AB396-0986-4819-9FB9-0F474F3E885F}C:\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [TCP Query User{30739AE7-250A-4BFD-8D90-E4E24C57A33A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{13705EC4-C3EF-41B8-BBBC-8A28DD5847A6}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{F95685AA-0306-464F-BEC4-0208BD934C42}] => (Allow) LPort=1688
FirewallRules: [{D196F4F4-B9E1-435A-BFEC-03969550FAF7}] => (Allow) D:\Installers\Windows 10 Activators\KMSpico.10.0.102040 Beta\KMSELDI.exe
FirewallRules: [{C4131B89-4E24-4C24-9775-3540207D9CBA}] => (Allow) D:\Installers\Windows 10 Activators\KMSpico.10.0.102040 Beta\KMSELDI.exe
FirewallRules: [TCP Query User{CDF11983-3DD6-480D-9017-F0286AAEC220}C:\users\guilherme\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\guilherme\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{7210040D-816F-4885-A4D1-63E5951719AA}C:\users\guilherme\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\guilherme\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{A847D85B-48DB-48F0-86AD-421028C007AF}] => (Allow) D:\SteamLibrary\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{7AAEB37F-65DE-41E7-A8C7-EFCF6B4B6746}] => (Allow) D:\SteamLibrary\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [TCP Query User{BC6C99A9-F764-4D08-B10A-6DA3A3BFA1B6}D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{029FCE7E-F15E-4674-BD63-74D918F376F0}D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{55595132-149F-4407-8304-F912F59DA06A}] => (Block) D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{CF1B9A4A-05F8-46C9-8C82-3836FE3A36EC}] => (Block) D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{111F126A-E69C-4E0F-B02F-95BDC12857BA}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{4F8A2C6F-9FC6-4534-9ACB-0DB9ECCE8395}] => (Allow) D:\SteamLibrary\steamapps\common\Dustforce\dustforce.exe
FirewallRules: [{2D33B0FF-0FB8-4650-B14A-7B65A9F8CFC6}] => (Allow) D:\SteamLibrary\steamapps\common\Dustforce\dustforce.exe
FirewallRules: [{87547FCD-CB77-4FBD-9BF5-D2AD6F26B3DD}] => (Allow) D:\SteamLibrary\steamapps\common\Devil May Cry 4\DevilMayCry4_DX9.exe
FirewallRules: [{6968D28D-2758-4A0B-A729-4F94B2E49B61}] => (Allow) D:\SteamLibrary\steamapps\common\Devil May Cry 4\DevilMayCry4_DX9.exe
FirewallRules: [{8A5DE508-DD78-42AB-AF72-CB0C4C0FC8D5}] => (Allow) D:\SteamLibrary\steamapps\common\Devil May Cry 4\DevilMayCry4_DX10.exe
FirewallRules: [{1208AB90-05EE-4A02-857E-85B53B4ADA88}] => (Allow) D:\SteamLibrary\steamapps\common\Devil May Cry 4\DevilMayCry4_DX10.exe
FirewallRules: [TCP Query User{5F8582F5-E805-4194-BB74-3D5443BDF3C7}C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe] => (Allow) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe
FirewallRules: [UDP Query User{E4E5BDC9-554F-420E-BEBC-D171F1D569A9}C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe] => (Allow) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe
FirewallRules: [{88569BEB-84ED-4438-85BD-740C6FD86329}] => (Block) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe
FirewallRules: [{59F1F1CF-A502-44EC-BA90-59A32B961C5A}] => (Block) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe
FirewallRules: [TCP Query User{41300623-EEBB-45DB-AB89-F5675C1FEE0E}C:\program files\factorio\bin\x64\factorio.exe] => (Allow) C:\program files\factorio\bin\x64\factorio.exe
FirewallRules: [UDP Query User{4A381300-054C-4203-B8BD-3CA94EFB3432}C:\program files\factorio\bin\x64\factorio.exe] => (Allow) C:\program files\factorio\bin\x64\factorio.exe
FirewallRules: [TCP Query User{5CA6DFC3-09ED-4F86-9014-D2EE3F04FC05}C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.6_42095.exe] => (Allow) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.6_42095.exe
FirewallRules: [UDP Query User{A91ED817-9C26-4608-962B-F30B24DD46F5}C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.6_42095.exe] => (Allow) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.6_42095.exe
FirewallRules: [TCP Query User{11847CD6-0C6C-49A0-B43D-62EF9750D653}D:\games\enter the gungeon\etg.exe] => (Allow) D:\games\enter the gungeon\etg.exe
FirewallRules: [UDP Query User{D4E4A2DB-AB00-4249-AEAB-A845FC656131}D:\games\enter the gungeon\etg.exe] => (Allow) D:\games\enter the gungeon\etg.exe
FirewallRules: [{CCBE955E-FE63-4DA7-A281-A56232EC2257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{4A31ED45-126A-4835-B912-0D4D8D1293E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{00FBF3F4-2281-4A45-984E-12409723150F}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{1F0B5DB5-C76B-4EA3-926C-7F11010E693D}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{D5FF75AD-C1BD-4049-BFB3-34D90D622DB6}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{CC6F1996-EF19-4038-B1D8-EE85313FBC92}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [TCP Query User{CB837A76-513A-4131-8A2E-C9A83F5AF579}C:\program files\java\jdk1.8.0_73\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_73\bin\java.exe
FirewallRules: [UDP Query User{2993D00A-ACE5-4CD9-BF40-8D61C1269FF9}C:\program files\java\jdk1.8.0_73\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_73\bin\java.exe
FirewallRules: [{F96B4501-BC48-4671-9E0E-1BCDE6E5C5A0}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{4AB66D76-599F-4D6A-9D5F-2F12B5F18395}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [TCP Query User{9E606FAF-A2C0-4D5A-926D-93231982D733}D:\steamlibrary\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steamlibrary\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{82C4E034-4080-4E73-BA4B-F0BC8893EAA1}D:\steamlibrary\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steamlibrary\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [TCP Query User{6B93BC21-9FD0-457D-A1CE-78399123B45E}D:\installers\salt and sanctuary v1.0.0.3\salt.exe] => (Allow) D:\installers\salt and sanctuary v1.0.0.3\salt.exe
FirewallRules: [UDP Query User{817DC711-23A8-4F08-ADCE-45B4DB4E4145}D:\installers\salt and sanctuary v1.0.0.3\salt.exe] => (Allow) D:\installers\salt and sanctuary v1.0.0.3\salt.exe
FirewallRules: [TCP Query User{7524ADA4-3038-4132-A0EE-957224D13AE7}C:\users\guilherme\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guilherme\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2FDB6F01-E1C5-427C-BFA5-AD229B533CEE}C:\users\guilherme\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guilherme\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2A2A67AA-919B-4DB0-8099-63C6C318F227}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{7A5FD532-795C-4AA7-97C9-A3B272600A70}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{57411AE2-23E6-4733-83D7-37E2D82C082D}] => (Allow) D:\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{FFB488AA-FB47-4A89-9009-7F94A441450C}] => (Allow) D:\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{14669AD6-C509-4CE4-A977-AD13BA07B724}] => (Allow) D:\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{353335E3-B44E-41C7-A18F-D21E308C19B4}] => (Allow) D:\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{8B8603A2-B470-42A4-9C6B-3815C798D9F3}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{F10DA50C-7B54-4FF9-9183-C17C6D3F18D5}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [TCP Query User{023D1361-DAD1-48B5-BF93-68755924C49E}C:\program files\android\android-studio\jre\bin\java.exe] => (Allow) C:\program files\android\android-studio\jre\bin\java.exe
FirewallRules: [UDP Query User{BA710EE6-03A1-4E12-8D91-1BF9FE833C61}C:\program files\android\android-studio\jre\bin\java.exe] => (Allow) C:\program files\android\android-studio\jre\bin\java.exe
FirewallRules: [TCP Query User{94F2D592-072D-4FD7-A6D8-D064A5A81E63}D:\games\portal 2\portal2.exe] => (Allow) D:\games\portal 2\portal2.exe
FirewallRules: [UDP Query User{7DD18F3B-7B01-404E-8257-5C2BD223E3B5}D:\games\portal 2\portal2.exe] => (Allow) D:\games\portal 2\portal2.exe
FirewallRules: [TCP Query User{4ACD9DB8-8EF4-48AC-919A-E2D7D761F82C}C:\users\guilherme\appdata\local\apps\2.0\kxko4wp6.g9m\t45te2y2.22x\wind..tion_c3bce3770c238a49_0001.0000_e0e9c97537a0c660\windows10iotcoredashboard.exe] => (Allow) C:\users\guilherme\appdata\local\apps\2.0\kxko4wp6.g9m\t45te2y2.22x\wind..tion_c3bce3770c238a49_0001.0000_e0e9c97537a0c660\windows10iotcoredashboard.exe
FirewallRules: [UDP Query User{391CF7FA-DB37-4C32-A525-2E3037E8C89A}C:\users\guilherme\appdata\local\apps\2.0\kxko4wp6.g9m\t45te2y2.22x\wind..tion_c3bce3770c238a49_0001.0000_e0e9c97537a0c660\windows10iotcoredashboard.exe] => (Allow) C:\users\guilherme\appdata\local\apps\2.0\kxko4wp6.g9m\t45te2y2.22x\wind..tion_c3bce3770c238a49_0001.0000_e0e9c97537a0c660\windows10iotcoredashboard.exe
FirewallRules: [{BFB46970-26C7-44E6-9D7A-103025B86C20}] => (Allow) D:\Games\Mr DJ\Deus Ex Human Revolution Directors Cut\DXHRDC.exe
FirewallRules: [{3481FBA6-C29F-4C96-AE75-8F127CB39C37}] => (Allow) D:\Games\Mr DJ\Deus Ex Human Revolution Directors Cut\DXHRDC.exe
FirewallRules: [TCP Query User{C67DF132-A3C6-4ED7-AE7A-A78600218F20}D:\games\factorio\bin\x64\factorio.exe] => (Allow) D:\games\factorio\bin\x64\factorio.exe
FirewallRules: [UDP Query User{C946D36D-AEE0-491B-A40E-30CE48A7772A}D:\games\factorio\bin\x64\factorio.exe] => (Allow) D:\games\factorio\bin\x64\factorio.exe
FirewallRules: [{42D199DD-B268-4B29-9542-45203993EBDE}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{8ED70B21-952D-4581-9F3B-03B962C000BB}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{02591AF2-41DC-491F-8C43-9DEAB20C693F}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{3FF546E9-B832-4F3E-ACA7-2658858F4D14}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{F6662C4B-163D-4AFC-BCA0-C18482FCF667}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{71F084E9-3B46-4DD8-9A03-AB72D40874AD}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{9EEE503E-C150-4FC7-BF57-2B1C78A8071D}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{D1833C22-59B1-4705-B6AF-E32A5FD98C96}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [TCP Query User{0A24C615-9243-4DBE-B048-666982F1A069}D:\games\diablo ii\game.exe] => (Allow) D:\games\diablo ii\game.exe
FirewallRules: [UDP Query User{910890B0-7306-487D-A647-D6BECAEF76AB}D:\games\diablo ii\game.exe] => (Allow) D:\games\diablo ii\game.exe
FirewallRules: [{8412254D-910E-4AFA-A54A-D1D52AC991DF}] => (Allow) D:\Games\Rayman Origins\gu.exe
FirewallRules: [{DE2C1EBD-7D10-453F-9A2A-4CF5D345509B}] => (Allow) D:\Games\Rayman Origins\gu.exe
FirewallRules: [{503C1546-01B8-4858-BEB5-E26DB7886E34}] => (Allow) D:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{48211AD6-506F-4225-A42A-48379857E98D}] => (Allow) D:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [TCP Query User{FFF1E654-0168-483D-BAF4-4FCEC342071C}D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{3A712EE3-C600-4C33-82FE-C93CF5066C93}D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{B66A20C1-A351-4F00-9017-A48CA259B37A}D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe] => (Allow) D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{2E5A8067-8C9E-435B-B443-1A79F7F6B84F}D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe] => (Allow) D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe
FirewallRules: [{7C39A115-4652-45C1-AF0E-A42F8E696C80}] => (Block) D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe
FirewallRules: [{1F94912C-D6F1-4C70-9F48-812172B9BC92}] => (Block) D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe
FirewallRules: [TCP Query User{E7FA19A5-1593-45BC-A192-34225DBA01D5}D:\games\helldivers\binaries\x64\helldivers.exe] => (Allow) D:\games\helldivers\binaries\x64\helldivers.exe
FirewallRules: [UDP Query User{5693E021-FAE2-42BF-AC85-80A661A6314D}D:\games\helldivers\binaries\x64\helldivers.exe] => (Allow) D:\games\helldivers\binaries\x64\helldivers.exe
FirewallRules: [{EF2C0134-0E0E-4FC5-B333-0C598EE86C50}] => (Block) D:\games\helldivers\binaries\x64\helldivers.exe
FirewallRules: [{5B1C92EE-D192-4D36-A34A-F2A21ECFF2EE}] => (Block) D:\games\helldivers\binaries\x64\helldivers.exe
FirewallRules: [{71BAC44A-5700-494A-9A28-22D111AA0494}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{BE6D7608-6298-4A5B-9632-D19CEDCC867E}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{EBD3FD96-B915-48EC-81F5-077F8E5B2C98}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{93128CEF-A513-4BD9-B4E0-8D67271FA197}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B9CEE81C-32A1-445F-BCEB-F8D5B0FCDA36}] => (Allow) D:\SteamLibrary\steamapps\common\99Vidas - The Game\99VidasGame.exe
FirewallRules: [{729AB607-2A67-45C6-AC0F-2C33C382497B}] => (Allow) D:\SteamLibrary\steamapps\common\99Vidas - The Game\99VidasGame.exe
FirewallRules: [{C0D98FED-9A00-4AD6-B2DB-070A157A21AC}] => (Allow) D:\SteamLibrary\steamapps\common\Momodora RUtM\MomodoraRUtM.exe
FirewallRules: [{23A6740E-3203-4EDA-BA43-422078A77692}] => (Allow) D:\SteamLibrary\steamapps\common\Momodora RUtM\MomodoraRUtM.exe
FirewallRules: [TCP Query User{7016705E-E664-4D28-9F84-BAC7D25C3791}C:\users\guilherme\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guilherme\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{02899235-61C9-4C1E-AE75-67000FAC42D3}C:\users\guilherme\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guilherme\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A10F13BD-1372-4A93-9F2E-715CA9FD28CA}] => (Allow) D:\SteamLibrary\steamapps\common\Disgaea PC\dis1_st.exe
FirewallRules: [{5FA3E5A0-6068-4873-B5A4-6678F088C141}] => (Allow) D:\SteamLibrary\steamapps\common\Disgaea PC\dis1_st.exe
FirewallRules: [{D16875D3-89C2-432E-B7DA-02F99C95F0C5}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{C1A731B9-4C95-4445-AAF4-76496BA3D0A2}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{03E7B35D-9789-4A7B-82E8-E0B16AD63670}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{354F7F85-47FF-46DE-B450-351653C564ED}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{1E5EE88E-BB9A-403F-B42B-0698A32E0E0F}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{575A8F71-0058-4C09-81BF-3E75C7BCDEBB}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{B70FBB56-D947-4AE0-BB31-1D853CC236C7}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{36DEA739-E65E-473E-A6E5-92714ABBF392}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [TCP Query User{32F434C9-FAAA-4F91-9F1A-AD85D1A8B0D0}D:\games\salt and sanctuary\salt.exe] => (Allow) D:\games\salt and sanctuary\salt.exe
FirewallRules: [UDP Query User{B72B2AF6-3DA0-4EAF-9B20-969C13316400}D:\games\salt and sanctuary\salt.exe] => (Allow) D:\games\salt and sanctuary\salt.exe
FirewallRules: [{E1D2041E-D277-43AF-91CA-39506E0A53C4}] => (Block) D:\games\salt and sanctuary\salt.exe
FirewallRules: [{5C754D4A-38EA-46E3-884D-437A148B1731}] => (Block) D:\games\salt and sanctuary\salt.exe
FirewallRules: [TCP Query User{69B4AD74-AAA4-4D4A-B4C9-A2D4335A6095}C:\rrpg\rrpg.exe] => (Allow) C:\rrpg\rrpg.exe
FirewallRules: [UDP Query User{AA951611-A5F3-41B2-9C23-DFEE81BA4D8E}C:\rrpg\rrpg.exe] => (Allow) C:\rrpg\rrpg.exe
FirewallRules: [{EC87EB2E-E244-476F-83AC-58AB670684E7}] => (Block) C:\rrpg\rrpg.exe
FirewallRules: [{51787C44-D190-4E85-80AD-DC5CFA1C777D}] => (Block) C:\rrpg\rrpg.exe
FirewallRules: [{A0F7168B-55EB-469B-A0DE-CB567F273D24}] => (Allow) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
FirewallRules: [{F5F199FE-D144-4F9F-B3EF-F6819434E6EA}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
==================== Pontos de Restauração =========================
30-01-2017 13:58:35 Ponto de Verificação Agendado
08-02-2017 12:15:22 Ponto de Verificação Agendado
17-02-2017 12:13:39 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/22/2017 05:58:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Guilherme-Note)
Description: Falha na ativação do aplicativo Microsoft.WindowsAlarms_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/22/2017 05:58:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Guilherme-Note)
Description: Falha na ativação do aplicativo Microsoft.WindowsAlarms_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/22/2017 05:33:04 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.
Error: (02/22/2017 05:33:04 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (02/22/2017 05:33:04 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (02/22/2017 12:07:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Guilherme-Note)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/21/2017 07:29:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (02/21/2017 07:29:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Windows Kits\10\bin\arm64\oleview.exe".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (02/21/2017 07:29:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Windows Kits\10\bin\arm64\filetypeverifier.exe".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (02/21/2017 07:28:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Windows Kits\10\bin\arm\signtool.exe.Manifest".
Assembly dependente Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Erros de Sistema:
=============
Error: (02/22/2017 05:59:22 AM) (Source: DCOM) (EventID: 10001) (User: Guilherme-Note)
Description: Não é possível iniciar o servidor DCOM: App.AppXvwgnrrhcka99admvy9fqan3zpdmgg69a.mca como Não Disponível/Não Disponível. O erro:
"31"
Aconteceu ao iniciar este comando:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppX4325622ft6437f3xfywcfxgbedfvpn0x.mca
Error: (02/22/2017 05:59:21 AM) (Source: DCOM) (EventID: 10001) (User: Guilherme-Note)
Description: Não é possível iniciar o servidor DCOM: App.AppXrvx5vw3ftamg62prcf1xd7e4aena2tfj.mca como Não Disponível/Não Disponível. O erro:
"31"
Aconteceu ao iniciar este comando:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppX4325622ft6437f3xfywcfxgbedfvpn0x.mca
Error: (02/22/2017 05:33:44 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:43 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:42 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:41 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:40 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:39 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:38 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:37 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentagem de memória em uso: 57%
RAM física total: 6027.2 MB
RAM física disponível: 2574.45 MB
Virtual Total: 7243.2 MB
Virtual disponível: 3716.29 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:193.26 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:361.36 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8BC57F20)
Partition: GPT.
==================== Fim de Addition.txt ============================
aswMBR Log
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2017-02-22 19:11:20
-----------------------------
19:11:20.829 OS Version: Windows x64 6.2.9200
19:11:20.829 Number of processors: 4 586 0x4501
19:11:20.829 ComputerName: GUILHERME-NOTE UserName: Guilherme
19:11:25.829 Initialize success
19:11:25.845 VM: initialized successfully
19:11:25.845 VM: Intel CPU supported
19:11:27.251 VM: disk I/O iaStorA.sys
19:11:39.036 AVAST engine defs: 17022101
19:11:43.739 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000036
19:11:43.739 Disk 0 Vendor: TOSHIBA_MQ01ABD100 AX0R2J Size: 953869MB BusType: 11
19:11:44.192 Disk 0 MBR read successfully
19:11:44.192 Disk 0 MBR scan
19:11:44.692 Disk 0 unknown MBR code
19:11:44.739 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
19:11:45.286 Disk 0 scanning C:\WINDOWS\system32\drivers
19:12:36.979 Service scanning
19:15:00.877 Modules scanning
19:15:00.877 Disk 0 trace - called modules:
19:15:01.234 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
19:15:01.234 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0003b76e390]
19:15:01.250 3 CLASSPNP.SYS[fffff8005cb246c5] -> nt!IofCallDriver -> [0xffffe0003a1a1e40]
19:15:01.250 5 ACPI.sys[fffff8005baa1361] -> nt!IofCallDriver -> [0xffffe0003a103930]
19:15:01.257 7 ACPI.sys[fffff8005baa1361] -> nt!IofCallDriver -> \Device\00000036[0xffffe00038978500]
19:15:08.780 AVAST engine scan C:\WINDOWS
19:15:14.531 AVAST engine scan C:\WINDOWS\system32
19:27:26.006 AVAST engine scan C:\WINDOWS\system32\drivers
19:28:30.107 AVAST engine scan C:\Users\Guilherme
23:04:43.940 AVAST engine scan C:\ProgramData
23:18:55.656 Disk 0 statistics 13297722/0/0 @ 181,84 MB/s
23:18:55.672 Scan finished successfully
01:16:19.940 Disk 0 MBR has been saved successfully to "C:\Users\Guilherme\Desktop\MBR.dat"
01:16:19.940 The log file has been saved successfully to "C:\Users\Guilherme\Desktop\aswMBR.txt"
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 19-02-2017
Executado por Guilherme (administrador) em GUILHERME-NOTE (22-02-2017 05:44:09)
Executando a partir de C:\Users\Guilherme\Desktop
Perfis Carregados: UpdatusUser & Guilherme (Perfis Disponíveis: UpdatusUser & Guilherme & Administrador)
Platform: Windows 10 Home Single Language (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Opera)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
() C:\Windows\System32\igfxTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.17020_none_1152834562020692\TiWorker.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() D:\Games\Crypt of the NecroDancer\unins000.exe
() C:\Users\Guilherme\AppData\Local\Temp\_iu14D2N.tmp
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [396688 2015-07-17] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348712 2015-11-01] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
Winlogon\Notify\ GbPluginUni-x32: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [X]
HKU\S-1-5-21-3040258654-2525527317-1144640668-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Run: [Google Update] => C:\Users\Guilherme\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-18] (Valve Corporation)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Run: [Spotify Web Helper] => C:\Users\Guilherme\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Run: [Spotify] => C:\Users\Guilherme\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\RunOnce: [Uninstall C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\RunOnce: [Uninstall C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\RunOnce: [Uninstall C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Guilherme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-26] (AVAST Software)
Startup: C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-01-31]
ShortcutTarget: Curse.lnk -> C:\Users\Guilherme\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
GroupPolicy: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\..\Interfaces\{185f0d10-ace8-4f9b-9b2b-b13488d7d565}: [DhcpNameServer] 201.21.192.161 201.21.192.166
Tcpip\..\Interfaces\{fa2d569b-cdc1-4147-a5a5-2fdf68d294d5}: [DhcpNameServer] 201.21.192.161 201.21.192.166
Internet Explorer:
==================
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-12] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-20] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll => Nenhum Arquivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-20] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: 8x4uo2vf.default
FF ProfilePath: C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\kp37pia3.dev-edition-default [2016-12-17]
FF Extension: (Adblock Plus) - C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\kp37pia3.dev-edition-default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF ProfilePath: C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\8x4uo2vf.default [2016-12-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-14]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-11-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3040258654-2525527317-1144640668-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3040258654-2525527317-1144640668-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1418085823&from=smt&uid=ST2000DM001-1CH164_W1E5G644XXXXW1E5G644"
CHR Profile: C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default [2017-02-21]
CHR Extension: (Google Apresentações) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-24]
CHR Extension: (Google Docs) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-24]
CHR Extension: (Google Drive) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24]
CHR Extension: (Adblock Plus) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-30]
CHR Extension: (Google Search) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Planilhas do Google) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-24]
CHR Extension: (Documentos Google off-line) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Avast Online Security) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <não encontrado (a)>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <não encontrado (a)>
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Guilherme\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-10-28]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [Arquivo não assinado]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-26] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-07-21] (ELAN Microelectronics Corp.)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-10-10] (Hi-Rez Studios) [Arquivo não assinado]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-07-28] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2120712 2016-06-03] (Electronic Arts)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [139264 2016-07-27] (Microsoft Corporation) [Arquivo não assinado]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2016-08-03] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-26] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-26] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-26] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-26] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-26] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2016-07-24] (GAS Tecnologia)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2015-08-06] (LogMeIn Inc.)
R2 IntelHaxm; C:\WINDOWS\system32\DRIVERS\IntelHaxm.sys [96776 2015-11-16] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2016-01-23] (hxxp://libusb-win32.sourceforge.net)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [127456 2016-03-04] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205784 2016-03-04] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-02-22 05:45 - 2017-02-22 05:45 - 05198336 _____ (AVAST Software) C:\Users\Guilherme\Desktop\aswMBR.exe
2017-02-22 05:44 - 2017-02-22 05:50 - 00023985 _____ C:\Users\Guilherme\Desktop\FRST.txt
2017-02-22 05:42 - 2017-02-22 05:44 - 00000000 ____D C:\FRST
2017-02-22 05:42 - 2017-02-22 05:42 - 02422784 _____ (Farbar) C:\Users\Guilherme\Desktop\FRST64.exe
2017-02-22 05:37 - 2017-02-22 05:37 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-GUILHERME-NOTE-Windows-10-Home-Single-Language-(64-bit).dat
2017-02-22 05:37 - 2017-02-22 05:37 - 00000000 ____D C:\RegBackup
2017-02-22 05:36 - 2017-02-22 05:36 - 00018004 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2017-02-22 05:36 - 2017-02-22 05:36 - 00002314 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2017-02-22 05:36 - 2017-02-22 05:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2017-02-22 05:36 - 2017-02-22 05:36 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2017-02-22 05:35 - 2017-02-22 05:36 - 05766144 _____ (Tweaking.com) C:\Users\Guilherme\Desktop\tweaking.com_registry_backup_setup.exe
2017-02-22 05:26 - 2017-02-22 05:26 - 00016148 _____ C:\WINDOWS\system32\GUILHERME-NOTE_Guilherme_HistoryPrediction.bin
2017-01-31 10:35 - 2017-01-31 10:35 - 00020542 _____ C:\Users\Guilherme\Downloads\segundaViaDoc.pdf
2017-01-28 18:18 - 2017-01-28 18:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-02-22 05:51 - 2015-10-24 21:41 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\BitTorrent
2017-02-22 05:47 - 2015-07-30 19:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 05:40 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-22 05:35 - 2015-10-24 21:11 - 00000075 _____ C:\Users\Guilherme\AppData\Roaming\sp_data.sys
2017-02-22 05:34 - 2015-07-30 19:42 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-22 05:33 - 2016-02-03 16:55 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-02-22 05:33 - 2015-10-27 18:24 - 02238952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-22 05:33 - 2015-09-10 02:05 - 02278134 _____ C:\WINDOWS\system32\prfh0416.dat
2017-02-22 05:33 - 2015-09-10 02:05 - 00664324 _____ C:\WINDOWS\system32\prfc0416.dat
2017-02-22 05:33 - 2014-03-29 14:22 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-02-22 05:32 - 2015-11-01 14:12 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A98DCBA0-4827-44CB-80EA-350247BCB4A2}
2017-02-22 05:27 - 2016-10-27 18:31 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-02-22 05:27 - 2015-10-27 18:32 - 00000000 __SHD C:\Users\Guilherme\IntelGraphicsProfiles
2017-02-22 05:27 - 2015-10-27 18:00 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-22 05:26 - 2016-04-15 20:06 - 00000093 _____ C:\HaxLogs.txt
2017-02-22 05:26 - 2015-07-30 18:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-22 02:27 - 2013-08-22 10:36 - 00000000 ____D C:\Users\Default.migrated
2017-02-22 00:07 - 2015-10-24 21:29 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Skype
2017-02-22 00:07 - 2015-07-10 06:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-02-22 00:06 - 2016-06-03 19:09 - 00000000 ____D C:\Users\Guilherme\AppData\Local\Spotify
2017-02-22 00:01 - 2015-10-24 22:53 - 00000426 _____ C:\WINDOWS\Tasks\update-sys.job
2017-02-21 23:31 - 2015-10-24 22:53 - 00000426 _____ C:\WINDOWS\Tasks\update-S-1-5-21-3040258654-2525527317-1144640668-1002.job
2017-02-21 20:48 - 2016-06-03 19:06 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Spotify
2017-02-20 20:24 - 2017-01-05 21:44 - 00003296 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-20 20:24 - 2015-10-27 18:40 - 00002387 _____ C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-09 21:47 - 2016-06-28 21:22 - 00003974 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1467159759
2017-02-09 21:47 - 2016-06-28 21:22 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-09 21:47 - 2016-06-28 21:20 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-07 00:11 - 2015-10-24 21:24 - 00002477 _____ C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-05 23:36 - 2016-10-01 22:26 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Audacity
2017-02-02 19:06 - 2016-09-13 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-02 19:06 - 2015-10-24 21:28 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2017-02-02 19:06 - 2015-10-24 21:28 - 00000000 ____D C:\ProgramData\Skype
2017-02-01 13:51 - 2016-04-09 12:43 - 00000000 ____D C:\Users\Guilherme\Desktop\App
2017-01-30 18:19 - 2015-11-01 11:38 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-30 14:35 - 2016-01-23 11:19 - 00000000 ____D C:\Users\Guilherme\Desktop\Jogos
2017-01-30 14:35 - 2015-10-25 23:50 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-29 17:29 - 2015-10-27 18:06 - 00000000 ____D C:\Users\UpdatusUser
2017-01-28 18:18 - 2015-10-25 12:07 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-28 14:44 - 2015-11-10 18:39 - 00000000 ____D C:\Users\Guilherme\Documents\CnWizards
2017-01-27 23:17 - 2015-11-09 17:40 - 00000000 ____D C:\Users\Todos os Usuários\Embarcadero
2017-01-27 23:17 - 2015-11-09 17:40 - 00000000 ____D C:\ProgramData\Embarcadero
2017-01-27 15:52 - 2015-10-27 18:06 - 00000000 ____D C:\Users\Guilherme
==================== Arquivos na raiz de alguns diretórios =======
2015-10-24 21:11 - 2017-02-22 05:35 - 0000075 _____ () C:\Users\Guilherme\AppData\Roaming\sp_data.sys
2016-08-14 20:08 - 2016-08-14 20:08 - 0000000 ___SH () C:\Users\Guilherme\AppData\Local\LumaEmu
2016-11-17 18:19 - 2016-11-17 18:19 - 0002421 _____ () C:\Users\Guilherme\AppData\Local\recently-used.xbel
2015-10-24 22:53 - 2015-10-24 22:53 - 0000003 _____ () C:\Users\Guilherme\AppData\Local\updater.log
2015-10-24 22:53 - 2016-08-07 03:07 - 0000424 _____ () C:\Users\Guilherme\AppData\Local\UserProducts.xml
2013-12-18 14:55 - 2012-09-07 08:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-18 14:55 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-18 14:55 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Alguns arquivos em TEMP:
====================
2015-11-15 16:42 - 2015-11-15 16:42 - 0079736 _____ (AppWork GmbH) C:\Users\Guilherme\AppData\Local\Temp\130920901306023245.exe
2015-11-15 16:42 - 2015-11-15 16:42 - 0872476 _____ (Web installer ) C:\Users\Guilherme\AppData\Local\Temp\13092090138792059536.exe
2016-09-23 03:46 - 2000-04-06 07:00 - 0263168 ____N () C:\Users\Guilherme\AppData\Local\Temp\binkw32.dll
2016-09-23 03:46 - 2001-05-09 21:19 - 0352256 ____N (Blizzard Entertainment) C:\Users\Guilherme\AppData\Local\Temp\d2l_Install.exe
2016-02-17 17:44 - 2016-02-17 17:44 - 0000000 _____ () C:\Users\Guilherme\AppData\Local\Temp\GURDACB.exe
2016-01-04 17:06 - 2016-01-04 17:07 - 24814584 _____ (ArenaNet) C:\Users\Guilherme\AppData\Local\Temp\Gw2.exe
2016-10-13 19:23 - 2016-10-13 19:23 - 16701440 ____N () C:\Users\Guilherme\AppData\Local\Temp\javagiac0.2182347912007514.dll
2016-08-23 22:04 - 2016-08-23 22:04 - 16701440 ____N () C:\Users\Guilherme\AppData\Local\Temp\javagiac0.30589597969029025.dll
2016-07-24 22:19 - 2016-07-24 22:19 - 0741440 _____ (Oracle Corporation) C:\Users\Guilherme\AppData\Local\Temp\jre-8u101-windows-au.exe
2015-10-07 15:17 - 2015-10-07 15:17 - 0585824 _____ (Oracle Corporation) C:\Users\Guilherme\AppData\Local\Temp\jre-8u65-windows-au.exe
2016-01-20 21:55 - 2016-01-20 21:55 - 0644704 _____ (Oracle Corporation) C:\Users\Guilherme\AppData\Local\Temp\jre-8u71-windows-au.exe
2016-02-13 09:54 - 2016-02-13 09:54 - 0736352 _____ (Oracle Corporation) C:\Users\Guilherme\AppData\Local\Temp\jre-8u73-windows-au.exe
2015-09-01 08:11 - 2015-09-01 08:11 - 0120336 _____ (McAfee, Inc.) C:\Users\Guilherme\AppData\Local\Temp\McCSPInstall.dll
2015-11-01 11:20 - 2015-09-01 08:11 - 0162120 _____ (McAfee Inc.) C:\Users\Guilherme\AppData\Local\Temp\mccspuninstall.exe
2016-09-27 10:29 - 2016-09-27 10:29 - 0040448 ____N () C:\Users\Guilherme\AppData\Local\Temp\proxy_vole146836755875676782.dll
2016-09-27 10:28 - 2016-09-27 10:28 - 0040448 ____N () C:\Users\Guilherme\AppData\Local\Temp\proxy_vole4981657535685034036.dll
2016-09-27 10:29 - 2016-09-27 10:29 - 0040448 ____N () C:\Users\Guilherme\AppData\Local\Temp\proxy_vole6307089412700812183.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-02-19 16:26
==================== Fim de FRST.txt ============================
Addition Log:
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 19-02-2017
Executado por Guilherme (22-02-2017 05:51:58)
Executando a partir de C:\Users\Guilherme\Desktop
Windows 10 Home Single Language (X64) (2015-10-27 21:31:29)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3040258654-2525527317-1144640668-500 - Administrator - Disabled) => C:\Users\Administrator
Convidado (S-1-5-21-3040258654-2525527317-1144640668-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-3040258654-2525527317-1144640668-503 - Limited - Disabled)
Guilherme (S-1-5-21-3040258654-2525527317-1144640668-1002 - Administrator - Enabled) => C:\Users\Guilherme
HomeGroupUser$ (S-1-5-21-3040258654-2525527317-1144640668-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3040258654-2525527317-1144640668-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
99Vidas (HKLM\...\Steam App 557040) (Version: - QUByte Interactive)
Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
ASUS Backtracker (HKLM-x32\...\{C15C060C-ED1C-49EB-83B3-F7C0FD1CD661}) (Version: 3.0.3 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.7 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5710.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Build Tools for Windows 10 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CnPack IDE Wizards (HKLM-x32\...\CnWizards) (Version: 1.0.5.693 - CnPack Team)
CodeBlocks (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
CodedUITestUAP (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant)
Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Dead Space™ (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts)
Deus Ex Human Revolution Directors Cut version 2.0.66.0 (HKLM-x32\...\Deus Ex Human Revolution Directors Cut_is1) (Version: 2.0.66.0 - Mr DJ)
Devil May Cry 4 (HKLM-x32\...\Steam App 45700) (Version: - Capcom)
Discord (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Disgaea PC (HKLM\...\Steam App 405900) (Version: - Nippon Ichi Software, Inc.)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dustforce (HKLM-x32\...\Steam App 65300) (Version: - Hitbox Team)
ELAN Touchpad 11.5.20.3_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.20.3 - ELAN Microelectronic Corp.)
Embarcadero RAD Studio XE7 (HKLM-x32\...\{70A0BF24-4DD3-42C9-81A5-43C5644F5834}_is1) (Version: 21.0.17707.5020 - Lsuper)
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Firefox Developer Edition 45.0a2 (x86 pt-BR) (HKLM-x32\...\Firefox Developer Edition 45.0a2 (x86 pt-BR)) (Version: 45.0a2 - Mozilla)
Firestorm Launcher version 1.3 (HKLM-x32\...\{008D5963-9A73-4472-8C16-A5BF04491B9D}_is1) (Version: 1.3 - Firestorm)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.269.0 - International GeoGebra Institute)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hyper Light Drifter (HKLM-x32\...\1452863689_is1) (Version: 2.6.0.8 - GOG.com)
IDE Tools for Windows 10 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
IDE Tools for Windows 10 (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{30F3FF94-225B-4319-A13C-E307FFDA3CFB}) (Version: 6.0.1 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 8 Update 73 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.14393.33 - Microsoft) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Magicka (HKLM\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Mediatek Bluetooth (HKLM\...\{E0B1ECF5-766A-5464-BFE2-2C1BED6A49FB}) (Version: 11.0.748.2 - Mediatek)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Speech Platform SDK (x64) v11.0 (HKLM\...\{53D682B6-5381-4B44-B590-584AAD0460C0}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Speech Platform SDK (x86) v11.0 (HKLM-x32\...\{A946A6CC-E9F2-44A8-9A8D-095C756AF4EB}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{dfcbf7c4-6232-423c-b43c-38d118e2378f}) (Version: 14.0.24720.41 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Momodora: Reverie Under the Moonlight (HKLM\...\Steam App 428550) (Version: - Bombservice)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.0.5833 - Mozilla)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
MySQL Workbench 6.3 CE (HKLM\...\{0D901124-B910-4985-9D4F-AC5C2FEF7493}) (Version: 6.3.7 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.5 - Notepad++ Team)
NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 43.0.2442.806 (HKLM-x32\...\Opera 43.0.2442.806) (Version: 43.0.2442.806 - Opera Software)
Oracle VM VirtualBox 5.0.16 (HKLM\...\{F2E958A1-9215-4C7D-9A2E-F0740B8CA5B7}) (Version: 5.0.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Pacote de Direcionamento do Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM-x32\...\{34A6EAAA-8D75-4775-A982-FBC793C4A868}) (Version: 4.6.01055 - Microsoft Corporation)
Painel de controle da NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Professionald 2015 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden
Python 2.7.12 (Anaconda2 4.1.1 64-bit) (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Python 2.7.12 (Anaconda2 4.1.1 64-bit)) (Version: 4.1.1 - Continuum Analytics, Inc.)
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Roleplaying City Map Generator 5.40 (HKLM-x32\...\{3B585A53-CC41-4969-A7CB-F0E5D34ACA08}) (Version: 5.4.0.0 - )
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version: - Enterbrain, Inc.)
RRPG Firecast (HKLM-x32\...\{EB4C3686-A52C-4F40-9D53-F8571CC5FD5D}_is1) (Version: 7 - AlyssonRPG)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
SDK do Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM-x32\...\{5C233FE7-872F-4526-87AF-0E8D8AE00DEB}) (Version: 4.6.01055 - Microsoft Corporation)
Secure Download Manager (HKLM-x32\...\{F0858165-B8DB-4347-89B8-6D9F882B9BF3}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.9.0.16 - GOG.com)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
SourceTree (HKLM-x32\...\SourceTree 1.9.6.1) (Version: 1.9.6.1 - Atlassian)
SourceTree (x32 Version: 1.9.6.1 - Atlassian) Hidden
Spotify (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TalonRO Client (HKLM-x32\...\TalonRO_is1) (Version: 2.0 - TalonRO)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Tiled (HKLM-x32\...\{8C09C5E0-D123-49E9-926A-5A81513A25EE}) (Version: 0.17.1 - mapeditor.org)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
TypeScript Power Tool (x32 Version: 1.7.6.0 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.6.0 (HKLM-x32\...\{5ee9a47a-3630-4016-b76d-dc752e9218dd}) (Version: 1.7.24809.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
WinAppDeploy (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Windows 10 IoT Core Dashboard (HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\2c4529525b7e166a) (Version: 1.0.1608.1003 - Windows 10 IoT Core)
Windows Driver Package - ASUS (ATP) Mouse (10/31/2013 1.0.0.191) (HKLM\...\15591935E93BF0A0E42CA53B578EE5E630971E15) (Version: 10/31/2013 1.0.0.191 - ASUS)
Windows SDK AddOn (HKLM-x32\...\{45D392D2-5956-4646-9CA6-83CBF67507B6}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.24-1 - Bitnami)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Guilherme\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {076F7AEB-CB16-4C39-B6AD-7AF0D84CC122} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {0BBB8BCE-B9C8-4466-BAE0-FBFD1617B2F8} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {1ACC39EB-D7BF-440F-9478-5F1F5AA2B219} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {1EB7CF1F-8529-42C4-BFF9-0610FCBBE27A} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {25C30DA3-04C0-4DBE-97D2-A495D4844B68} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {2AF3646E-0564-4F20-9F1C-A23655106DB3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-26] (AVAST Software)
Task: {4015100D-83DE-40EC-B5E5-F296E74BF4D2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {5145C73D-2A5B-4203-B693-F7759064FE78} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {573F27BB-CD64-450F-83C4-9303BF29941F} - System32\Tasks\SafeZone scheduled Autoupdate 1455485946 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {587BB18C-0389-495F-9807-33212B50E3FA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {5C8BB0C1-D3B3-4D3D-953D-F8225D91B8C5} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {6E286273-3F62-402D-80FA-055926CB5473} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {712FC852-B2ED-4B60-BB01-42C88CC0605A} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {79967A12-F86E-436A-A082-2D733828D896} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3040258654-2525527317-1144640668-1002Core => C:\Users\Guilherme\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-24] (Google Inc.)
Task: {A4B6D2AB-B9F6-4EA0-AD11-2F44D29FE556} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3040258654-2525527317-1144640668-1002UA => C:\Users\Guilherme\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-24] (Google Inc.)
Task: {A6EA4B90-80A6-494F-A983-A55FD06F904D} - System32\Tasks\{6CA3CC62-928C-4FF4-B0FB-31199B921F3F} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {A9028622-2D2C-4D52-B2BE-BE65D4BCC767} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {AF0D1740-4539-41C5-A87B-0227C9E31CB6} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {B6D0320B-1E91-4B6F-9789-AEB809182133} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
Task: {BAA4A7F1-FDE3-47A1-B178-532D0FFB0F95} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-29] ()
Task: {BDB0608F-7AD3-42E6-9DBF-830B8BEF38EB} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMKMGMKJMJOJOMHMJMCNGMMMJJHMCNLMNMOJLMCNGMMJMMJMCNMJHMKMNJMMLJOJLMGMHMOMNJJNJICMIMCNGMCNOMHMFMOMOMCNPMCNOMPMNMLMPMFMPMCNPMCNOMPMNMLMPMCNNMJNPICMPMFMFMNMMMMMJNHICMEKMICNJJCKJNBJCMILKIGJDJHJKJNICJKJJNKJCMJNNICMJNDJCMNJNIJNMJCMPM (a entrada de dados tem 41 mais caracteres).
Task: {CA40B574-6760-4D88-A39E-897FB3867519} - System32\Tasks\update-S-1-5-21-3040258654-2525527317-1144640668-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {D4050526-C85B-4727-9629-66E8EC3BCB49} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {E7D72BDE-7AE1-438D-97D6-77E14CC51A37} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {F04BE228-640C-4740-8575-1D2EBB1DC3D8} - System32\Tasks\Opera scheduled Autoupdate 1467159759 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-06] (Opera Software)
Task: {F200B5E8-1625-4AEC-AFA1-0BA0988E8DC1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {FC6B6BC0-A5E2-4AE6-A37D-59415556544A} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\McAfee Remediation (Prepare).job => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3040258654-2525527317-1144640668-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\Guilherme\Anaconda2\Scripts\activate.bat C:\Users\Guilherme\Anaconda2
==================== Módulos Carregados (Whitelisted) ==============
2015-09-10 02:08 - 2015-09-10 02:08 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-10-27 18:01 - 2015-07-13 14:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2016-08-27 12:03 - 2016-08-03 02:44 - 02495776 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-08-29 20:01 - 2013-08-29 20:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2016-08-27 12:03 - 2016-08-03 02:44 - 02495776 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-04-15 17:13 - 2015-04-15 17:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-10-27 18:36 - 2015-10-27 18:36 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-08-27 12:04 - 2016-08-03 01:34 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-27 12:04 - 2015-11-25 01:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-27 12:04 - 2016-08-03 01:31 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-27 18:36 - 2015-10-27 18:36 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 00:13 - 2015-09-10 02:07 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\Windows\System32\igfxTray.exe
2016-08-27 12:03 - 2016-03-16 01:46 - 02642272 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-08-27 12:03 - 2016-03-16 01:46 - 02107744 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2017-02-22 05:31 - 2016-05-15 11:16 - 01327184 ____N () C:\Users\Guilherme\AppData\Local\Temp\_iu14D2N.tmp
2016-09-26 23:51 - 2016-09-26 23:51 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-21 23:08 - 2017-02-21 23:08 - 05989072 _____ () C:\Program Files\AVAST Software\Avast\defs\17022101\algo.dll
2016-09-26 23:51 - 2016-09-26 23:51 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2013-10-09 00:41 - 2013-10-09 00:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 22:23 - 2013-09-09 22:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-09-26 23:51 - 2016-09-26 23:51 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-04 03:14 - 2016-09-04 03:14 - 00747520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Vbeb7089b#\02522fd092d881ca09d470946bc046e8\Microsoft.VisualStudio.Threading.ni.dll
2016-09-04 03:14 - 2016-09-04 03:14 - 00052224 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Vd43b287e#\35d8963e28bd478ec40e0d46fcab1f0a\Microsoft.VisualStudio.Validation.ni.dll
2013-04-27 14:24 - 2013-04-27 14:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2017-02-09 21:47 - 2017-02-06 03:29 - 39820376 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\opera_browser.dll
2014-03-29 14:15 - 2013-09-16 16:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-02-09 21:47 - 2017-02-06 03:29 - 45837912 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\opera_child.dll
2017-02-09 21:47 - 2017-02-06 03:29 - 01930328 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\libglesv2.dll
2017-02-09 21:47 - 2017-02-06 03:29 - 00087640 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\libegl.dll
2015-06-08 16:06 - 2015-06-08 16:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\System32:DA3B8AF1_Uni.gbp [2]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:r0d3jo5 [20]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1270]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE restricted site: HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\skype.com -> hxxps://apps.skype.com
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2016-03-02 21:18 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3040258654-2525527317-1144640668-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Guilherme\Pictures\118156.jpg
DNS Servers: 201.21.192.161 - 201.21.192.166
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: Ds3Service => 2
HKLM\...\StartupApproved\StartupFolder: => "ScpToolkit Tray Notifications.lnk"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Diebold - Warsaw"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8E3994B149A099EB717863317060641F"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "RoboForm"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3040258654-2525527317-1144640668-1002\...\StartupApproved\Run: => "Spotify Web Helper"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DE12D2C3-3458-4B34-B1F8-97DD53D6DE72}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{DA22B1C9-E8CB-437D-82A0-DB35D63EA8B4}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{0931B61C-340E-4839-9B02-DFB96CC41E8D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4F5E4992-D41F-41E9-BC32-CF5A872C5258}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2BFBD6E9-230B-43A7-8E16-C81E61931EDE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C8D57F68-74B2-41D5-937D-C66E999822BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{97834B26-15C0-4122-A138-E837EF88F7AF}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{389D6039-F232-4654-9549-688ADC772473}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B486233B-EDB2-479B-844E-C151D903C86B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{DC80A1D9-D7AF-42BA-94C4-022350CEA18A}] => (Allow) C:\Users\Guilherme\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2C32981C-E208-40CE-A688-18FB85D8EC3F}] => (Allow) C:\Users\Guilherme\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1B885182-2C0E-4E3C-A900-D216A2A1C5F9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B4F014BA-B7BB-44E8-A329-21785B14F130}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{384A1B77-B050-4C7C-9F48-725795DAFED6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5DE274E9-538C-411C-A8D7-5BDF66BC93E5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9B541573-172B-4F40-B240-F9DAB7880D71}] => (Allow) D:\SteamLibrary\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{5C04C042-D52E-4783-9F28-4CC647E4D8DE}] => (Allow) D:\SteamLibrary\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{92A88604-011B-44EE-BD42-8E8ED1C22A85}] => (Allow) C:\Program Files (x86)\Embarcadero\Studio\15.0\bin\bds.exe
FirewallRules: [{C9A0DC45-876B-4134-BEE9-97D03F7156F4}] => (Allow) C:\Program Files (x86)\Embarcadero\Studio\15.0\bin\dbkw64_19_0.exe
FirewallRules: [TCP Query User{E8AE3515-29A5-47FE-9BC4-DF66B584B19D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{C8677CB6-2179-4AB2-BC10-8329DB7A05C8}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{EBDB20D3-B701-4049-BBD3-9D7DD0FF217E}C:\level up\smite\binaries\win32\smite.exe] => (Allow) C:\level up\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{1F6B28F5-4EFE-474C-A637-47C141BDCB77}C:\level up\smite\binaries\win32\smite.exe] => (Allow) C:\level up\smite\binaries\win32\smite.exe
FirewallRules: [{B391A776-6A57-4A54-8603-69A67CFE076E}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [{BA0F831F-D832-414C-878D-9BC5343642BD}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [TCP Query User{EAC1BB14-473A-42FB-BEB4-BAB10B8DE36D}C:\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [UDP Query User{B15AB396-0986-4819-9FB9-0F474F3E885F}C:\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [TCP Query User{30739AE7-250A-4BFD-8D90-E4E24C57A33A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{13705EC4-C3EF-41B8-BBBC-8A28DD5847A6}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{F95685AA-0306-464F-BEC4-0208BD934C42}] => (Allow) LPort=1688
FirewallRules: [{D196F4F4-B9E1-435A-BFEC-03969550FAF7}] => (Allow) D:\Installers\Windows 10 Activators\KMSpico.10.0.102040 Beta\KMSELDI.exe
FirewallRules: [{C4131B89-4E24-4C24-9775-3540207D9CBA}] => (Allow) D:\Installers\Windows 10 Activators\KMSpico.10.0.102040 Beta\KMSELDI.exe
FirewallRules: [TCP Query User{CDF11983-3DD6-480D-9017-F0286AAEC220}C:\users\guilherme\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\guilherme\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{7210040D-816F-4885-A4D1-63E5951719AA}C:\users\guilherme\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\guilherme\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{A847D85B-48DB-48F0-86AD-421028C007AF}] => (Allow) D:\SteamLibrary\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{7AAEB37F-65DE-41E7-A8C7-EFCF6B4B6746}] => (Allow) D:\SteamLibrary\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [TCP Query User{BC6C99A9-F764-4D08-B10A-6DA3A3BFA1B6}D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{029FCE7E-F15E-4674-BD63-74D918F376F0}D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{55595132-149F-4407-8304-F912F59DA06A}] => (Block) D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{CF1B9A4A-05F8-46C9-8C82-3836FE3A36EC}] => (Block) D:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{111F126A-E69C-4E0F-B02F-95BDC12857BA}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{4F8A2C6F-9FC6-4534-9ACB-0DB9ECCE8395}] => (Allow) D:\SteamLibrary\steamapps\common\Dustforce\dustforce.exe
FirewallRules: [{2D33B0FF-0FB8-4650-B14A-7B65A9F8CFC6}] => (Allow) D:\SteamLibrary\steamapps\common\Dustforce\dustforce.exe
FirewallRules: [{87547FCD-CB77-4FBD-9BF5-D2AD6F26B3DD}] => (Allow) D:\SteamLibrary\steamapps\common\Devil May Cry 4\DevilMayCry4_DX9.exe
FirewallRules: [{6968D28D-2758-4A0B-A729-4F94B2E49B61}] => (Allow) D:\SteamLibrary\steamapps\common\Devil May Cry 4\DevilMayCry4_DX9.exe
FirewallRules: [{8A5DE508-DD78-42AB-AF72-CB0C4C0FC8D5}] => (Allow) D:\SteamLibrary\steamapps\common\Devil May Cry 4\DevilMayCry4_DX10.exe
FirewallRules: [{1208AB90-05EE-4A02-857E-85B53B4ADA88}] => (Allow) D:\SteamLibrary\steamapps\common\Devil May Cry 4\DevilMayCry4_DX10.exe
FirewallRules: [TCP Query User{5F8582F5-E805-4194-BB74-3D5443BDF3C7}C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe] => (Allow) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe
FirewallRules: [UDP Query User{E4E5BDC9-554F-420E-BEBC-D171F1D569A9}C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe] => (Allow) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe
FirewallRules: [{88569BEB-84ED-4438-85BD-740C6FD86329}] => (Block) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe
FirewallRules: [{59F1F1CF-A502-44EC-BA90-59A32B961C5A}] => (Block) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.5_41866.exe
FirewallRules: [TCP Query User{41300623-EEBB-45DB-AB89-F5675C1FEE0E}C:\program files\factorio\bin\x64\factorio.exe] => (Allow) C:\program files\factorio\bin\x64\factorio.exe
FirewallRules: [UDP Query User{4A381300-054C-4203-B8BD-3CA94EFB3432}C:\program files\factorio\bin\x64\factorio.exe] => (Allow) C:\program files\factorio\bin\x64\factorio.exe
FirewallRules: [TCP Query User{5CA6DFC3-09ED-4F86-9014-D2EE3F04FC05}C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.6_42095.exe] => (Allow) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.6_42095.exe
FirewallRules: [UDP Query User{A91ED817-9C26-4608-962B-F30B24DD46F5}C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.6_42095.exe] => (Allow) C:\users\guilherme\appdata\roaming\bittorrent\updates\7.9.6_42095.exe
FirewallRules: [TCP Query User{11847CD6-0C6C-49A0-B43D-62EF9750D653}D:\games\enter the gungeon\etg.exe] => (Allow) D:\games\enter the gungeon\etg.exe
FirewallRules: [UDP Query User{D4E4A2DB-AB00-4249-AEAB-A845FC656131}D:\games\enter the gungeon\etg.exe] => (Allow) D:\games\enter the gungeon\etg.exe
FirewallRules: [{CCBE955E-FE63-4DA7-A281-A56232EC2257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{4A31ED45-126A-4835-B912-0D4D8D1293E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{00FBF3F4-2281-4A45-984E-12409723150F}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{1F0B5DB5-C76B-4EA3-926C-7F11010E693D}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{D5FF75AD-C1BD-4049-BFB3-34D90D622DB6}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{CC6F1996-EF19-4038-B1D8-EE85313FBC92}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [TCP Query User{CB837A76-513A-4131-8A2E-C9A83F5AF579}C:\program files\java\jdk1.8.0_73\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_73\bin\java.exe
FirewallRules: [UDP Query User{2993D00A-ACE5-4CD9-BF40-8D61C1269FF9}C:\program files\java\jdk1.8.0_73\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_73\bin\java.exe
FirewallRules: [{F96B4501-BC48-4671-9E0E-1BCDE6E5C5A0}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{4AB66D76-599F-4D6A-9D5F-2F12B5F18395}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [TCP Query User{9E606FAF-A2C0-4D5A-926D-93231982D733}D:\steamlibrary\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steamlibrary\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{82C4E034-4080-4E73-BA4B-F0BC8893EAA1}D:\steamlibrary\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steamlibrary\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [TCP Query User{6B93BC21-9FD0-457D-A1CE-78399123B45E}D:\installers\salt and sanctuary v1.0.0.3\salt.exe] => (Allow) D:\installers\salt and sanctuary v1.0.0.3\salt.exe
FirewallRules: [UDP Query User{817DC711-23A8-4F08-ADCE-45B4DB4E4145}D:\installers\salt and sanctuary v1.0.0.3\salt.exe] => (Allow) D:\installers\salt and sanctuary v1.0.0.3\salt.exe
FirewallRules: [TCP Query User{7524ADA4-3038-4132-A0EE-957224D13AE7}C:\users\guilherme\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guilherme\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2FDB6F01-E1C5-427C-BFA5-AD229B533CEE}C:\users\guilherme\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guilherme\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2A2A67AA-919B-4DB0-8099-63C6C318F227}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{7A5FD532-795C-4AA7-97C9-A3B272600A70}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{57411AE2-23E6-4733-83D7-37E2D82C082D}] => (Allow) D:\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{FFB488AA-FB47-4A89-9009-7F94A441450C}] => (Allow) D:\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{14669AD6-C509-4CE4-A977-AD13BA07B724}] => (Allow) D:\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{353335E3-B44E-41C7-A18F-D21E308C19B4}] => (Allow) D:\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{8B8603A2-B470-42A4-9C6B-3815C798D9F3}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{F10DA50C-7B54-4FF9-9183-C17C6D3F18D5}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [TCP Query User{023D1361-DAD1-48B5-BF93-68755924C49E}C:\program files\android\android-studio\jre\bin\java.exe] => (Allow) C:\program files\android\android-studio\jre\bin\java.exe
FirewallRules: [UDP Query User{BA710EE6-03A1-4E12-8D91-1BF9FE833C61}C:\program files\android\android-studio\jre\bin\java.exe] => (Allow) C:\program files\android\android-studio\jre\bin\java.exe
FirewallRules: [TCP Query User{94F2D592-072D-4FD7-A6D8-D064A5A81E63}D:\games\portal 2\portal2.exe] => (Allow) D:\games\portal 2\portal2.exe
FirewallRules: [UDP Query User{7DD18F3B-7B01-404E-8257-5C2BD223E3B5}D:\games\portal 2\portal2.exe] => (Allow) D:\games\portal 2\portal2.exe
FirewallRules: [TCP Query User{4ACD9DB8-8EF4-48AC-919A-E2D7D761F82C}C:\users\guilherme\appdata\local\apps\2.0\kxko4wp6.g9m\t45te2y2.22x\wind..tion_c3bce3770c238a49_0001.0000_e0e9c97537a0c660\windows10iotcoredashboard.exe] => (Allow) C:\users\guilherme\appdata\local\apps\2.0\kxko4wp6.g9m\t45te2y2.22x\wind..tion_c3bce3770c238a49_0001.0000_e0e9c97537a0c660\windows10iotcoredashboard.exe
FirewallRules: [UDP Query User{391CF7FA-DB37-4C32-A525-2E3037E8C89A}C:\users\guilherme\appdata\local\apps\2.0\kxko4wp6.g9m\t45te2y2.22x\wind..tion_c3bce3770c238a49_0001.0000_e0e9c97537a0c660\windows10iotcoredashboard.exe] => (Allow) C:\users\guilherme\appdata\local\apps\2.0\kxko4wp6.g9m\t45te2y2.22x\wind..tion_c3bce3770c238a49_0001.0000_e0e9c97537a0c660\windows10iotcoredashboard.exe
FirewallRules: [{BFB46970-26C7-44E6-9D7A-103025B86C20}] => (Allow) D:\Games\Mr DJ\Deus Ex Human Revolution Directors Cut\DXHRDC.exe
FirewallRules: [{3481FBA6-C29F-4C96-AE75-8F127CB39C37}] => (Allow) D:\Games\Mr DJ\Deus Ex Human Revolution Directors Cut\DXHRDC.exe
FirewallRules: [TCP Query User{C67DF132-A3C6-4ED7-AE7A-A78600218F20}D:\games\factorio\bin\x64\factorio.exe] => (Allow) D:\games\factorio\bin\x64\factorio.exe
FirewallRules: [UDP Query User{C946D36D-AEE0-491B-A40E-30CE48A7772A}D:\games\factorio\bin\x64\factorio.exe] => (Allow) D:\games\factorio\bin\x64\factorio.exe
FirewallRules: [{42D199DD-B268-4B29-9542-45203993EBDE}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{8ED70B21-952D-4581-9F3B-03B962C000BB}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{02591AF2-41DC-491F-8C43-9DEAB20C693F}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{3FF546E9-B832-4F3E-ACA7-2658858F4D14}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{F6662C4B-163D-4AFC-BCA0-C18482FCF667}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{71F084E9-3B46-4DD8-9A03-AB72D40874AD}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{9EEE503E-C150-4FC7-BF57-2B1C78A8071D}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{D1833C22-59B1-4705-B6AF-E32A5FD98C96}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [TCP Query User{0A24C615-9243-4DBE-B048-666982F1A069}D:\games\diablo ii\game.exe] => (Allow) D:\games\diablo ii\game.exe
FirewallRules: [UDP Query User{910890B0-7306-487D-A647-D6BECAEF76AB}D:\games\diablo ii\game.exe] => (Allow) D:\games\diablo ii\game.exe
FirewallRules: [{8412254D-910E-4AFA-A54A-D1D52AC991DF}] => (Allow) D:\Games\Rayman Origins\gu.exe
FirewallRules: [{DE2C1EBD-7D10-453F-9A2A-4CF5D345509B}] => (Allow) D:\Games\Rayman Origins\gu.exe
FirewallRules: [{503C1546-01B8-4858-BEB5-E26DB7886E34}] => (Allow) D:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{48211AD6-506F-4225-A42A-48379857E98D}] => (Allow) D:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [TCP Query User{FFF1E654-0168-483D-BAF4-4FCEC342071C}D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{3A712EE3-C600-4C33-82FE-C93CF5066C93}D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{B66A20C1-A351-4F00-9017-A48CA259B37A}D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe] => (Allow) D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{2E5A8067-8C9E-435B-B443-1A79F7F6B84F}D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe] => (Allow) D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe
FirewallRules: [{7C39A115-4652-45C1-AF0E-A42F8E696C80}] => (Block) D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe
FirewallRules: [{1F94912C-D6F1-4C70-9F48-812172B9BC92}] => (Block) D:\installers\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe
FirewallRules: [TCP Query User{E7FA19A5-1593-45BC-A192-34225DBA01D5}D:\games\helldivers\binaries\x64\helldivers.exe] => (Allow) D:\games\helldivers\binaries\x64\helldivers.exe
FirewallRules: [UDP Query User{5693E021-FAE2-42BF-AC85-80A661A6314D}D:\games\helldivers\binaries\x64\helldivers.exe] => (Allow) D:\games\helldivers\binaries\x64\helldivers.exe
FirewallRules: [{EF2C0134-0E0E-4FC5-B333-0C598EE86C50}] => (Block) D:\games\helldivers\binaries\x64\helldivers.exe
FirewallRules: [{5B1C92EE-D192-4D36-A34A-F2A21ECFF2EE}] => (Block) D:\games\helldivers\binaries\x64\helldivers.exe
FirewallRules: [{71BAC44A-5700-494A-9A28-22D111AA0494}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{BE6D7608-6298-4A5B-9632-D19CEDCC867E}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{EBD3FD96-B915-48EC-81F5-077F8E5B2C98}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{93128CEF-A513-4BD9-B4E0-8D67271FA197}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B9CEE81C-32A1-445F-BCEB-F8D5B0FCDA36}] => (Allow) D:\SteamLibrary\steamapps\common\99Vidas - The Game\99VidasGame.exe
FirewallRules: [{729AB607-2A67-45C6-AC0F-2C33C382497B}] => (Allow) D:\SteamLibrary\steamapps\common\99Vidas - The Game\99VidasGame.exe
FirewallRules: [{C0D98FED-9A00-4AD6-B2DB-070A157A21AC}] => (Allow) D:\SteamLibrary\steamapps\common\Momodora RUtM\MomodoraRUtM.exe
FirewallRules: [{23A6740E-3203-4EDA-BA43-422078A77692}] => (Allow) D:\SteamLibrary\steamapps\common\Momodora RUtM\MomodoraRUtM.exe
FirewallRules: [TCP Query User{7016705E-E664-4D28-9F84-BAC7D25C3791}C:\users\guilherme\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guilherme\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{02899235-61C9-4C1E-AE75-67000FAC42D3}C:\users\guilherme\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guilherme\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A10F13BD-1372-4A93-9F2E-715CA9FD28CA}] => (Allow) D:\SteamLibrary\steamapps\common\Disgaea PC\dis1_st.exe
FirewallRules: [{5FA3E5A0-6068-4873-B5A4-6678F088C141}] => (Allow) D:\SteamLibrary\steamapps\common\Disgaea PC\dis1_st.exe
FirewallRules: [{D16875D3-89C2-432E-B7DA-02F99C95F0C5}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{C1A731B9-4C95-4445-AAF4-76496BA3D0A2}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{03E7B35D-9789-4A7B-82E8-E0B16AD63670}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{354F7F85-47FF-46DE-B450-351653C564ED}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{1E5EE88E-BB9A-403F-B42B-0698A32E0E0F}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{575A8F71-0058-4C09-81BF-3E75C7BCDEBB}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{B70FBB56-D947-4AE0-BB31-1D853CC236C7}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{36DEA739-E65E-473E-A6E5-92714ABBF392}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [TCP Query User{32F434C9-FAAA-4F91-9F1A-AD85D1A8B0D0}D:\games\salt and sanctuary\salt.exe] => (Allow) D:\games\salt and sanctuary\salt.exe
FirewallRules: [UDP Query User{B72B2AF6-3DA0-4EAF-9B20-969C13316400}D:\games\salt and sanctuary\salt.exe] => (Allow) D:\games\salt and sanctuary\salt.exe
FirewallRules: [{E1D2041E-D277-43AF-91CA-39506E0A53C4}] => (Block) D:\games\salt and sanctuary\salt.exe
FirewallRules: [{5C754D4A-38EA-46E3-884D-437A148B1731}] => (Block) D:\games\salt and sanctuary\salt.exe
FirewallRules: [TCP Query User{69B4AD74-AAA4-4D4A-B4C9-A2D4335A6095}C:\rrpg\rrpg.exe] => (Allow) C:\rrpg\rrpg.exe
FirewallRules: [UDP Query User{AA951611-A5F3-41B2-9C23-DFEE81BA4D8E}C:\rrpg\rrpg.exe] => (Allow) C:\rrpg\rrpg.exe
FirewallRules: [{EC87EB2E-E244-476F-83AC-58AB670684E7}] => (Block) C:\rrpg\rrpg.exe
FirewallRules: [{51787C44-D190-4E85-80AD-DC5CFA1C777D}] => (Block) C:\rrpg\rrpg.exe
FirewallRules: [{A0F7168B-55EB-469B-A0DE-CB567F273D24}] => (Allow) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
FirewallRules: [{F5F199FE-D144-4F9F-B3EF-F6819434E6EA}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
==================== Pontos de Restauração =========================
30-01-2017 13:58:35 Ponto de Verificação Agendado
08-02-2017 12:15:22 Ponto de Verificação Agendado
17-02-2017 12:13:39 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/22/2017 05:58:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Guilherme-Note)
Description: Falha na ativação do aplicativo Microsoft.WindowsAlarms_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/22/2017 05:58:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Guilherme-Note)
Description: Falha na ativação do aplicativo Microsoft.WindowsAlarms_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/22/2017 05:33:04 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.
Error: (02/22/2017 05:33:04 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (02/22/2017 05:33:04 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.
Error: (02/22/2017 12:07:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Guilherme-Note)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/21/2017 07:29:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (02/21/2017 07:29:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Windows Kits\10\bin\arm64\oleview.exe".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (02/21/2017 07:29:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Windows Kits\10\bin\arm64\filetypeverifier.exe".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (02/21/2017 07:28:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Windows Kits\10\bin\arm\signtool.exe.Manifest".
Assembly dependente Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Erros de Sistema:
=============
Error: (02/22/2017 05:59:22 AM) (Source: DCOM) (EventID: 10001) (User: Guilherme-Note)
Description: Não é possível iniciar o servidor DCOM: App.AppXvwgnrrhcka99admvy9fqan3zpdmgg69a.mca como Não Disponível/Não Disponível. O erro:
"31"
Aconteceu ao iniciar este comando:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppX4325622ft6437f3xfywcfxgbedfvpn0x.mca
Error: (02/22/2017 05:59:21 AM) (Source: DCOM) (EventID: 10001) (User: Guilherme-Note)
Description: Não é possível iniciar o servidor DCOM: App.AppXrvx5vw3ftamg62prcf1xd7e4aena2tfj.mca como Não Disponível/Não Disponível. O erro:
"31"
Aconteceu ao iniciar este comando:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppX4325622ft6437f3xfywcfxgbedfvpn0x.mca
Error: (02/22/2017 05:33:44 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:43 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:42 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:41 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:40 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:39 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:38 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 05:33:37 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentagem de memória em uso: 57%
RAM física total: 6027.2 MB
RAM física disponível: 2574.45 MB
Virtual Total: 7243.2 MB
Virtual disponível: 3716.29 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:193.26 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:361.36 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8BC57F20)
Partition: GPT.
==================== Fim de Addition.txt ============================
aswMBR Log
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2017-02-22 19:11:20
-----------------------------
19:11:20.829 OS Version: Windows x64 6.2.9200
19:11:20.829 Number of processors: 4 586 0x4501
19:11:20.829 ComputerName: GUILHERME-NOTE UserName: Guilherme
19:11:25.829 Initialize success
19:11:25.845 VM: initialized successfully
19:11:25.845 VM: Intel CPU supported
19:11:27.251 VM: disk I/O iaStorA.sys
19:11:39.036 AVAST engine defs: 17022101
19:11:43.739 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000036
19:11:43.739 Disk 0 Vendor: TOSHIBA_MQ01ABD100 AX0R2J Size: 953869MB BusType: 11
19:11:44.192 Disk 0 MBR read successfully
19:11:44.192 Disk 0 MBR scan
19:11:44.692 Disk 0 unknown MBR code
19:11:44.739 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
19:11:45.286 Disk 0 scanning C:\WINDOWS\system32\drivers
19:12:36.979 Service scanning
19:15:00.877 Modules scanning
19:15:00.877 Disk 0 trace - called modules:
19:15:01.234 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
19:15:01.234 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0003b76e390]
19:15:01.250 3 CLASSPNP.SYS[fffff8005cb246c5] -> nt!IofCallDriver -> [0xffffe0003a1a1e40]
19:15:01.250 5 ACPI.sys[fffff8005baa1361] -> nt!IofCallDriver -> [0xffffe0003a103930]
19:15:01.257 7 ACPI.sys[fffff8005baa1361] -> nt!IofCallDriver -> \Device\00000036[0xffffe00038978500]
19:15:08.780 AVAST engine scan C:\WINDOWS
19:15:14.531 AVAST engine scan C:\WINDOWS\system32
19:27:26.006 AVAST engine scan C:\WINDOWS\system32\drivers
19:28:30.107 AVAST engine scan C:\Users\Guilherme
23:04:43.940 AVAST engine scan C:\ProgramData
23:18:55.656 Disk 0 statistics 13297722/0/0 @ 181,84 MB/s
23:18:55.672 Scan finished successfully
01:16:19.940 Disk 0 MBR has been saved successfully to "C:\Users\Guilherme\Desktop\MBR.dat"
01:16:19.940 The log file has been saved successfully to "C:\Users\Guilherme\Desktop\aswMBR.txt"