Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:05-03-2016 01 Executado por lucas (2016-03-08 21:55:20) Executando a partir de C:\Users\lucas\Downloads Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2015-03-09 11:33:14) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2185954319-2002436113-1565270891-500 - Administrator - Disabled) André (S-1-5-21-2185954319-2002436113-1565270891-1003 - Administrator - Enabled) => C:\Users\André Convidado (S-1-5-21-2185954319-2002436113-1565270891-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2185954319-2002436113-1565270891-1002 - Limited - Enabled) lucas (S-1-5-21-2185954319-2002436113-1565270891-1000 - Administrator - Enabled) => C:\Users\lucas Paulo Ferreira (S-1-5-21-2185954319-2002436113-1565270891-1004 - Administrator - Enabled) => C:\Users\Paulo Ferreira ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Proteção do Computador (Disabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17} AS: Proteção do Computador (Disabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 7-Zip 4.57 (HKLM\...\7-Zip) (Version: - ) Adblock Plus para o IE (32 bits) (HKLM\...\{75390168-01B8-49DC-8AED-84E6BD018C68}) (Version: 1.5 - Eyeo GmbH) Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated) Aftermath (HKLM\...\Steam App 349700) (Version: - Free Reign Entertainment) Aplicativo Bradesco versão 1.0 (HKLM\...\{2F7717E5-BFF5-479A-B29E-A615ED278B6F}_is1) (Version: 1.0 - Copyright (C) 2015 Scopus Tecnologia Ltda.) Aplicativo Itaú (HKLM\...\{21E81FB2-C9F3-4F6E-B475-C03B8D4F0CA4}) (Version: 1.0.49 - Banco Itaú) Aplicativo Itaú (HKLM\...\{B2CA66FD-AB09-4873-B656-F8ABDD968505}) (Version: 1.0.56 - Banco Itaú) Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive) ATI AVIVO Codecs (Version: 11.6.0.50825 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{DBB3D0D3-4213-D2D6-B559-E05329BD68D8}) (Version: 3.0.790.0 - ATI Technologies, Inc.) Batman: Arkham City™ (HKLM\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games) Batman: Arkham City™ (Version: 1.0.0000.131 - WB Games) Hidden Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment) BitTorrent (HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\BitTorrent) (Version: 7.9.5.41866 - BitTorrent Inc.) BLOCKADE 3D (HKLM\...\Steam App 302830) (Version: - Shumkov Dmitriy) ccc-core-static (Version: 2010.0825.2146.37182 - Nome de sua empresa:) Hidden Clownfish for Skype (HKLM\...\Clownfish) (Version: - ) Combat Arms (HKLM\...\Combat Arms) (Version: - ) Computer Security 12.77.104.0 (release) (Version: 12.77.104.0 - F-Secure Corporation) Hidden Corel Graphics - Windows Shell Extension (HKLM\...\_{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - BR (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (HKLM\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.1.0.572 - Corel Corporation) CorelDRAW Graphics Suite X7 (Version: 17.1 - Corel Corporation) Hidden Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Curse (HKLM\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse) Dirty Bomb (HKLM\...\Steam App 333930) (Version: - Splash Damage®) Don't Starve Together Beta (HKLM\...\Steam App 322330) (Version: - Klei Entertainment) Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Electronic Arts Product Registration (HKLM\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts) Electronic Arts Product Registration (Version: 1.01.0000 - Electronic Arts) Hidden FIFA 12 (HKLM\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts) FIFA 14 (HKLM\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts) Fraps (remove only) (HKLM\...\Fraps) (Version: - ) F-Secure CCF Reputation (Version: 1.0.25.1877 - F-Secure) Hidden F-Secure CCF Scanning 1.51.111.300 (release) (Version: 1.51.111.300 - F-Secure Corporation) Hidden F-Secure Network CCF 1.02.128 (Version: 1.02.128 - F-Secure Corporation) Hidden Genesis Online (HKLM\...\Steam App 409510) (Version: - Shumkov Dmitriy) Glyph (HKLM\...\Glyph) (Version: - Trion Worlds, Inc.) Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden GTA: San Andreas RIP PT-BR by TemDono - #GTABrasil - BrasNET (HKLM\...\Grand Theft Auto San Andreas_is1) (Version: - TemDono Design 2005) Harry Potter and the Goblet of Fire™ (HKLM\...\{9799BD05-5F89-484C-008E-F50592F53440}) (Version: - ) Harry Potter II (HKLM\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version: - ) Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version: - Blizzard Entertainment) How to Survive (HKLM\...\Steam App 250400) (Version: - EKO Software) HydraVision (Version: 4.2.180.0 - ATI Technologies Inc.) Hidden Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) Jogos Level Up (HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\6d7bdf9c3c2a31f9) (Version: 0.9.4.29 - Level Up) K-Lite Mega Codec Pack 11.1.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.1.0 - ) League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (Version: 3.0.1 - Riot Games) Hidden Metro 2033 (HKLM\...\Steam App 43110) (Version: - 4A Games) Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) MTA:SA v1.5.1 (HKLM\...\MTA:SA 1.5) (Version: v1.5.1 - Multi Theft Auto) Need for Speed Underground 2 (HKLM\...\Need for Speed Underground 2) (Version: - ) Need for Speed™ Most Wanted (HKLM\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version: - ) Need for Speed™ Most Wanted (HKLM\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts) NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) Online Safety 2.77.1189.49 (Version: 2.77.1189.49 - F-Secure Corporation) Hidden Origin (HKLM\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.) Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version: - ) Popcorn Time (HKLM\...\Popcorn Time_is1) (Version: 5.4.1.0 - Popcorn Time) PowerISO (HKLM\...\PowerISO) (Version: 6.2 - Power Software Ltd) Prince of Persia Warrior Within (HKLM\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - ) Protect (HKLM\...\F-Secure ServiceEnabler 51855) (Version: 1.77.243.0 - F-Secure Corporation) Protect (Version: 1.77.243.0 - F-Secure Corporation) Hidden Punch Club (HKLM\...\1452777713_is1) (Version: 2.0.0.2 - GOG.com) RaidCall (HKLM\...\RaidCall) (Version: 9.0.4-1.0.2688.511 - raidcall.com.br) Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.17 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) Smashball (HKLM\...\Steam App 17730) (Version: - Smashball Labs LLC) SpeedRunners (HKLM\...\Steam App 207140) (Version: - DoubleDutch Games) Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation) sZone-Online (HKLM\...\Steam App 316390) (Version: - Cybertime System) Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Ultima 8 (HKLM\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts) Warsaw 1.8.0.10356 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia) WildGames (HKLM\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.43 - WildTangent) WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WorldRAG Full versão 9302 (HKLM\...\{13C95138-65A4-482A-97C4-2BCDF6743C89}_is1) (Version: 9302 - WorldRAG) Worms Armageddon (HKLM\...\Worms Armageddon) (Version: - ) Worms Reloaded (HKLM\...\Steam App 22600) (Version: - Team17 Digital Ltd) Yahoo Search Set (HKLM\...\Yahoo! SearchSet) (Version: - Yahoo Inc.) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {1A17CA3C-6F7B-4084-8B1F-C48E5345A86E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2185954319-2002436113-1565270891-1000 Task: {37392CD3-925D-4ECE-8FCA-F199FC30222F} - System32\Tasks\Scheduled scanning task => C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\fsav.exe [2015-10-13] (F-Secure Corporation) Task: {40E209E8-3C74-48E5-88CF-3B4ECAA05DFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-09] (Google Inc.) Task: {4BB6E631-0240-45B0-BFFD-9E9BCEA3C8AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated) Task: {5318004D-B87D-42AD-86B3-FC0B6AF45B1C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {7BB14B95-8CEF-4C27-BB7B-2A6BAFFF3AE1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe Task: {AA27E98A-E4C0-4A85-A5C5-5AF2E5B905B5} - System32\Tasks\{B5E4FB17-6C56-4F46-BC45-2210A8879044} => pcalua.exe -a "C:\Users\lucas\Downloads\DiagnosticoItau (1).exe" -d C:\Users\lucas\Downloads Task: {BB5B7E47-7BA0-4C54-A37B-256B25BA06D4} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-04-15] () Task: {D4DA012E-EA0C-401F-979F-D6FE712586C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-09] (Google Inc.) Task: {DD56AA59-85B7-43E2-B29A-A70CD5CEC675} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2185954319-2002436113-1565270891-1004 (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~1\GVT\apps\COMPUT~1\ANTI-V~1\fsav.exeS /HARD /POLICY /SCHED /REPORT C:\PROGRA~1\GVT\apps\COMPUT~1\ANTI-V~1\report.txt ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2013-01-18 11:06 - 2013-01-18 11:06 - 00208880 _____ () C:\Program Files\GVT\daas2.dll 2015-11-17 14:15 - 2015-08-21 15:50 - 00020568 _____ () C:\Program Files\AppBrad\NetExpressUpdater.exe 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-03-09 17:11 - 2015-03-09 17:11 - 00593464 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll 2016-03-08 20:18 - 2016-03-08 20:18 - 00091176 _____ () C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll 2016-03-08 20:12 - 2016-03-08 20:17 - 00177704 _____ () C:\Program Files\GVT\apps\ComputerSecurity\Gemini\fsgem.dll 2016-03-08 20:12 - 2016-03-08 20:18 - 00212008 _____ () C:\Program Files\GVT\apps\ComputerSecurity\Spam Control\fsas.dll 2016-03-08 20:12 - 2016-03-08 20:17 - 00929832 _____ () C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\fm4av.dll 2016-02-18 20:58 - 2016-02-18 01:14 - 01630360 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.116\libglesv2.dll 2016-02-18 20:58 - 2016-02-18 01:14 - 00085656 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.116\libegl.dll 2016-02-18 20:58 - 2016-02-18 01:15 - 16808600 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData:NT [40] AlternateDataStreams: C:\ProgramData:NT2 [346] AlternateDataStreams: C:\Windows\System32:12BA9657_Uni.gbp [2] AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [212] AlternateDataStreams: C:\Users\All Users:NT [40] AlternateDataStreams: C:\Users\All Users:NT2 [346] AlternateDataStreams: C:\Users\Todos os Usuários:NT [40] AlternateDataStreams: C:\Users\Todos os Usuários:NT2 [346] AlternateDataStreams: C:\ProgramData\Application Data:NT [40] AlternateDataStreams: C:\ProgramData\Application Data:NT2 [346] AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT [40] AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT2 [346] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [346] AlternateDataStreams: C:\Users\lucas\Dados de aplicativos:NT [40] AlternateDataStreams: C:\Users\lucas\Dados de aplicativos:NT2 [322] AlternateDataStreams: C:\Users\lucas\AppData\Roaming:NT [40] AlternateDataStreams: C:\Users\lucas\AppData\Roaming:NT2 [322] AlternateDataStreams: C:\Users\Paulo Ferreira\Dados de aplicativos:NT2 [346] AlternateDataStreams: C:\Users\Paulo Ferreira\AppData\Roaming:NT2 [346] AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT [40] AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT2 [346] AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT [40] AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT2 [346] AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT [40] AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT2 [346] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\google.com -> www.google.com IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\google.com.br -> www.google.com.br IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\itau.b.br -> www.itau.b.br IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:04 - 2015-12-02 21:14 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.25.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\startupreg: BitTorrent => "C:\Users\lucas\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: RaidCall => C:\Program Files\RaidCall.BR\raidcall.exe MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{57EF2AA6-C2F7-45F7-B18F-F3AD14DB6BA7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [TCP Query User{299BF748-0E4F-407E-A05D-75D0F2485C55}C:\users\lucas\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\lucas\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{BFDDBD8E-6EB0-4CF6-A1D2-0CD6C535BB1D}C:\users\lucas\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\lucas\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{ADF98E3C-3A75-4E9A-ADFE-8A73B5DD4D15}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{B7C93213-15D8-40AF-8127-1F0975F159DB}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{A30C5318-5063-4CE4-8D0B-977FFA1D814E}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [TCP Query User{42D30B98-1A46-48F9-B454-025AE392B9F6}C:\users\lucas\appdata\local\apps\2.0\wzx01mrt.yg6\v3cm0dxg.731\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\lucas\appdata\local\apps\2.0\wzx01mrt.yg6\v3cm0dxg.731\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [UDP Query User{218B3F5C-B49C-4993-8694-2882D19E19B7}C:\users\lucas\appdata\local\apps\2.0\wzx01mrt.yg6\v3cm0dxg.731\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\lucas\appdata\local\apps\2.0\wzx01mrt.yg6\v3cm0dxg.731\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [{5FF774C6-C275-4D52-8F83-03F18200BEC4}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{01C550A4-91FB-4E2D-9EED-00C467105992}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{2341F396-459A-48DD-8578-269E6F386457}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8DA241F8-73B0-4197-B829-86762CC49ECA}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{75539894-D206-4833-A3DB-B2F9A5BBB28F}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe FirewallRules: [UDP Query User{53086965-8801-478B-9692-E1C2516357B0}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe FirewallRules: [{C25B2652-A791-4C66-8E0C-FF1F82308945}] => (Allow) C:\Program Files\Origin Games\FIFA 12\Game\fifa.exe FirewallRules: [{ED8AD10F-1770-4EFE-9CB9-65B029925B46}] => (Allow) C:\Program Files\Origin Games\FIFA 12\Game\fifa.exe FirewallRules: [{EB88C036-E382-4D73-A136-2FA4FC75E200}] => (Allow) C:\Users\lucas\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{5D18A784-AE79-420D-871D-B19147D03E35}] => (Allow) C:\Users\lucas\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{A102CCC6-A90D-49EC-91B1-A6CD1C76114C}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [{A01F4746-11E1-49D9-9603-85E8AF43D61E}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [TCP Query User{6A29057B-C999-4FCC-8355-68BAAC7756AD}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe FirewallRules: [UDP Query User{066B0FC4-80E9-4E33-B95F-7A48AEB6B983}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe FirewallRules: [TCP Query User{7CAE3D14-1D64-4E9E-BD72-8BE25A7A837F}C:\program files\steam\steamapps\common\unturned\unturned.exe] => (Allow) C:\program files\steam\steamapps\common\unturned\unturned.exe FirewallRules: [UDP Query User{7AE3A2AD-8A84-4B23-BBDC-E559CDCB13E0}C:\program files\steam\steamapps\common\unturned\unturned.exe] => (Allow) C:\program files\steam\steamapps\common\unturned\unturned.exe FirewallRules: [{F2B000A4-8589-445F-ABE6-A31A21E94999}] => (Allow) C:\Program Files\RaidCall.BR\raidcall.exe FirewallRules: [{2D36B618-DB58-4371-B19E-D070B210FC75}] => (Allow) C:\Program Files\RaidCall.BR\raidcall.exe FirewallRules: [{DAEB4578-E5D1-4AD4-9B25-314AFF05F19E}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe FirewallRules: [{6383E737-CB19-414F-BF89-F44B28F5F7FB}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe FirewallRules: [{A979D50E-300C-4B10-A96E-B035EFDA5C7F}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe FirewallRules: [{24F3233A-2B59-4490-BBEA-F494E14552EA}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe FirewallRules: [TCP Query User{499FF633-CABE-46DF-BA54-FD829DA84AE2}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{4EEC34BE-A8D3-4836-BD21-7ADACE3A03A5}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{288D5D67-500E-4AEB-8580-20EAA0452ADD}] => (Allow) C:\Program Files\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{FC1A8919-395B-4DE1-88F3-3B14ACDA587B}] => (Allow) C:\Program Files\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe FirewallRules: [TCP Query User{6ACD63E8-C92C-4985-AF3D-0E87158926FE}C:\program files\rockstar games\gta san andreas\gta_sa.exe] => (Block) C:\program files\rockstar games\gta san andreas\gta_sa.exe FirewallRules: [UDP Query User{A02C1BF6-191A-440A-9995-74F3169370A0}C:\program files\rockstar games\gta san andreas\gta_sa.exe] => (Block) C:\program files\rockstar games\gta san andreas\gta_sa.exe FirewallRules: [{7531F306-89B4-4A04-B6C1-42A4A40AE988}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe FirewallRules: [{43A0DAC2-027E-476F-A844-10784A8B6BC0}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe FirewallRules: [TCP Query User{0FE988DB-5FBB-485E-BBBE-B2A2F06D0C42}C:\users\lucas\appdata\local\temp\rar$exa0.888\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.888\zumbi blocks ultimate alpha version 1.0.3.exe FirewallRules: [UDP Query User{CA2001B4-48D6-4F29-B7C6-56CC80B7E186}C:\users\lucas\appdata\local\temp\rar$exa0.888\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.888\zumbi blocks ultimate alpha version 1.0.3.exe FirewallRules: [TCP Query User{03ED1F74-314B-4E07-A311-A6637C6E0B94}C:\users\lucas\appdata\local\temp\rar$exa0.026\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.026\zumbi blocks ultimate alpha version 1.0.3.exe FirewallRules: [UDP Query User{E3C6876C-4310-4ACB-8E33-CFA5CB0828B6}C:\users\lucas\appdata\local\temp\rar$exa0.026\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.026\zumbi blocks ultimate alpha version 1.0.3.exe FirewallRules: [TCP Query User{D8ED735E-9F5C-410A-AE10-87E616FD18B8}C:\users\lucas\appdata\local\temp\rar$exa0.997\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.997\zumbi blocks ultimate alpha version 1.0.3.exe FirewallRules: [UDP Query User{5FD2148A-FBD0-4C1D-9FCB-889A0BD39ECC}C:\users\lucas\appdata\local\temp\rar$exa0.997\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.997\zumbi blocks ultimate alpha version 1.0.3.exe FirewallRules: [TCP Query User{48DEFABB-6AD9-493E-9678-A95D43946593}C:\program files\heroes of the storm\versions\base35702\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base35702\heroesofthestorm.exe FirewallRules: [UDP Query User{25C1576A-DF09-4763-89ED-714D820C9001}C:\program files\heroes of the storm\versions\base35702\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base35702\heroesofthestorm.exe FirewallRules: [TCP Query User{CB85DEA7-CD28-404A-A8E9-3BF334EA8490}C:\program files\heroes of the storm\versions\base36144\heroesofthestorm.exe] => (Block) C:\program files\heroes of the storm\versions\base36144\heroesofthestorm.exe FirewallRules: [UDP Query User{7EB30132-7653-45EB-A0D0-192466C13792}C:\program files\heroes of the storm\versions\base36144\heroesofthestorm.exe] => (Block) C:\program files\heroes of the storm\versions\base36144\heroesofthestorm.exe FirewallRules: [TCP Query User{F1E0ACE4-4E95-4891-ADAA-73B52F694DC9}C:\users\lucas\appdata\local\popcorn time\nw.exe] => (Block) C:\users\lucas\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{8C8E8E4A-1061-4773-B3E3-29A5F0CCF984}C:\users\lucas\appdata\local\popcorn time\nw.exe] => (Block) C:\users\lucas\appdata\local\popcorn time\nw.exe FirewallRules: [TCP Query User{E188C57B-1649-42BB-8C5B-FB29B2DB5402}C:\windows\keygen.exe] => (Block) C:\windows\keygen.exe FirewallRules: [UDP Query User{012FFF5F-F33A-487F-93CB-0845D8E2E41E}C:\windows\keygen.exe] => (Block) C:\windows\keygen.exe FirewallRules: [TCP Query User{CC9982B4-8EBE-46CC-8FBA-8BA2A02BDC7E}C:\program files\heroes of the storm\versions\base37351\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base37351\heroesofthestorm.exe FirewallRules: [UDP Query User{051CF01F-147F-4678-B8EC-2CEAA5668A48}C:\program files\heroes of the storm\versions\base37351\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base37351\heroesofthestorm.exe FirewallRules: [TCP Query User{1B6F9D4A-CDA4-4506-B641-82DF3E3C4FEA}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.4_40911.exe] => (Allow) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.4_40911.exe FirewallRules: [UDP Query User{957CC437-580E-4FFC-93AC-A9E8B51FB9C3}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.4_40911.exe] => (Allow) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.4_40911.exe FirewallRules: [TCP Query User{BA208BB1-17AC-4272-8020-2033DF1CE2B5}C:\program files\heroes of the storm\versions\base37569\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base37569\heroesofthestorm.exe FirewallRules: [UDP Query User{36ACD3CF-D1B3-48F8-8F15-19978A91699E}C:\program files\heroes of the storm\versions\base37569\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base37569\heroesofthestorm.exe FirewallRules: [TCP Query User{2DE82035-D41A-4CFA-B3CC-AADF7DD9DCD9}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41073.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41073.exe FirewallRules: [UDP Query User{8FC1B587-8FF7-43ED-86BA-773BE33D6F9A}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41073.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41073.exe FirewallRules: [TCP Query User{84227916-34A5-4451-ACB3-F473109C09A9}C:\program files\lolreplay\lolreplay.exe] => (Allow) C:\program files\lolreplay\lolreplay.exe FirewallRules: [UDP Query User{7384A249-E918-46A6-AC18-C22A653C9316}C:\program files\lolreplay\lolreplay.exe] => (Allow) C:\program files\lolreplay\lolreplay.exe FirewallRules: [TCP Query User{A68A5132-FAE4-4AE0-9BE2-3FE7F7E2380E}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41162.exe FirewallRules: [UDP Query User{7EC71262-6094-4AF2-A7A5-9FB6171E9AD0}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41162.exe FirewallRules: [TCP Query User{FAE555BE-2357-4E42-9605-9A60BDB0DEDA}C:\program files\heroes of the storm\versions\base37795\heroesofthestorm.exe] => (Block) C:\program files\heroes of the storm\versions\base37795\heroesofthestorm.exe FirewallRules: [UDP Query User{F944B884-3423-4C65-AEFE-22A4D32B218E}C:\program files\heroes of the storm\versions\base37795\heroesofthestorm.exe] => (Block) C:\program files\heroes of the storm\versions\base37795\heroesofthestorm.exe FirewallRules: [{2E71994C-A7E9-4A0B-A6CF-3C80BCDE160C}] => (Allow) C:\Program Files\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{8DB77F0A-B2A8-4D52-911A-55A568FEAE7A}] => (Allow) C:\Program Files\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [TCP Query User{4CF9307C-D4FA-4E78-988C-E71FD1514D12}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41202.exe FirewallRules: [UDP Query User{24907913-9E7C-440C-B160-916DD9F41F88}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41202.exe FirewallRules: [{A828821C-B231-4396-8D8C-4C8226D228DE}] => (Allow) C:\Program Files\WB Games\Batman Arkham City\Binaries\Win32\BatmanAC.exe FirewallRules: [{57454882-05B4-4740-88E4-CE86241C572F}] => (Allow) C:\Program Files\WB Games\Batman Arkham City\Binaries\Win32\BatmanAC.exe FirewallRules: [TCP Query User{A2F27DE5-C9FE-495A-8AEE-9852C016A6AE}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{493420B4-FC13-4AD2-ADC3-438A7067766E}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{A3FE5246-FEB9-4E72-AE91-4A47D372E4FB}] => (Allow) C:\Program Files\Steam\steamapps\common\Genesis Online\GenesisOnline.exe FirewallRules: [{BF5BB1CA-E692-4A07-A474-FBBDEC1F0FA0}] => (Allow) C:\Program Files\Steam\steamapps\common\Genesis Online\GenesisOnline.exe FirewallRules: [TCP Query User{870BBD58-875B-4B8C-92E8-DA75DAD93EE8}C:\users\lucas\appdata\local\popcorn time community\nw.exe] => (Allow) C:\users\lucas\appdata\local\popcorn time community\nw.exe FirewallRules: [UDP Query User{C24D821A-2B05-480E-BF04-986449342EFE}C:\users\lucas\appdata\local\popcorn time community\nw.exe] => (Allow) C:\users\lucas\appdata\local\popcorn time community\nw.exe FirewallRules: [{1B4A2C79-0571-4134-A636-94B44BA0617F}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [TCP Query User{0E3E8B5E-6AA9-4BF3-83A0-E8B26DB684F3}C:\program files\heroes of the storm\versions\base39445\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base39445\heroesofthestorm.exe FirewallRules: [UDP Query User{462825EE-3AC8-451F-9643-202A4DDCEC11}C:\program files\heroes of the storm\versions\base39445\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base39445\heroesofthestorm.exe FirewallRules: [{55B66CD5-34D1-462F-9A30-DEF888C7FB84}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E9C57FB2-5634-4F7C-81D5-4B7090B2EED3}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{97FEED58-2A58-4CA7-9D1F-A5B87874B271}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{80B9E279-78ED-410F-BF99-0EC2A11468F0}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4BDDC0DF-6F15-43E1-86FC-695C4678C90F}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{55C62BD8-75B5-4FBA-A32A-E54FFC01346D}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{5A2C05A9-9E60-4452-B7F2-61C421947277}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41372.exe FirewallRules: [UDP Query User{3FC6764E-CC2D-49CA-91B3-483257D6DC4A}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41372.exe FirewallRules: [TCP Query User{90F22D2E-C61B-4D9C-9185-D48594BC4532}C:\users\paulo ferreira\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) C:\users\paulo ferreira\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{D657D408-3C2E-4A06-8C44-82BCD0E8AE80}C:\users\paulo ferreira\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) C:\users\paulo ferreira\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe FirewallRules: [{E59EC0CD-D10B-4F4B-AE9C-6CD5909D803F}] => (Allow) C:\Program Files\Steam\steamapps\common\Blockade3d\main.exe FirewallRules: [{96D18D6C-587F-4716-A031-BAAD885C9469}] => (Allow) C:\Program Files\Steam\steamapps\common\Blockade3d\main.exe FirewallRules: [{099A969E-D049-42F3-8711-690B679D96D0}] => (Allow) C:\Program Files\Steam\steamapps\common\Metro 2033\metro2033.exe FirewallRules: [{1830F679-8040-4783-9388-25856173B2D4}] => (Allow) C:\Program Files\Steam\steamapps\common\Metro 2033\metro2033.exe FirewallRules: [{8A46B0C9-C742-45FC-AECD-3C4CD49BC0A0}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe FirewallRules: [{32BD6A95-1984-4F49-9584-BE01C86C5039}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe FirewallRules: [{4928630C-C0F9-40E7-87CC-22CD682EB1D0}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{301E03A7-8C0D-4728-B7B7-2BA84607886C}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{2D1B4EDA-4568-41DD-B38E-20BCA3C03834}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe FirewallRules: [{AFABFAA9-A9A9-46F6-A8C3-B4E08D971157}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe FirewallRules: [{4993F816-9BCA-491A-BEF2-015508BEF43C}] => (Allow) C:\Program Files\Steam\steamapps\common\sZone-Online\game\SZoneOnline.exe FirewallRules: [{33B8974A-7E23-4D8A-A94E-8D823D33502C}] => (Allow) C:\Program Files\Steam\steamapps\common\sZone-Online\game\SZoneOnline.exe FirewallRules: [{1010B0BE-AE82-418B-A94B-58C26296C52C}] => (Allow) C:\Program Files\Steam\steamapps\common\Loadout\Loadout.exe FirewallRules: [{0EFCA26C-26F1-49FE-BC94-33CF0B764461}] => (Allow) C:\Program Files\Steam\steamapps\common\Loadout\Loadout.exe FirewallRules: [TCP Query User{6824B53E-830B-4E5B-96E2-E68D6594DD8C}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe FirewallRules: [UDP Query User{D43A6B59-2111-4328-B763-D5DF3E9A7F61}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe FirewallRules: [{A884A84A-56A7-4C8B-97C3-EBE3A7D9A5E0}] => (Allow) C:\Program Files\Origin Games\FIFA 14\Game\fifa14.exe FirewallRules: [{F812A539-9BDD-4F8B-B073-C65D09F11AA9}] => (Allow) C:\Program Files\Origin Games\FIFA 14\Game\fifa14.exe FirewallRules: [{AAF6D90F-67DF-4AAE-95C3-9AF2BFB25531}] => (Allow) C:\Program Files\Steam\steamapps\common\Worms Reloaded\WormsReloaded.exe FirewallRules: [{0C0D5665-662C-416E-87BF-D0D7C82C406C}] => (Allow) C:\Program Files\Steam\steamapps\common\Worms Reloaded\WormsReloaded.exe FirewallRules: [{E3C2CB2F-F25D-4884-8D6F-107AC4E0D17B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{0A903D35-BD3E-42C6-B98A-49E03E3C6113}] => (Allow) C:\Program Files\Steam\steamapps\common\How to Survive\HowToSurvive.exe FirewallRules: [{3F9FD9F6-2177-42D8-B90D-EF07AC28712D}] => (Allow) C:\Program Files\Steam\steamapps\common\How to Survive\HowToSurvive.exe FirewallRules: [{774C9374-DF31-4FFE-B6A4-C50B69204D35}] => (Allow) C:\Program Files\Steam\steamapps\common\How to Survive\Detect.exe FirewallRules: [{C245F9B3-F552-4DBB-A76E-83F11A77A6D6}] => (Allow) C:\Program Files\Steam\steamapps\common\How to Survive\Detect.exe FirewallRules: [{082CAF73-31D6-441D-A464-C3513E693D59}] => (Allow) C:\Program Files\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{217CCB94-378C-4432-A067-D46DE5F3100A}] => (Allow) C:\Program Files\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [TCP Query User{8979BD55-0003-4A2F-80D0-261B3BCF6C49}C:\program files\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [UDP Query User{266DF4C0-8BC8-47C1-8113-3AD447AFCE38}C:\program files\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [{6586EAB1-AC33-44FB-A7AC-3AB010AAD6A4}] => (Allow) C:\Program Files\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{76EA500B-63D8-4C28-961F-A8938CCCE8AA}] => (Allow) C:\Program Files\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [TCP Query User{DCD51207-CFA1-43ED-8405-D0EFFE1681E3}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41865.exe FirewallRules: [UDP Query User{34F4FAE3-7444-482D-B245-8CF98B7A70FC}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41865.exe FirewallRules: [{B78C47D4-0219-4370-BFD8-1E40FB6BAEC6}] => (Allow) C:\Program Files\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{3F4A554B-930E-498D-922B-88AFBC7B0DBC}] => (Allow) C:\Program Files\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{51DB4ADE-06ED-47F2-9D65-DF33A808DD18}] => (Allow) C:\Program Files\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{164D7B45-75E1-422F-BF6E-07D9971572DF}] => (Allow) C:\Program Files\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe ==================== Pontos de Restauração ========================= 07-03-2016 14:43:19 Installed Adblock Plus for IE (32-bit) 08-03-2016 19:49:41 Removed Protect ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/08/2016 09:23:57 PM) (Source: MsiInstaller) (EventID: 1024) (User: PAULO-PC) Description: Produto: Adobe Acrobat Reader DC - Português - A atualização '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' não pôde ser instalada. Código de erro 1625. O Windows Installer pode criar logs para ajudar a solucionar problemas na instalação de pacotes de software. Use o link a seguir para obter informações sobre ativação do suporte a registro em log: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (03/08/2016 09:12:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/08/2016 09:06:40 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: ) Description: 1 2016-03-08 21:06:40-03:00 PAULO-PC PAULO-PC\lucas F-Secure Anti-Virus Crash detected. Error: (03/08/2016 08:23:09 PM) (Source: MsiInstaller) (EventID: 1024) (User: PAULO-PC) Description: Produto: Adobe Acrobat Reader DC - Português - A atualização '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' não pôde ser instalada. Código de erro 1625. O Windows Installer pode criar logs para ajudar a solucionar problemas na instalação de pacotes de software. Use o link a seguir para obter informações sobre ativação do suporte a registro em log: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (03/08/2016 08:10:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/08/2016 08:05:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/08/2016 07:41:02 PM) (Source: MsiInstaller) (EventID: 1024) (User: PAULO-PC) Description: Produto: Adobe Acrobat Reader DC - Português - A atualização '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' não pôde ser instalada. Código de erro 1625. O Windows Installer pode criar logs para ajudar a solucionar problemas na instalação de pacotes de software. Use o link a seguir para obter informações sobre ativação do suporte a registro em log: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (03/08/2016 07:40:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: core.exe, versão: 2.7.6.1364, carimbo de hora: 0x5584621c Nome do módulo de falhas: MSVCR120.dll, versão: 12.0.21005.1, carimbo de hora: 0x524f7ce6 Código de exceção: 0x40000015 Deslocamento com falha: 0x000a7676 Identificação do processo com falha: 0xbdc Hora de início do aplicativo com falha: 0xcore.exe0 Caminho do aplicativo com falha: core.exe1 FCaminho do módulo de falhas: core.exe2 Identificação do Relatório: core.exe3 Error: (03/08/2016 07:30:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/08/2016 07:26:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Erros de Sistema: ============= Error: (03/08/2016 08:04:13 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (03/08/2016 08:04:11 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (03/08/2016 08:04:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Serviço da Lista de Redes depende do serviço Reconhecimento de Locais de Rede, mas não foi possível iniciá-lo devido ao seguinte erro: %%1068 Error: (03/08/2016 08:04:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Serviço da Lista de Redes depende do serviço Reconhecimento de Locais de Rede, mas não foi possível iniciá-lo devido ao seguinte erro: %%1068 Error: (03/08/2016 08:04:08 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89} Error: (03/08/2016 08:04:08 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1068netman{BA126AD1-2166-11D1-B1D0-00805FC1270E} Error: (03/08/2016 08:04:06 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (03/08/2016 08:03:58 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/08/2016 08:03:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: AFD CSC DfsC discache ndisrd NetBIOS NetBT nsiproxy Psched rdbss SCDEmu spldr tdx Wanarpv6 WfpLwf Error: (03/08/2016 08:03:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Reconhecimento de Locais de Rede depende do serviço Serviço de Interface de Repositório de Rede, mas não foi possível iniciá-lo devido ao seguinte erro: %%1068 CodeIntegrity: =================================== Date: 2016-03-08 18:15:33.297 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-02 17:10:00.792 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-07 13:17:09.651 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-18 19:05:59.773 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-04 10:05:41.204 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-04 09:58:27.668 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-03 12:08:24.085 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-17 21:39:33.382 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-17 21:34:20.878 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-17 09:30:08.259 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz Percentagem de memória em uso: 72% RAM física total: 2047.24 MB RAM física disponível: 557.91 MB Virtual Total: 4094.48 MB Virtual disponível: 2160.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.51 GB) (Free:489.47 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 62D5C4B6) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================