Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

fssm32 high memory usage

fssm32 memory use(up to 300mb

  • Please log in to reply

#1
Lucas Ferreira

Lucas Ferreira

    New Member

  • Member
  • Pip
  • 2 posts
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:05-03-2016 01
Executado por lucas (administrador) em PAULO-PC (08-03-2016 21:54:29)
Executando a partir de C:\Users\lucas\Downloads
Perfis Carregados: lucas (Perfis Disponíveis: lucas & André & Paulo Ferreira)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processos (Whitelisted) =================
 
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
 
(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(F-Secure Corporation) C:\Program Files\GVT\fshoster32.exe
(F-Secure Corporation) C:\Program Files\GVT\apps\CCF_Reputation\fsorsp.exe
() C:\Program Files\AppBrad\NetExpressUpdater.exe
(F-Secure Corporation) C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Popcorn Time) C:\Program Files\Popcorn Time\Updater.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(F-Secure Corporation) C:\Program Files\GVT\fshoster32.exe
(F-Secure Corporation) C:\Program Files\GVT\apps\ComputerSecurity\Common\FSM32.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(F-Secure Corporation) C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registro (Whitelisted) ===========================
 
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
 
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [509752 2015-06-19] (GAS Tecnologia LTDA)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\Run: [F-Secure Hoster (51855)] => C:\Program Files\GVT\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)
HKLM\...\Run: [F-Secure Manager] => C:\Program Files\GVT\apps\ComputerSecurity\Common\FSM32.EXE [310312 2015-10-13] (F-Secure Corporation)
Winlogon\Notify\ GbPluginUni: C:\Program Files\GbPlugin\gbiehUni.dll [2015-07-06] (Banco Itaú Unibanco)
HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3639280 2016-03-02] (Electronic Arts)
HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3074128 2016-03-08] (Valve Corporation)
HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-03-09] (Microsoft Corporation)
HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\MountPoints2: {8b5825c8-45bf-11e5-9e85-4487fcb6ef4d} - E:\Startme.exe
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files\GbPlugin\gbiehuni.dll [1759992 2015-07-06] (Banco Itaú Unibanco)
Startup: C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2016-02-27]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Paulo Ferreira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Prince of Persia Warrior Within.LNK [2016-02-23]
ShortcutTarget: Registration Prince of Persia Warrior Within.LNK -> C:\Program Files\Ubisoft\Prince of Persia Warrior Within\Support\Register\RegistrationReminder.exe (Nenhum Arquivo)
 
==================== Internet (Whitelisted) ====================
 
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{34A1AD20-0683-4C2A-9451-55B6E57518C7}: [DhcpNameServer] 192.168.25.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000 -> DefaultScope {10150977-B278-48AB-9F03-5A3E2F2454E8} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000 -> {10150977-B278-48AB-9F03-5A3E2F2454E8} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000 -> {845A808E-7C78-45E9-80EB-FC8DC3A85802} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-07] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files\GbPlugin\gbiehuni.dll [2015-07-06] (Banco Itaú Unibanco)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-07] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @raidcall.en/RCplugin -> C:\Users\lucas\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-12-23] (Raidcall)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://br.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-06]
CHR Extension: (Google Docs) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-06]
CHR Extension: (Google Drive) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Planilhas do Google) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-06]
CHR Extension: (Documentos Google off-line) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-16]
CHR Extension: (Skype) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-06]
CHR Extension: (Gmail) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-06]
CHR HKLM\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
 
==================== Serviços (Whitelisted) ========================
 
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
 
"Warsaw Technology" => serviço foi desbloqueado. <===== ATENÇÃO
 
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [1089056 2016-03-02] ()
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 fshoster; C:\Program Files\GVT\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)
S3 FSMA; C:\Program Files\GVT\apps\ComputerSecurity\Common\FSMA32.EXE [207912 2015-10-13] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files\GVT\apps\CCF_Reputation\fsorsp.exe [60456 2016-03-08] (F-Secure Corporation)
R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [546104 2014-09-29] (GAS Tecnologia)
R2 NetExpress Updater; C:\Program Files\AppBrad\NetExpressUpdater.exe [20568 2015-08-21] ()
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2104840 2016-03-02] (Electronic Arts)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [509752 2015-06-19] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-11-03] (Microsoft Corporation)
S4 YSearchUtilSvc; C:\Program Files\Yahoo!\yset\{1D383546-7C71-F540-9E56-F6DBE36893FB}\YSearchUtilSvc.exe [160536 2015-12-03] (Yahoo Inc.)
 
===================== Drivers (Whitelisted) ==========================
 
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
 
S3 asmthub3; C:\Windows\system32\drivers\asmthub3.sys [110920 2012-11-08] (ASMedia Technology Inc)
S3 asmtxhci; C:\Windows\system32\drivers\asmtxhci.sys [333128 2012-11-08] (ASMedia Technology Inc)
R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [101904 2010-07-15] (ATI Technologies, Inc.)
S3 b06diag; C:\Windows\system32\drivers\bxdiagx.sys [75816 2012-03-08] (Broadcom Corporation)
S3 BFN7x86; C:\Windows\system32\drivers\Xeno7x86.sys [130152 2012-02-22] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [150568 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [435240 2012-02-22] (Broadcom Corporation)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-03-06] (Disc Soft Ltd)
S3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65152 2012-07-24] (Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
S3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [88832 2012-07-24] (Etron Technology Inc)
R3 F-Secure Gatekeeper; C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [160832 2016-03-08] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files\GVT\apps\ComputerSecurity\HIPS\drivers\fshs.sys [95296 2016-03-08] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [63680 2016-03-08] ()
R3 fsni; C:\Program Files\GVT\apps\CCF_Scanning\bin\fsni32.sys [77864 2016-03-08] (F-Secure Corporation)
R1 fsvista; C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [12840 2015-10-13] ()
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [47192 2014-07-21] (GAS Tecnologia)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27040 2015-11-12] (LogMeIn, Inc.)
S3 iusb3hub; C:\Windows\system32\drivers\iusb3hub.sys [359560 2012-12-21] (Intel Corporation)
S3 iusb3xhc; C:\Windows\system32\drivers\iusb3xhc.sys [792712 2012-12-21] (Intel Corporation)
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2015-07-10] (GAS Tecnologia)
S3 nusb3hub; C:\Windows\system32\drivers\nusb3hub.sys [73984 2011-10-25] (Renesas Electronics Corporation)
S3 nusb3xhc; C:\Windows\system32\drivers\nusb3xhc.sys [165120 2011-10-25] (Renesas Electronics Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113984 2015-04-07] (Power Software Ltd)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-03] (Microsoft Corporation) [Arquivo não assinado]
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert32.sys [31448 2015-04-01] (Basil)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
 
 
==================== Um Mês Criados arquivos e pastas ========
 
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
 
2016-03-08 21:54 - 2016-03-08 21:54 - 00017466 _____ C:\Users\lucas\Downloads\FRST.txt
2016-03-08 21:52 - 2016-03-08 21:54 - 00000000 ____D C:\FRST
2016-03-08 21:50 - 2016-03-08 21:51 - 01725440 _____ (Farbar) C:\Users\lucas\Downloads\FRST.exe
2016-03-08 21:31 - 2016-03-08 21:31 - 00239339 _____ C:\Users\lucas\Desktop\runscanner.run
2016-03-08 21:29 - 2016-03-08 21:29 - 00000000 ____D C:\Users\lucas\AppData\Roaming\Runscanner.net
2016-03-08 20:13 - 2016-03-08 20:17 - 00063680 _____ C:\Windows\system32\Drivers\fsbts.sys
2016-03-08 19:52 - 2016-03-08 19:52 - 00001897 _____ C:\Users\Public\Desktop\Protect.lnk
2016-03-08 19:52 - 2016-03-08 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GVT
2016-03-08 19:25 - 2016-03-08 20:06 - 00340800 _____ C:\Windows\ntbtlog.txt
2016-03-08 13:56 - 2016-03-08 13:57 - 00007921 _____ C:\Users\André\Documents\ANDRÉ BO EXTRAVIO RG.pdf
2016-03-08 00:17 - 2016-03-08 00:21 - 53708000 _____ (Microsoft Corporation) C:\Users\lucas\Downloads\Windows-KB890830-V5.33.exe
2016-03-07 20:44 - 2016-03-07 20:44 - 00000000 ____D C:\Users\André\Documents\League of Legends
2016-03-07 20:42 - 2016-03-07 20:42 - 00000000 ____D C:\Users\André\AppData\Roaming\LolClient
2016-03-07 20:36 - 2016-03-08 21:11 - 00000586 _____ C:\Windows\Tasks\Scheduled scanning task.job
2016-03-07 20:32 - 2016-03-08 18:37 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-07 20:11 - 2016-03-07 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-03-07 20:11 - 2016-03-07 20:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-03-07 19:59 - 2016-03-07 20:04 - 00007603 _____ C:\Users\André\AppData\Local\Resmon.ResmonCfg
2016-03-07 19:59 - 2016-03-07 19:59 - 00000000 ____D C:\Users\André\AppData\LocalLow\Adblock Plus for IE
2016-03-07 14:44 - 2016-03-07 14:49 - 00000000 ____D C:\Users\lucas\AppData\LocalLow\Adblock Plus for IE
2016-03-07 14:44 - 2016-03-07 14:44 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2016-03-07 14:10 - 2016-03-07 14:11 - 34170768 _____ (Microsoft Corporation) C:\Users\lucas\Downloads\EIE11_PT-BR_WOL_WIN7.EXE
2016-03-07 08:13 - 2016-03-07 08:13 - 00000000 ____D C:\Program Files\Common Files\Java
2016-03-06 20:32 - 2016-03-06 20:32 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-03-06 20:31 - 2016-03-06 20:33 - 00026168 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-03-06 20:31 - 2016-03-06 20:31 - 00000000 ____D C:\Users\lucas\AppData\Roaming\DAEMON Tools Lite
2016-03-06 20:27 - 2016-03-06 20:27 - 00690448 _____ (Disc Soft Ltd.) C:\Users\lucas\Downloads\DTLiteInstaller.exe
2016-03-06 08:58 - 2016-03-07 20:51 - 00000000 ____D C:\Users\Paulo Ferreira\AppData\LocalLow\BitTorrent
2016-03-05 17:12 - 2016-03-05 17:13 - 08625774 _____ C:\Users\Paulo Ferreira\Downloads\[PDGH.com.br] - DayZ V3.zip
2016-03-04 23:34 - 2016-03-04 23:34 - 00002684 _____ C:\Users\Paulo Ferreira\Downloads\Gammabright v1.7  [1.5.2] (1).zip
2016-03-04 23:22 - 2016-03-04 23:48 - 00000000 ____D C:\Users\Paulo Ferreira\Desktop\Arquivos do MINE
2016-03-04 23:21 - 2016-03-04 23:21 - 00002810 _____ C:\Users\Paulo Ferreira\Downloads\Fps-Plus-Mod-1.5.2 (1).zip
2016-03-04 22:55 - 2016-03-04 22:55 - 00376304 _____ C:\Users\Paulo Ferreira\Downloads\OptiFine_1.5.2_HD_U_D2.zip
2016-03-04 22:41 - 2013-11-03 20:27 - 00000000 ____D C:\Users\Paulo Ferreira\Desktop\.minecraft
2016-03-04 22:38 - 2016-03-04 22:39 - 19249101 _____ C:\Users\Paulo Ferreira\Downloads\minecraft.1.5.2+forge.rar
2016-03-04 22:38 - 2016-03-04 22:38 - 00053841 _____ C:\Users\Paulo Ferreira\Downloads\[1.5.2]bspkrsCorev2.04 (2).zip
2016-03-04 22:38 - 2016-03-04 22:38 - 00012585 _____ C:\Users\Paulo Ferreira\Downloads\[1.5.2]ArmorStatusHUDv1.7 (2).zip
2016-03-04 22:38 - 2016-03-04 22:38 - 00005656 _____ C:\Users\Paulo Ferreira\Downloads\[1.5.2]StatusEffectHUDv1.10 (2).zip
2016-03-04 22:17 - 2016-03-04 22:23 - 12532772 _____ C:\Users\Paulo Ferreira\Downloads\FlapFusao (1).rar
2016-03-04 18:05 - 2016-03-04 18:05 - 00000000 ____D C:\Users\Paulo Ferreira\Documents\League of Legends
2016-03-04 03:05 - 2016-03-04 03:06 - 00000000 ____D C:\Users\lucas\Documents\NFS Most Wanted
2016-03-03 18:39 - 2016-03-03 18:39 - 00000641 _____ C:\Users\Public\Desktop\WORLDRAG.lnk
2016-03-03 18:39 - 2016-03-03 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldRAG Full
2016-03-03 18:34 - 2016-03-05 02:41 - 00000000 ____D C:\WorldRAG Full
2016-03-03 16:49 - 2016-03-03 18:23 - 1966321691 _____ (WorldRAG ) C:\Users\lucas\Downloads\WorldRAGFull-03-07-2015 Vai se Ferrar.exe
2016-03-03 16:39 - 2016-03-03 16:39 - 00000000 ____D C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up
2016-03-03 16:36 - 2016-03-03 16:36 - 00400928 _____ () C:\Users\lucas\Downloads\ragnarok.exe
2016-03-03 15:24 - 2016-03-03 15:31 - 151122192 _____ (WorldRAG ) C:\Users\lucas\Downloads\WorldRAGLite-03-07-2015.exe
2016-03-03 15:10 - 2016-03-03 16:07 - 00000000 ____D C:\Users\lucas\Desktop\WORLDRAG
2016-03-03 15:03 - 2016-03-03 15:09 - 151517654 _____ (WorldRAG.com ) C:\Users\lucas\Downloads\worldro.exe
2016-03-03 14:56 - 2016-03-03 16:22 - 00000737 _____ C:\Users\Public\Desktop\Ragnarok.lnk
2016-03-03 14:56 - 2016-03-03 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level Up
2016-03-03 14:47 - 2016-03-03 16:35 - 00000000 ____D C:\Level Up
2016-03-03 12:35 - 2016-03-03 14:06 - 00000000 _____ C:\Users\lucas\Downloads\WorldRAGFull-03-07-2015.exe
2016-03-03 12:30 - 2016-03-03 12:30 - 00012358 _____ C:\Users\André\Downloads\comprovantes.pdf
2016-03-03 02:50 - 2016-03-03 02:50 - 08027504 _____ (Driver-Soft Inc. ) C:\Users\lucas\Downloads\Driver_Genius.exe
2016-03-03 02:30 - 2016-03-03 02:49 - 1862719622 ____R (Level Up! Games ) C:\Users\lucas\Downloads\Instalador_Client_Ragnarok_20150422.exe
2016-03-03 02:29 - 2016-03-03 02:29 - 00018463 _____ C:\Users\lucas\Downloads\Instalador_Client_Ragnarok_20150422.exe.torrent
2016-03-02 23:34 - 2016-03-02 23:34 - 02449376 _____ (Megaify Software ) C:\Users\lucas\Downloads\DriverToolkitInstaller.exe
2016-03-02 23:33 - 2016-03-02 23:33 - 04952336 _____ (Advanced Micro Devices, Inc.) C:\Users\lucas\Downloads\autodetectutility (1).exe
2016-03-02 23:21 - 2016-03-02 23:26 - 00000000 ____D C:\Users\lucas\AppData\LocalLow\Daybreak Game Company
2016-03-02 23:21 - 2016-03-02 23:21 - 00000000 ____D C:\Users\lucas\AppData\Local\SCE
2016-03-02 23:21 - 2016-03-02 23:21 - 00000000 ____D C:\Users\lucas\AppData\Local\Daybreak Game Company
2016-03-02 23:20 - 2015-07-18 10:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-02 23:20 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-02 18:23 - 2016-03-02 18:24 - 00000000 ____D C:\Users\lucas\AppData\Local\NFS Underground 2
2016-03-02 18:21 - 2016-03-02 18:21 - 00001254 _____ C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Need for Speed Underground 2.lnk
2016-03-02 18:21 - 2016-03-02 18:21 - 00001230 _____ C:\Users\lucas\Desktop\Need for Speed Underground 2.lnk
2016-03-02 18:19 - 2016-03-02 22:57 - 00000000 ____D C:\Program Files\EA GAMES
2016-03-02 17:38 - 2016-03-02 17:38 - 00000000 ____D C:\Users\lucas\Documents\League of Legends
2016-03-02 15:02 - 2016-03-02 15:02 - 00133004 _____ C:\Users\lucas\Downloads\LANCAMENTO_CIV_ANAC.xlt
2016-03-02 14:44 - 2016-03-02 14:44 - 00000000 ____D C:\Users\lucas\Documents\Criterion Games
2016-03-02 14:30 - 2016-03-02 23:02 - 00002131 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2016-03-02 14:30 - 2016-03-02 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2016-03-02 12:02 - 2016-03-02 12:06 - 00000000 ____D C:\Users\lucas\AppData\Local\Arma 3
2016-03-02 12:02 - 2016-03-02 12:05 - 00000000 ____D C:\Users\lucas\Documents\Arma 3
2016-03-02 12:02 - 2016-03-02 12:02 - 00000000 ____D C:\Users\Todos os Usuários\Bohemia Interactive
2016-03-02 12:02 - 2016-03-02 12:02 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2016-03-02 12:01 - 2016-03-02 12:05 - 00000000 ____D C:\Program Files\Common Files\BattlEye
2016-03-02 11:59 - 2016-03-02 11:59 - 00000000 ____D C:\Users\lucas\AppData\Local\Bohemia_Interactive
2016-03-02 11:58 - 2016-03-02 12:50 - 00000000 ____D C:\Users\lucas\AppData\Local\Arma 3 Launcher
2016-03-02 11:01 - 2016-03-03 11:58 - 00000000 ____D C:\Users\André\Documents\ECONOMIA
2016-03-02 00:05 - 2016-03-02 00:05 - 00000216 _____ C:\Users\lucas\Desktop\Arma 3.url
2016-02-23 23:26 - 2016-02-23 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team17
2016-02-23 23:25 - 2016-02-23 23:25 - 00000000 ____D C:\Team17
2016-02-23 23:25 - 1997-08-26 12:06 - 00315904 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2016-02-23 15:15 - 2016-02-23 15:21 - 00000000 ____D C:\Users\Paulo Ferreira\Desktop\CoD4-MW
2016-02-23 15:13 - 2016-02-23 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildGames
2016-02-23 15:10 - 2016-02-23 15:11 - 00000000 __SHD C:\Users\Paulo Ferreira\AppData\Roaming\.#
2016-02-23 15:09 - 2016-02-23 15:09 - 00000000 ____D C:\Users\Todos os Usuários\WildTangent
2016-02-23 15:09 - 2016-02-23 15:09 - 00000000 ____D C:\ProgramData\WildTangent
2016-02-23 14:31 - 2016-02-23 14:51 - 00000000 ____D C:\Users\Todos os Usuários\POPWWPROFILES
2016-02-23 14:31 - 2016-02-23 14:51 - 00000000 ____D C:\ProgramData\POPWWPROFILES
2016-02-23 14:31 - 2016-02-23 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-02-22 13:42 - 2016-02-22 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-02-22 13:42 - 2016-02-22 13:42 - 00000000 ____D C:\Program Files\7-Zip
2016-02-21 17:34 - 2016-02-21 17:34 - 00000000 ____D C:\Users\lucas\Documents\PCSX2
2016-02-21 17:32 - 2016-02-21 17:32 - 00001935 _____ C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2016-02-21 17:32 - 2016-02-21 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-02-21 17:14 - 2016-03-06 20:42 - 00000000 ____D C:\Users\lucas\Desktop\Nova pasta
2016-02-20 17:23 - 2016-02-20 17:23 - 00000000 ____D C:\Users\Paulo Ferreira\Desktop\Bugs HStone
2016-02-16 23:53 - 2016-02-16 23:53 - 00000000 __RSH C:\MSDOS.SYS
2016-02-16 23:53 - 2016-02-16 23:53 - 00000000 __RSH C:\IO.SYS
2016-02-15 19:32 - 2016-02-15 19:32 - 00002919 _____ C:\Users\lucas\Downloads\Pokemon - HeartGold Version (USA).torrent
2016-02-15 08:11 - 2016-02-15 08:24 - 11837445 _____ C:\Users\André\Downloads\Diamantina_memoria_web (2).pdf
2016-02-12 00:39 - 2016-02-12 00:39 - 00000215 _____ C:\Users\lucas\Desktop\Worms Reloaded.url
2016-02-08 02:01 - 2016-02-08 02:01 - 00000216 _____ C:\Users\lucas\Desktop\How to Survive.url
2016-02-07 11:20 - 2016-02-07 11:20 - 00000000 ____D C:\Users\Paulo Ferreira\Documents\4A Games
 
==================== Um Mês Modificados arquivos e pastas ========
 
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
 
2016-03-08 21:53 - 2015-03-09 17:46 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-08 21:51 - 2015-11-30 11:46 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-08 21:20 - 2009-07-14 01:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-08 21:20 - 2009-07-14 01:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-08 21:15 - 2015-03-27 12:14 - 00000000 ____D C:\Users\lucas\AppData\Roaming\BitTorrent
2016-03-08 21:15 - 2015-03-10 02:32 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-03-08 21:15 - 2015-03-10 02:32 - 00000000 ____D C:\ProgramData\Origin
2016-03-08 21:14 - 2015-03-12 01:36 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-03-08 21:14 - 2015-03-11 10:16 - 00000000 ____D C:\Users\lucas\AppData\Roaming\Skype
2016-03-08 21:12 - 2015-03-12 01:36 - 00000000 ____D C:\Program Files\Steam
2016-03-08 21:11 - 2015-03-09 17:46 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-08 21:11 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-08 21:10 - 2015-03-09 17:11 - 00000000 ____D C:\Program Files\GVT
2016-03-08 20:19 - 2015-09-10 23:13 - 00007615 _____ C:\Users\lucas\AppData\Local\Resmon.ResmonCfg
2016-03-08 20:12 - 2015-03-09 17:15 - 00019433 _____ C:\Windows\prodsett_copy.ini
2016-03-08 20:12 - 2015-03-09 17:10 - 00000000 ____D C:\Users\Todos os Usuários\F-Secure
2016-03-08 20:12 - 2015-03-09 17:10 - 00000000 ____D C:\ProgramData\F-Secure
2016-03-08 19:55 - 2015-03-09 08:33 - 00000000 ____D C:\Users\lucas\AppData\Local\VirtualStore
2016-03-08 19:40 - 2015-03-10 12:13 - 00000000 ____D C:\Users\lucas\AppData\Local\CrashDumps
2016-03-08 19:07 - 2015-03-09 18:38 - 00000000 ____D C:\Users\lucas\AppData\Roaming\TS3Client
2016-03-08 19:02 - 2015-07-10 15:34 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-03-08 19:02 - 2015-07-10 15:34 - 00000000 ____D C:\ProgramData\GbPlugin
2016-03-08 13:24 - 2015-07-07 07:31 - 00000000 ____D C:\Users\André\Documents\ANDRÉ PRATICA
2016-03-08 09:03 - 2015-10-13 11:22 - 00000000 ____D C:\Users\André\Documents\ANDRÉ ANÁLISE FINANCEIRA
2016-03-08 00:24 - 2015-12-01 18:28 - 00000000 ____D C:\Users\lucas\AppData\Local\Popcorn Time Community
2016-03-07 23:59 - 2015-08-07 11:30 - 00000000 ____D C:\Users\Paulo Ferreira\AppData\Roaming\TS3Client
2016-03-07 20:51 - 2015-09-05 13:14 - 00000000 ____D C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent
2016-03-07 19:05 - 2015-03-09 16:57 - 00000000 ____D C:\Windows\Minidump
2016-03-07 17:52 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-07 14:12 - 2015-03-10 02:45 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-03-07 14:07 - 2015-03-10 02:36 - 00000000 ____D C:\Program Files\Origin Games
2016-03-07 14:04 - 2015-03-16 14:28 - 00000000 ____D C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-07 08:15 - 2015-03-10 09:32 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-03-07 08:15 - 2015-03-10 09:32 - 00000000 ____D C:\ProgramData\Oracle
2016-03-07 08:14 - 2015-03-10 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-07 08:14 - 2015-03-10 09:32 - 00000000 ____D C:\Program Files\Java
2016-03-07 08:12 - 2015-11-17 14:26 - 00000000 ____D C:\Users\lucas\.oracle_jre_usage
2016-03-07 08:10 - 2015-03-10 09:33 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-03-06 20:34 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-03-06 15:59 - 2015-11-15 12:13 - 00000000 ____D C:\Users\Paulo Ferreira\AppData\Roaming\.minecraft
2016-03-06 15:37 - 2015-08-08 21:17 - 00000000 ____D C:\Users\Paulo Ferreira\AppData\Roaming\Skype
2016-03-06 08:58 - 2015-08-08 21:14 - 00000000 ____D C:\Users\Paulo Ferreira\AppData\Local\CrashDumps
2016-03-06 02:45 - 2015-08-07 11:22 - 00000000 ____D C:\Users\Paulo Ferreira\AppData\Local\Battle.net
2016-03-06 02:25 - 2015-04-13 02:04 - 00000000 ____D C:\Program Files\Battle.net
2016-03-05 03:32 - 2015-04-13 02:04 - 00000000 ____D C:\Users\lucas\AppData\Local\Battle.net
2016-03-03 16:48 - 2015-03-09 17:46 - 00000000 ____D C:\Users\lucas\AppData\Local\Deployment
2016-03-03 12:12 - 2016-01-15 07:20 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2016-03-02 23:19 - 2015-05-05 19:56 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-03-02 23:19 - 2015-05-05 19:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-02 23:02 - 2015-12-01 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2016-03-02 18:23 - 2015-05-05 19:59 - 00000000 ____D C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-03-02 14:30 - 2015-03-26 16:58 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-03-02 14:30 - 2009-07-14 01:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-02 12:54 - 2015-03-10 02:32 - 00000000 ____D C:\Program Files\Origin
2016-03-02 11:53 - 2013-11-03 12:07 - 00710050 _____ C:\Windows\system32\prfh0416.dat
2016-03-02 11:53 - 2013-11-03 12:07 - 00151698 _____ C:\Windows\system32\prfc0416.dat
2016-03-02 11:53 - 2010-11-20 18:01 - 01617508 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-01 14:03 - 2015-05-14 11:17 - 00000000 ____D C:\Users\lucas\Documents\FIFA 14
2016-02-27 22:39 - 2015-11-13 16:08 - 00000000 ____D C:\Users\lucas\Downloads\11 - Ilha dos Tritoes [517 ao 574]
2016-02-26 13:54 - 2015-10-23 11:50 - 00000000 ____D C:\Users\Paulo Ferreira\Documents\GTA San Andreas User Files
2016-02-26 13:36 - 2015-10-23 11:08 - 00000000 ____D C:\Users\Paulo Ferreira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-02-25 16:35 - 2015-05-03 00:02 - 00000000 ____D C:\Program Files\Diablo III
2016-02-24 12:38 - 2015-08-21 21:43 - 00000100 _____ C:\Users\lucas\Documents\jogadores para comprar fifa14.txt
2016-02-24 11:35 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\LiveKernelReports
2016-02-23 14:31 - 2015-11-16 18:01 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-02-23 14:29 - 2015-11-16 17:58 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2016-02-23 08:05 - 2015-09-22 07:10 - 00000000 ____D C:\Users\André\Documents\ANDRÉ PROJETOS PRAIA
2016-02-22 17:15 - 2016-02-04 13:28 - 00000000 ____D C:\Users\Paulo Ferreira\Desktop\Canal2
2016-02-21 17:33 - 2015-03-10 02:45 - 00000000 ____D C:\Windows\system32\directx
2016-02-20 12:40 - 2015-12-01 18:27 - 00000000 ____D C:\Users\lucas\Desktop\PPopcorntime
2016-02-19 08:06 - 2015-07-26 20:55 - 00000000 ____D C:\Users\lucas\Desktop\OptiFine
2016-02-18 20:59 - 2015-03-09 17:48 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-18 00:21 - 2015-04-13 02:04 - 00000000 ____D C:\Users\lucas\AppData\Roaming\Battle.net
2016-02-17 17:01 - 2015-08-07 11:22 - 00000000 ____D C:\Users\Paulo Ferreira\AppData\Roaming\Battle.net
2016-02-17 17:01 - 2015-04-13 02:01 - 00000000 ____D C:\Users\Todos os Usuários\Battle.net
2016-02-17 17:01 - 2015-04-13 02:01 - 00000000 ____D C:\ProgramData\Battle.net
2016-02-17 10:31 - 2015-07-07 09:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-14 04:21 - 2015-12-01 18:30 - 00000000 ____D C:\Users\lucas\AppData\Local\Popcorn-Time-Community
2016-02-14 02:38 - 2015-11-29 23:38 - 00000000 ____D C:\Users\lucas\Downloads\animesextremetorrent.blogspot.com.br - Hunter X Hunter 2011 Completo + Filmes 1 e 2
2016-02-13 17:52 - 2015-12-01 19:51 - 00000000 ____D C:\Users\Paulo Ferreira\Desktop\Arquivos&Jogos
2016-02-13 17:25 - 2016-02-03 14:36 - 00000348 _____ C:\Users\Paulo Ferreira\Documents\CyberSVBR.txt
2016-02-10 08:58 - 2016-01-20 09:51 - 08230080 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2016-02-10 08:58 - 2015-11-30 11:46 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 08:58 - 2015-11-30 11:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-09 10:36 - 2015-12-01 20:38 - 00018185 _____ C:\Users\Paulo Ferreira\Documents\REBECA PEDIDO DEZEMBRO 2.xlsx
 
==================== Arquivos na raiz de alguns diretórios =======
 
2015-09-10 23:13 - 2016-03-08 20:19 - 0007615 _____ () C:\Users\lucas\AppData\Local\Resmon.ResmonCfg
2015-03-21 00:39 - 2015-03-21 00:39 - 0000000 _____ () C:\Users\lucas\AppData\Local\{47E972FA-8248-479D-8420-1A2CB1934766}
2015-09-06 09:46 - 2015-10-12 01:47 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 
 
Alguns arquivos em TEMP:
====================
C:\Users\André\AppData\Local\Temp\aplicativoitau.exe
C:\Users\lucas\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\lucas\AppData\Local\Temp\AutoRun.exe
C:\Users\lucas\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\lucas\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\lucas\AppData\Local\Temp\ose00000.exe
C:\Users\lucas\AppData\Local\Temp\Uninstall.exe
C:\Users\Paulo Ferreira\AppData\Local\Temp\8a13fc006ef480a3113231a9d7d35365.dll
C:\Users\Paulo Ferreira\AppData\Local\Temp\dd838741e8a8ea1157c3558ccd304515.dll
C:\Users\Paulo Ferreira\AppData\Local\Temp\i4jdel0.exe
C:\Users\Paulo Ferreira\AppData\Local\Temp\i4jdel1.exe
C:\Users\Paulo Ferreira\AppData\Local\Temp\i4jdel2.exe
C:\Users\Paulo Ferreira\AppData\Local\Temp\i4jdel3.exe
C:\Users\Paulo Ferreira\AppData\Local\Temp\i4jdel4.exe
C:\Users\Paulo Ferreira\AppData\Local\Temp\i4jdel5.exe
C:\Users\Paulo Ferreira\AppData\Local\Temp\i4jdel6.exe
C:\Users\Paulo Ferreira\AppData\Local\Temp\i4jdel7.exe
C:\Users\Paulo Ferreira\AppData\Local\Temp\i4jdel8.exe
C:\Users\Paulo Ferreira\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap =================
 
(Não há correção automática para arquivos que não passaram na verificação.)
 
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
 
 
LastRegBack: 2016-02-28 16:40
 
==================== Fim de FRST.txt ============================

Attached Files


  • 0

Advertisements


#2
Lucas Ferreira

Lucas Ferreira

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:05-03-2016 01
Executado por lucas (2016-03-08 21:55:20)
Executando a partir de C:\Users\lucas\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2015-03-09 11:33:14)
Modo da Inicialização: Normal
==========================================================
 
 
==================== Contas: =============================
 
Administrador (S-1-5-21-2185954319-2002436113-1565270891-500 - Administrator - Disabled)
André (S-1-5-21-2185954319-2002436113-1565270891-1003 - Administrator - Enabled) => C:\Users\André
Convidado (S-1-5-21-2185954319-2002436113-1565270891-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2185954319-2002436113-1565270891-1002 - Limited - Enabled)
lucas (S-1-5-21-2185954319-2002436113-1565270891-1000 - Administrator - Enabled) => C:\Users\lucas
Paulo Ferreira (S-1-5-21-2185954319-2002436113-1565270891-1004 - Administrator - Enabled) => C:\Users\Paulo Ferreira
 
==================== Central de Segurança ========================
 
(Se uma entrada for incluída na fixlist, será removida.)
 
AV: Proteção do Computador (Disabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Proteção do Computador (Disabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Programas Instalados ======================
 
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
 
7-Zip 4.57 (HKLM\...\7-Zip) (Version:  - )
Adblock Plus para o IE (32 bits) (HKLM\...\{75390168-01B8-49DC-8AED-84E6BD018C68}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Aftermath (HKLM\...\Steam App 349700) (Version:  - Free Reign Entertainment)
Aplicativo Bradesco versão 1.0 (HKLM\...\{2F7717E5-BFF5-479A-B29E-A615ED278B6F}_is1) (Version: 1.0 - Copyright © 2015 Scopus Tecnologia Ltda.)
Aplicativo Itaú (HKLM\...\{21E81FB2-C9F3-4F6E-B475-C03B8D4F0CA4}) (Version: 1.0.49 - Banco Itaú)
Aplicativo Itaú (HKLM\...\{B2CA66FD-AB09-4873-B656-F8ABDD968505}) (Version: 1.0.56 - Banco Itaú)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
ATI AVIVO Codecs (Version: 11.6.0.50825 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{DBB3D0D3-4213-D2D6-B559-E05329BD68D8}) (Version: 3.0.790.0 - ATI Technologies, Inc.)
Batman: Arkham City™ (HKLM\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (Version: 1.0.0000.131 - WB Games) Hidden
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\BitTorrent) (Version: 7.9.5.41866 - BitTorrent Inc.)
BLOCKADE 3D (HKLM\...\Steam App 302830) (Version:  - Shumkov Dmitriy)
ccc-core-static (Version: 2010.0825.2146.37182 - Nome de sua empresa:) Hidden
Clownfish for Skype (HKLM\...\Clownfish) (Version:  - )
Combat Arms (HKLM\...\Combat Arms) (Version:  - )
Computer Security 12.77.104.0 (release) (Version: 12.77.104.0 - F-Secure Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (Version: 17.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (HKLM\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.1.0.572 - Corel Corporation)
CorelDRAW Graphics Suite X7 (Version: 17.1 - Corel Corporation) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Curse (HKLM\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
Don't Starve Together Beta (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)
Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Electronic Arts Product Registration (HKLM\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Electronic Arts Product Registration (Version: 1.01.0000 - Electronic Arts) Hidden
FIFA 12 (HKLM\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FIFA 14 (HKLM\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
F-Secure CCF Reputation (Version: 1.0.25.1877 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.128 (Version: 1.02.128 - F-Secure Corporation) Hidden
Genesis Online (HKLM\...\Steam App 409510) (Version:  - Shumkov Dmitriy)
Glyph (HKLM\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GTA: San Andreas RIP PT-BR by TemDono - #GTABrasil - BrasNET (HKLM\...\Grand Theft Auto San Andreas_is1) (Version:  - TemDono Design 2005)
Harry Potter and the Goblet of Fire™ (HKLM\...\{9799BD05-5F89-484C-008E-F50592F53440}) (Version:  - )
Harry Potter II (HKLM\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version:  - )
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
How to Survive (HKLM\...\Steam App 250400) (Version:  - EKO Software)
HydraVision (Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Jogos Level Up (HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\6d7bdf9c3c2a31f9) (Version: 0.9.4.29 - Level Up)
K-Lite Mega Codec Pack 11.1.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.1.0 - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
Metro 2033 (HKLM\...\Steam App 43110) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
MTA:SA v1.5.1 (HKLM\...\MTA:SA 1.5) (Version: v1.5.1 - Multi Theft Auto)
Need for Speed Underground 2 (HKLM\...\Need for Speed Underground 2) (Version:  - )
Need for Speed™ Most Wanted (HKLM\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Need for Speed™ Most Wanted (HKLM\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Online Safety 2.77.1189.49 (Version: 2.77.1189.49 - F-Secure Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version:  - )
Popcorn Time (HKLM\...\Popcorn Time_is1) (Version: 5.4.1.0 - Popcorn Time)
PowerISO (HKLM\...\PowerISO) (Version: 6.2 - Power Software Ltd)
Prince of Persia Warrior Within (HKLM\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - )
Protect (HKLM\...\F-Secure ServiceEnabler 51855) (Version: 1.77.243.0 - F-Secure Corporation)
Protect (Version: 1.77.243.0 - F-Secure Corporation) Hidden
Punch Club (HKLM\...\1452777713_is1) (Version: 2.0.0.2 - GOG.com)
RaidCall (HKLM\...\RaidCall) (Version: 9.0.4-1.0.2688.511 - raidcall.com.br)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.17 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Smashball (HKLM\...\Steam App 17730) (Version:  - Smashball Labs LLC)
SpeedRunners (HKLM\...\Steam App 207140) (Version:  - DoubleDutch Games)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
sZone-Online (HKLM\...\Steam App 316390) (Version:  - Cybertime System)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Ultima 8 (HKLM\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
Warsaw 1.8.0.10356 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
WildGames (HKLM\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.43 - WildTangent)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WorldRAG Full versão 9302 (HKLM\...\{13C95138-65A4-482A-97C4-2BCDF6743C89}_is1) (Version: 9302 - WorldRAG)
Worms Armageddon (HKLM\...\Worms Armageddon) (Version:  - )
Worms Reloaded (HKLM\...\Steam App 22600) (Version:  - Team17 Digital Ltd)
Yahoo Search Set (HKLM\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
 
==================== Exame Personalizado CLSID (Whitelisted): ==========================
 
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
 
 
==================== Tarefas Agendadas (Whitelisted) =============
 
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
 
Task: {1A17CA3C-6F7B-4084-8B1F-C48E5345A86E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2185954319-2002436113-1565270891-1000
Task: {37392CD3-925D-4ECE-8FCA-F199FC30222F} - System32\Tasks\Scheduled scanning task => C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\fsav.exe [2015-10-13] (F-Secure Corporation)
Task: {40E209E8-3C74-48E5-88CF-3B4ECAA05DFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-09] (Google Inc.)
Task: {4BB6E631-0240-45B0-BFFD-9E9BCEA3C8AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {5318004D-B87D-42AD-86B3-FC0B6AF45B1C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {7BB14B95-8CEF-4C27-BB7B-2A6BAFFF3AE1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {AA27E98A-E4C0-4A85-A5C5-5AF2E5B905B5} - System32\Tasks\{B5E4FB17-6C56-4F46-BC45-2210A8879044} => pcalua.exe -a "C:\Users\lucas\Downloads\DiagnosticoItau (1).exe" -d C:\Users\lucas\Downloads
Task: {BB5B7E47-7BA0-4C54-A37B-256B25BA06D4} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-04-15] ()
Task: {D4DA012E-EA0C-401F-979F-D6FE712586C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-09] (Google Inc.)
Task: {DD56AA59-85B7-43E2-B29A-A70CD5CEC675} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2185954319-2002436113-1565270891-1004
 
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~1\GVT\apps\COMPUT~1\ANTI-V~1\fsav.exeS /HARD /POLICY /SCHED /REPORT C:\PROGRA~1\GVT\apps\COMPUT~1\ANTI-V~1\report.txt
 
==================== Atalhos =============================
 
(As entradas podem ser listadas para serem restauradas ou removidas.)
 
==================== Módulos Carregados (Whitelisted) ==============
 
2013-01-18 11:06 - 2013-01-18 11:06 - 00208880 _____ () C:\Program Files\GVT\daas2.dll
2015-11-17 14:15 - 2015-08-21 15:50 - 00020568 _____ () C:\Program Files\AppBrad\NetExpressUpdater.exe
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-03-09 17:11 - 2015-03-09 17:11 - 00593464 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
2016-03-08 20:18 - 2016-03-08 20:18 - 00091176 _____ () C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2016-03-08 20:12 - 2016-03-08 20:17 - 00177704 _____ () C:\Program Files\GVT\apps\ComputerSecurity\Gemini\fsgem.dll
2016-03-08 20:12 - 2016-03-08 20:18 - 00212008 _____ () C:\Program Files\GVT\apps\ComputerSecurity\Spam Control\fsas.dll
2016-03-08 20:12 - 2016-03-08 20:17 - 00929832 _____ () C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2016-02-18 20:58 - 2016-02-18 01:14 - 01630360 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-18 20:58 - 2016-02-18 01:14 - 00085656 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.116\libegl.dll
2016-02-18 20:58 - 2016-02-18 01:15 - 16808600 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
 
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [346]
AlternateDataStreams: C:\Windows\System32:12BA9657_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [212]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [346]
AlternateDataStreams: C:\Users\Todos os Usuários:NT [40]
AlternateDataStreams: C:\Users\Todos os Usuários:NT2 [346]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [346]
AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT [40]
AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT2 [346]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [346]
AlternateDataStreams: C:\Users\lucas\Dados de aplicativos:NT [40]
AlternateDataStreams: C:\Users\lucas\Dados de aplicativos:NT2 [322]
AlternateDataStreams: C:\Users\lucas\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\lucas\AppData\Roaming:NT2 [322]
AlternateDataStreams: C:\Users\Paulo Ferreira\Dados de aplicativos:NT2 [346]
AlternateDataStreams: C:\Users\Paulo Ferreira\AppData\Roaming:NT2 [346]
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT [40]
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT2 [346]
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT [40]
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT2 [346]
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT2 [346]
 
==================== Modo de Segurança (Whitelisted) ===================
 
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
 
 
==================== EXE Associação (Whitelisted) ===============
 
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
 
 
==================== Internet Explorer confiável/restrito ===============
 
(Se uma entrada for incluída na fixlist, será removida do Registro.)
 
IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
 
==================== Hosts Conteúdo: ===============================
 
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
 
2009-07-13 23:04 - 2015-12-02 21:14 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Outras Áreas ============================
 
(Atualmente não há nenhuma correção automática para esta seção.)
 
HKU\S-1-5-21-2185954319-2002436113-1565270891-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.25.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
 
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
 
(Atualmente não há nenhuma correção automática para esta seção.)
 
MSCONFIG\startupreg: BitTorrent => "C:\Users\lucas\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: RaidCall => C:\Program Files\RaidCall.BR\raidcall.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
 
==================== Regras do Firewall (Whitelisted) ===============
 
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
 
FirewallRules: [{57EF2AA6-C2F7-45F7-B18F-F3AD14DB6BA7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{299BF748-0E4F-407E-A05D-75D0F2485C55}C:\users\lucas\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\lucas\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{BFDDBD8E-6EB0-4CF6-A1D2-0CD6C535BB1D}C:\users\lucas\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\lucas\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{ADF98E3C-3A75-4E9A-ADFE-8A73B5DD4D15}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B7C93213-15D8-40AF-8127-1F0975F159DB}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{A30C5318-5063-4CE4-8D0B-977FFA1D814E}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [TCP Query User{42D30B98-1A46-48F9-B454-025AE392B9F6}C:\users\lucas\appdata\local\apps\2.0\wzx01mrt.yg6\v3cm0dxg.731\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\lucas\appdata\local\apps\2.0\wzx01mrt.yg6\v3cm0dxg.731\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{218B3F5C-B49C-4993-8694-2882D19E19B7}C:\users\lucas\appdata\local\apps\2.0\wzx01mrt.yg6\v3cm0dxg.731\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\lucas\appdata\local\apps\2.0\wzx01mrt.yg6\v3cm0dxg.731\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{5FF774C6-C275-4D52-8F83-03F18200BEC4}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{01C550A4-91FB-4E2D-9EED-00C467105992}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{2341F396-459A-48DD-8578-269E6F386457}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8DA241F8-73B0-4197-B829-86762CC49ECA}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{75539894-D206-4833-A3DB-B2F9A5BBB28F}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{53086965-8801-478B-9692-E1C2516357B0}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe
FirewallRules: [{C25B2652-A791-4C66-8E0C-FF1F82308945}] => (Allow) C:\Program Files\Origin Games\FIFA 12\Game\fifa.exe
FirewallRules: [{ED8AD10F-1770-4EFE-9CB9-65B029925B46}] => (Allow) C:\Program Files\Origin Games\FIFA 12\Game\fifa.exe
FirewallRules: [{EB88C036-E382-4D73-A136-2FA4FC75E200}] => (Allow) C:\Users\lucas\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{5D18A784-AE79-420D-871D-B19147D03E35}] => (Allow) C:\Users\lucas\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A102CCC6-A90D-49EC-91B1-A6CD1C76114C}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{A01F4746-11E1-49D9-9603-85E8AF43D61E}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [TCP Query User{6A29057B-C999-4FCC-8355-68BAAC7756AD}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{066B0FC4-80E9-4E33-B95F-7A48AEB6B983}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{7CAE3D14-1D64-4E9E-BD72-8BE25A7A837F}C:\program files\steam\steamapps\common\unturned\unturned.exe] => (Allow) C:\program files\steam\steamapps\common\unturned\unturned.exe
FirewallRules: [UDP Query User{7AE3A2AD-8A84-4B23-BBDC-E559CDCB13E0}C:\program files\steam\steamapps\common\unturned\unturned.exe] => (Allow) C:\program files\steam\steamapps\common\unturned\unturned.exe
FirewallRules: [{F2B000A4-8589-445F-ABE6-A31A21E94999}] => (Allow) C:\Program Files\RaidCall.BR\raidcall.exe
FirewallRules: [{2D36B618-DB58-4371-B19E-D070B210FC75}] => (Allow) C:\Program Files\RaidCall.BR\raidcall.exe
FirewallRules: [{DAEB4578-E5D1-4AD4-9B25-314AFF05F19E}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{6383E737-CB19-414F-BF89-F44B28F5F7FB}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{A979D50E-300C-4B10-A96E-B035EFDA5C7F}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{24F3233A-2B59-4490-BBEA-F494E14552EA}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{499FF633-CABE-46DF-BA54-FD829DA84AE2}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{4EEC34BE-A8D3-4836-BD21-7ADACE3A03A5}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{288D5D67-500E-4AEB-8580-20EAA0452ADD}] => (Allow) C:\Program Files\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{FC1A8919-395B-4DE1-88F3-3B14ACDA587B}] => (Allow) C:\Program Files\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [TCP Query User{6ACD63E8-C92C-4985-AF3D-0E87158926FE}C:\program files\rockstar games\gta san andreas\gta_sa.exe] => (Block) C:\program files\rockstar games\gta san andreas\gta_sa.exe
FirewallRules: [UDP Query User{A02C1BF6-191A-440A-9995-74F3169370A0}C:\program files\rockstar games\gta san andreas\gta_sa.exe] => (Block) C:\program files\rockstar games\gta san andreas\gta_sa.exe
FirewallRules: [{7531F306-89B4-4A04-B6C1-42A4A40AE988}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe
FirewallRules: [{43A0DAC2-027E-476F-A844-10784A8B6BC0}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe
FirewallRules: [TCP Query User{0FE988DB-5FBB-485E-BBBE-B2A2F06D0C42}C:\users\lucas\appdata\local\temp\rar$exa0.888\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.888\zumbi blocks ultimate alpha version 1.0.3.exe
FirewallRules: [UDP Query User{CA2001B4-48D6-4F29-B7C6-56CC80B7E186}C:\users\lucas\appdata\local\temp\rar$exa0.888\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.888\zumbi blocks ultimate alpha version 1.0.3.exe
FirewallRules: [TCP Query User{03ED1F74-314B-4E07-A311-A6637C6E0B94}C:\users\lucas\appdata\local\temp\rar$exa0.026\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.026\zumbi blocks ultimate alpha version 1.0.3.exe
FirewallRules: [UDP Query User{E3C6876C-4310-4ACB-8E33-CFA5CB0828B6}C:\users\lucas\appdata\local\temp\rar$exa0.026\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.026\zumbi blocks ultimate alpha version 1.0.3.exe
FirewallRules: [TCP Query User{D8ED735E-9F5C-410A-AE10-87E616FD18B8}C:\users\lucas\appdata\local\temp\rar$exa0.997\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.997\zumbi blocks ultimate alpha version 1.0.3.exe
FirewallRules: [UDP Query User{5FD2148A-FBD0-4C1D-9FCB-889A0BD39ECC}C:\users\lucas\appdata\local\temp\rar$exa0.997\zumbi blocks ultimate alpha version 1.0.3.exe] => (Allow) C:\users\lucas\appdata\local\temp\rar$exa0.997\zumbi blocks ultimate alpha version 1.0.3.exe
FirewallRules: [TCP Query User{48DEFABB-6AD9-493E-9678-A95D43946593}C:\program files\heroes of the storm\versions\base35702\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base35702\heroesofthestorm.exe
FirewallRules: [UDP Query User{25C1576A-DF09-4763-89ED-714D820C9001}C:\program files\heroes of the storm\versions\base35702\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base35702\heroesofthestorm.exe
FirewallRules: [TCP Query User{CB85DEA7-CD28-404A-A8E9-3BF334EA8490}C:\program files\heroes of the storm\versions\base36144\heroesofthestorm.exe] => (Block) C:\program files\heroes of the storm\versions\base36144\heroesofthestorm.exe
FirewallRules: [UDP Query User{7EB30132-7653-45EB-A0D0-192466C13792}C:\program files\heroes of the storm\versions\base36144\heroesofthestorm.exe] => (Block) C:\program files\heroes of the storm\versions\base36144\heroesofthestorm.exe
FirewallRules: [TCP Query User{F1E0ACE4-4E95-4891-ADAA-73B52F694DC9}C:\users\lucas\appdata\local\popcorn time\nw.exe] => (Block) C:\users\lucas\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{8C8E8E4A-1061-4773-B3E3-29A5F0CCF984}C:\users\lucas\appdata\local\popcorn time\nw.exe] => (Block) C:\users\lucas\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{E188C57B-1649-42BB-8C5B-FB29B2DB5402}C:\windows\keygen.exe] => (Block) C:\windows\keygen.exe
FirewallRules: [UDP Query User{012FFF5F-F33A-487F-93CB-0845D8E2E41E}C:\windows\keygen.exe] => (Block) C:\windows\keygen.exe
FirewallRules: [TCP Query User{CC9982B4-8EBE-46CC-8FBA-8BA2A02BDC7E}C:\program files\heroes of the storm\versions\base37351\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base37351\heroesofthestorm.exe
FirewallRules: [UDP Query User{051CF01F-147F-4678-B8EC-2CEAA5668A48}C:\program files\heroes of the storm\versions\base37351\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base37351\heroesofthestorm.exe
FirewallRules: [TCP Query User{1B6F9D4A-CDA4-4506-B641-82DF3E3C4FEA}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.4_40911.exe] => (Allow) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.4_40911.exe
FirewallRules: [UDP Query User{957CC437-580E-4FFC-93AC-A9E8B51FB9C3}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.4_40911.exe] => (Allow) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.4_40911.exe
FirewallRules: [TCP Query User{BA208BB1-17AC-4272-8020-2033DF1CE2B5}C:\program files\heroes of the storm\versions\base37569\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base37569\heroesofthestorm.exe
FirewallRules: [UDP Query User{36ACD3CF-D1B3-48F8-8F15-19978A91699E}C:\program files\heroes of the storm\versions\base37569\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base37569\heroesofthestorm.exe
FirewallRules: [TCP Query User{2DE82035-D41A-4CFA-B3CC-AADF7DD9DCD9}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41073.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41073.exe
FirewallRules: [UDP Query User{8FC1B587-8FF7-43ED-86BA-773BE33D6F9A}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41073.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41073.exe
FirewallRules: [TCP Query User{84227916-34A5-4451-ACB3-F473109C09A9}C:\program files\lolreplay\lolreplay.exe] => (Allow) C:\program files\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{7384A249-E918-46A6-AC18-C22A653C9316}C:\program files\lolreplay\lolreplay.exe] => (Allow) C:\program files\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{A68A5132-FAE4-4AE0-9BE2-3FE7F7E2380E}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41162.exe
FirewallRules: [UDP Query User{7EC71262-6094-4AF2-A7A5-9FB6171E9AD0}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41162.exe
FirewallRules: [TCP Query User{FAE555BE-2357-4E42-9605-9A60BDB0DEDA}C:\program files\heroes of the storm\versions\base37795\heroesofthestorm.exe] => (Block) C:\program files\heroes of the storm\versions\base37795\heroesofthestorm.exe
FirewallRules: [UDP Query User{F944B884-3423-4C65-AEFE-22A4D32B218E}C:\program files\heroes of the storm\versions\base37795\heroesofthestorm.exe] => (Block) C:\program files\heroes of the storm\versions\base37795\heroesofthestorm.exe
FirewallRules: [{2E71994C-A7E9-4A0B-A6CF-3C80BCDE160C}] => (Allow) C:\Program Files\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{8DB77F0A-B2A8-4D52-911A-55A568FEAE7A}] => (Allow) C:\Program Files\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [TCP Query User{4CF9307C-D4FA-4E78-988C-E71FD1514D12}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [UDP Query User{24907913-9E7C-440C-B160-916DD9F41F88}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [{A828821C-B231-4396-8D8C-4C8226D228DE}] => (Allow) C:\Program Files\WB Games\Batman Arkham City\Binaries\Win32\BatmanAC.exe
FirewallRules: [{57454882-05B4-4740-88E4-CE86241C572F}] => (Allow) C:\Program Files\WB Games\Batman Arkham City\Binaries\Win32\BatmanAC.exe
FirewallRules: [TCP Query User{A2F27DE5-C9FE-495A-8AEE-9852C016A6AE}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{493420B4-FC13-4AD2-ADC3-438A7067766E}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{A3FE5246-FEB9-4E72-AE91-4A47D372E4FB}] => (Allow) C:\Program Files\Steam\steamapps\common\Genesis Online\GenesisOnline.exe
FirewallRules: [{BF5BB1CA-E692-4A07-A474-FBBDEC1F0FA0}] => (Allow) C:\Program Files\Steam\steamapps\common\Genesis Online\GenesisOnline.exe
FirewallRules: [TCP Query User{870BBD58-875B-4B8C-92E8-DA75DAD93EE8}C:\users\lucas\appdata\local\popcorn time community\nw.exe] => (Allow) C:\users\lucas\appdata\local\popcorn time community\nw.exe
FirewallRules: [UDP Query User{C24D821A-2B05-480E-BF04-986449342EFE}C:\users\lucas\appdata\local\popcorn time community\nw.exe] => (Allow) C:\users\lucas\appdata\local\popcorn time community\nw.exe
FirewallRules: [{1B4A2C79-0571-4134-A636-94B44BA0617F}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{0E3E8B5E-6AA9-4BF3-83A0-E8B26DB684F3}C:\program files\heroes of the storm\versions\base39445\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base39445\heroesofthestorm.exe
FirewallRules: [UDP Query User{462825EE-3AC8-451F-9643-202A4DDCEC11}C:\program files\heroes of the storm\versions\base39445\heroesofthestorm.exe] => (Allow) C:\program files\heroes of the storm\versions\base39445\heroesofthestorm.exe
FirewallRules: [{55B66CD5-34D1-462F-9A30-DEF888C7FB84}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E9C57FB2-5634-4F7C-81D5-4B7090B2EED3}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{97FEED58-2A58-4CA7-9D1F-A5B87874B271}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{80B9E279-78ED-410F-BF99-0EC2A11468F0}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4BDDC0DF-6F15-43E1-86FC-695C4678C90F}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{55C62BD8-75B5-4FBA-A32A-E54FFC01346D}] => (Allow) C:\Users\Paulo Ferreira\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{5A2C05A9-9E60-4452-B7F2-61C421947277}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [UDP Query User{3FC6764E-CC2D-49CA-91B3-483257D6DC4A}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [TCP Query User{90F22D2E-C61B-4D9C-9185-D48594BC4532}C:\users\paulo ferreira\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) C:\users\paulo ferreira\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D657D408-3C2E-4A06-8C44-82BCD0E8AE80}C:\users\paulo ferreira\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) C:\users\paulo ferreira\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{E59EC0CD-D10B-4F4B-AE9C-6CD5909D803F}] => (Allow) C:\Program Files\Steam\steamapps\common\Blockade3d\main.exe
FirewallRules: [{96D18D6C-587F-4716-A031-BAAD885C9469}] => (Allow) C:\Program Files\Steam\steamapps\common\Blockade3d\main.exe
FirewallRules: [{099A969E-D049-42F3-8711-690B679D96D0}] => (Allow) C:\Program Files\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{1830F679-8040-4783-9388-25856173B2D4}] => (Allow) C:\Program Files\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{8A46B0C9-C742-45FC-AECD-3C4CD49BC0A0}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{32BD6A95-1984-4F49-9584-BE01C86C5039}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{4928630C-C0F9-40E7-87CC-22CD682EB1D0}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{301E03A7-8C0D-4728-B7B7-2BA84607886C}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{2D1B4EDA-4568-41DD-B38E-20BCA3C03834}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
FirewallRules: [{AFABFAA9-A9A9-46F6-A8C3-B4E08D971157}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
FirewallRules: [{4993F816-9BCA-491A-BEF2-015508BEF43C}] => (Allow) C:\Program Files\Steam\steamapps\common\sZone-Online\game\SZoneOnline.exe
FirewallRules: [{33B8974A-7E23-4D8A-A94E-8D823D33502C}] => (Allow) C:\Program Files\Steam\steamapps\common\sZone-Online\game\SZoneOnline.exe
FirewallRules: [{1010B0BE-AE82-418B-A94B-58C26296C52C}] => (Allow) C:\Program Files\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{0EFCA26C-26F1-49FE-BC94-33CF0B764461}] => (Allow) C:\Program Files\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [TCP Query User{6824B53E-830B-4E5B-96E2-E68D6594DD8C}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{D43A6B59-2111-4328-B763-D5DF3E9A7F61}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [{A884A84A-56A7-4C8B-97C3-EBE3A7D9A5E0}] => (Allow) C:\Program Files\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{F812A539-9BDD-4F8B-B073-C65D09F11AA9}] => (Allow) C:\Program Files\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{AAF6D90F-67DF-4AAE-95C3-9AF2BFB25531}] => (Allow) C:\Program Files\Steam\steamapps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{0C0D5665-662C-416E-87BF-D0D7C82C406C}] => (Allow) C:\Program Files\Steam\steamapps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{E3C2CB2F-F25D-4884-8D6F-107AC4E0D17B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{0A903D35-BD3E-42C6-B98A-49E03E3C6113}] => (Allow) C:\Program Files\Steam\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{3F9FD9F6-2177-42D8-B90D-EF07AC28712D}] => (Allow) C:\Program Files\Steam\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{774C9374-DF31-4FFE-B6A4-C50B69204D35}] => (Allow) C:\Program Files\Steam\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{C245F9B3-F552-4DBB-A76E-83F11A77A6D6}] => (Allow) C:\Program Files\Steam\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{082CAF73-31D6-441D-A464-C3513E693D59}] => (Allow) C:\Program Files\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{217CCB94-378C-4432-A067-D46DE5F3100A}] => (Allow) C:\Program Files\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{8979BD55-0003-4A2F-80D0-261B3BCF6C49}C:\program files\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{266DF4C0-8BC8-47C1-8113-3AD447AFCE38}C:\program files\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{6586EAB1-AC33-44FB-A7AC-3AB010AAD6A4}] => (Allow) C:\Program Files\Origin Games\Need for Speed™ Most Wanted\NFS13.exe
FirewallRules: [{76EA500B-63D8-4C28-961F-A8938CCCE8AA}] => (Allow) C:\Program Files\Origin Games\Need for Speed™ Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{DCD51207-CFA1-43ED-8405-D0EFFE1681E3}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [UDP Query User{34F4FAE3-7444-482D-B245-8CF98B7A70FC}C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Block) C:\users\paulo ferreira\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [{B78C47D4-0219-4370-BFD8-1E40FB6BAEC6}] => (Allow) C:\Program Files\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3F4A554B-930E-498D-922B-88AFBC7B0DBC}] => (Allow) C:\Program Files\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{51DB4ADE-06ED-47F2-9D65-DF33A808DD18}] => (Allow) C:\Program Files\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{164D7B45-75E1-422F-BF6E-07D9971572DF}] => (Allow) C:\Program Files\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
 
==================== Pontos de Restauração =========================
 
07-03-2016 14:43:19 Installed Adblock Plus for IE (32-bit)
08-03-2016 19:49:41 Removed Protect
 
==================== Dispositivos Apresentando Falhas No Gerenciador =============
 
 
==================== Erros no Log de eventos: =========================
 
Erros em Aplicativos:
==================
Error: (03/08/2016 09:23:57 PM) (Source: MsiInstaller) (EventID: 1024) (User: PAULO-PC)
Description: Produto: Adobe Acrobat Reader DC - Português - A atualização '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' não pôde ser instalada. Código de erro 1625. O Windows Installer pode criar logs para ajudar a solucionar problemas na instalação de pacotes de software. Use o link a seguir para obter informações sobre ativação do suporte a registro em log: http://go.microsoft....k/?LinkId=23127
 
Error: (03/08/2016 09:12:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/08/2016 09:06:40 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1  2016-03-08  21:06:40-03:00  PAULO-PC  PAULO-PC\lucas  F-Secure Anti-Virus
 Crash detected.
 
Error: (03/08/2016 08:23:09 PM) (Source: MsiInstaller) (EventID: 1024) (User: PAULO-PC)
Description: Produto: Adobe Acrobat Reader DC - Português - A atualização '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' não pôde ser instalada. Código de erro 1625. O Windows Installer pode criar logs para ajudar a solucionar problemas na instalação de pacotes de software. Use o link a seguir para obter informações sobre ativação do suporte a registro em log: http://go.microsoft....k/?LinkId=23127
 
Error: (03/08/2016 08:10:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/08/2016 08:05:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/08/2016 07:41:02 PM) (Source: MsiInstaller) (EventID: 1024) (User: PAULO-PC)
Description: Produto: Adobe Acrobat Reader DC - Português - A atualização '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' não pôde ser instalada. Código de erro 1625. O Windows Installer pode criar logs para ajudar a solucionar problemas na instalação de pacotes de software. Use o link a seguir para obter informações sobre ativação do suporte a registro em log: http://go.microsoft....k/?LinkId=23127
 
Error: (03/08/2016 07:40:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: core.exe, versão: 2.7.6.1364, carimbo de hora: 0x5584621c
Nome do módulo de falhas: MSVCR120.dll, versão: 12.0.21005.1, carimbo de hora: 0x524f7ce6
Código de exceção: 0x40000015
Deslocamento com falha: 0x000a7676
Identificação do processo com falha: 0xbdc
Hora de início do aplicativo com falha: 0xcore.exe0
Caminho do aplicativo com falha: core.exe1
FCaminho do módulo de falhas: core.exe2
Identificação do Relatório: core.exe3
 
Error: (03/08/2016 07:30:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/08/2016 07:26:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
Erros de Sistema:
=============
Error: (03/08/2016 08:04:13 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (03/08/2016 08:04:11 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (03/08/2016 08:04:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Serviço da Lista de Redes depende do serviço Reconhecimento de Locais de Rede, mas não foi possível iniciá-lo devido ao seguinte erro: 
%%1068
 
Error: (03/08/2016 08:04:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Serviço da Lista de Redes depende do serviço Reconhecimento de Locais de Rede, mas não foi possível iniciá-lo devido ao seguinte erro: 
%%1068
 
Error: (03/08/2016 08:04:08 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (03/08/2016 08:04:08 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068netman{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (03/08/2016 08:04:06 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (03/08/2016 08:03:58 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/08/2016 08:03:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: 
AFD
CSC
DfsC
discache
ndisrd
NetBIOS
NetBT
nsiproxy
Psched
rdbss
SCDEmu
spldr
tdx
Wanarpv6
WfpLwf
 
Error: (03/08/2016 08:03:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Reconhecimento de Locais de Rede depende do serviço Serviço de Interface de Repositório de Rede, mas não foi possível iniciá-lo devido ao seguinte erro: 
%%1068
 
 
CodeIntegrity:
===================================
  Date: 2016-03-08 18:15:33.297
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-03-02 17:10:00.792
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-02-07 13:17:09.651
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-18 19:05:59.773
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-04 10:05:41.204
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-04 09:58:27.668
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-03 12:08:24.085
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-17 21:39:33.382
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-17 21:34:20.878
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-17 09:30:08.259
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Informações da Memória =========================== 
 
Processador: Intel® Core™2 Duo CPU E7500 @ 2.93GHz
Percentagem de memória em uso: 72%
RAM física total: 2047.24 MB
RAM física disponível: 557.91 MB
Virtual Total: 4094.48 MB
Virtual disponível: 2160.77 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.51 GB) (Free:489.47 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
 
==================== MBR & Tabela de Partições ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 62D5C4B6)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== Fim de Addition.txt ============================

  • 0

#3
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)



The process you are referring to in your thread title is a legitimate F-Secure process. Please try to switch F-Secure off and let me know if the issue persists.
http://www.bleepingc...lware-programs/


Best,
Naat
  • 0

#4
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Hi,

You still with me?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP