Jump to content

Trojan.Banker


Recommended Posts

Hello, two days ago malwarebytes found a Trojan.Banker and 3 PuPs and removed it, but the computer seems to still be infected.

FRST.txt 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 23-11-2016
Executado por Luiz Marsi (administrador) em LUIZ (24-11-2016 16:10:47)
Executando a partir de C:\Users\Luiz Marsi\Desktop
Perfis Carregados: Luiz Marsi &  (Perfis Disponíveis: Luiz Marsi)
Platform: Windows 10 Home Single Language Versão 1607 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Seagate) C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395152 2011-06-30] (Seagate)
HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16286840 2016-08-29] (Logitech Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-11-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] => C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [2638152 2011-06-30] (Seagate)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-04] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-09-08] (Plays.tv, LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3044848 2016-11-22] (Electronic Arts)
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2016-01-11] (Echobit LLC)
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\Run: [Dropbox Update] => C:\Users\Luiz Marsi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-17] (Dropbox, Inc.)
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-11-07] ()
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3044848 2016-11-22] (Electronic Arts)
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2016-01-11] (Echobit LLC)
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Luiz Marsi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-17] (Dropbox, Inc.)
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-11-07] ()
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2013-08-18]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Luiz Marsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cloud Panel.lnk [2014-04-26]
ShortcutTarget: Cloud Panel.lnk -> C:\Users\Luiz Marsi\AppData\Roaming\CloudPanel\CloudPanelLauncher.exe ()
Startup: C:\Users\Luiz Marsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-01-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2015-08-16]
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\TEMP.Luiz.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2015-08-16]
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyServer: [S-1-5-21-4004184569-2282581070-1150986999-1001] => 199.200.120.36:7808
ProxyServer: [S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => 199.200.120.36:7808
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{295618d2-161c-4e58-a90a-0675a367b234}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e735415-f22c-4a21-937a-39f529119e72}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.br/
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.br.msn.com/
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.br/
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.br.msn.com/
SearchScopes: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CCD59B45-6D53-477A-B6CB-B925A4AE2EB0}&mid=aac785a469a847cdb878d1a90a5f0f84-59d57ef3f8504ceef1770bfab8331640fbef24f0&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=pr&d=2015-09-09 15:25:50&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CCD59B45-6D53-477A-B6CB-B925A4AE2EB0}&mid=aac785a469a847cdb878d1a90a5f0f84-59d57ef3f8504ceef1770bfab8331640fbef24f0&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=pr&d=2015-09-09 15:25:50&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-07] (Oracle Corporation)
BHO: Sem Nome -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Nenhum Arquivo
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-07] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-07] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [Nenhum Arquivo]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Nenhum Arquivo]
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.3.1 -> C:\WINDOWS\system32\npDeployJava1.dll [Nenhum Arquivo]
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-05-07] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Luiz Marsi\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2013-03-30] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-4004184569-2282581070-1150986999-1001: @my.com/Games -> C:\Users\Luiz Marsi\AppData\Local\MyComGames\NPMyComDetector.dll [2015-12-03] (My.com, Inc)
FF Plugin HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @my.com/Games -> C:\Users\Luiz Marsi\AppData\Local\MyComGames\NPMyComDetector.dll [2015-12-03] (My.com, Inc)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\PepperFlash\pepflashplayer.dll => Nenhum Arquivo
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\ppGoogleNaClPluginChrome.dll => Nenhum Arquivo
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\pdf.dll => Nenhum Arquivo
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll => Nenhum Arquivo
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll => Nenhum Arquivo
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll => Nenhum Arquivo
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => Nenhum Arquivo
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll => Nenhum Arquivo
CHR Profile: C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default [2016-11-24]
CHR Extension: (Google Docs) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Battlefield Heroes) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-03-09]
CHR Extension: (Google Search) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Heroes & Generals) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2014-05-12]
CHR Extension: (Documentos Google off-line) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-23]
CHR Extension: (Desprotetor de Links) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2016-11-15]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Luiz Marsi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-24]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-07-18] (Advanced Micro Devices) [Arquivo não assinado]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [1475744 2012-05-25] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-04-08] ()
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-07] (DTS, Inc)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [236832 2015-12-20] (EasyAntiCheat Ltd)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2016-01-11] (Echobit LLC)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-29] (Logitech Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-11-22] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-11-22] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1316080 2016-11-07] (Overwolf LTD)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-09-08] (Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-01-07] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-28] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\RpcAgentSrv.exe [71832 2008-10-02] (SiSoftware) [Arquivo não assinado]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0308528.inf_amd64_a2b44dc88890e31a\atikmdag.sys [26568336 2016-11-04] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0308528.inf_amd64_a2b44dc88890e31a\atikmpag.sys [529432 2016-11-04] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2015-07-31] (Windows (R) Win 7 DDK provider)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [85312 2015-07-31] (ASUS Corporation)
R3 AU8168; C:\WINDOWS\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
S3 bthav; C:\WINDOWS\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc) [Arquivo não assinado]
R3 cpuz138; C:\Users\Luiz Marsi\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-11-24] (CPUID)
R3 EvolveVirtualAdapter; C:\WINDOWS\System32\drivers\evolve.sys [21656 2013-06-27] (Echobit, LLC)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45208 2016-08-29] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-08-29] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-24] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 tap0901cn; C:\WINDOWS\System32\drivers\tap0901cn.sys [39616 2014-09-29] (Connectify)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [159160 2013-08-18] (TENCENT) [Arquivo não assinado]
R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
R0 vidsflt53; C:\WINDOWS\System32\DRIVERS\vsflt53.sys [141920 2013-09-04] (Acronis)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.sys [14544 2015-12-18] (OpenLibSys.org)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-11-24 16:10 - 2016-11-24 16:13 - 00028233 _____ C:\Users\Luiz Marsi\Desktop\FRST.txt
2016-11-24 16:10 - 2016-11-24 16:10 - 00000000 ____D C:\FRST
2016-11-24 16:09 - 2016-11-24 16:10 - 02412032 _____ (Farbar) C:\Users\Luiz Marsi\Desktop\FRST64.exe
2016-11-24 16:09 - 2016-11-24 16:09 - 02412032 _____ (Farbar) C:\Users\Luiz Marsi\Downloads\FRST64.exe
2016-11-24 12:47 - 2016-11-24 16:12 - 00000000 ____D C:\Users\Luiz Marsi\Desktop\Nova pasta (2)
2016-11-24 12:25 - 2016-06-07 12:25 - 00087368 _____ C:\Users\Luiz Marsi\Desktop\Portrait_Britain_Edward_VIII.dds
2016-11-23 21:28 - 2016-11-23 21:28 - 00000724 _____ C:\Users\Luiz Marsi\AppData\Local\recently-used.xbel
2016-11-23 21:06 - 2016-11-24 15:17 - 00000000 ____D C:\Users\Luiz Marsi\Desktop\gotlandt_mod
2016-11-23 16:42 - 2016-11-22 21:32 - 00453364 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20161123-164250.backup
2016-11-22 21:36 - 2016-11-24 12:15 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-22 21:36 - 2016-11-22 21:36 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-22 21:36 - 2016-11-22 21:36 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-11-22 21:36 - 2016-11-22 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-22 21:36 - 2016-11-22 21:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-22 21:36 - 2016-11-22 21:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-22 21:36 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-11-22 21:36 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-22 21:36 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-22 21:33 - 2016-11-22 21:36 - 22851472 _____ (Malwarebytes ) C:\Users\Luiz Marsi\Downloads\mbam-setup-2.2.1.1043.exe
2016-11-22 21:32 - 2013-08-22 11:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20161122-213212.backup
2016-11-22 21:05 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-11-22 20:59 - 2016-11-22 20:59 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-11-22 20:59 - 2016-11-22 20:59 - 00001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-11-22 20:59 - 2016-11-22 20:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-11-22 20:59 - 2016-11-22 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-11-22 20:58 - 2016-11-22 21:31 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2016-11-22 20:58 - 2016-11-22 21:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-11-22 20:58 - 2016-11-22 21:05 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-11-22 20:58 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-11-22 20:48 - 2016-11-22 20:58 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Luiz Marsi\Downloads\spybot-2.4-1.exe
2016-11-22 17:59 - 2016-11-22 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-11-22 17:59 - 2016-11-22 17:59 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-11-20 01:38 - 2016-11-20 01:38 - 00008628 _____ C:\Users\Luiz Marsi\Downloads\hammer-sickle-Estrella-SNTE-Pelota.svg
2016-11-16 05:20 - 2016-11-16 05:20 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-16 05:08 - 2016-11-17 13:31 - 00001060 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4004184569-2282581070-1150986999-1001UA1d23fd8315e718b.job
2016-11-16 05:08 - 2016-11-17 13:31 - 00001008 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4004184569-2282581070-1150986999-1001Core1d23fd8313c9425.job
2016-11-16 05:08 - 2016-11-16 05:08 - 00004220 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4004184569-2282581070-1150986999-1001UA1d23fd8315e718b
2016-11-16 05:08 - 2016-11-16 05:08 - 00003844 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4004184569-2282581070-1150986999-1001Core1d23fd8313c9425
2016-11-14 19:27 - 2016-11-14 19:28 - 00121820 _____ C:\Users\Luiz Marsi\Downloads\SkinPort-1.7.10-v8c.jar
2016-11-14 01:33 - 2016-11-16 07:06 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Local\TankiX
2016-11-14 01:33 - 2016-11-14 01:33 - 00001116 _____ C:\Users\Luiz Marsi\Desktop\TankiX.lnk
2016-11-14 01:33 - 2016-11-14 01:33 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TankiX
2016-11-14 01:30 - 2016-11-14 01:32 - 23395320 _____ C:\Users\Luiz Marsi\Downloads\TankiXSetup_16697.exe
2016-11-09 20:37 - 2016-11-02 10:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-09 20:37 - 2016-11-02 10:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 20:37 - 2016-11-02 09:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 20:37 - 2016-11-02 09:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-09 20:37 - 2016-11-02 09:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 20:37 - 2016-11-02 09:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 20:37 - 2016-11-02 09:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 20:37 - 2016-11-02 09:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 20:37 - 2016-11-02 09:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-09 20:37 - 2016-11-02 09:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-09 20:37 - 2016-11-02 09:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 20:37 - 2016-11-02 09:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 20:37 - 2016-11-02 09:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 20:37 - 2016-11-02 09:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 20:37 - 2016-11-02 09:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-09 20:37 - 2016-11-02 09:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-09 20:37 - 2016-11-02 09:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 20:37 - 2016-11-02 09:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 20:37 - 2016-11-02 09:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 20:37 - 2016-11-02 09:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 20:37 - 2016-11-02 08:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 20:37 - 2016-11-02 08:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 20:37 - 2016-11-02 08:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 20:37 - 2016-11-02 08:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-09 20:37 - 2016-11-02 08:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 20:37 - 2016-11-02 08:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-09 20:37 - 2016-11-02 08:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-09 20:37 - 2016-11-02 08:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 20:37 - 2016-11-02 08:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 20:37 - 2016-11-02 08:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 20:37 - 2016-11-02 08:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-09 20:37 - 2016-11-02 08:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-09 20:37 - 2016-11-02 08:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-09 20:37 - 2016-11-02 08:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 20:37 - 2016-11-02 08:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 20:37 - 2016-11-02 08:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 20:37 - 2016-11-02 08:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 20:37 - 2016-11-02 08:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 20:37 - 2016-11-02 08:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 20:37 - 2016-11-02 08:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 20:37 - 2016-11-02 08:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 20:37 - 2016-11-02 08:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 20:37 - 2016-11-02 08:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 20:37 - 2016-11-02 08:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 20:37 - 2016-11-02 08:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-09 20:37 - 2016-11-02 08:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 20:37 - 2016-11-02 08:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 20:37 - 2016-11-02 08:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 20:37 - 2016-11-02 08:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 20:37 - 2016-11-02 08:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 20:37 - 2016-11-02 08:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 20:37 - 2016-11-02 08:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 20:37 - 2016-11-02 08:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-09 20:37 - 2016-11-02 08:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-09 20:37 - 2016-11-02 08:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-09 20:37 - 2016-11-02 08:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-09 20:37 - 2016-11-02 08:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 20:37 - 2016-11-02 08:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 20:37 - 2016-11-02 08:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 20:37 - 2016-11-02 08:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-09 20:37 - 2016-11-02 08:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 20:37 - 2016-11-02 08:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 20:37 - 2016-11-02 08:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 20:37 - 2016-11-02 08:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 20:37 - 2016-11-02 08:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-09 20:37 - 2016-11-02 08:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 20:37 - 2016-11-02 08:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 20:37 - 2016-11-02 08:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 20:37 - 2016-11-02 08:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 20:37 - 2016-11-02 08:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 20:37 - 2016-11-02 06:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 20:36 - 2016-11-02 09:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-09 20:36 - 2016-11-02 09:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-09 20:36 - 2016-11-02 09:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 20:36 - 2016-11-02 09:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 20:36 - 2016-11-02 09:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 20:36 - 2016-11-02 09:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 20:36 - 2016-11-02 09:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 20:36 - 2016-11-02 09:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 20:36 - 2016-11-02 09:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-09 20:36 - 2016-11-02 09:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-09 20:36 - 2016-11-02 09:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-09 20:36 - 2016-11-02 09:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-09 20:36 - 2016-11-02 09:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 20:36 - 2016-11-02 09:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 20:36 - 2016-11-02 09:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 20:36 - 2016-11-02 09:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 20:36 - 2016-11-02 09:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-09 20:36 - 2016-11-02 09:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-09 20:36 - 2016-11-02 09:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 20:36 - 2016-11-02 09:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 20:36 - 2016-11-02 09:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 20:36 - 2016-11-02 09:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-09 20:36 - 2016-11-02 08:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 20:36 - 2016-11-02 08:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 20:36 - 2016-11-02 08:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-09 20:36 - 2016-11-02 08:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-09 20:36 - 2016-11-02 08:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-09 20:36 - 2016-11-02 08:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 20:36 - 2016-11-02 08:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-09 20:36 - 2016-11-02 08:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-09 20:36 - 2016-11-02 08:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-09 20:36 - 2016-11-02 08:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-09 20:36 - 2016-11-02 08:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 20:36 - 2016-11-02 08:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-09 20:36 - 2016-11-02 08:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 20:36 - 2016-11-02 08:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-09 20:36 - 2016-11-02 08:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-09 20:36 - 2016-11-02 08:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 20:36 - 2016-11-02 08:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-09 20:36 - 2016-11-02 08:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-09 20:36 - 2016-11-02 08:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 20:36 - 2016-11-02 08:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 20:36 - 2016-11-02 08:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 20:36 - 2016-11-02 08:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 20:36 - 2016-11-02 08:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 20:36 - 2016-11-02 08:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 20:36 - 2016-11-02 08:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 20:36 - 2016-11-02 08:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-09 20:36 - 2016-11-02 08:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 20:36 - 2016-11-02 08:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-09 20:36 - 2016-11-02 08:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 20:36 - 2016-11-02 08:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 20:36 - 2016-11-02 08:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-09 20:36 - 2016-11-02 08:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 20:36 - 2016-11-02 08:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 20:36 - 2016-11-02 08:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 20:36 - 2016-11-02 08:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 20:36 - 2016-11-02 08:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 20:36 - 2016-11-02 08:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 20:36 - 2016-11-02 08:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 20:36 - 2016-11-02 08:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 20:36 - 2016-11-02 08:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-09 20:36 - 2016-11-02 08:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 20:36 - 2016-11-02 08:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 20:36 - 2016-11-02 08:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 20:36 - 2016-11-02 08:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 20:36 - 2016-11-02 08:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-09 20:36 - 2016-11-02 08:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 20:36 - 2016-11-02 08:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 20:36 - 2016-11-02 08:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 20:36 - 2016-11-02 08:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 20:36 - 2016-11-02 08:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 20:36 - 2016-11-02 08:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-09 20:36 - 2016-11-02 08:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 20:36 - 2016-11-02 08:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 20:36 - 2016-11-02 08:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 20:36 - 2016-11-02 08:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 20:36 - 2016-11-02 08:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 20:36 - 2016-11-02 08:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 20:36 - 2016-11-02 08:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 20:36 - 2016-11-02 08:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 20:36 - 2016-11-02 08:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 20:36 - 2016-11-02 08:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-09 20:36 - 2016-11-02 08:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 20:36 - 2016-11-02 08:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 20:36 - 2016-11-02 08:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-09 20:36 - 2016-11-02 08:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 20:36 - 2016-11-02 08:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 20:36 - 2016-11-02 08:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 20:36 - 2016-11-02 08:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 20:36 - 2016-11-02 08:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 20:36 - 2016-11-02 08:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 20:36 - 2016-11-02 08:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 20:36 - 2016-11-02 08:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 20:36 - 2016-11-02 08:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 20:36 - 2016-11-02 08:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 20:36 - 2016-11-02 08:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 20:36 - 2016-11-02 08:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-09 20:36 - 2016-11-02 08:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 20:36 - 2016-11-02 08:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 20:36 - 2016-11-02 08:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 20:36 - 2016-11-02 08:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 20:36 - 2016-11-02 08:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 20:36 - 2016-11-02 08:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 20:36 - 2016-11-02 08:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 20:36 - 2016-11-02 08:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-09 20:36 - 2016-11-02 08:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 20:36 - 2016-11-02 08:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-09 20:36 - 2016-11-02 08:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 20:36 - 2016-11-02 08:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 20:36 - 2016-11-02 08:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 20:36 - 2016-11-02 08:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 20:36 - 2016-11-02 08:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 20:36 - 2016-11-02 08:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 20:36 - 2016-11-02 08:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 20:36 - 2016-11-02 08:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-09 20:36 - 2016-11-02 08:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 20:36 - 2016-11-02 08:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 20:36 - 2016-11-02 08:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-09 20:36 - 2016-11-02 08:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 20:36 - 2016-11-02 08:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 20:36 - 2016-11-02 08:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 20:36 - 2016-11-02 08:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 20:36 - 2016-11-02 08:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-09 20:36 - 2016-11-02 08:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 20:36 - 2016-11-02 08:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 20:36 - 2016-11-02 08:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 20:36 - 2016-11-02 08:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 20:36 - 2016-11-02 08:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 20:36 - 2016-11-02 08:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 20:36 - 2016-11-02 08:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 20:36 - 2016-11-02 08:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 20:36 - 2016-11-02 08:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 20:36 - 2016-11-02 08:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 20:36 - 2016-11-02 08:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 20:36 - 2016-11-02 08:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 20:36 - 2016-11-02 08:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 20:36 - 2016-11-02 08:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 20:36 - 2016-11-02 08:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 20:36 - 2016-11-02 08:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 20:36 - 2016-11-02 08:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 20:36 - 2016-08-02 02:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-09 20:35 - 2016-11-02 09:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 20:35 - 2016-11-02 09:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 20:35 - 2016-11-02 09:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 20:35 - 2016-11-02 09:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-09 20:35 - 2016-11-02 09:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 20:35 - 2016-11-02 09:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 20:35 - 2016-11-02 09:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 20:35 - 2016-11-02 09:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 20:35 - 2016-11-02 08:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-09 20:35 - 2016-11-02 08:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-09 20:35 - 2016-11-02 08:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 20:35 - 2016-11-02 08:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 20:35 - 2016-11-02 08:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-09 20:35 - 2016-11-02 08:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-09 20:35 - 2016-11-02 08:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 20:35 - 2016-11-02 08:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-09 20:35 - 2016-11-02 08:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-09 20:35 - 2016-11-02 08:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-09 20:35 - 2016-11-02 08:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 20:35 - 2016-11-02 08:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 20:35 - 2016-11-02 08:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-09 20:35 - 2016-11-02 08:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 20:35 - 2016-11-02 08:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 20:35 - 2016-11-02 08:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-09 20:35 - 2016-11-02 08:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 20:35 - 2016-11-02 08:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 20:35 - 2016-11-02 08:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 20:35 - 2016-11-02 08:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 20:35 - 2016-11-02 08:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 20:35 - 2016-11-02 08:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 20:35 - 2016-11-02 08:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 20:35 - 2016-11-02 08:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 20:35 - 2016-11-02 08:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 20:35 - 2016-11-02 08:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 20:35 - 2016-11-02 08:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 20:35 - 2016-11-02 08:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 20:35 - 2016-11-02 08:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 20:35 - 2016-11-02 08:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 20:35 - 2016-11-02 08:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 20:35 - 2016-11-02 08:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 20:35 - 2016-11-02 07:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 20:35 - 2016-11-02 07:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-09 19:13 - 2016-11-09 19:14 - 01478296 _____ C:\Users\Luiz Marsi\Downloads\tinkersdefense-1.3.7.jar
2016-11-09 19:13 - 2016-11-09 19:13 - 00102242 _____ C:\Users\Luiz Marsi\Downloads\DynamicLights-1.7.10.zip
2016-11-09 19:12 - 2016-11-09 19:13 - 01087107 _____ C:\Users\Luiz Marsi\Downloads\1.7.10-MB_Battlegear2-Bullseye-1.0.8.3.jar
2016-11-09 19:11 - 2016-11-09 19:11 - 00020632 _____ C:\Users\Luiz Marsi\Downloads\HardcoreDarkness-MC1.7.10-1.7.jar
2016-11-09 19:09 - 2016-11-09 19:11 - 08758618 _____ C:\Users\Luiz Marsi\Downloads\DynamicSurroundings-1.7.10-1.0.5.6.jar
2016-11-09 19:06 - 2016-11-09 19:07 - 00393392 _____ C:\Users\Luiz Marsi\Downloads\TheKitchenMod-1.3.21-1.7.2-10.jar
2016-11-09 18:51 - 2016-11-09 18:53 - 00593789 _____ C:\Users\Luiz Marsi\Downloads\roguelike-1.7.10-1.5.0b.jar
2016-11-08 16:12 - 2016-11-08 16:13 - 01222159 _____ C:\Users\Luiz Marsi\Downloads\OptiFine_1.7.10_HD_U_D6.jar
2016-11-08 16:11 - 2016-11-08 16:11 - 00253341 _____ C:\Users\Luiz Marsi\Downloads\MekanismGenerators-1.7.10-9.1.0.281.jar
2016-11-08 16:11 - 2016-11-08 16:11 - 00108119 _____ C:\Users\Luiz Marsi\Downloads\B3M-1.7.9-07 (1).zip
2016-11-08 16:11 - 2016-11-08 16:11 - 00031517 _____ C:\Users\Luiz Marsi\Downloads\MekanismTools-1.7.10-9.1.0.281.jar
2016-11-08 16:08 - 2016-11-08 16:11 - 15780244 _____ C:\Users\Luiz Marsi\Downloads\Mekanism-1.7.10-9.1.0.281.jar
2016-11-08 16:06 - 2016-11-08 16:06 - 00417651 _____ C:\Users\Luiz Marsi\Downloads\GraviSuite-1.7.10-2.0.3 (2).jar
2016-11-08 16:06 - 2016-11-08 16:06 - 00305645 _____ C:\Users\Luiz Marsi\Downloads\AdvancedSolarPanel-1.7.10-3.5.1 (1).jar
2016-11-08 14:02 - 2016-11-08 14:03 - 01942361 _____ C:\Users\Luiz Marsi\Downloads\OptiFine_1.10.2_HD_U_D2.jar
2016-11-07 21:34 - 2016-11-07 21:34 - 00339557 _____ C:\Users\Luiz Marsi\Downloads\MekanismGenerators-1.10.2-9.2.0.294.jar
2016-11-07 21:34 - 2016-11-07 21:34 - 00140124 _____ C:\Users\Luiz Marsi\Downloads\MekanismTools-1.10.2-9.2.0.294.jar
2016-11-07 21:33 - 2016-11-07 21:35 - 15561381 _____ C:\Users\Luiz Marsi\Downloads\Mekanism-1.10.2-9.2.0.294.jar
2016-11-07 20:33 - 2016-11-07 20:39 - 63235648 _____ (Oracle Corporation) C:\Users\Luiz Marsi\Downloads\jre-8u111-windows-x64.exe
2016-11-07 20:04 - 2016-11-07 20:04 - 00000000 ____D C:\Users\Luiz Marsi\Documents\Curse
2016-11-07 20:01 - 2016-11-14 20:54 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Roaming\Curse Client
2016-11-07 20:01 - 2016-11-07 20:01 - 00001096 _____ C:\Users\Luiz Marsi\Desktop\Curse.lnk
2016-11-07 20:01 - 2016-11-07 20:01 - 00001082 _____ C:\Users\Luiz Marsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2016-11-07 19:59 - 2016-11-07 19:59 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Roaming\Curse
2016-11-07 19:54 - 2016-11-07 19:59 - 76716144 _____ (Curse) C:\Users\Luiz Marsi\Downloads\CurseClientSetup_[addonclient-upsell].exe
2016-11-07 19:53 - 2016-11-07 19:53 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Local\Apps\2.0
2016-11-07 19:48 - 2016-11-07 19:53 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Local\Deployment
2016-11-05 13:40 - 2016-11-05 13:40 - 00000000 ____D C:\Users\Luiz Marsi\AppData\LocalLow\AMD
2016-11-05 13:34 - 2016-11-05 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-11-04 23:49 - 2016-11-04 23:49 - 03413595 _____ C:\Users\Luiz Marsi\Downloads\heraldic_brushes_svg_by_mrtentacleguy.zip
2016-11-04 23:45 - 2016-11-04 23:45 - 00000000 ____D C:\Users\Luiz Marsi\Desktop\eps
2016-11-04 23:44 - 2016-11-04 23:44 - 03455839 _____ C:\Users\Luiz Marsi\Downloads\013_heraldry.zip
2016-11-04 23:44 - 2016-11-04 23:44 - 00818418 _____ C:\Users\Luiz Marsi\Downloads\heraldic-elements.svg
2016-11-04 23:39 - 2016-11-04 23:40 - 03414413 _____ C:\Users\Luiz Marsi\Downloads\Heraldry.zip
2016-11-04 23:34 - 2016-11-04 23:34 - 01735967 _____ C:\Users\Luiz Marsi\Downloads\all-silhouettes-1512.zip
2016-11-04 23:32 - 2016-11-04 23:32 - 00000000 ____D C:\Users\Luiz Marsi\Desktop\inkscape
2016-11-04 23:28 - 2016-11-04 23:31 - 50213577 _____ C:\Users\Luiz Marsi\Downloads\Inkscape-0.91-1-win64.7z
2016-11-04 23:13 - 2016-11-05 13:28 - 221492976 _____ (AMD Inc.) C:\Users\Luiz Marsi\Desktop\non-whql-win10-64bit-radeon-software-crimson-16.11.2-nov4.exe
2016-11-04 21:15 - 2016-11-04 21:36 - 221492976 _____ (AMD Inc.) C:\Users\Luiz Marsi\Downloads\non-whql-win10-64bit-radeon-software-crimson-16.11.2-nov4.exe
2016-11-04 15:30 - 2016-11-04 15:30 - 00118320 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-11-04 15:29 - 2016-11-04 15:29 - 00156248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-11-04 15:29 - 2016-11-04 15:29 - 00121880 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-11-04 15:29 - 2016-11-04 15:29 - 00120384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-11-04 15:29 - 2016-11-04 15:29 - 00112664 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-11-04 15:29 - 2016-11-04 15:29 - 00092184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-11-04 15:29 - 2016-11-04 15:29 - 00029728 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-11-02 17:51 - 2016-11-02 17:51 - 00001121 _____ C:\Users\Luiz Marsi\Desktop\FisiCalc 2.0.lnk
2016-11-02 17:42 - 2016-11-02 17:42 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FisiCalc
2016-11-02 17:42 - 2016-11-02 17:42 - 00000000 ____D C:\Program Files (x86)\FisiCalc
2016-11-02 17:41 - 2016-11-02 17:41 - 00216090 _____ C:\Users\Luiz Marsi\Downloads\FisiCalc2FomulasdeFisica.exe
2016-10-28 19:10 - 2016-10-28 19:11 - 00412068 _____ C:\WINDOWS\Minidump\102816-27843-01.dmp
2016-10-28 19:10 - 2016-10-28 19:10 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-28 00:26 - 2016-10-28 00:26 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2016-10-27 22:44 - 2016-11-08 14:44 - 05610688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-10-27 18:40 - 2016-10-15 02:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-27 18:40 - 2016-10-15 02:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-27 18:40 - 2016-10-15 02:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-27 18:40 - 2016-10-15 02:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-27 18:40 - 2016-10-15 02:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-27 18:40 - 2016-10-15 02:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-27 18:40 - 2016-10-15 02:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-27 18:40 - 2016-10-15 02:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-27 18:40 - 2016-10-15 02:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-27 18:40 - 2016-10-15 02:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-27 18:40 - 2016-10-15 01:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-27 18:40 - 2016-10-15 01:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-27 18:40 - 2016-10-15 01:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-27 18:40 - 2016-10-15 01:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-27 18:40 - 2016-10-15 01:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-27 18:40 - 2016-10-15 01:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-27 18:40 - 2016-10-15 01:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-27 18:40 - 2016-10-15 01:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-27 18:40 - 2016-10-15 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-27 18:40 - 2016-10-15 01:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-27 18:40 - 2016-10-15 01:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-27 18:40 - 2016-10-15 01:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-27 18:40 - 2016-10-15 01:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-27 18:40 - 2016-10-15 01:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-27 18:40 - 2016-10-15 01:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 18:40 - 2016-10-15 01:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-27 18:40 - 2016-10-15 01:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-27 18:40 - 2016-10-15 01:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 18:40 - 2016-10-15 01:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-27 18:40 - 2016-10-15 01:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-27 18:40 - 2016-10-15 01:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 18:40 - 2016-10-15 01:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-27 18:40 - 2016-10-15 01:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-27 18:40 - 2016-10-15 01:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-27 18:40 - 2016-10-15 01:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-27 18:40 - 2016-10-15 01:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-27 18:40 - 2016-10-15 01:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-27 18:40 - 2016-10-15 01:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-27 18:40 - 2016-10-15 01:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-27 18:40 - 2016-10-15 01:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-27 18:39 - 2016-10-15 02:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-27 18:39 - 2016-10-15 02:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-27 18:39 - 2016-10-15 02:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-27 18:39 - 2016-10-15 02:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-27 18:39 - 2016-10-15 02:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-27 18:39 - 2016-10-15 02:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-27 18:39 - 2016-10-15 02:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-27 18:39 - 2016-10-15 01:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-27 18:39 - 2016-10-15 01:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-27 18:39 - 2016-10-15 01:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-27 18:39 - 2016-10-15 01:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-27 18:39 - 2016-10-15 01:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-27 18:39 - 2016-10-15 01:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-27 18:39 - 2016-10-15 01:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-27 18:39 - 2016-10-15 01:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-27 18:39 - 2016-10-15 01:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-27 18:39 - 2016-10-15 01:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-27 18:39 - 2016-10-15 01:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-27 18:39 - 2016-10-15 01:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-27 18:39 - 2016-10-15 01:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-27 18:39 - 2016-10-15 01:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-27 18:37 - 2016-10-15 02:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-27 18:37 - 2016-10-15 02:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-27 18:37 - 2016-10-15 02:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-27 18:37 - 2016-10-15 02:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-27 18:37 - 2016-10-15 01:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-27 18:37 - 2016-10-15 01:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-27 18:37 - 2016-10-15 01:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-27 18:37 - 2016-10-15 01:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-27 18:37 - 2016-10-15 01:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-27 18:37 - 2016-10-15 01:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-27 18:37 - 2016-10-15 01:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-27 18:36 - 2016-10-15 02:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-27 18:36 - 2016-10-15 02:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-27 18:36 - 2016-10-15 02:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-27 18:36 - 2016-10-15 02:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-27 18:36 - 2016-10-15 02:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-27 18:36 - 2016-10-15 02:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-27 18:36 - 2016-10-15 02:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-27 18:36 - 2016-10-15 02:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-27 18:36 - 2016-10-15 02:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-27 18:36 - 2016-10-15 02:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-27 18:36 - 2016-10-15 02:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-27 18:36 - 2016-10-15 02:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-27 18:36 - 2016-10-15 02:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-27 18:36 - 2016-10-15 02:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-27 18:36 - 2016-10-15 02:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-27 18:36 - 2016-10-15 02:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-27 18:36 - 2016-10-15 02:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-27 18:36 - 2016-10-15 02:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-27 18:36 - 2016-10-15 02:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-27 18:36 - 2016-10-15 02:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-27 18:36 - 2016-10-15 02:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-27 18:36 - 2016-10-15 02:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-27 18:36 - 2016-10-15 02:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-27 18:36 - 2016-10-15 01:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-27 18:36 - 2016-10-15 01:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-27 18:36 - 2016-10-15 01:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-27 18:36 - 2016-10-15 01:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-27 18:36 - 2016-10-15 01:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-27 18:36 - 2016-10-15 01:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-27 18:36 - 2016-10-15 01:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-27 18:36 - 2016-10-15 01:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-27 18:36 - 2016-10-15 01:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-27 18:36 - 2016-10-15 01:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-27 18:36 - 2016-10-15 01:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-27 18:36 - 2016-10-15 01:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-27 18:36 - 2016-10-15 01:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-27 18:36 - 2016-10-15 01:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-27 18:36 - 2016-10-15 01:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-27 18:36 - 2016-10-15 01:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-27 18:36 - 2016-10-15 01:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-27 18:36 - 2016-10-15 01:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-27 18:36 - 2016-10-15 01:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-27 18:36 - 2016-10-15 01:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-27 18:36 - 2016-10-15 01:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-27 18:36 - 2016-10-15 01:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-27 18:36 - 2016-10-15 01:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-27 18:36 - 2016-10-15 01:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 18:36 - 2016-10-15 01:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-27 18:36 - 2016-10-15 01:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 18:36 - 2016-10-15 01:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-27 18:36 - 2016-10-15 01:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 18:36 - 2016-10-15 01:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-27 18:36 - 2016-10-15 01:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-27 18:36 - 2016-10-15 01:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-27 18:36 - 2016-10-15 01:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-27 18:36 - 2016-10-15 01:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-27 18:36 - 2016-10-15 01:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-27 18:36 - 2016-10-15 01:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-27 18:36 - 2016-10-15 01:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-27 18:36 - 2016-10-15 01:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-27 18:36 - 2016-10-15 01:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-27 18:36 - 2016-10-15 01:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-27 18:36 - 2016-10-15 01:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-27 18:36 - 2016-10-15 01:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-27 18:36 - 2016-10-15 01:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-27 18:36 - 2016-10-15 01:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-27 18:36 - 2016-10-15 01:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-27 18:36 - 2016-10-15 01:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-27 18:36 - 2016-10-15 01:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-27 18:36 - 2016-10-15 01:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-27 18:36 - 2016-10-15 01:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-27 18:36 - 2016-10-15 01:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-27 18:36 - 2016-10-15 01:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-27 18:36 - 2016-10-15 01:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-27 18:36 - 2016-10-15 01:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-27 18:36 - 2016-10-15 01:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-27 18:36 - 2016-10-15 01:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-27 18:36 - 2016-10-15 01:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-27 18:36 - 2016-10-15 01:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-27 18:36 - 2016-10-15 01:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-27 18:36 - 2016-08-27 03:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-27 18:36 - 2016-08-06 02:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-27 18:35 - 2016-10-15 02:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-27 18:35 - 2016-10-15 02:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-27 18:35 - 2016-10-15 02:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-27 18:35 - 2016-10-15 02:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-27 18:35 - 2016-10-15 02:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-27 18:35 - 2016-10-15 02:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-27 18:35 - 2016-10-15 02:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-27 18:35 - 2016-10-15 02:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-27 18:35 - 2016-10-15 02:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-27 18:35 - 2016-10-15 02:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-27 18:35 - 2016-10-15 02:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-27 18:35 - 2016-10-15 02:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-27 18:35 - 2016-10-15 02:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-27 18:35 - 2016-10-15 02:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-27 18:35 - 2016-10-15 02:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-27 18:35 - 2016-10-15 02:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-27 18:35 - 2016-10-15 02:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-27 18:35 - 2016-10-15 02:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-27 18:35 - 2016-10-15 02:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-27 18:35 - 2016-10-15 02:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-27 18:35 - 2016-10-15 01:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-27 18:35 - 2016-10-15 01:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-27 18:35 - 2016-10-15 01:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-27 18:35 - 2016-10-15 01:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-27 18:35 - 2016-10-15 01:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-27 18:35 - 2016-10-15 01:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-27 18:35 - 2016-10-15 01:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-27 18:35 - 2016-10-15 01:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-27 18:35 - 2016-10-15 01:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-27 18:35 - 2016-10-15 01:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-27 18:35 - 2016-10-15 01:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-27 18:35 - 2016-10-15 01:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-27 18:35 - 2016-10-15 01:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-27 18:35 - 2016-10-15 01:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-27 18:35 - 2016-10-15 01:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-27 18:35 - 2016-10-15 01:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-27 18:35 - 2016-10-15 01:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-27 18:35 - 2016-10-15 01:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-27 18:35 - 2016-10-15 01:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-27 18:35 - 2016-10-15 01:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-27 18:35 - 2016-10-15 01:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-27 18:35 - 2016-10-15 01:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-27 18:35 - 2016-10-15 01:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-27 18:35 - 2016-09-10 11:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-11-24 15:54 - 2013-05-06 16:42 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-24 14:26 - 2016-09-26 15:45 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-24 12:38 - 2015-07-29 21:03 - 00007598 _____ C:\Users\Luiz Marsi\AppData\Local\Resmon.ResmonCfg
2016-11-24 12:24 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-24 12:16 - 2016-09-26 16:30 - 00003124 _____ C:\WINDOWS\System32\Tasks\RTSS
2016-11-24 12:16 - 2016-09-21 16:49 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Local\Overwolf
2016-11-24 12:13 - 2016-09-26 16:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-23 23:47 - 2016-08-26 00:26 - 00000000 ____D C:\Users\Luiz Marsi\Desktop\leaders
2016-11-23 22:49 - 2013-06-27 18:29 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Local\ElevatedDiagnostics
2016-11-23 21:56 - 2013-07-13 12:40 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Roaming\Origin
2016-11-23 21:56 - 2013-07-09 22:07 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-11-23 21:56 - 2013-07-09 22:07 - 00000000 ____D C:\ProgramData\Origin
2016-11-23 16:41 - 2016-09-26 15:54 - 00000000 ____D C:\Users\Luiz Marsi
2016-11-22 22:08 - 2013-08-18 16:44 - 00000000 ____D C:\Users\Todos os Usuários\APN
2016-11-22 22:08 - 2013-08-18 16:44 - 00000000 ____D C:\ProgramData\APN
2016-11-22 21:39 - 2015-12-30 02:33 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Local\LogMeIn Hamachi
2016-11-22 21:05 - 2015-07-01 12:05 - 00000000 ____D C:\Program Files\Common Files\AV
2016-11-22 20:45 - 2013-07-09 22:07 - 00000000 ____D C:\Program Files (x86)\Origin
2016-11-22 20:40 - 2016-07-16 09:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-22 20:39 - 2015-12-16 02:11 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-11-22 20:39 - 2013-10-11 14:50 - 00000000 ____D C:\Program Files\Microsoft Games
2016-11-22 17:59 - 2016-09-26 16:05 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\LogMeIn Hamachi
2016-11-22 17:59 - 2016-09-26 16:05 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-11-22 17:59 - 2016-09-26 16:05 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-11-18 19:52 - 2016-07-16 09:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-18 19:42 - 2016-09-26 15:49 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-11-18 19:42 - 2016-07-16 04:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-11-18 19:37 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-16 05:20 - 2013-09-21 13:30 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Roaming\Dropbox
2016-11-16 04:55 - 2016-09-21 16:55 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-11-15 23:58 - 2016-10-15 19:33 - 00000690 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2016-11-15 03:43 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-14 22:31 - 2013-06-25 22:47 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-14 22:31 - 2013-06-25 22:47 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-14 19:51 - 2016-01-11 20:52 - 00000000 ____D C:\Users\Luiz Marsi\Desktop\multimc
2016-11-14 19:51 - 2014-06-05 16:01 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Local\ftblauncher
2016-11-11 17:52 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-11 14:30 - 2014-05-31 09:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-11 13:57 - 2016-09-26 15:44 - 00350928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-10 21:49 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-10 21:49 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-10 21:49 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-10 21:48 - 2016-07-16 09:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-10 21:48 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-10 21:48 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-10 14:40 - 2016-07-16 09:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-10 14:30 - 2014-11-01 21:45 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-11-09 20:52 - 2013-08-14 17:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-09 20:52 - 2013-06-27 14:27 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-09 18:24 - 2013-06-27 18:04 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-11-08 14:44 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-08 14:44 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-07 20:40 - 2014-03-14 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-07 20:40 - 2013-06-25 23:09 - 00000000 ____D C:\Program Files\Java
2016-11-07 20:39 - 2016-06-15 23:10 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-11-05 13:31 - 2016-09-26 15:48 - 00000000 ____D C:\Program Files\AMD
2016-11-05 13:29 - 2013-07-14 21:05 - 00000000 ____D C:\AMD
2016-11-04 15:30 - 2016-10-01 07:08 - 00242712 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-11-04 15:30 - 2016-10-01 07:08 - 00169504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-11-04 15:30 - 2016-10-01 07:08 - 00144416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-11-04 15:30 - 2016-10-01 07:08 - 00138784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-11-04 15:30 - 2016-10-01 07:08 - 00118296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-11-04 15:30 - 2016-10-01 06:56 - 00277024 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-11-04 15:29 - 2016-10-01 07:10 - 00475632 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-11-04 15:29 - 2016-10-01 07:10 - 00152096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-11-04 15:29 - 2016-10-01 07:10 - 00135920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-11-04 15:29 - 2016-10-01 07:10 - 00120384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-11-04 15:29 - 2016-10-01 07:10 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-11-04 15:29 - 2016-10-01 07:09 - 00135408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-11-04 15:29 - 2016-10-01 07:08 - 00901664 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll
2016-11-04 15:29 - 2016-10-01 07:08 - 00291360 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-11-04 15:29 - 2016-10-01 07:08 - 00284696 _____ C:\WINDOWS\system32\GameManager64.dll
2016-11-04 15:29 - 2016-10-01 07:08 - 00278552 _____ C:\WINDOWS\system32\clinfo.exe
2016-11-04 15:29 - 2016-10-01 07:07 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-11-04 15:29 - 2016-10-01 07:07 - 00127008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-11-04 15:29 - 2016-10-01 07:06 - 00467992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-11-04 15:29 - 2016-10-01 07:06 - 00298520 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-11-04 15:29 - 2016-10-01 07:06 - 00239640 _____ C:\WINDOWS\system32\atieah64.exe
2016-11-04 15:29 - 2016-10-01 07:06 - 00217632 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-11-04 15:29 - 2016-10-01 07:06 - 00210968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-11-04 15:29 - 2016-10-01 07:06 - 00184864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-11-04 15:29 - 2016-10-01 07:06 - 00119840 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-11-04 15:29 - 2016-10-01 07:05 - 09935904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-11-04 15:29 - 2016-10-01 07:05 - 08075288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-11-04 15:29 - 2016-10-01 07:05 - 02490400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-11-04 15:29 - 2016-10-01 07:05 - 02172952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-11-04 15:29 - 2016-10-01 07:05 - 01007640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-11-04 15:29 - 2016-10-01 07:05 - 00411672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-11-04 15:29 - 2016-10-01 07:05 - 00069152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2016-11-04 15:29 - 2016-10-01 07:03 - 00851488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-11-04 15:29 - 2016-10-01 07:03 - 00686616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-11-04 15:29 - 2016-10-01 07:03 - 00257560 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-11-04 15:29 - 2016-10-01 07:03 - 00230424 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-11-04 15:29 - 2016-10-01 07:03 - 00075800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-11-04 15:29 - 2016-10-01 06:57 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-11-04 15:29 - 2016-10-01 06:56 - 01342496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-11-04 15:29 - 2016-10-01 06:56 - 00535064 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-11-04 15:29 - 2016-09-30 18:29 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-11-04 15:29 - 2016-09-30 18:29 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-11-04 15:29 - 2016-09-30 18:29 - 00759128 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-11-04 15:29 - 2016-09-30 18:29 - 00759128 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-11-04 15:29 - 2016-09-30 18:28 - 00000144 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2016-11-04 15:29 - 2016-09-30 18:28 - 00000144 _____ C:\WINDOWS\system32\amd-vulkan64.json
2016-11-04 15:29 - 2016-09-13 23:08 - 01007640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-11-04 15:29 - 2016-09-13 23:08 - 00249368 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-11-04 15:29 - 2016-09-13 23:08 - 00149640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-11-04 15:29 - 2016-09-13 23:08 - 00137256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-11-04 15:29 - 2016-09-13 23:08 - 00110104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-11-04 15:29 - 2016-09-13 23:08 - 00098840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-11-04 15:29 - 2016-09-13 23:08 - 00029728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-11-04 14:43 - 2015-07-02 14:26 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Roaming\discord
2016-10-30 21:51 - 2013-06-25 22:42 - 00000000 ____D C:\Users\Luiz Marsi\AppData\Local\Google
2016-10-28 21:56 - 2016-07-16 09:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-28 21:56 - 2016-07-16 09:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-28 19:10 - 2013-11-26 17:26 - 781394968 _____ C:\WINDOWS\MEMORY.DMP
2016-10-28 17:34 - 2016-04-27 17:35 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-28 15:29 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-28 15:28 - 2016-07-16 09:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-27 22:44 - 2016-09-26 16:30 - 00003888 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-10-26 16:16 - 2016-10-18 13:59 - 00000000 ____D C:\Users\Luiz Marsi\Documents\Battlefield 1

==================== Arquivos na raiz de alguns diretórios =======

2015-03-30 20:15 - 2015-08-16 18:44 - 14283832 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-02-27 16:31 - 2014-02-27 16:31 - 0000627 _____ () C:\Users\Luiz Marsi\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-02-27 16:38 - 2014-02-27 16:38 - 0000842 _____ () C:\Users\Luiz Marsi\AppData\Roaming\Drives Meter_Settings.ini
2014-02-27 16:25 - 2014-02-27 16:34 - 0000284 _____ () C:\Users\Luiz Marsi\AppData\Roaming\GPU MeterV2_Settings.ini
2015-01-12 15:06 - 2015-01-12 15:08 - 0000431 _____ () C:\Users\Luiz Marsi\AppData\Roaming\MinecraftClickerSave.txt
2013-06-28 12:51 - 2012-03-29 04:30 - 2950443 _____ () C:\Users\Luiz Marsi\AppData\Roaming\minecraftp.exe
2013-06-26 17:46 - 2013-06-26 08:29 - 0000085 _____ () C:\Users\Luiz Marsi\AppData\Roaming\Open.bat
2013-11-04 15:03 - 2013-12-09 16:53 - 13815808 _____ () C:\Users\Luiz Marsi\AppData\Roaming\Sandra.mdb
2015-10-13 13:55 - 2015-10-13 13:55 - 0001167 _____ () C:\Users\Luiz Marsi\AppData\Roaming\trace_FilterInstaller.1.txt
2015-10-13 13:55 - 2015-12-04 14:36 - 0000905 _____ () C:\Users\Luiz Marsi\AppData\Roaming\trace_FilterInstaller.txt
2015-10-13 13:55 - 2015-12-04 14:36 - 0000000 _____ () C:\Users\Luiz Marsi\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-10-04 19:38 - 2016-09-06 20:09 - 0006656 _____ () C:\Users\Luiz Marsi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-03 18:09 - 2016-06-03 18:09 - 0000600 _____ () C:\Users\Luiz Marsi\AppData\Local\PUTTY.RND
2016-11-23 21:28 - 2016-11-23 21:28 - 0000724 _____ () C:\Users\Luiz Marsi\AppData\Local\recently-used.xbel
2015-07-29 21:03 - 2016-11-24 12:38 - 0007598 _____ () C:\Users\Luiz Marsi\AppData\Local\Resmon.ResmonCfg
2015-07-29 17:16 - 2015-07-29 17:16 - 0000000 _____ () C:\Users\Luiz Marsi\AppData\Local\{08D5F573-27BC-4DCA-AF09-C42E7ABACDD9}
2016-09-26 15:47 - 2016-09-26 15:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-09-10 23:32 - 2016-09-10 23:32 - 0000016 _____ () C:\ProgramData\mntemp

Arquivos para serem movidos ou deletados:
====================
C:\Users\Luiz Marsi\worldpainter_64_1.8.5.exe


Alguns arquivos em TEMP:
====================
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-102752984587827095.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-1065629429222054957.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-123533036146972751.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-1376645750347393329.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-1616118878661919425.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-1626283463157636103.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-200362781898316387.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-2193401314732602271.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-2741834169347736377.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-2892856576941962103.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-2960108413397569065.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-3225908818155569969.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-4066744814998801438.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-4069062106568507107.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-4342208772056416968.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-4550534217998313249.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-4670918021722409303.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-5140125674724924282.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-5283049074200946131.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-5402476998307189076.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-60016385485493446.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-6220693396057346612.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-6394258002175577965.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-6608150380118331142.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-6611250759019030197.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-6705792805852420081.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-8100007856215821256.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-8328566597867771988.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-8557537706897199945.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-8672365325325808195.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-8770615449973483775.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-8899563209887814983.dll
C:\Users\Luiz Marsi\AppData\Local\Temp\jansi-64-9147537083319472138.dll


==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-11-17 18:52

==================== Fim de FRST.txt ============================

Additions.txt

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 23-11-2016
Executado por Luiz Marsi (24-11-2016 16:14:40)
Executando a partir de C:\Users\Luiz Marsi\Desktop
Windows 10 Home Single Language Versão 1607 (X64) (2016-09-26 18:36:47)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-4004184569-2282581070-1150986999-500 - Administrator - Disabled)
Convidado (S-1-5-21-4004184569-2282581070-1150986999-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-4004184569-2282581070-1150986999-503 - Limited - Disabled)
Luiz Marsi (S-1-5-21-4004184569-2282581070-1150986999-1001 - Administrator - Enabled) => C:\Users\Luiz Marsi

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
ACP Application (Version: 2016.0718.1650.38 - Advanced Micro Devices, Inc.) Hidden
Act of Aggression (HKLM-x32\...\Steam App 318020) (Version:  - Eugen Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires III - The Napoleonic Era version 2.1.8 (HKLM-x32\...\{647233CC-A29F-4961-9CB0-50AD445C7238}_is1) (Version: 2.1.8 - Napoleonic Era Team)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
ANNO 1404 - Gold Edition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Application Profiles (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Armored Warfare MyCom Beta (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\Armored Warfare MyCom Beta) (Version: 1.58 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Armored Warfare MyCom Beta) (Version: 1.58 - My.com B.V.)
ASUS PC Link (HKLM-x32\...\{52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1) (Version: 2.2.29.727 - ASUSTEK)
ASUS Share Link (HKLM-x32\...\{c3bcc1e3-f950-439c-bcae-f01283e9f2a4}_is1) (Version: 1.0.24.0731 - ASUSTEK)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version:  - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version:  - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version:  - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version:  - Microsoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk DirectConnect 2015 64-bit Hotfix1 (HKLM\...\Autodesk DirectConnect 2015 64-bit_9001) (Version: 9.0.56.4 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)
AwesomiumSetup (HKLM-x32\...\{19EF99D1-7EE6-4B5E-ABEE-0B3825F703B0}) (Version: 1.00.0000 - SIX Networks GmbH)
Battle of Empires : 1914-1918 (HKLM-x32\...\Steam App 316430) (Version:  - Great War Team)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlefield 4™ CTE (HKLM-x32\...\{551A08D1-B60E-4DED-9B67-C3B38258CCA3}) (Version: 1.0.2.13779 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.10.265 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Beta de Battlefield™ Hardline (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.2 - Electronic Arts)
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
Blitzkrieg Mod version 4.8.1.0 (HKLM-x32\...\{81EC7B6D-B297-4820-B5BE-5A2373725158}_is1) (Version: 4.8.1.0 - Blitzkrieg Mod Team)
Blockland (HKLM-x32\...\Steam App 250340) (Version:  - Eric Hartman)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 8.2 - Codeusa Software)
Brothers In Arms (HKLM-x32\...\BrothersInArms) (Version:  - Ubisoft)
Call of Duty (HKLM\...\Steam App 2620) (Version:  - Infinity Ward)
Call of Duty 2 (HKLM\...\Steam App 2630) (Version:  - Infinity Ward)
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: United Offensive (HKLM\...\Steam App 2640) (Version:  - Gray Matter Studios)
Call to Arms (HKLM\...\Steam App 302670) (Version:  - Digitalmindsoft)
CastleMiner Z (HKLM-x32\...\Steam App 253430) (Version:  - DigitalDNA Games LLC)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cities XL 2012 (HKLM-x32\...\Cities XL 2012) (Version: 1.0.0 - Focus Home Interactive)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Company of Heroes 2 Tools (HKLM-x32\...\Steam App 313220) (Version:  - )
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 3.2.5742 - Corsair)
Corsair Link(TM) USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
CPUID ASUS CPU-Z 1.60.1 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.60.1 - CPUID, Inc.)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Curse Client (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAZZ Headset Gaming para PC (HKLM\...\C-Media CM108 Like Sound Driver) (Version:  - )
Democracy 3 (HKLM-x32\...\Steam App 245470) (Version:  - Positech Games)
Device Simulation Framework 1.0.1 (HKLM\...\{C7966AB3-A8D9-48D5-B7DF-922674C40098}) (Version: 1.0.1 - Microsoft)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
Discord (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Discord (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DOOM Closed Alpha (HKLM-x32\...\Steam App 350470) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Driver Fusion (HKLM-x32\...\{100C8F3B-82D6-4B14-BB7A-5E8C3FF810C8}_is1) (Version: 1.7.0 - Treexy)
Dropbox (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
Eastern Front (HKLM-x32\...\Eastern Front) (Version: 2.2.2.0 - )
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
ENCORE Driver de LAN Sem Fio - Adaptador USB (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0000 - )
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
Express Burn (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.003 - Ezvid, inc.)
FileZilla Client 3.19.0 (HKLM-x32\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
FisiCalc (HKLM-x32\...\FisiCalc) (Version:  - )
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
Happy Wars (HKLM-x32\...\Steam App 246280) (Version:  - )
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Heroes of the West (HKLM\...\Steam App 440090) (Version:  - Tripwire Interactive)
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - )
intelliScore Polyphonic MP3 to MIDI Converter Demo (HKLM-x32\...\intelliScore Polyphonic MP3 to MIDI Converter Demo) (Version: 8.1.2 - Innovative Music Systems)
Interstellar Marines (HKLM-x32\...\Steam App 236370) (Version:  - Zero Point Software)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software 8.87 (HKLM\...\Logitech Gaming Software) (Version: 8.87.116 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
LOOT versão 0.8.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.1 - LOOT Team)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Masters of the World (HKLM-x32\...\Steam App 268890) (Version:  - Eversim)
Men of War (HKLM-x32\...\Steam App 7830) (Version:  - Best Way)
Men of War: Assault Squad 2 (HKLM-x32\...\Steam App 244450) (Version:  - Digitalmindsoft)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{070C55FA-FB9D-46DD-B30B-4B520A83A66A}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft: Story Mode - A Telltale Games Series (HKLM-x32\...\Steam App 376870) (Version:  - Telltale Games)
Motorola Device Software Update (x32 Version: 1.0.41 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0 - Motorola Inc.) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Afterburner 2.2.5 (HKLM-x32\...\Afterburner) (Version: 2.2.5 - MSI Co., LTD)
MSI Kombustor 2.4.2 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Mumble 1.2.4 (HKLM-x32\...\{266F6E38-F597-4BB0-AF8E-8074E8E887F0}) (Version: 1.2.4 - Thorvald Natvig)
Murder Miners (HKLM-x32\...\Steam App 274900) (Version:  - JForce Games)
My.com Game Center (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\MyComGames) (Version: 3.161 - My.com B.V.)
My.com Game Center (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyComGames) (Version: 3.161 - My.com B.V.)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.1 - Black Tree Gaming)
NHCmod v2.700b (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\NHCmod v2.700b) (Version:  - )
NHCmod v2.700b (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\NHCmod v2.700b) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.3.2.64935 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.99.218.0 - Overwolf Ltd.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 2.24 - NCH Software)
Planetary Annihilation (HKLM\...\Steam App 233250) (Version:  - Uber Entertainment)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.14.0-r116157-release - Plays.tv, LLC)
Portal 2 - The Final Hours (HKLM-x32\...\Steam App 104600) (Version:  - Geoff Keighley)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prison Architect (HKLM\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Eugen Systems)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.1.922.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Rise of Nations: Extended Edition (HKLM-x32\...\Steam App 287450) (Version:  - SkyBox Labs)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Robocraft (HKLM\...\Steam App 301520) (Version:  - Freejam)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.2 - Rockstar Games)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version:  - Crytek)
Sapphire TRIXX (HKLM-x32\...\Sapphire TRIXX) (Version:  - )
Scrap Mechanic (HKLM-x32\...\Steam App 387990) (Version:  - Axolot Games)
Seagate DiscWizard (HKLM-x32\...\{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}) (Version: 13.0.14387 - Seagate)
Ship Simulator Extremes (HKLM-x32\...\Steam App 48800) (Version:  - VStep)
Shoppe Keep (HKLM-x32\...\Steam App 381120) (Version:  - Arvydas Žemaitis)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.96.5684 - Electronic Arts)
SiSoftware Sandra Lite 2013.SP6 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.66.2013.10 - SiSoftware)
Skype Audio Player (remove only) (HKLM-x32\...\SkypePlayer) (Version:  - )
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Skyrim Script Extender (SKSE) (HKLM-x32\...\Steam App 365720) (Version:  - The SKSE Team)
Sniper Elite 3 (HKLM-x32\...\Steam App 238090) (Version:  - Rebellion)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Sniper Elite: Nazi Zombie Army (HKLM-x32\...\Steam App 227100) (Version:  - Rebellion)
Sniper Elite: Nazi Zombie Army 2 (HKLM-x32\...\Steam App 247910) (Version:  - )
Software Inc. (HKLM-x32\...\Steam App 362620) (Version:  - Coredumping)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars: Empire at War Gold (HKLM\...\Steam App 32470) (Version:  - Petroglyph)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.6.35326 - Electronic Arts)
StarMade (HKLM-x32\...\Steam App 244770) (Version:  - Schine, GmbH)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steel Ocean (HKLM-x32\...\Steam App 390670) (Version:  - ICE Entertainment)
Stellaris (HKLM\...\Steam App 281990) (Version:  - Paradox Development Studio)
TANK Ranger_NA  (HKLM-x32\...\TANK Ranger_NA) (Version:  - OliveGames / NEXUS I&C)
TankiX (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\TankiX) (Version:  - )
TankiX (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TankiX) (Version:  - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
Techne (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\244a1e8693fd9c7e) (Version: 1.3.0.15 - ZeuX and r4wk)
Techne (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\244a1e8693fd9c7e) (Version: 1.3.0.15 - ZeuX and r4wk)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.7.0.9 - GOG.com)
The Collider (HKLM-x32\...\Steam App 319550) (Version:  - Shortbreak Studios s.c.)
The Decimation of Olarath (HKLM\...\Steam App 491250) (Version:  - Digital Homicide Studios LLC)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Plan (HKLM-x32\...\Steam App 250600) (Version:  - Krillbite Studio)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version:  - Ubisoft Singapore)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft)
Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft)
Toy Soldiers (HKLM-x32\...\Steam App 98300) (Version:  - Signal Studios)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Smartly Dressed Games)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
Verdun (HKLM-x32\...\Steam App 242860) (Version:  - M2H)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-3) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Wargame: European Escalation (HKLM-x32\...\Steam App 58610) (Version:  - Eugen Systems)
Wargame: Red Dragon (HKLM-x32\...\Steam App 251060) (Version:  - Eugen Systems)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
World in Conflict: Soviet Assault (HKLM-x32\...\{F11ADC64-C89E-47F4-A0B3-3665FF859397}) (Version: 1.0.1.1 - Ubisoft Entertainment)
World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version:  - Noble Empire Corp.)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813NA}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version:  - Wargaming.net)
WorldPainter 1.8.5 (HKLM\...\4144-4862-0472-7103) (Version: 1.8.5 - pepsoft.org)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
Yet Another Zombie Defense (HKLM-x32\...\Steam App 270550) (Version:  - Awesome Games Studio)
Zombie Army Trilogy (HKLM-x32\...\Steam App 301640) (Version:  - Rebellion)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{d1e23a8f-f9da-4aa0-a1f7-938583642eba}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{d1e23a8f-f9da-4aa0-a1f7-938583642eba}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0BCA91F9-7404-4CD8-9D45-09B83C18AFAE} - System32\Tasks\{7B2F3765-704E-4AA2-9E66-50D2C8644E4E} => pcalua.exe -a "C:\Users\Luiz Marsi\Desktop\Test Server\Codecs\DirectShow FilterPack\DSFM-0.5.0.260.exe" -d "C:\Users\Luiz Marsi\Desktop\Test Server\Codecs\DirectShow FilterPack"
Task: {12C5D1D5-C38D-4054-BA39-6A14CB3A11C7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-09] (Microsoft Corporation)
Task: {153DC932-FBE7-4486-8275-A88B70A78045} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {15B66E69-5795-4227-9F60-23BCE9C5FC5F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {1CC402F1-3EF5-4C8F-9F68-AB6B772BBEF4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {1CE8AE4B-138D-43D8-9E3C-18B561F3026C} - \CCleanerSkipUAC -> Nenhum Arquivo <==== ATENÇÃO
Task: {251DA775-B3CE-433C-8BB6-1F8EDCC8E117} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {2E92CDA2-349F-490E-BE94-A8D267EB38BB} - System32\Tasks\RTSS => C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe [2012-10-30] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {5F2F495E-9094-47C1-B1A6-5F5FC2A8D888} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe
Task: {6515A54B-85C0-4DFB-A039-8F36B098C197} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {6B5352E4-C958-4EF6-92BB-456434F3BE59} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {77C2FF29-0285-4348-BF14-86ADF20FC5A5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4004184569-2282581070-1150986999-1001Core1d23fd8313c9425 => C:\Users\Luiz Marsi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-01-17] (Dropbox, Inc.)
Task: {7A047D98-5944-4637-AD23-BD07B4D59363} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {7AFE8056-0295-43EE-984E-A6A49658A02A} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2015-09-21] ()
Task: {7E8DFF69-1436-49C5-BF4B-6862F09AAF32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {866514F5-C7C9-41C6-A75B-EEF0C003907B} - \WPD\SqmUpload_S-1-5-21-4004184569-2282581070-1150986999-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {9C9C4341-DD52-4B72-9331-90FE5FE3B551} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {AD0658CC-AF43-435D-A619-83897A1C548A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-11-07] (Overwolf LTD)
Task: {B79019E5-02C5-4949-A94B-484765F89FA8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C125621C-306C-4DBF-9E72-6F2283CF33C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C33C3882-B7E7-401D-8580-4CCC926EFEDF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C79A1B5C-D4A9-4ACB-9CE2-ECA0EAA7D5DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C7F96960-BDF2-4CD1-A855-59BF5E3542C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {C937AE9A-3894-4CC5-B10A-4C345AC154E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D6B38E7D-A418-4A84-95C3-3F1A92FFA0CE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {EDE28ADF-70DF-4414-8327-B7E74D1C7D06} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-11-03] (Advanced Micro Devices, Inc.)
Task: {F4FA687C-7C0E-4B16-928D-69B02E2FC88A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4004184569-2282581070-1150986999-1001UA1d23fd8315e718b => C:\Users\Luiz Marsi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-01-17] (Dropbox, Inc.)
Task: {F5B5B2B9-5147-456E-8511-8A84C346E8CA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4004184569-2282581070-1150986999-1001Core1d23fd8313c9425.job => C:\Users\Luiz Marsi\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4004184569-2282581070-1150986999-1001UA1d23fd8315e718b.job => C:\Users\Luiz Marsi\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\Luiz Marsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NHCmod v2.700b\NHCmod v2.700b.lnk -> C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes Relaunch\NHCToV.BAT ()

ShortcutWithArgument: C:\Users\Luiz Marsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

==================== Módulos Carregados (Whitelisted) ==============

2016-07-16 09:42 - 2016-07-16 09:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 18:53 - 2016-09-15 15:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-06-25 23:36 - 2012-06-01 07:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-01-26 16:39 - 2015-03-28 12:31 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2014-07-15 00:34 - 2015-09-21 16:13 - 03160384 _____ () C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe
2016-09-29 18:53 - 2016-09-15 15:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-16 19:00 - 2016-08-16 19:00 - 01864384 _____ () C:\Users\Luiz Marsi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-06-27 13:22 - 2016-06-27 13:22 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-04-15 18:13 - 2015-04-15 18:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-26 15:38 - 2016-09-26 15:38 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 20:36 - 2016-11-02 08:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 20:36 - 2016-11-02 08:30 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-11-09 20:36 - 2016-11-02 08:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 20:36 - 2016-11-02 08:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 20:36 - 2016-11-02 08:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 20:36 - 2016-11-02 08:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 20:36 - 2016-11-02 08:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 20:36 - 2016-11-02 08:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-06 22:07 - 2015-03-06 22:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-08-29 22:17 - 2016-08-29 22:17 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 22:07 - 2015-03-06 22:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-08-29 22:17 - 2016-08-29 22:17 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-09-14 02:23 - 2016-09-14 02:23 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 02:23 - 2016-09-14 02:23 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 02:23 - 2016-09-14 02:23 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 02:23 - 2016-09-14 02:23 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:23 - 2016-09-14 02:23 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:23 - 2016-09-14 02:23 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-11-17 13:40 - 2016-11-17 13:40 - 03766272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x64__8wekyb3d8bbwe\Calculator.exe
2014-11-08 21:36 - 2014-09-04 01:41 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-11-08 21:36 - 2014-09-04 01:41 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-09-24 19:43 - 2016-11-24 12:13 - 00035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-06-25 23:36 - 2010-06-29 00:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-11-24 18:48 - 2015-11-24 18:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 18:46 - 2015-11-24 18:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 18:48 - 2015-11-24 18:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 18:48 - 2015-11-24 18:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 18:43 - 2015-11-24 18:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 18:48 - 2015-11-24 18:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 18:48 - 2015-11-24 18:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 18:48 - 2015-11-24 18:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 18:43 - 2015-11-24 18:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 18:43 - 2015-11-24 18:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 18:43 - 2015-11-24 18:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 18:46 - 2015-11-24 18:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 18:48 - 2015-11-24 18:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 18:47 - 2015-11-24 18:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 18:57 - 2015-12-07 18:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 18:47 - 2015-11-24 18:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 18:47 - 2015-11-24 18:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 18:47 - 2015-11-24 18:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 18:43 - 2015-11-24 18:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2016-11-22 20:58 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-11-22 20:58 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-11-22 20:58 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-11-22 20:58 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-11-22 20:58 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-15 00:34 - 2015-09-21 16:03 - 00147968 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbRobbins.dll
2014-07-15 00:34 - 2015-09-21 16:03 - 00081920 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll
2013-04-23 19:30 - 2016-09-08 01:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-03 12:09 - 2016-08-31 23:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-04-30 20:42 - 2016-10-12 23:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-03 12:09 - 2016-08-31 23:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-03 12:09 - 2016-08-31 23:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-21 23:06 - 2016-01-27 05:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-21 23:06 - 2016-01-27 05:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-21 23:06 - 2016-01-27 05:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-21 23:06 - 2016-01-27 05:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-21 23:06 - 2016-01-27 05:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-05-03 16:35 - 2016-10-12 23:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 17:05 - 2016-07-04 20:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-14 17:13 - 2016-08-04 18:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2014-12-16 11:53 - 2015-09-24 21:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2015-06-08 17:06 - 2015-06-08 17:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2016-11-14 22:31 - 2016-11-08 18:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-14 22:31 - 2016-11-08 18:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Existem ainda 7916 sites a mais.

IE trusted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\123simsen.com -> www.123simsen.com

Existem ainda 7917 sites a mais.

IE trusted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

Existem ainda 7917 sites a mais.


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 11:25 - 2016-11-23 16:42 - 00453364 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123haustiereundmehr.com
127.0.0.1    123moviedownload.com
127.0.0.1    www.123moviedownload.com

Existem ainda 15558 mais linhas.


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luiz Marsi\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Luiz Marsi\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

HKLM\...\StartupApproved\Run: => "Speedify"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "IntelConnectCenter"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "CorelDRAW Graphics Suite 11b"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "AvgUi"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\StartupFolder: => "Cloud Panel.lnk"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "Xvid"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "MotoCast"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "PCLink"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Cloud Panel.lnk"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Xvid"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MotoCast"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "PCLink"
HKU\S-1-5-21-4004184569-2282581070-1150986999-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dropbox Update"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{A4680D2A-18C9-44FE-92E7-BAA13A81EB3B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{9191A51F-613E-4BD3-A6AE-8A064EFE43E9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{03C4CD2E-F0C4-41DF-AFED-0764F5DDFB84}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{D10A98FC-3D4B-4438-8E64-63C991DB3E23}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{ABADDAEB-D4A9-4095-9D09-1A387928E1E8}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8C37C4DF-069C-47AA-ADEB-597FD9C1B188}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{985480C9-2A23-4081-AAAD-A6A48589DEE5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{9CA0023F-65AD-4326-A205-8D1802D62691}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{2FA9CF34-1F6F-44AD-BE14-C6F0E36720EB}] => (Allow) E:\SteamLibrary\SteamApps\common\The Decimation of Olarath\spacedoom.exe
FirewallRules: [{85EC0AAA-C014-410A-A1F1-504BA621861B}] => (Allow) E:\SteamLibrary\SteamApps\common\The Decimation of Olarath\spacedoom.exe
FirewallRules: [UDP Query User{4246EF0C-19EA-46ED-9B51-6B95BB6E2DC2}E:\origin\star wars battlefront\starwarsbattlefront.exe] => (Allow) E:\origin\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{A9395EF8-6857-4D66-B545-D9E03F4596A4}E:\origin\star wars battlefront\starwarsbattlefront.exe] => (Allow) E:\origin\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [{F2AE68F6-8E89-4F46-8767-C49610A5B5DA}] => (Allow) C:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{BB5135EF-D0F2-406B-BC34-8C77DE8F17F2}] => (Allow) C:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{3691E45B-6E7C-4B76-89EB-10D7488B5B92}] => (Allow) E:\SteamLibrary\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{E7CDA5CC-1406-4EDB-88DB-00120E9C94A7}] => (Allow) E:\SteamLibrary\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{BFE9EFAE-81EE-4F08-858B-DB6E3658CDCA}] => (Allow) E:\SteamLibrary\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{4C3CFB8E-F490-4204-8163-9368C2108427}] => (Allow) E:\SteamLibrary\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [UDP Query User{226DDB54-9C71-42CF-9DCF-9139EB92DB83}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{9C4605CC-D267-4030-9386-A4B1B9F7D359}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{886A479C-01F4-4D5F-AB4A-135B218378B1}] => (Allow) E:\SteamLibrary\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{396ED13D-A945-422C-BE31-91D04E937A47}] => (Allow) E:\SteamLibrary\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [UDP Query User{1B80932E-70F5-447C-84E1-0F91960A3589}C:\gog games\terraria\terrariaserver.exe] => (Allow) C:\gog games\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{00949E7E-06F7-4A73-8CD3-EBB5D95264F5}C:\gog games\terraria\terrariaserver.exe] => (Allow) C:\gog games\terraria\terrariaserver.exe
FirewallRules: [{A6A38AAF-5E66-4C47-BCFB-5C541922BAED}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{823FCB5E-9421-4CC6-ADCA-E66EA5B5403F}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{057B60D8-BCD8-4C33-9196-C60DEEE1A972}] => (Allow) E:\SteamLibrary\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{C7F4A0F0-2DC1-4C34-9E76-3F873B3DFF1E}] => (Allow) E:\SteamLibrary\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{44D770FB-615E-40C3-AB7D-B418722E8325}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4D8C6C8F-EE24-4C90-A66F-2F379E12A096}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6AEC3D0A-B07C-4AC6-B55D-16BDE0659042}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7ADFCBD9-AC78-400E-B2F5-217422EF9B19}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{6B3CE2D4-47EE-460E-92E2-89B0EEABA17A}C:\users\luiz marsi\desktop\files\terraria\terraria.v1.3.0.1\terraria.exe] => (Allow) C:\users\luiz marsi\desktop\files\terraria\terraria.v1.3.0.1\terraria.exe
FirewallRules: [TCP Query User{BDA1700C-AE97-49F3-9B6A-196DD774F76A}C:\users\luiz marsi\desktop\files\terraria\terraria.v1.3.0.1\terraria.exe] => (Allow) C:\users\luiz marsi\desktop\files\terraria\terraria.v1.3.0.1\terraria.exe
FirewallRules: [{A3C96550-ACD6-4EF7-B8C6-8C3FCD73E8C3}] => (Allow) E:\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{A605DFC7-1A86-4815-BC3F-3631A081537C}] => (Allow) E:\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{76A6D68D-3CAD-4B16-946B-03FEAD0F61C5}] => (Allow) E:\SteamLibrary\SteamApps\common\StarMade\starmade-launcher.exe
FirewallRules: [{03515867-DB30-4F52-84F5-6A0549DFDBDF}] => (Allow) E:\SteamLibrary\SteamApps\common\StarMade\starmade-launcher.exe
FirewallRules: [{CF07CDF8-4DDC-4543-8C3D-9E8D7D4F47C3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{DACA94D7-4A20-4B34-98B3-2A17F211257F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{D4AB5C53-E419-4EB2-93B4-25E1CF201C6E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{B2E4E464-31FB-4626-A892-C0568E963A9B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{A7D705A8-5FC6-4409-B470-6701409C4A24}] => (Allow) E:\SteamLibrary\SteamApps\common\Red Orchestra 2\Binaries\Win32\HotwLauncher.exe
FirewallRules: [{F901D273-85B9-4980-A92E-07EFC18B2332}] => (Allow) E:\SteamLibrary\SteamApps\common\Red Orchestra 2\Binaries\Win32\HotwLauncher.exe
FirewallRules: [{15F2D1DC-0A3B-4E61-BBBD-0E8D61A0F382}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty 2\CoD2MP_s.exe
FirewallRules: [{BB9EC844-B8C1-4987-B569-8D23151E2420}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty 2\CoD2MP_s.exe
FirewallRules: [{4516B532-D30F-4B21-9D3D-17366C379138}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty 2\CoD2SP_s.exe
FirewallRules: [{086C07BE-2D37-47A0-8B02-5A4B1C0A3F2D}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty 2\CoD2SP_s.exe
FirewallRules: [{5AD1D56A-0219-4FC1-920C-123562E6E7DE}] => (Allow) E:\SteamLibrary\SteamApps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{CC973403-34CA-4E3A-949F-83F9DA31E9F9}] => (Allow) E:\SteamLibrary\SteamApps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{E435B8B4-F46C-4102-827D-C670ADD11C53}] => (Allow) E:\SteamLibrary\SteamApps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{C6F3190A-F25C-4015-ACA1-CE64B0FE2763}] => (Allow) E:\SteamLibrary\SteamApps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{5DF44EAA-0ACF-4EC9-BA4B-18502D62F54F}] => (Allow) E:\SteamLibrary\SteamApps\common\Call to Arms\call_to_arms_ed.exe
FirewallRules: [{C01463C6-042F-44FA-B914-F784992119F1}] => (Allow) E:\SteamLibrary\SteamApps\common\Call to Arms\call_to_arms_ed.exe
FirewallRules: [{563B8A87-B824-44BB-A919-337D9FD0AD43}] => (Allow) E:\SteamLibrary\SteamApps\common\Call to Arms\call_to_arms.exe
FirewallRules: [{EF1F8DD9-3197-4DAE-B3EA-287D3482EF1B}] => (Allow) E:\SteamLibrary\SteamApps\common\Call to Arms\call_to_arms.exe
FirewallRules: [{A943C56A-7B3F-48E2-B85D-1A9A46611F4A}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty\CoDUOMP.exe
FirewallRules: [{A3A178D9-B9E8-403D-A307-7FFFC8E54ACD}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty\CoDUOMP.exe
FirewallRules: [{3803FA80-D11E-40B2-8E57-B642AB738752}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty\CoDUOSP.exe
FirewallRules: [{A8B631C3-B3C3-4315-827D-83348EA2E808}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty\CoDUOSP.exe
FirewallRules: [{BB064C84-5457-4009-9B15-996B811D0231}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty\CoDMP.exe
FirewallRules: [{29B8A417-4BFA-4C1F-B677-B0824B5C3412}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty\CoDMP.exe
FirewallRules: [{B4B7992D-CA1C-45CC-A22C-668D69AC139C}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty\CoDSP.exe
FirewallRules: [{15176D97-6D9B-4182-8D5E-72A2EF325823}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty\CoDSP.exe
FirewallRules: [{6D38B3C5-2489-4ADA-A5D6-67E0AA2684B8}] => (Allow) E:\SteamLibrary\SteamApps\common\Act of Aggression\ActOfAggressionRE.exe
FirewallRules: [{A9849055-38A8-4000-8E21-2C3E4073E9D1}] => (Allow) E:\SteamLibrary\SteamApps\common\Act of Aggression\ActOfAggressionRE.exe
FirewallRules: [{1B25DCF4-A64A-4B1B-B458-07B7C74E5FD1}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x64\server.exe
FirewallRules: [{EE2DA2F3-56DE-4C5F-876A-32CC4A698EB8}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x64\server.exe
FirewallRules: [{EC6D124E-A0A0-4832-9B29-79F93350F48E}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe
FirewallRules: [{D90B08AF-9616-40C6-A9CE-AD1E8C04FDCE}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe
FirewallRules: [{32B488AF-4FC5-44CE-B1CE-756B2F133CC3}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x64\crashupload.exe
FirewallRules: [{0D443672-9225-47DD-ACD3-037739D32E6F}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x64\crashupload.exe
FirewallRules: [{6D82E75F-5172-423C-B9F8-632F0425EDEF}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe
FirewallRules: [{2754D37E-3EB9-411D-92B5-ED88616F3255}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe
FirewallRules: [{58840F4D-5E4A-4365-9380-22B43AF4BC7A}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x86\crashupload.exe
FirewallRules: [{4B9CB76E-B70C-421B-BD27-8413EA261F7D}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x86\crashupload.exe
FirewallRules: [{DA6F6E46-1243-4E4B-84F8-C7CB8F473484}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x86\PA.exe
FirewallRules: [{519920C2-286A-4F4E-8028-D0C304C98292}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x86\PA.exe
FirewallRules: [{823D2788-9C88-4721-9374-E8CD6E3DDC45}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{CC04CC1C-F369-4EA7-A975-39E52AB3F066}] => (Allow) E:\SteamLibrary\SteamApps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{A487D64B-638E-4F1D-89A4-E4F8443D0C50}] => (Allow) E:\SteamLibrary\SteamApps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{B13A97C4-0AD6-4131-B95C-9114488999CB}] => (Allow) E:\SteamLibrary\SteamApps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{15A56192-4DCB-4919-B1A2-2A3D2418E538}] => (Allow) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
FirewallRules: [{DDC83B0D-B1D3-4B2D-B151-6D015A215B5C}] => (Allow) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
FirewallRules: [{D5AEF446-5E43-4394-AE46-1AEB9F8C2334}] => (Allow) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
FirewallRules: [{9B8FADD4-2D4E-40ED-8648-E16F79ADBE88}] => (Allow) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
FirewallRules: [UDP Query User{CFE607FA-34E3-4345-B680-585CB130C151}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\java.exe
FirewallRules: [TCP Query User{25A45CB7-C069-468C-A981-10047550C443}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\java.exe
FirewallRules: [{F91B72D9-2BB5-497E-8C61-4400C467B3C9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{393F387C-2DBD-475A-9A67-9BB7E81BDA28}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{F875BA3D-4EF4-4BD4-840D-FAEEF001A6C7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{C7D23009-D86C-4BA6-9604-6783136E4521}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [UDP Query User{389FF828-165F-43B6-B22B-0A6C834FFCCE}E:\steam\war thunder\win64\aces.exe] => (Allow) E:\steam\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{34F50869-D7B1-4898-922D-E46DAA5088E2}E:\steam\war thunder\win64\aces.exe] => (Allow) E:\steam\war thunder\win64\aces.exe
FirewallRules: [{B79D14DE-3277-42FE-AD54-6FC0E3F44F92}] => (Allow) E:\SteamLibrary\SteamApps\common\Steel Ocean\Binaries\win32\SeaGame.exe
FirewallRules: [{60891985-9213-46ED-AB7E-F81E48796A96}] => (Allow) E:\SteamLibrary\SteamApps\common\Steel Ocean\Binaries\win32\SeaGame.exe
FirewallRules: [UDP Query User{5C2DAD67-BF0F-4AB7-9540-442BCFC9784C}C:\users\luiz marsi\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\luiz marsi\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{9B695AB7-FAFF-4391-9B97-D96B654BAD6D}C:\users\luiz marsi\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\luiz marsi\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0E35C64E-2768-4BEC-8941-0040161A87C9}] => (Allow) E:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DFE473BD-1E41-45DB-A6DD-81289AB93FDD}] => (Allow) E:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{0E664067-8D52-4B3C-BFBB-359E89C536A3}C:\users\luiz marsi\desktop\dmpserver\dmpserver\dmpserver.exe] => (Allow) C:\users\luiz marsi\desktop\dmpserver\dmpserver\dmpserver.exe
FirewallRules: [TCP Query User{C829C531-26CC-4B71-A523-89701DA40370}C:\users\luiz marsi\desktop\dmpserver\dmpserver\dmpserver.exe] => (Allow) C:\users\luiz marsi\desktop\dmpserver\dmpserver\dmpserver.exe
FirewallRules: [{98ED2A80-4FDA-4643-B076-21F03725CF7F}] => (Allow) E:\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{0D00B108-6353-4FDC-852A-90D2B49630D9}] => (Allow) E:\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{6B07003D-F816-4D9E-8448-733298A8F854}] => (Allow) E:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{54174D8E-1041-48B8-85B0-2A704D5FB3B9}] => (Allow) E:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [UDP Query User{E15C6CA6-F886-4B19-9025-3F50EA155B74}E:\steamlibrary\steamapps\common\cry of fear\cof.exe] => (Allow) E:\steamlibrary\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{02E82DA1-103D-49B4-AEFD-0E01E72C0A18}E:\steamlibrary\steamapps\common\cry of fear\cof.exe] => (Allow) E:\steamlibrary\steamapps\common\cry of fear\cof.exe
FirewallRules: [{8AC9E08C-4F90-4381-8F34-4C2BFD47B6B3}] => (Allow) E:\SteamLibrary\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{8A33BDD4-C9F5-4CD3-9AB6-446C10DA807A}] => (Allow) E:\SteamLibrary\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [UDP Query User{EE404781-14A5-4A99-B51C-DCB3AAFCD875}E:\steamlibrary\steamapps\common\age of empires 3\bin\age3n.exe] => (Allow) E:\steamlibrary\steamapps\common\age of empires 3\bin\age3n.exe
FirewallRules: [TCP Query User{E276EDCC-3038-41D0-B404-D0F5180E8722}E:\steamlibrary\steamapps\common\age of empires 3\bin\age3n.exe] => (Allow) E:\steamlibrary\steamapps\common\age of empires 3\bin\age3n.exe
FirewallRules: [{415A3865-8E43-4361-98A8-76EB8B23215D}] => (Allow) E:\SteamLibrary\SteamApps\common\Rust\Rust.exe
FirewallRules: [{6D365E52-50CE-44CB-884C-905AA64DF514}] => (Allow) E:\SteamLibrary\SteamApps\common\Rust\Rust.exe
FirewallRules: [{D07F91B1-0743-4278-B067-72CB5ADD31F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{CA8C02C7-310E-46EE-9913-61CF47ADE1AB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7921040B-D4A7-458F-B3E9-0167F893FF92}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{5D69F6E2-0EEC-4A98-8CA3-2A95A63DE3BA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{74ED4814-AB77-483B-8053-0BB0AA1C5DAD}] => (Allow) E:\SteamLibrary\SteamApps\common\Act of Aggression\ActOfAggression.exe
FirewallRules: [{9F9E1B2E-8C24-45C8-A869-6CCFE239E68A}] => (Allow) E:\SteamLibrary\SteamApps\common\Act of Aggression\ActOfAggression.exe
FirewallRules: [{60513C77-7E75-443C-9F4E-8C8E29D1A17A}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{DA7CCD82-00B7-4671-9DAC-ED38170D9F30}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{52E8CC2C-DD32-4072-9EF3-AF2FE454F3AE}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{CC4DE2D3-79A5-4ADD-BFDE-9F433CFD482A}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{81D6990A-5BD5-45DE-AE1D-8A8D15E138C2}] => (Allow) C:\Program Files (x86)\Xfire2\Xfire.exe
FirewallRules: [{A73EBAC7-2740-40D9-B8ED-13D5C5612BF0}] => (Allow) C:\Program Files (x86)\Xfire2\Xfire.exe
FirewallRules: [{38EED74F-E72F-4536-9A3A-45DC13F65000}] => (Allow) C:\Program Files (x86)\Xfire2\Xfire.exe
FirewallRules: [{41BD3084-FDE9-46AA-BA9C-BF46B6C30EE5}] => (Allow) C:\Program Files (x86)\Xfire2\Xfire.exe
FirewallRules: [{2CA0359C-0E5C-4CD1-8DE1-14BAC3295055}] => (Block) C:\users\luiz marsi\desktop\multimc\terraria\terraria.v1.3.0.1\terraria.exe
FirewallRules: [{44D6F45B-0D00-4814-93CE-3A27DF6AFBE6}] => (Block) C:\users\luiz marsi\desktop\multimc\terraria\terraria.v1.3.0.1\terraria.exe
FirewallRules: [UDP Query User{6973258C-99FD-4408-873D-F43DAB4DD5F2}C:\users\luiz marsi\desktop\multimc\terraria\terraria.v1.3.0.1\terraria.exe] => (Allow) C:\users\luiz marsi\desktop\multimc\terraria\terraria.v1.3.0.1\terraria.exe
FirewallRules: [TCP Query User{5503FA7C-576B-4F31-8D25-3394FB5F3719}C:\users\luiz marsi\desktop\multimc\terraria\terraria.v1.3.0.1\terraria.exe] => (Allow) C:\users\luiz marsi\desktop\multimc\terraria\terraria.v1.3.0.1\terraria.exe
FirewallRules: [{439F0D13-AE51-4B51-A008-C1FBFA063293}] => (Allow) E:\steam\call of duty world at war\codwawmp.exe
FirewallRules: [{F8D3DD6B-313C-481B-BE5E-7D7DC2D7DFD1}] => (Allow) E:\steam\call of duty world at war\codwawmp.exe
FirewallRules: [UDP Query User{D80DAC7C-BE73-43D2-B055-DFC64E8E49E0}E:\steam\call of duty world at war\codwawmp.exe] => (Allow) E:\steam\call of duty world at war\codwawmp.exe
FirewallRules: [TCP Query User{654C81B2-5813-4609-9EA2-D24C74871A12}E:\steam\call of duty world at war\codwawmp.exe] => (Allow) E:\steam\call of duty world at war\codwawmp.exe
FirewallRules: [{20CAC9D7-25BF-4DD7-B360-64C114353064}] => (Allow) E:\SteamLibrary\SteamApps\common\MurderMiners\Murder Miners.exe
FirewallRules: [{89504277-0EBB-47C1-A71E-BF9DA5D5701B}] => (Allow) E:\SteamLibrary\SteamApps\common\MurderMiners\Murder Miners.exe
FirewallRules: [{B591A637-CD1A-43DD-8B5D-D069476EED5B}] => (Block) E:\steam\arma 2\arma2.exe
FirewallRules: [{8ADE89DA-500F-44AC-9C65-B17C324B3834}] => (Block) E:\steam\arma 2\arma2.exe
FirewallRules: [UDP Query User{ACFF3009-3444-4E39-95A6-E1A97275DE14}E:\steam\arma 2\arma2.exe] => (Allow) E:\steam\arma 2\arma2.exe
FirewallRules: [TCP Query User{125F16DA-45A5-408F-B7DE-0E235AE5F6CF}E:\steam\arma 2\arma2.exe] => (Allow) E:\steam\arma 2\arma2.exe
FirewallRules: [{A8F19D49-6760-4A32-BB0E-B4C135021D57}] => (Block) E:\steam\world_of_tanks\worldoftanks.exe
FirewallRules: [{A453E901-1F67-46C9-9F8B-046EC7169A67}] => (Block) E:\steam\world_of_tanks\worldoftanks.exe
FirewallRules: [{0DD665E9-4AAA-4F5D-B831-605F42C3ACB1}] => (Block) E:\steam\world_of_tanks\wotlauncher.exe
FirewallRules: [{B0003611-3CE6-4DEA-8D32-080E9DFE91C7}] => (Block) E:\steam\world_of_tanks\wotlauncher.exe
FirewallRules: [{F6AC4F14-D37D-4699-86D1-6A83EE593032}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{AF837538-42EF-40B7-A198-6F9EB76080C4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{E92E752A-DD2C-4151-BDD6-5E44961DFFEB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B2E10413-588A-416C-9CD9-D5130038F94C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{57141281-E5AF-45EE-89C5-BF2839AF611F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{A2AC41C3-E907-4B40-BC99-ACD81A66527B}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{0E1E9214-B18F-41FB-926E-A5156BBB7C48}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{A1C5C3F3-2422-43DF-97E2-05A7EEA98BC9}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{57C54821-E11E-496B-B913-61852CEF4100}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{7F20FDAD-1CDE-426A-A431-8710EFD0B057}] => (Block) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{D5369EDA-AD56-4419-9F3C-B48617E28A31}] => (Block) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{A7867E3C-638F-4B2A-9B6D-F9D3D8ECBD80}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{3E77E730-F3EE-4CF3-9AA0-74949C57021F}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{D316BBE5-7A33-4C58-9F07-7BB007CB648D}] => (Allow) E:\SteamLibrary\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A6AAE482-692F-4728-8FC1-2792CFE9CEC5}] => (Allow) E:\SteamLibrary\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{7EEC27AB-1EFB-4521-A310-179730EAE47D}] => (Allow) E:\steam\call of duty world at war\codwaw.exe
FirewallRules: [{E2A3F16D-F241-416E-944F-A34EBC13A45C}] => (Allow) E:\steam\call of duty world at war\codwaw.exe
FirewallRules: [UDP Query User{D877D62E-CE3B-4E9F-9213-57FA008A4BD6}E:\steam\call of duty world at war\codwaw.exe] => (Allow) E:\steam\call of duty world at war\codwaw.exe
FirewallRules: [TCP Query User{BAC7D1AC-86A6-460A-B6A3-8F08F68C90C2}E:\steam\call of duty world at war\codwaw.exe] => (Allow) E:\steam\call of duty world at war\codwaw.exe
FirewallRules: [{78048E6D-02DD-43BD-8DD9-436A2105F10A}] => (Allow) C:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{C6FC0E6C-FAC6-4C76-B7BF-59B942537542}] => (Allow) C:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{91C2E62D-0F25-4DA8-8717-58590A3984DB}] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{6FC2AE21-0E47-4920-ADA7-D1F1020B4E8C}] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{DA239B62-6F74-45B8-897D-42E44614C53D}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{4A5F8E39-12A8-40E4-93A6-6A4319D4FE24}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{45CC212A-8F98-4116-919A-BB1D9DCDDCA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battle of Empires  1914-1918\BoE-1914_editor.exe
FirewallRules: [{661FA7FB-6642-40C2-861A-FFD7E694E80F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battle of Empires  1914-1918\BoE-1914_editor.exe
FirewallRules: [{9FCE3FE3-D8FF-4217-A7BE-F459E5AE1C50}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battle of Empires  1914-1918\BoE-1914.exe
FirewallRules: [{9A65BCDB-6DE8-443D-B5DE-2A9A753A1FA4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battle of Empires  1914-1918\BoE-1914.exe
FirewallRules: [{36A06620-D215-47A1-8DE2-E07FEAC9B794}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{0A07D145-343E-48C0-BD55-E50733C7BBDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{4CE7AAA4-366F-46FE-90C0-A8BDDE02F6AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{29B2AA2C-A46A-4008-902C-A42A41D133E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{AE4E813C-E804-412A-B0D8-B40985ACE691}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C6E49CA3-9102-403A-804D-78D03E60649B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{72310ECA-27B1-4C8E-B51C-D0B1E8637CC7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9A7E3478-9153-4473-B6E9-48FE0402BD0F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{51D4FA48-9255-4413-B6B3-13826284C94E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9C38B6A6-2A0F-4684-A380-8614335B0C8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C299C893-E6DA-4B77-B871-F41C57CCC450}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FDEC32BA-F1F3-409C-A8AC-6E6FFA135852}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5CF1DF82-E8DB-4A3A-B3ED-CFF2FD6A8697}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{A3D430AD-9CC8-4FA9-B696-ACE73C5E8164}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{50711270-E751-4B3B-904F-6B84FAB4207F}] => (Allow) E:\Steam\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{93098F97-1E8E-4466-B420-14AD9A0DF63A}] => (Allow) E:\Steam\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{B720A798-46B5-43F6-8491-ECDAAF56BA78}] => (Allow) E:\SteamLibrary\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{DC1D02CB-A65C-482B-9A8C-8529A6866F77}] => (Allow) E:\SteamLibrary\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{B0887D88-37E1-4453-B41E-C1F267C7B691}] => (Allow) LPort=3659
FirewallRules: [{6C3DE915-5423-4A6A-970D-DBEEDF9F865F}] => (Allow) LPort=42127
FirewallRules: [{4F3DDD37-C8E7-4923-A271-E50CE125C65D}] => (Allow) E:\SteamLibrary\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{B0288615-E805-4558-87E1-26F19B9815A2}] => (Allow) E:\SteamLibrary\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{88A35B2B-7BA8-48FD-A70C-7E1412F0B066}] => (Allow) E:\SteamLibrary\SteamApps\common\StarMade\StarMade-starter.exe
FirewallRules: [{D948CD0C-0353-44DD-A20A-1567754DE6DA}] => (Allow) E:\SteamLibrary\SteamApps\common\StarMade\StarMade-starter.exe
FirewallRules: [{DEBD8457-6066-43FC-BFDD-B4743D771C90}] => (Allow) E:\SteamLibrary\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{5AD0014D-6ABA-4B3B-94E3-DA6F96D8DF5F}] => (Allow) E:\SteamLibrary\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{4C1AC1F7-71D0-429A-8494-43A63BCCB949}] => (Allow) C:\Program Files (x86)\Motorola Media Link\Lite\mml.exe
FirewallRules: [{B6F033B9-4547-4505-92F6-529C3BA0EB53}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{8B84A96E-6FBB-47DE-932F-DD257A216366}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{FAF0033B-5B32-4CF7-B570-7AC23CF8D6E4}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{E5BC47BC-F9EF-4231-81A2-FD59485CAAFD}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [UDP Query User{B43A592D-6D0F-4D01-AF76-4DBDCD861039}C:\users\luiz marsi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\luiz marsi\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{ED6CC7EB-A3D2-4478-A76D-C3ED16157084}C:\users\luiz marsi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\luiz marsi\appdata\local\akamai\netsession_win.exe
FirewallRules: [{60599C8E-D177-4F8E-B78E-50CF262250EC}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{481291A1-9E26-4DC8-B28C-E76048BF5D53}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{9888A22C-9006-4A1A-B2CB-FC9A9EBF5840}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{056B91D1-9958-4E9E-9964-44CA6BB3BE91}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{EDC739A3-D60E-44A4-B7F9-35A6A37A77CF}] => (Allow) E:\SteamLibrary\SteamApps\common\Company of Heroes 2 Tools\ModBuilder.exe
FirewallRules: [{E83E08A5-DE9B-470C-B7D1-645696FD33C6}] => (Allow) E:\SteamLibrary\SteamApps\common\Company of Heroes 2 Tools\ModBuilder.exe
FirewallRules: [{77970FBF-519D-45B6-A1A3-6613F4F9DBB5}] => (Allow) E:\SteamLibrary\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{1327E788-DABC-4DF5-8D02-7C736078B829}] => (Allow) E:\SteamLibrary\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{9A32B881-3C71-4DF8-ADD4-CB045B6C9BF2}] => (Allow) E:\SteamLibrary\SteamApps\common\Yet Another Zombie Defense\YetAnotherZombieDefense.exe
FirewallRules: [{9BDCC859-71DA-4373-98BC-724BF618D838}] => (Allow) E:\SteamLibrary\SteamApps\common\Yet Another Zombie Defense\YetAnotherZombieDefense.exe
FirewallRules: [{9C4E0E58-DB04-4490-93AF-6FA2890DD6CA}] => (Allow) E:\SteamLibrary\SteamApps\common\Masters of the World\_start.exe
FirewallRules: [{A229627E-D84F-4C82-B775-74D77D4E8F57}] => (Allow) E:\SteamLibrary\SteamApps\common\Masters of the World\_start.exe
FirewallRules: [{7D2A2074-7464-4C19-8E03-03D8A19F3097}] => (Allow) E:\SteamLibrary\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{39FE7117-970A-4BCB-B3C5-85F8FB1F714B}] => (Allow) E:\SteamLibrary\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{DF60FB80-B19B-48EF-B573-27C1754BA6E2}] => (Allow) E:\SteamLibrary\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{B5CEA281-723C-4735-A0A4-38E1EE3BD6F3}] => (Allow) E:\SteamLibrary\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{975F7A5A-84BF-426F-8878-35096162C14E}] => (Allow) E:\SteamLibrary\SteamApps\common\WOG\disasm.exe
FirewallRules: [{E2A6D279-4400-4AE4-9F94-6EEE751319EE}] => (Allow) E:\SteamLibrary\SteamApps\common\WOG\disasm.exe
FirewallRules: [{CCB2CA61-B5BB-48D6-A463-4178D5C3DC94}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{A17E9BF3-E72B-40F0-8BAC-056D1C677AD1}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{972E6D0E-54E6-48D6-938F-A40DFFD50529}] => (Allow) E:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{D501C226-42A9-4F02-B48C-BD2CAEF6ED35}] => (Allow) E:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{5E823FD9-BB2E-4486-ABE2-72CE595A19D5}] => (Allow) E:\SteamLibrary\SteamApps\common\Verdun\Verdun.exe
FirewallRules: [{874C6FE1-1423-4C3D-A768-90C781C89FF6}] => (Allow) E:\SteamLibrary\SteamApps\common\Verdun\Verdun.exe
FirewallRules: [{0C8AC814-4129-45BA-8C51-7EFF1C3EFC19}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{579E0020-6A25-43EF-AAFA-492528A7460E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B82668CE-F813-4E3D-8619-226D0D7CEA14}] => (Allow) E:\SteamLibrary\SteamApps\common\Blockland\Blockland.exe
FirewallRules: [{192C88A3-76BD-4F33-93BA-B5A2B03AB199}] => (Allow) E:\SteamLibrary\SteamApps\common\Blockland\Blockland.exe
FirewallRules: [{C0946CDF-E571-4006-A2C2-E119D039B8F1}] => (Allow) E:\SteamLibrary\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{D4325C2A-31CE-4245-8650-390B7FCAB52E}] => (Allow) E:\SteamLibrary\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{9BFFF6E8-3600-4C29-BCB6-93D4B0A1723A}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{041FF319-5906-434E-89CC-6ECD2023F8E8}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{D285DF5B-D94E-4657-89E2-279B6809F70C}] => (Allow) E:\SteamLibrary\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{BA6C056A-E4B1-454C-9C8E-6C66E79C40E6}] => (Allow) E:\SteamLibrary\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{6E90566E-8AD6-4DEF-9F7A-7C83FE9033A0}] => (Allow) E:\Steam\Men of War Condemned Heroes\CondemnedHeroesEditor.exe
FirewallRules: [{212B1833-2CD9-4E26-89B1-E6F876D2AC02}] => (Allow) E:\Steam\Men of War Condemned Heroes\CondemnedHeroesEditor.exe
FirewallRules: [{05FCCAA6-5785-455E-9C3F-816878C9EC73}] => (Allow) E:\Steam\Men of War Condemned Heroes\CondemnedHeroes.exe
FirewallRules: [{DD2E1A7C-691B-4517-A6A7-9AC342EB6A2F}] => (Allow) E:\Steam\Men of War Condemned Heroes\CondemnedHeroes.exe
FirewallRules: [{E4020F75-ED94-452F-9529-EBBF070012BF}] => (Allow) E:\SteamLibrary\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{4B77BA89-3C1D-4518-85BF-E31F0D09EF1C}] => (Allow) E:\SteamLibrary\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{0DFE3CDB-B069-467F-9DFB-C7C1AA255194}] => (Allow) E:\SteamLibrary\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{40252AB1-37A4-47F0-8475-C2F88EA603F3}] => (Allow) E:\SteamLibrary\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{D6031CFD-C8A3-434C-96EB-1CD34EFB34CD}] => (Allow) E:\SteamLibrary\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{BD72D986-8155-4685-B8AF-6BFEE2234324}] => (Allow) E:\SteamLibrary\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{ED788598-684A-42D0-A972-349E7DB3E96C}] => (Allow) E:\SteamLibrary\SteamApps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe
FirewallRules: [{EC94C800-D539-46A6-BF06-1027DC4FD88F}] => (Allow) E:\SteamLibrary\SteamApps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe
FirewallRules: [{7BA1337C-DF89-4C99-B971-6C191FD1B15E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BEAAEF1A-8B88-4EE3-A220-4376BD5025D0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BCA97065-6581-451A-8DE9-0A05AC5582AE}] => (Allow) LPort=2869
FirewallRules: [{D199A1DD-1CAA-4BF3-AB38-E4587152AD23}] => (Allow) LPort=1900
FirewallRules: [{D3D5A923-AA39-4D66-AD91-E23D035D6786}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{76A5E3A2-53D8-46A0-9B09-F48C304B5EC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{CFF12D3D-7266-4F64-86A4-29478823CCD8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0635341B-2DFF-4C8E-935A-C152EDA0AA04}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{EA2A2A77-D2C2-4A6E-9EF3-0DFB3DF59129}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{B1EF40C4-CC12-4AB0-B592-5FA0B4AF8282}] => (Allow) LPort=2869
FirewallRules: [{814976FE-8C60-411A-B914-D942DC6F98DD}] => (Allow) LPort=1900
FirewallRules: [{38025099-FC85-4C47-83C4-1E17200522A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{CD90619F-78F1-4EEF-AADF-37C3574E617A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{55593D4C-F066-4127-A938-7C50DA598B70}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{DE54AE84-D788-4877-9794-F4D477DD22E3}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{88CE094F-20C0-4E3E-BF4A-2F4E36ABFC18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\NZA\bin\NZA.exe
FirewallRules: [{B61E9FF8-AC55-447C-BED8-EC46E79D120B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\NZA\bin\NZA.exe
FirewallRules: [{0E6ED974-3B2E-4AA4-B936-5D24511ABFE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AAEDA8E0-DA45-4800-97AE-A2F43F322CB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{27733368-2C9C-4E84-9E5A-33EDD746B787}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{B389BD47-FC66-4031-8BF8-189F3179387C}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{7F33D6EF-D3FA-4A6B-BD1B-7D04F0F759D8}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{37400E57-E96C-45F5-93BE-6952138BFFC8}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{040DCD5A-E3F0-4F0D-A890-F8F37ADD2532}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DCC76391-26F7-4FF1-9A76-1BF35810739D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{19BE0D89-217C-4DFD-8C19-7BA4C80CDBD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{D9D24F23-56B6-4B0A-B9DD-76FFF467AED3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{1065A611-C47B-4555-8735-D643C1F5FA48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{7ACE4B6A-113B-42E3-976E-4F6E88508EF2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{33B95C72-7810-4A28-AD52-94481DB16EBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\R.U.S.E\Ruse.exe
FirewallRules: [{9A5D9EC8-E5E8-4F5A-BF0A-663882A12595}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\R.U.S.E\Ruse.exe
FirewallRules: [{AC094FCE-DF73-4283-9041-8C9012595AF7}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{398A0E7A-1016-4CFE-B0BB-024E15AD82FC}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{8B07647B-3990-4B94-AFAC-12DEB968768A}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
FirewallRules: [{9A437562-F71E-43B9-9C12-2038B710043B}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
FirewallRules: [{7D2FF507-113A-4BE7-BBBE-B3FAAE7BAC68}] => (Allow) C:\Users\Luiz Marsi\AppData\Roaming\Tencent\Assault Fire\849BBFB7A4339C592952D35CDFB52B55\TenioDL\TenioDL.exe
FirewallRules: [{2B419D1F-4ABC-4763-81A9-8CA9FD35044E}] => (Allow) C:\Users\Luiz Marsi\AppData\Roaming\Tencent\Assault Fire\849BBFB7A4339C592952D35CDFB52B55\TenioDL\TenioDL.exe
FirewallRules: [{78B56B8A-8DC0-408C-BB86-0CDE3DB3351C}] => (Allow) E:\Steam\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{E364A19E-2107-43D6-8E6D-33BF3600B9FC}] => (Allow) E:\Steam\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{8B53E98E-CD76-42FD-A0A6-8725B07286A3}] => (Allow) E:\Steam\Wargame European Escalation\WarGame.exe
FirewallRules: [{39117092-3496-4687-AD9E-76418504D39F}] => (Allow) E:\Steam\Wargame European Escalation\WarGame.exe
FirewallRules: [{0025DC64-CD6D-4261-9382-A5F42FEB6376}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{2CAF7955-FFD2-4913-8888-1020446B728E}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{25C6229E-B822-41FE-93BF-7730A24682E6}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{C5585280-6962-4873-8601-2CD9D7F61EE0}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{88BEDB67-4DDB-4B16-AE1F-EDBF85C887DD}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\RpcAgentSrv.exe
FirewallRules: [{E66930EB-6F9D-4FC1-86E2-15166D1BF333}] => (Allow) E:\Steam\aceofspades\aos.exe
FirewallRules: [{319E0D9E-586F-41E1-8F02-CE61CBEED0B5}] => (Allow) E:\Steam\aceofspades\aos.exe
FirewallRules: [{977C9417-58D7-4ABC-A1D2-58ED03878442}] => (Allow) C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D43DF8EB-BEB0-42CE-A192-945732D70900}] => (Allow) C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{508C2CBD-21AE-408D-9E61-D7587C01B791}] => (Allow) C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C1C5A6C0-7580-4AD4-B579-4ED5CC3096EC}] => (Allow) C:\Users\Luiz Marsi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38E6EB76-97D8-4B8B-A847-790775BB05DF}] => (Allow) E:\SteamLibrary\SteamApps\common\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
FirewallRules: [{3642B716-9213-46CB-90FA-060E4C8BF499}] => (Allow) E:\SteamLibrary\SteamApps\common\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
FirewallRules: [{A567FB16-C91A-4376-BEE0-B653D273FBCF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{D831272B-55AC-4861-BB1D-3B8F230440E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{F65B8B50-274C-4DB9-AD29-C38E5727A9F1}] => (Allow) E:\Steam\Men of War Red Tide\redtide.exe
FirewallRules: [{BE8875CD-E43B-4476-9D51-6A5AFD604021}] => (Allow) E:\Steam\Men of War Red Tide\redtide.exe
FirewallRules: [{5FD56328-3C50-4D4D-A986-11926D233DC8}] => (Allow) E:\Steam\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{0585140B-31DF-4C4C-911B-FFDCEC0A860D}] => (Allow) E:\Steam\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{D217AD7A-5D0D-40C3-99FD-33CB15486F5C}] => (Allow) E:\Steam\Team Fortress 2\hl2.exe
FirewallRules: [{B6BE43BC-C19D-4F7B-A7C9-F24B480496CD}] => (Allow) E:\Steam\Team Fortress 2\hl2.exe
FirewallRules: [{AA397766-018B-4EFF-A228-8297BB17BD2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{BA3C4778-9D4A-487C-8D99-CCA86CD9DDB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{8EDFC591-83ED-43C6-8678-A312617CD5D9}] => (Allow) E:\SteamLibrary\SteamApps\common\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
FirewallRules: [{C4A01C19-699E-4114-B544-49E082407B98}] => (Allow) E:\SteamLibrary\SteamApps\common\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
FirewallRules: [{F5056FE2-542E-4741-B896-F80C8AC91A08}] => (Allow) E:\Steam\NZA\bin\NZA.exe
FirewallRules: [{9C49C432-BFE0-456D-90E2-845F88BED9F3}] => (Allow) E:\Steam\NZA\bin\NZA.exe
FirewallRules: [{CBC7D069-D0BA-4EB8-A19D-22B17F5C3C4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{8DCC9F50-07BD-41E9-9A5A-EACF6B78183A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{AE8EEF6F-CC0C-4369-9A17-4D358749A4EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EF84DBFE-1C6E-45C6-B0AE-941CB23C551A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DDC3B71A-0D7D-459C-9A82-BE803E5C28E5}] => (Allow) E:\Steam\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{49845B67-F4C0-415B-A474-1C01C4855EBE}] => (Allow) E:\Steam\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{AA0EE008-025D-4664-A5B7-C76C9B53EC12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{41153E96-E7C6-4D15-A62A-5A0FA675D023}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{FC739FB1-EA50-4BE7-B0CC-DF4D8E024DFC}] => (Allow) E:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{2F7F83C5-373C-4DE1-8E5D-57695294143F}] => (Allow) E:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{66BCA227-091C-45FD-A15F-3781674929F7}] => (Allow) E:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{20072956-6EE6-4954-8117-DEFE605199F5}] => (Allow) E:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{E8DAB1B5-0C0D-435E-A2F4-DC40FABCB716}] => (Allow) E:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{FBB903B1-9587-45F3-83DC-74B2D9CBCD09}] => (Allow) E:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{DB20E388-6744-4A0A-AF70-EE18874071C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Plan\The Plan.exe
FirewallRules: [{479E8130-3915-430B-9660-FD80990C06FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Plan\The Plan.exe
FirewallRules: [{C61281A5-40B9-4AB6-B893-6D487ADF803A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Anno4.exe
FirewallRules: [{C5F0C98C-C6B1-44FE-A4E5-252D6D8E5219}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Anno4.exe
FirewallRules: [{3F9EC53B-A2DC-40CB-8279-34B19CF00390}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Addon.exe
FirewallRules: [{8EEDF9BD-C466-41D4-ADBB-97F4329FB199}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Addon.exe
FirewallRules: [{71BCC77C-A178-4F40-9DB7-3CF533F1B774}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Anno4Web.exe
FirewallRules: [{996DBF8C-4046-4C4F-BDED-080470FD99B7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Anno4Web.exe
FirewallRules: [{6E434BB9-5544-4299-A36A-68FC927193B9}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\AddonWeb.exe
FirewallRules: [{84914946-BDAE-4239-8CDE-DD13B13DA1C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\AddonWeb.exe
FirewallRules: [{52931310-F563-42F1-8603-8EA0945FDCBB}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Benchmark.exe
FirewallRules: [{6414CFEB-A918-4C33-8E3C-458CABBF29E7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Benchmark.exe
FirewallRules: [{89F03F06-5630-458E-8E1B-EB162260E8C8}] => (Allow) C:\Program Files (x86)\Ubisoft\World in Conflict\wic.exe
FirewallRules: [{E2844931-D841-4DD6-AB3F-9B282FB2DC5B}] => (Allow) C:\Program Files (x86)\Ubisoft\World in Conflict\wic.exe
FirewallRules: [{3749C7B5-B483-406B-9273-99B43CDBF828}] => (Allow) C:\Program Files (x86)\Ubisoft\World in Conflict\wic_online.exe
FirewallRules: [{98C6F6D9-AB5F-4E45-9302-434464F31247}] => (Allow) C:\Program Files (x86)\Ubisoft\World in Conflict\wic_online.exe
FirewallRules: [{A4757BDF-24E2-4A07-AF5A-065EF4B37304}] => (Allow) C:\Program Files (x86)\Ubisoft\World in Conflict\wic_ds.exe
FirewallRules: [{3A3E8ECD-E056-4434-803C-86B165D00D72}] => (Allow) C:\Program Files (x86)\Ubisoft\World in Conflict\wic_ds.exe
FirewallRules: [{7DB565D3-D4C6-4F25-BF34-5FDAA1DECF9E}] => (Allow) E:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{2989F74B-2123-43F0-B7E8-6B7D22C9FC87}] => (Allow) E:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{10D75718-D064-465C-A2DB-D6CDE398D10D}] => (Allow) E:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{8CCC3C51-2E90-4E82-BED3-9FAE8180CEC8}] => (Allow) E:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{DFFD2172-7FF3-4D6D-A251-843D6A362050}] => (Allow) E:\Steam\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{8A2BE5AF-B3EC-446D-9648-14CC516647FD}] => (Allow) E:\Steam\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{254FF359-78ED-48D0-A980-3FE1B31D0360}] => (Allow) E:\Steam\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{D5207A2C-D0C9-49D8-9443-D3E8E5D3A505}] => (Allow) E:\Steam\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{7FD43A18-8979-4AD2-A381-4695559AF99C}] => (Allow) E:\SteamLibrary\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{32C2064C-D050-4157-872F-8DEDC4877424}] => (Allow) E:\SteamLibrary\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{5BB43F26-0290-494B-978A-D6166A44FFBC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B109FF92-8778-40D2-B530-5E2D15DB5943}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C4700152-D07D-4011-889C-82FBA2C58901}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{72E78D1F-6EE8-4540-9D28-F07989595AFD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{829A0AD2-1EB9-4C85-BEF7-89A3AA2544B6}] => (Allow) E:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{FF91324E-6103-4A79-B8C5-F59C8CABDFAA}] => (Allow) E:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{29F9F778-D4CD-41F2-9891-352E5599FC5B}] => (Allow) E:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BC890A1D-3ACF-4376-B6D0-E52FDA39F92A}] => (Allow) E:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9F2E8F4F-3519-4271-AB63-0C9DD513FB3D}] => (Allow) E:\SteamLibrary\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{E9953277-40C3-442C-B522-3043B43FA839}] => (Allow) E:\SteamLibrary\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{0DAAB2D2-CC1C-4419-BB2B-A7F03711B5ED}] => (Allow) E:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{A21F3132-DBB9-4A8F-9C02-994BD1404FEB}] => (Allow) E:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{E27035C6-3304-4181-9024-6C6E4F8696C3}] => (Allow) E:\SteamLibrary\SteamApps\common\Men of War\mow.exe
FirewallRules: [{B22CA801-F9BA-4664-B7FD-8C52543E7544}] => (Allow) E:\SteamLibrary\SteamApps\common\Men of War\mow.exe
FirewallRules: [{5A5AE60A-2653-4429-A029-AEC84C6E1DD9}] => (Allow) E:\SteamLibrary\SteamApps\common\Men of War\mow_editor.exe
FirewallRules: [{E3CA4E4F-36DA-42D4-AD6E-7A7F25903FE2}] => (Allow) E:\SteamLibrary\SteamApps\common\Men of War\mow_editor.exe
FirewallRules: [{71AE7867-1585-416E-9D5C-DB880D5A1773}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3A4E6A9D-5B47-43B2-B267-EA0E0A30D223}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6877CD9B-8ACF-4ED6-9C60-42F5A72C5F53}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3CDBC50B-9EC9-40F5-80DD-74E2503A6187}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{073C131F-7834-4D69-B680-4358F0F61BB6}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{1E3AC0D1-A945-49E2-BDA5-1FD03AB72463}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{FC92FBBC-7FDF-4C04-9399-41494C492E18}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{CD4227C0-52F6-4D96-BF4D-33F78F0FA03D}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{DDC9E26D-E179-4F11-9BF8-C2439789EF68}] => (Allow) E:\SteamLibrary\SteamApps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{999D557E-AF63-48FF-A250-CFD0E80D1C25}] => (Allow) E:\SteamLibrary\SteamApps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{1FEE55BB-D9FD-4660-AC78-75A2CCF807FE}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{4E4179A0-1465-4499-97E9-FD20E2C1D9AF}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{508C479A-71BC-4266-B522-867594529926}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{870531A8-0DC3-403C-8C35-038510D58FE4}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{3B81D097-1A7C-4D23-B502-CFA23FC6DE59}] => (Allow) E:\SteamLibrary\SteamApps\common\The Final Hours of Portal 2\TheFinalHoursOfPortal2.exe
FirewallRules: [{E74CB747-C1F5-4E0C-8EC1-33DC10181C51}] => (Allow) E:\SteamLibrary\SteamApps\common\The Final Hours of Portal 2\TheFinalHoursOfPortal2.exe
FirewallRules: [{F18CC558-A30C-4C7B-81B0-6B1DFF6A14C2}] => (Allow) E:\SteamLibrary\SteamApps\common\Ship Simulator Extremes\Steam.exe
FirewallRules: [{6B384543-D83B-4835-BCB4-1CC491E78FA0}] => (Allow) E:\SteamLibrary\SteamApps\common\Ship Simulator Extremes\Steam.exe
FirewallRules: [{89AFFF23-283B-404C-86A3-20BACF25CB7C}] => (Allow) E:\SteamLibrary\SteamApps\common\Tom Clancy's Ghost Recon Online\Launcher.exe
FirewallRules: [{3B5A4DBF-485A-4BFB-8F45-CBC0DA148043}] => (Allow) E:\SteamLibrary\SteamApps\common\Tom Clancy's Ghost Recon Online\Launcher.exe
FirewallRules: [TCP Query User{7435682B-28BF-4575-B3CF-2C755FFC9194}E:\steamlibrary\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{AF35F5DC-4435-4482-9005-EB64B77908CB}E:\steamlibrary\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [{9CB25982-9BB9-4F13-A64F-E0FCF8D55063}] => (Allow) E:\SteamLibrary\SteamApps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{B6DA84DD-3A3B-4EC4-BDAC-CAA1FC256728}] => (Allow) E:\SteamLibrary\SteamApps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{81563600-61DA-4DF9-9EF1-0D512CABF3DB}] => (Allow) E:\SteamLibrary\SteamApps\common\Interstellar Marines\InterstellarMarines.exe
FirewallRules: [{625366C3-3603-4A6C-BFB6-0E8CF1120596}] => (Allow) E:\SteamLibrary\SteamApps\common\Interstellar Marines\InterstellarMarines.exe
FirewallRules: [{0E4A3027-0BC6-437A-8F0A-2A1528FBE39A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{980B4413-DA2E-4EE9-BB33-989B19727540}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{C01473B0-9B6C-40E1-BBA8-D3971E7DA234}] => (Allow) E:\SteamLibrary\SteamApps\common\toy soldiers\GameSW.exe
FirewallRules: [{F66C4B9E-A6F6-48AE-A506-5C71DD68A0EA}] => (Allow) E:\SteamLibrary\SteamApps\common\toy soldiers\GameSW.exe
FirewallRules: [{156DA876-29D2-4EB0-86BA-699F8951CDAA}] => (Allow) E:\SteamLibrary\SteamApps\common\toy soldiers\Game.exe
FirewallRules: [{941F4E9F-AE29-4413-A2EB-C3201836D429}] => (Allow) E:\SteamLibrary\SteamApps\common\toy soldiers\Game.exe
FirewallRules: [{0D88486B-AEF6-47BA-AA03-2E0BADCD3709}] => (Allow) E:\SteamLibrary\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{8BA453B5-6E80-4DFF-9E93-704A92493FF2}] => (Allow) E:\SteamLibrary\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{E3558436-9326-4626-B559-307B7A9CCA53}] => (Allow) E:\SteamLibrary\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{DD0ECCA2-BEC5-4703-887F-6BE8A541C6BC}] => (Allow) E:\SteamLibrary\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{6C3A306E-67B4-4CF3-901D-DEB997FBD724}] => (Allow) E:\SteamLibrary\SteamApps\common\Red Orchestra 2 - Single Player\Binaries\Win32\ROGame.exe
FirewallRules: [{FC0BC07A-2383-4016-A83C-EBD70AE0B59F}] => (Allow) E:\SteamLibrary\SteamApps\common\Red Orchestra 2 - Single Player\Binaries\Win32\ROGame.exe
FirewallRules: [{9B3951BE-4505-4D43-918C-DD47789DEA6D}] => (Allow) E:\SteamLibrary\SteamApps\common\CastleMiner Z\CastleMinerZ.exe
FirewallRules: [{560AC403-E6D0-46FA-876C-471D7AD82FB6}] => (Allow) E:\SteamLibrary\SteamApps\common\CastleMiner Z\CastleMinerZ.exe
FirewallRules: [{BCEEA902-59DC-4931-987A-1B17CCD48398}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{8C9C1978-D725-44FA-9B4A-9DCF93CD895F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{B611F51C-327A-48A5-AD74-848E66C54E5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{39E4F78E-69E5-4B37-AEDD-7C7F39F5D200}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{2CDA3096-1E8D-45A4-B594-2CAD5ABBBF34}] => (Allow) E:\SteamLibrary\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{355759CA-9CC8-444A-A058-6DF5E0F145A2}] => (Allow) E:\SteamLibrary\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{12C3C593-D696-4889-BB40-2A8D5BC10B5B}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{5AD9D8FC-3589-490E-A94F-20D70C457143}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{5A59B1AB-2E5C-4B4D-838E-DC73FC325311}] => (Allow) E:\SteamLibrary\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{C51C14AA-4826-42AD-B0D7-72B1E00A7AA3}] => (Allow) E:\SteamLibrary\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{9357C498-B8FB-4F85-9FBD-E81B9A758EE1}] => (Allow) E:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{AB76E744-DE06-47A9-83DE-104C8FB08421}] => (Allow) E:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{FB1E451B-9D7F-45BC-BE96-AA167AD37297}] => (Allow) C:\Program Files (x86)\Victory Command\ClientLauncherRS.exe
FirewallRules: [{54BF4831-2B80-4210-817F-D4A0EE7BF639}] => (Allow) C:\Program Files (x86)\Victory Command\ClientLauncherRS.exe
FirewallRules: [TCP Query User{9FB4591E-AF90-4D70-A120-C72B4B07E5E7}E:\steam\war thunder\launcher.exe] => (Allow) E:\steam\war thunder\launcher.exe
FirewallRules: [UDP Query User{966664ED-689F-4A96-A3C7-159958333C99}E:\steam\war thunder\launcher.exe] => (Allow) E:\steam\war thunder\launcher.exe
FirewallRules: [TCP Query User{71D359BF-1A15-4EB8-BB40-70B78553C7DE}E:\steam\war thunder\aces.exe] => (Allow) E:\steam\war thunder\aces.exe
FirewallRules: [UDP Query User{3C8E6D0B-35D0-44E9-B93E-88FB9F897F14}E:\steam\war thunder\aces.exe] => (Allow) E:\steam\war thunder\aces.exe
FirewallRules: [{1FF0E83B-E7D3-48BB-B54E-6E4B38506E8A}] => (Allow) C:\Program Files (x86)\ASUS\Share Link\ShareLink.exe
FirewallRules: [{6D6AC7C0-37F0-447A-9CAF-8B9B816F4443}] => (Allow) C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe
FirewallRules: [{46685E07-7D20-47E6-ACA2-E8A04200E8C5}] => (Allow) E:\Steam\rust\Rust.exe
FirewallRules: [{9A711F93-E04E-4FD7-BD1F-027F5D658845}] => (Allow) E:\Steam\rust\Rust.exe
FirewallRules: [{69C1A5C0-4680-44E2-913B-8FF951697BCF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{909CF734-F0F4-4210-A2F4-0AA6E3C2F448}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{40718132-1797-4A4C-9E50-6FFD1F809B11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{DC00D487-9CFB-415D-8939-BC275D9F6126}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{6794D116-FA4C-455A-9CEB-7F5B8A90716A}] => (Allow) E:\SteamLibrary\SteamApps\common\Software Inc\Software Inc.exe
FirewallRules: [{AAFD90D3-46C1-4DA6-B994-98C420EAF955}] => (Allow) E:\SteamLibrary\SteamApps\common\Software Inc\Software Inc.exe
FirewallRules: [{05987DA8-3F81-4118-A02B-296A5158BF72}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{D35F1541-C3D0-41FC-A514-8DAE1DABD440}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{DBD63BC5-E91E-410F-B84A-13C3A7FC1C43}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B3027FBB-DD7F-4349-B5A8-5CA90F2E9B97}] => (Allow) LPort=2869
FirewallRules: [{F0718638-7859-4B18-938F-C8432ED55A0D}] => (Allow) LPort=1900
FirewallRules: [{F74B0371-30EC-44E7-A52E-00E0B8774EE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe
FirewallRules: [{AA426BB0-1DE9-4497-8619-A6FA5ACD8C3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe
FirewallRules: [TCP Query User{9587C076-088E-4155-A7D9-D8B2558FA57D}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{FB5E6636-209F-4843-B40A-BEC3C9C1170E}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{7EC0118C-E59D-477D-8CC2-60F5747DA140}] => (Allow) E:\SteamLibrary\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{FBF2837B-9C96-4D94-84D2-4D860057D7CD}] => (Allow) E:\SteamLibrary\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{9551667F-7520-461D-A6FF-3954B58CC085}] => (Allow) E:\SteamLibrary\SteamApps\common\Shoppe Keep\Shoppe Keep.exe
FirewallRules: [{4ADC5AFB-4425-4CEB-8163-5AD5B3F86279}] => (Allow) E:\SteamLibrary\SteamApps\common\Shoppe Keep\Shoppe Keep.exe
FirewallRules: [{7DC36104-DA49-4669-B4D7-2D4170F523DA}] => (Allow) E:\Steam\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{060CE2D3-26FA-4DF8-9E7F-273ED9819100}] => (Allow) E:\Steam\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{06D89FAF-7217-400F-955D-D20C2343F632}] => (Allow) E:\Steam\World_of_Tanks\worldoftanks.exe
FirewallRules: [{941F817F-52E1-4007-B4CD-A59B29B3594D}] => (Allow) E:\Steam\World_of_Tanks\worldoftanks.exe
FirewallRules: [TCP Query User{15B53A4B-D5AF-4CEA-A8D0-80CF45286A27}E:\steam\war thunder\win64\aces64.exe] => (Allow) E:\steam\war thunder\win64\aces64.exe
FirewallRules: [UDP Query User{7DE014BE-E236-4D27-87D8-611EE0C4142C}E:\steam\war thunder\win64\aces64.exe] => (Allow) E:\steam\war thunder\win64\aces64.exe
FirewallRules: [{ECFF1C96-3505-45FE-9163-B16D4A5A36B6}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{61F5E431-E70A-439D-A986-457C63752343}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{81F60FD8-B341-40C6-B4F6-85ACA760FB31}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{BE45063B-A223-47B7-AD24-B4328DA90F75}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [TCP Query User{2640D720-1831-41E0-8240-521311C4464B}C:\users\luiz marsi\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\luiz marsi\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{B50CB47D-AFEC-4073-B10F-05A3365A11E6}C:\users\luiz marsi\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\luiz marsi\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{2C747390-7EB4-49B4-9178-CAB500F84801}] => (Allow) E:\SteamLibrary\SteamApps\common\DOOM Closed Alpha\DOOMx64.exe
FirewallRules: [{9A0F1403-2492-4E80-9822-9DAEF0C329F8}] => (Allow) E:\SteamLibrary\SteamApps\common\DOOM Closed Alpha\DOOMx64.exe
FirewallRules: [TCP Query User{6079B628-3433-4D93-9E0B-7D41D4C61494}E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{5FC5FB6B-1CE3-4B1D-95A0-66B3C25BD5CF}E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{F105C67F-F22A-42F9-9938-92D1F930E0DC}] => (Allow) E:\SteamLibrary\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{5871268F-70AD-4EA5-95BC-9AFEB736704E}] => (Allow) E:\SteamLibrary\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [TCP Query User{6704317F-DF7A-40FF-A68C-593E75B4440A}E:\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe] => (Block) E:\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe
FirewallRules: [UDP Query User{F8CB1AEC-E526-41B2-8251-1F11D26B40CB}E:\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe] => (Block) E:\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe
FirewallRules: [{4AEFE2DB-6227-4F12-B854-3B90DDF15F18}] => (Allow) E:\Steam\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{DBE34000-E40B-4E6B-BA80-9D38A336F9BF}] => (Allow) E:\Steam\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{F931056E-EBA0-474D-923B-746D1A2AD354}] => (Allow) E:\Steam\7 Days To Die\7dLauncher.exe
FirewallRules: [{35EE351F-8F4C-4D7A-B92F-684D939268AA}] => (Allow) E:\Steam\7 Days To Die\7dLauncher.exe
FirewallRules: [{18DF3B1C-3060-4CCC-AB16-D0187446CCE6}] => (Allow) E:\Steam\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{EE9D84C5-BA5D-4A6C-81A0-150EBBE1861C}] => (Allow) E:\Steam\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{6C739248-17D1-4635-A4E8-55C9348DD960}] => (Allow) E:\SteamLibrary\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{4D3E001E-2DC2-44E3-A6C1-EB17CFF63AB3}] => (Allow) E:\SteamLibrary\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{C0EBECDA-FE97-47EA-88B3-6F7836355DFC}] => (Allow) E:\Steam\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{7251541D-A7BC-4A81-917C-7BFCF0FB49CC}] => (Allow) E:\Steam\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{7665B207-698E-4180-983F-C67BFB8CE4BE}] => (Allow) E:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{CEEA6988-755A-4404-AE85-C56E9BE70BD3}] => (Allow) E:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{BC43A6D4-903E-4D42-B8F8-500AC88E31D6}] => (Allow) E:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A0D83FAE-AEDD-4E5E-BD43-C729EEEA9AE9}] => (Allow) E:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{F4843F3D-86AD-459F-BCD3-0AD0C56B086C}C:\users\luiz marsi\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luiz marsi\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{91FAF29C-6E37-485A-B79A-8E0452602ECC}C:\users\luiz marsi\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luiz marsi\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{3116024E-C07E-45E4-87C6-5712CF625FF0}C:\program files\java\jre1.8.0_111\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\java.exe
FirewallRules: [UDP Query User{876075F2-6A84-405E-B48C-635FF1E04E26}C:\program files\java\jre1.8.0_111\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\java.exe
FirewallRules: [TCP Query User{E3F27C9F-0612-4AB1-A5BF-0872689AB9CB}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{AEDC4972-AC11-41AC-8D1C-D6570A308E5A}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [{4B9F0331-F1E2-4DB5-B9C7-15C2AA5FE747}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{23D1D688-AF27-4021-8C37-321970181D49}] => (Allow) E:\Origin\Battlefield 1\bf1Trial.exe
FirewallRules: [{C27A4E68-9E00-41F4-BB0B-F2D46DCFECB2}] => (Allow) E:\Origin\Battlefield 1\bf1Trial.exe
FirewallRules: [{691BF06A-1B78-42D1-BFC4-8FCB00A21DEA}] => (Allow) E:\Origin\Battlefield 1\bf1.exe
FirewallRules: [{BA9B525B-580A-40C0-8D08-8FEC858AAFE0}] => (Allow) E:\Origin\Battlefield 1\bf1.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Pontos de Restauração =========================

15-11-2016 23:58:07 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (11/24/2016 12:16:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "WmiApRpl" na DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (11/24/2016 12:16:21 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL rdyboost do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.

Error: (11/24/2016 12:16:21 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status.

Error: (11/24/2016 12:16:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "MSDTC" na DLL "C:\WINDOWS\system32\msdtcuiu.DLL". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (11/24/2016 12:16:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "Lsa" na DLL "C:\Windows\System32\Secur32.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (11/24/2016 12:16:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "ESENT" na DLL "C:\WINDOWS\system32\esentprf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (11/24/2016 12:16:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (11/23/2016 04:46:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "WmiApRpl" na DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (11/23/2016 04:46:12 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL rdyboost do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.

Error: (11/23/2016 04:46:12 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status.


Erros de Sistema:
=============
Error: (11/24/2016 12:17:27 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 e APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (11/24/2016 12:13:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço amdacpksd devido ao seguinte erro: 
O sistema não pode encontrar o arquivo especificado.

Error: (11/24/2016 12:13:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 23:18:28 do dia ‎23/‎11/‎2016 não era esperado.

Error: (11/23/2016 09:35:47 PM) (Source: Schannel) (EventID: 4114) (User: LUIZ)
Description: O certificado recebido do servidor remoto foi emitido por uma autoridade de certificação não confiável. Portanto, não é possível validar os dados contidos no certificado. Falha na solicitação de conexão TLS. Os dados anexados contêm o certificado do servidor.

Error: (11/23/2016 09:35:29 PM) (Source: Schannel) (EventID: 4114) (User: LUIZ)
Description: O certificado recebido do servidor remoto foi emitido por uma autoridade de certificação não confiável. Portanto, não é possível validar os dados contidos no certificado. Falha na solicitação de conexão TLS. Os dados anexados contêm o certificado do servidor.

Error: (11/23/2016 09:35:11 PM) (Source: Schannel) (EventID: 4114) (User: LUIZ)
Description: O certificado recebido do servidor remoto foi emitido por uma autoridade de certificação não confiável. Portanto, não é possível validar os dados contidos no certificado. Falha na solicitação de conexão TLS. Os dados anexados contêm o certificado do servidor.

Error: (11/23/2016 09:34:56 PM) (Source: Schannel) (EventID: 4114) (User: LUIZ)
Description: O certificado recebido do servidor remoto foi emitido por uma autoridade de certificação não confiável. Portanto, não é possível validar os dados contidos no certificado. Falha na solicitação de conexão TLS. Os dados anexados contêm o certificado do servidor.

Error: (11/23/2016 04:45:32 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 e APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (11/23/2016 04:39:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SDScannerService devido ao seguinte erro: 
O serviço não respondeu à requisição de início ou controle em tempo hábil.

Error: (11/23/2016 04:39:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço SDScannerService.


CodeIntegrity:
===================================
  Date: 2016-11-23 22:48:15.733
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-22 18:09:24.668
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-19 17:26:37.393
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-17 18:53:00.260
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-15 20:19:19.468
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-14 20:08:37.125
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-11 16:52:42.070
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-10 16:43:46.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-09 20:43:27.574
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-05 18:28:10.959
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Informações da Memória =========================== 

Processador: AMD FX(tm)-8150 Eight-Core Processor 
Percentagem de memória em uso: 49%
RAM física total: 8091.5 MB
RAM física disponível: 4096.42 MB
Virtual Total: 12571.5 MB
Virtual disponível: 7871.37 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.81 GB) (Free:30.73 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:25.58 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 358D65BF)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: FCED889D)

Partition: GPT.

==================== Fim de Addition.txt ============================

 

Link to post
Share on other sites

  • Root Admin

Sorry for the delay @Pinguino132

Let me have you run the following please.

 

Please restart the computer first and then run the following steps and post back the logs when ready.

STEP 01
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus

STEP 02

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

STEP 03
Download Sophos Free Virus Removal Tool and save it to your desktop.
 

  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View Log file (bottom left-hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found, please confirm that result.

STEP 04
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Link to post
Share on other sites

Ok sophos found 2 threats.

Sophos Virus REmoval Tool Log:

2016-12-01 14:52:26.617    Sophos Virus Removal Tool version 2.5.6
2016-12-01 14:52:26.617    Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2016-12-01 14:52:26.617    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2016-12-01 14:52:26.617    Windows version 6.2 SP 0.0  build 9200 SM=0x300 PT=0x1 WOW64
2016-12-01 14:52:26.617    Checking for updates...
2016-12-01 14:52:26.632    Update progress: proxy server not available
2016-12-01 14:52:34.551    Option all = no
2016-12-01 14:52:34.551    Option recurse = yes
2016-12-01 14:52:34.551    Option archive = no
2016-12-01 14:52:34.551    Option service = yes
2016-12-01 14:52:34.551    Option confirm = yes
2016-12-01 14:52:34.551    Option sxl = yes
2016-12-01 14:52:34.552    Option max-data-age = 35
2016-12-01 14:52:34.552    Option vdl-logging = yes
2016-12-01 14:52:34.596    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2016-12-01 14:52:34.596    Machine ID:    8fcea9f9742f4fd2ab54193937008820
2016-12-01 14:52:34.596    Component SVRTcli.exe version 2.5.6
2016-12-01 14:52:34.596    Component control.dll version 2.5.6
2016-12-01 14:52:34.596    Component SVRTservice.exe version 2.5.6
2016-12-01 14:52:34.596    Component engine\osdp.dll version 1.44.1.2270
2016-12-01 14:52:34.596    Component engine\veex.dll version 3.67.0.2270
2016-12-01 14:52:34.596    Component engine\savi.dll version 9.0.5.2270
2016-12-01 14:52:34.596    Component rkdisk.dll version 1.5.31.1
2016-12-01 14:52:34.596    Version info:    Product version    2.5.6
2016-12-01 14:52:34.596    Version info:    Detection engine    3.67.0
2016-12-01 14:52:34.596    Version info:    Detection data    5.32
2016-12-01 14:52:34.596    Version info:    Build date    04/10/2016
2016-12-01 14:52:34.596    Version info:    Data files added    429
2016-12-01 14:52:34.596    Version info:    Last successful update    (not yet updated)
2016-12-01 14:53:45.273    Downloading updates...
2016-12-01 14:53:45.278    Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2016-12-01 14:53:45.278    Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2016-12-01 14:53:45.278    Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2016-12-01 14:53:45.278    Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2016-12-01 14:53:45.278    Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2016-12-01 14:53:45.278    Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2016-12-01 14:53:45.278    Update progress: [I49502] sdds.data0910.xml: found supplement IDE533 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2016-12-01 14:53:45.278    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE533 LATEST path=
2016-12-01 14:53:45.278    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE533 LATEST path=
2016-12-01 14:53:45.278    Update progress: [I49502] sdds.data0910.xml: found supplement IDE534 LATEST path= baseVersion= [included from product IDE533 LATEST path=]
2016-12-01 14:53:45.278    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE534 LATEST path=
2016-12-01 14:53:45.278    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE534 LATEST path=
2016-12-01 14:53:45.278    Update progress: [I49502] sdds.data0910.xml: found supplement IDE535 LATEST path= baseVersion= [included from product IDE534 LATEST path=]
2016-12-01 14:53:45.278    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE535 LATEST path=
2016-12-01 14:53:45.278    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE535 LATEST path=
2016-12-01 14:53:45.278    Update progress: [I49502] sdds.data0910.xml: found supplement IDE536 LATEST path= baseVersion= [included from product IDE535 LATEST path=]
2016-12-01 14:53:45.278    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE536 LATEST path=
2016-12-01 14:53:45.278    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE536 LATEST path=
2016-12-01 14:53:45.278    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2016-12-01 14:53:45.642    Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2016-12-01 14:53:45.642    Update progress: [I19463] Product download size 151003858 bytes
2016-12-01 14:53:52.046    Update progress: [I19463] Syncing product IDE533 LATEST path=
2016-12-01 14:53:52.046    Update progress: [I19463] Product download size 2192549 bytes
2016-12-01 14:53:53.941    Update progress: [I19463] Syncing product IDE534 LATEST path=
2016-12-01 14:53:53.941    Update progress: [I19463] Product download size 2006903 bytes
2016-12-01 14:53:56.816    Update progress: [I19463] Syncing product IDE535 LATEST path=
2016-12-01 14:53:56.816    Update progress: [I19463] Product download size 1915695 bytes
2016-12-01 14:53:59.912    Update progress: [I19463] Syncing product IDE536 LATEST path=
2016-12-01 14:53:59.912    Update progress: [I19463] Product download size 196912 bytes
2016-12-01 14:54:00.694    Installing updates...
2016-12-01 14:54:01.644    Error level 1
2016-12-01 14:54:17.069    Update successful
2016-12-01 14:54:27.639    Option all = no
2016-12-01 14:54:27.639    Option recurse = yes
2016-12-01 14:54:27.639    Option archive = no
2016-12-01 14:54:27.639    Option service = yes
2016-12-01 14:54:27.639    Option confirm = yes
2016-12-01 14:54:27.639    Option sxl = yes
2016-12-01 14:54:27.639    Option max-data-age = 35
2016-12-01 14:54:27.639    Option vdl-logging = yes
2016-12-01 14:54:27.639    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2016-12-01 14:54:27.639    Machine ID:    8fcea9f9742f4fd2ab54193937008820
2016-12-01 14:54:27.639    Component SVRTcli.exe version 2.5.6
2016-12-01 14:54:27.639    Component control.dll version 2.5.6
2016-12-01 14:54:27.639    Component SVRTservice.exe version 2.5.6
2016-12-01 14:54:27.639    Component engine\osdp.dll version 1.44.1.2270
2016-12-01 14:54:27.639    Component engine\veex.dll version 3.67.0.2270
2016-12-01 14:54:27.639    Component engine\savi.dll version 9.0.5.2270
2016-12-01 14:54:27.639    Component rkdisk.dll version 1.5.31.1
2016-12-01 14:54:27.639    Version info:    Product version    2.5.6
2016-12-01 14:54:27.639    Version info:    Detection engine    3.67.0
2016-12-01 14:54:27.639    Version info:    Detection data    5.32
2016-12-01 14:54:27.639    Version info:    Build date    04/10/2016
2016-12-01 14:54:27.639    Version info:    Data files added    429
2016-12-01 14:54:27.639    Version info:    Last successful update    01/12/2016 12:54:17

2016-12-01 15:29:22.875    Error level 0

2016-12-01 15:29:26.647    Scan cancelled by user.
2016-12-01 15:29:26.647    

------------------------------------------------------------

2016-12-02 00:57:30.949    Sophos Virus Removal Tool version 2.5.6
2016-12-02 00:57:30.949    Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2016-12-02 00:57:30.949    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2016-12-02 00:57:30.949    Windows version 6.2 SP 0.0  build 9200 SM=0x300 PT=0x1 WOW64
2016-12-02 00:57:30.950    Checking for updates...
2016-12-02 00:57:30.968    Update progress: proxy server not available
2016-12-02 00:57:45.296    Update error: failed to read remote metadata (error 4)
[T46381] ..\SUL\Handle.cpp:98 + SU::Handle::readRemoteMetadata()
[T75884] ..\SUL\Metadata.cpp:144 SU::Metadata::readRemoteMetadata()
[I40394] Downloading customer file from sophos:1:1
[E26245] Error fetching data from http://dci.sophosupd.com/update/2/9e/29e1287c66224b2360b213a46da00871.dat: WinHttpSendRequest 12007
[I20317] No proxy was used.
[I40394] Downloading customer file from sophos:2:1
[E26245] Error fetching data from http://dci.sophosupd.net/update/2/9e/29e1287c66224b2360b213a46da00871.dat: WinHttpSendRequest 12007
[I20317] No proxy was used.
[I40394] Downloading customer file from sophos:3:1
[E75373] Ran out of sophos aliases for this update source
[E35369] Out of update sources
[E99999] Out of sources
2016-12-02 00:57:47.234    Option all = no
2016-12-02 00:57:47.234    Option recurse = yes
2016-12-02 00:57:47.234    Option archive = no
2016-12-02 00:57:47.234    Option service = yes
2016-12-02 00:57:47.234    Option confirm = yes
2016-12-02 00:57:47.234    Option sxl = yes
2016-12-02 00:57:47.236    Option max-data-age = 35
2016-12-02 00:57:47.236    Option vdl-logging = yes
2016-12-02 00:57:47.240    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2016-12-02 00:57:47.240    Machine ID:    8fcea9f9742f4fd2ab54193937008820
2016-12-02 00:57:47.258    Component SVRTcli.exe version 2.5.6
2016-12-02 00:57:47.258    Component control.dll version 2.5.6
2016-12-02 00:57:47.258    Component SVRTservice.exe version 2.5.6
2016-12-02 00:57:47.258    Component engine\osdp.dll version 1.44.1.2270
2016-12-02 00:57:47.259    Component engine\veex.dll version 3.67.0.2270
2016-12-02 00:57:47.259    Component engine\savi.dll version 9.0.5.2270
2016-12-02 00:57:47.273    Component rkdisk.dll version 1.5.31.1
2016-12-02 00:57:47.273    Version info:    Product version    2.5.6
2016-12-02 00:57:47.274    Version info:    Detection engine    3.67.0
2016-12-02 00:57:47.274    Version info:    Detection data    5.32
2016-12-02 00:57:47.274    Version info:    Build date    04/10/2016
2016-12-02 00:57:47.274    Version info:    Data files added    429
2016-12-02 00:57:47.274    Version info:    Last successful update    01/12/2016 12:54:17

2016-12-02 00:57:51.691    Couldn't apply option 'SXLLiveProtection' to the detection engine.
2016-12-02 02:59:59.009    Could not open C:\hiberfil.sys
2016-12-02 03:22:42.296    Could not open C:\ProgramData\Autodesk\SDS\SecureDataStorage.sds\LOCK
2016-12-02 03:24:32.365    Could not open C:\swapfile.sys
2016-12-02 03:24:33.009    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-12-02 03:24:33.009    Could not open C:\System Volume Information\{65bc2ccf-b4b4-11e6-818c-3085a98fd68c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-12-02 03:24:33.009    Could not open C:\System Volume Information\{65bc2cea-b4b4-11e6-818c-3085a98fd68c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-12-02 03:24:33.010    Could not open C:\System Volume Information\{65bc2cf7-b4b4-11e6-818c-3085a98fd68c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-12-02 03:24:33.010    Could not open C:\System Volume Information\{ab8427d0-b72e-11e6-818d-3085a98fd68c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-12-02 03:24:33.010    Could not open C:\System Volume Information\{b2d1bd34-b3e6-11e6-818b-3085a98fd68c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-12-02 03:44:59.077    >>> Virus 'Mal/Inject-CEE' found in file C:\Users\Luiz Marsi\AppData\Roaming\WindowsStart\start.ini
2016-12-02 03:44:59.077    >>> Virus 'Mal/Inject-CEE' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2016-12-02 03:44:59.078    >>> Virus 'Mal/Inject-CEE' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2016-12-02 03:44:59.078    >>> Virus 'Mal/Inject-CEE' found in file HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT\iexplore.exe
2016-12-02 03:45:03.598    >>> Virus 'Mal/Inject-CEE' found in file C:\Users\Luiz Marsi\AppData\Roaming\WindowsStart\windows.ini
2016-12-02 03:45:03.598    >>> Virus 'Mal/Inject-CEE' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2016-12-02 03:45:03.598    >>> Virus 'Mal/Inject-CEE' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2016-12-02 03:45:03.598    >>> Virus 'Mal/Inject-CEE' found in file HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT\iexplore.exe
2016-12-02 04:01:50.988    Password protected file C:\Users\Luiz Marsi\Documents\Pen_Drive-AP\CAMICADO\FICHA DE CADASTRO DE PRODUTOS - NACIONAL.xlsx
2016-12-02 04:13:33.850    Could not open C:\Windows\System32\config\BBI
2016-12-02 04:13:34.265    Could not open C:\Windows\System32\config\RegBack\DEFAULT
2016-12-02 04:13:34.285    Could not open C:\Windows\System32\config\RegBack\SAM
2016-12-02 04:13:34.286    Could not open C:\Windows\System32\config\RegBack\SECURITY
2016-12-02 04:13:34.287    Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2016-12-02 04:13:34.334    Could not open C:\Windows\System32\config\RegBack\SYSTEM
2016-12-02 04:31:03.187    Could not open LOGICAL:0003:00000000
2016-12-02 04:31:03.203    Could not open D:\
2016-12-02 04:33:25.483    >>> Virus 'Troj/Agent-AGBP' found in file E:\Steam\Call of Duty 2\CoD2SP_s.exe
2016-12-02 04:33:25.483    >>> Virus 'Troj/Agent-AGBP' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2016-12-02 04:33:25.483    >>> Virus 'Troj/Agent-AGBP' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2016-12-02 04:33:25.483    >>> Virus 'Troj/Agent-AGBP' found in file HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT\iexplore.exe
2016-12-02 05:02:47.195    The following items will be cleaned up:
2016-12-02 05:02:47.195    Mal/Inject-CEE
2016-12-02 05:02:47.195    Troj/Agent-AGBP
 

Link to post
Share on other sites

  • Root Admin

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.

PC Winvids - How to run Kaspersky TDSSKiller

If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.

 

Link to post
Share on other sites

  • Root Admin

Let's go ahead and remove all the temporary files and restart the computer. Once that's done, let me know how the computer is running and if there are still any signs of an infection.
 

 

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

Link to post
Share on other sites

  • Root Admin

That's great news @Pinguino132

 

At this time there are no more signs of an infection on your system.
However if you are still seeing any signs of an infection please let me know.

Let's go ahead and remove the tools and logs we've used during this process.

Most of the tools used are potentially dangerous to use unsupervised or if ran at the wrong time.
They are often updated daily so if you went to use them again in the future they would be outdated anyways.

The following procedures will implement some cleanup procedures to remove these tools.
 
bwebb7v.jpgDownload Delfix from here and save it to your desktop. (you may already have this)

  • Ensure Remove disinfection tools is checked.
  • Click the Run button.
  • Reboot


Any other programs or logs that are still remaining, you can manually delete. (right click.....Delete)
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.


 
If there are any other left over Folders, Files, Logs then you can delete them on your own.
 
Please visit the following link to see how to delete old System Restore Points. Please delete all of them and create a new one at this time.
How to Delete System Protection Restore Points in Windows 7 and Windows 8

Remove all but the most recent Restore Point on Windows XP


As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers
How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.
Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.


If you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.

 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.