Ir ao conteúdo
  • Cadastre-se
Eygler

Possivel malware

Recommended Posts

Ola, estou com um problema estranho, meu navegador começa a abrir abas sem motivo.. os links sao os seguintes

https://fbcdn-profile-a.akamaihd.net/hprofile-ak-prn1/hellocdn.html?v=1

https://photos-a.xx.fbcdn.net/hphotos-prn1/hellocdn.html?v=1

Fiz o procedimento do DDS e GMER, mas o DDS da o seguinte erro:

3mkt.jpg

E o log do GMER segue:

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-09-05 20:36:39

Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKX-003CA0 rev.15.01H15 465,76GB

Running: gmer.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\fwlcipow.sys

---- User code sections - GMER 2.1 ----

.text C:\WINDOWS\system32\wininit.exe[632] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\wininit.exe[632] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\wininit.exe[632] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\wininit.exe[632] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\services.exe[744] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\services.exe[744] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\services.exe[744] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\services.exe[744] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\lsass.exe[752] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\lsass.exe[752] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\lsass.exe[752] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\lsass.exe[752] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\svchost.exe[868] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[868] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[868] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[868] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\dwm.exe[964] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffcb01f16aa 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\dwm.exe[964] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffcb01f16b2 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\dwm.exe[964] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffcb01f181a 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\dwm.exe[964] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffcb01f1832 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\nvvsvc.exe[332] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffcb01f16aa 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\nvvsvc.exe[332] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffcb01f16b2 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\nvvsvc.exe[332] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffcb01f181a 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\nvvsvc.exe[332] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffcb01f1832 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\System32\svchost.exe[740] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\System32\svchost.exe[740] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\System32\svchost.exe[740] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\System32\svchost.exe[740] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\svchost.exe[1028] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1028] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1028] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1028] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\svchost.exe[1064] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1064] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1064] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1064] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\System32\svchost.exe[1132] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\System32\svchost.exe[1132] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\System32\svchost.exe[1132] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\System32\svchost.exe[1132] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\svchost.exe[1332] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1332] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1332] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1332] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\System32\spoolsv.exe[1464] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\System32\spoolsv.exe[1464] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\System32\spoolsv.exe[1464] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\System32\spoolsv.exe[1464] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\svchost.exe[1504] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1504] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1504] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[1504] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\Explorer.EXE[1708] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffcb01f16aa 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\Explorer.EXE[1708] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffcb01f16b2 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\Explorer.EXE[1708] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffcb01f181a 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\Explorer.EXE[1708] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffcb01f1832 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\Explorer.EXE[1708] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\Explorer.EXE[1708] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\Explorer.EXE[1708] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\Explorer.EXE[1708] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\dashost.exe[1876] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\dashost.exe[1876] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\dashost.exe[1876] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\dashost.exe[1876] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe[2816] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe[2816] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe[2816] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe[2816] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\svchost.exe[2852] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[2852] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[2852] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\svchost.exe[2852] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\SearchIndexer.exe[560] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\SearchIndexer.exe[560] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\SearchIndexer.exe[560] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\SearchIndexer.exe[560] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

.text C:\WINDOWS\system32\wwahost.exe[3856] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffcb01f16aa 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\wwahost.exe[3856] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffcb01f16b2 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\wwahost.exe[3856] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffcb01f181a 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\wwahost.exe[3856] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffcb01f1832 4 bytes [1F, B0, FC, 7F]

.text C:\WINDOWS\system32\wwahost.exe[3856] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 698 00007ffcb068267a 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\wwahost.exe[3856] C:\WINDOWS\system32\NSI.dll!NsiGetAllPersistentParametersWithMask + 706 00007ffcb0682682 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\wwahost.exe[3856] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 270 00007ffcb0682faa 4 bytes [68, B0, FC, 7F]

.text C:\WINDOWS\system32\wwahost.exe[3856] C:\WINDOWS\system32\NSI.dll!NsiSetAllPersistentParametersWithMask + 294 00007ffcb0682fc2 4 bytes {CALL 0xfffffffffcb06834}

---- Threads - GMER 2.1 ----

Thread C:\WINDOWS\system32\csrss.exe [652:3896] fffff9600082bd40

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{2413D1A9-0A06-47F6-814F-2DE12811BD83}\Connection@Name isatap.{F09F145B-CB35-4796-8891-A4486BF033E6}

Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -777119094

Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{2413D1A9-0A06-47F6-814F-2DE12811BD83}@InterfaceName isatap.{F09F145B-CB35-4796-8891-A4486BF033E6}

Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{2413D1A9-0A06-47F6-814F-2DE12811BD83}@ReusableType 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{2413D1A9-0A06-47F6-814F-2DE12811BD83}@DefunctTimestamp 0x27 0xF3 0x28 0x52 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-1a-3f-a7-0e-d0@ClientLocalPort 65373

Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-1a-3f-a7-0e-d0@AddressCreationTimestamp 0xF7 0xCA 0x38 0x08 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-1a-3f-a7-0e-d0@TeredoAddress 2001:0:4137:9e76:3c4e:9926:44a8:1f89

Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-1a-3f-a7-0e-d0@UPnPExternalPort 65373

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 1176

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 264

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Collab-P2PHost-In-TCP v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32003|Desc=@FirewallAPI.dll,-32006|EmbedCtxt=@FirewallAPI.dll,-32002|Edge=TRUE|Defer=App|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Collab-P2PHost-Out-TCP v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32007|Desc=@FirewallAPI.dll,-32010|EmbedCtxt=@FirewallAPI.dll,-32002|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Collab-P2PHost-WSD-In-UDP v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32011|Desc=@FirewallAPI.dll,-32014|EmbedCtxt=@FirewallAPI.dll,-32002|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Collab-P2PHost-WSD-Out-UDP v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32015|Desc=@FirewallAPI.dll,-32018|EmbedCtxt=@FirewallAPI.dll,-32002|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-In-TCP-NoScope v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31761|Desc=@FirewallAPI.dll,-31764|EmbedCtxt=@FirewallAPI.dll,-31752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-Out-TCP-NoScope v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31765|Desc=@FirewallAPI.dll,-31768|EmbedCtxt=@FirewallAPI.dll,-31752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-WSD-In-UDP v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31753|Desc=@FirewallAPI.dll,-31756|EmbedCtxt=@FirewallAPI.dll,-31752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-WSD-Out-UDP v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31757|Desc=@FirewallAPI.dll,-31760|EmbedCtxt=@FirewallAPI.dll,-31752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-In-TCP v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31761|Desc=@FirewallAPI.dll,-31764|EmbedCtxt=@FirewallAPI.dll,-31752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-Out-TCP v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31765|Desc=@FirewallAPI.dll,-31768|EmbedCtxt=@FirewallAPI.dll,-31752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-In-TCP v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=554|LPort=8554|LPort=8555|LPort=8556|LPort=8557|LPort=8558|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\ehome\ehshell.exe|Name=@FirewallAPI.dll,-30761|Desc=@FirewallAPI.dll,-30764|EmbedCtxt=@FirewallAPI.dll,-30752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-Out-TCP v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\ehome\ehshell.exe|Name=@FirewallAPI.dll,-30765|Desc=@FirewallAPI.dll,-30768|EmbedCtxt=@FirewallAPI.dll,-30752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-In-UDP v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=7777|LPort=7778|LPort=7779|LPort=7780|LPort=7781|LPort=5004|LPort=5005|LPort=50004|LPort=50005|LPort=50006|LPort=50007|LPort=50008|LPort=50009|LPort=50010|LPort=50011|LPort=50012|LPort=50013|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\ehome\ehshell.exe|Name=@FirewallAPI.dll,-30801|Desc=@FirewallAPI.dll,-30804|EmbedCtxt=@FirewallAPI.dll,-30752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-Out-UDP v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\ehome\ehshell.exe|Name=@FirewallAPI.dll,-30805|Desc=@FirewallAPI.dll,-30808|EmbedCtxt=@FirewallAPI.dll,-30752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-Prov-Out-TCP v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\ehome\mcx2prov.exe|Name=@FirewallAPI.dll,-30812|Desc=@FirewallAPI.dll,-30813|EmbedCtxt=@FirewallAPI.dll,-30752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-McrMgr-Out-TCP v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\ehome\mcrmgr.exe|Name=@FirewallAPI.dll,-30818|Desc=@FirewallAPI.dll,-30819|EmbedCtxt=@FirewallAPI.dll,-30752|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{93C9C755-E29D-42E2-B9FB-AE93C3D8EA9F} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\qewd\ActivatorMicrosoft\KMSpico Automatic v7.0 Final Release\KMSpico Automatic v7.0 Final Release\KMSServer.exe|Name=KMS Emulator|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{51A32224-150E-4B4E-A9B3-65EF401EDB7F} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\qewd\ActivatorMicrosoft\KMSpico Automatic v7.0 Final Release\KMSpico Automatic v7.0 Final Release\KMSServer.exe|Name=KMS Emulator|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@UDP Query User{BAA24095-321A-4190-8E7D-456B3C7B581D}C:\wb games\f.e.a.r. 3\f.e.a.r. 3.exe v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\wb games\f.e.a.r. 3\f.e.a.r. 3.exe|Name=F.E.A.R. 3|Desc=F.E.A.R. 3|Defer=User|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@TCP Query User{2F621941-B5FE-4831-8F9B-7B64C25417FC}C:\wb games\f.e.a.r. 3\f.e.a.r. 3.exe v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\wb games\f.e.a.r. 3\f.e.a.r. 3.exe|Name=F.E.A.R. 3|Desc=F.E.A.R. 3|Defer=User|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{19583B38-8777-41A9-8FE7-9B266FEE39AD} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe|Name=Battle.net Update Agent|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{CAFFF2B3-DD7E-49C5-85C2-2BA9D01AFD65} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe|Name=Battle.net Update Agent|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{E3FA2EF8-8111-4ECF-8938-7D5CEA5FFF7C} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Opera\opera.exe|Name=Opera Internet Browser|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{89AC8461-024F-466E-B1D2-403B9808E300} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Opera\opera.exe|Name=Opera Internet Browser|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@UDP Query User{28B6AC3E-7E8F-447F-B07F-440E8ED9413F}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe|Name=gameclient|Desc=gameclient|Defer=User|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@TCP Query User{CB7CADD5-E246-4CE3-A332-F62208D33935}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe|Name=gameclient|Desc=gameclient|Defer=User|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@UDP Query User{93E7CB2D-FD79-4472-9B9B-CF320B245E98}C:\dead island riptide\deadislandgame_x86_rwdi.exe v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\dead island riptide\deadislandgame_x86_rwdi.exe|Name=DeadIsland Riptide|Desc=DeadIsland Riptide|Defer=User|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@TCP Query User{88FD7B66-9011-4718-8EC4-FFA65F92EF79}C:\dead island riptide\deadislandgame_x86_rwdi.exe v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\dead island riptide\deadislandgame_x86_rwdi.exe|Name=DeadIsland Riptide|Desc=DeadIsland Riptide|Defer=User|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{BA30E089-700A-4E95-A08E-7D66D3B8173B} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe|Name=Team Fortress 2|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{B8C9F506-8DF4-4D1E-8F1B-57B09CEEBEF8} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe|Name=Team Fortress 2|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{88535350-8DAF-434D-8EC9-137BA5EB0D47} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Tunngle\Tunngle.exe|Name=Tunngle Client|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{8A75BEDD-4962-4685-BD27-03F6ABBDE915} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Tunngle\Tunngle.exe|Name=Tunngle Client|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{4F610CBB-42F1-4CC6-8FCD-468F5DD5A936} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Tunngle\TnglCtrl.exe|Name=Tunngle Service|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{10439F93-45F7-4E8A-A115-F3A609FA28BB} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Tunngle\TnglCtrl.exe|Name=Tunngle Service|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{FCB2ED9A-B805-4A2E-814F-77F8B8076E0B} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Steam\SteamApps\common\ArcticCombat\GameLauncher_GP\MappingAccount.exe|Name=Arctic Combat|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{9CC2D519-EBC0-4915-A374-C2BD8DFE94CA} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Steam\SteamApps\common\ArcticCombat\GameLauncher_GP\MappingAccount.exe|Name=Arctic Combat|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{B1ED45E8-8131-46FE-94F6-B3BE3D3C46B4} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe|Name=Warframe|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{F469557C-8431-4990-A920-3896F7CDF71F} v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe|Name=Warframe|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{453A36EE-EB23-4097-8374-986704A8EA62} v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\qewd\ActivatorMicrosoft\KMSpico Automatic v7.0 Final Release\KMSpico Automatic v7.0 Final Release\KMSServer.exe|Name=KMS Emulator|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{6F4D5E1A-2DC9-4DB2-99FE-0593CFEC8F8E} v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\qewd\ActivatorMicrosoft\KMSpico Automatic v7.0 Final Release\KMSpico Automatic v7.0 Final Release\KMSServer.exe|Name=KMS Emulator|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{A3CB89EE-113E-44AA-98E7-3C961BEBB750} v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Maxthon\Bin\MxUp.exe|Name=MxUp|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{CC17986C-1E30-44D1-AB7F-8025E4AE91B1} v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Maxthon\Bin\MxUp.exe|Name=MxUp|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{2E2E3909-D04A-4134-A74B-655E63CD71A9} v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe|Name=Maxthon|

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{AA8FB9EB-88C6-4B29-BB26-6BD0664FD7AE} v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe|Name=Maxthon|

Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...

Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer@GlobalAssocChangedCounter 94

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3ga

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3ga\OpenWithList

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ccd

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ccd@Application VCDMount.exe

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crx

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crx\OpenWithList

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dvd

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dvd@Application VCDMount.exe

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList@MRUList badc

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srt

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srt\OpenWithList

Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers@C:\Users\ADMINI~1\AppData\Local\Temp\{E9D5968C-F424-4D85-8EE3-A29BE05765B0}\setup.exe RUNASADMIN

---- Files - GMER 2.1 ----

File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4ff87ec0a9d158724e8f80a7c6d2d257b3da9bd_00000000_09eb96d6\Report.wer 2208 bytes

File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4ff87ec0a9d158724e8f80a7c6d2d257b3da9bd_00000000_0beb95cc 0 bytes

File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4ff87ec0a9d158724e8f80a7c6d2d257b3da9bd_00000000_0beb95cc\Report.wer 2208 bytes

File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4ff87ec0a9d158724e8f80a7c6d2d257b3da9bd_00000000_01cb94b3 0 bytes

File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4ff87ec0a9d158724e8f80a7c6d2d257b3da9bd_00000000_01cb94b3\Report.wer 2208 bytes

File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4ff87ec0a9d158724e8f80a7c6d2d257b3da9bd_00000000_0307933c 0 bytes

File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4ff87ec0a9d158724e8f80a7c6d2d257b3da9bd_00000000_0307933c\Report.wer 2208 bytes

File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4ff87ec0a9d158724e8f80a7c6d2d257b3da9bd_00000000_12ff97c0\Report.wer 2208 bytes

File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4ff87ec0a9d158724e8f80a7c6d2d257b3da9bd_00000000_134f91c5 0 bytes

File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4ff87ec0a9d158724e8f80a7c6d2d257b3da9bd_00000000_134f91c5\Report.wer 0 bytes

File C:\Windows\Temp\DMI4BA2.tmp 0 bytes

File C:\Windows\Temp\DMI54CA.tmp 0 bytes

File C:\Windows\Temp\DMI4DA5.tmp 0 bytes

File C:\Windows\Temp\DMI5278.tmp 0 bytes

File C:\Windows\Temp\DMI6719.tmp 0 bytes

File C:\Windows\Temp\DMI6F76.tmp 0 bytes

File C:\Windows\Temp\DMI78ED.tmp 0 bytes

File C:\Windows\Temp\DMID8A0.tmp 0 bytes

File C:\Windows\Temp\DMI75DE.tmp 0 bytes

File C:\Windows\Temp\DMI9F6F.tmp 0 bytes

File C:\Windows\Temp\DMIE3AC.tmp 0 bytes

File C:\Windows\Temp\DMI44AD.tmp 0 bytes

File C:\Windows\Temp\DMI5E13.tmp 0 bytes

File C:\Windows\Temp\DMI7C66.tmp 0 bytes

File C:\Windows\Temp\DMI7EE7.tmp 0 bytes

File C:\Windows\Temp\DMI4CAB.tmp 0 bytes

File C:\Windows\Temp\DMI8698.tmp 0 bytes

File C:\Windows\Temp\DMI8EC5.tmp 0 bytes

File C:\Windows\Temp\DMIDF85.tmp 0 bytes

File C:\Windows\Temp\DMI55E3.tmp 0 bytes

File C:\Windows\Temp\DMIAAF8.tmp 0 bytes

File C:\Windows\Temp\DMIB374.tmp 0 bytes

File C:\Windows\Temp\DMI2029.tmp 0 bytes

File C:\Windows\Temp\DMI6E6C.tmp 0 bytes

File C:\Windows\Temp\DMI1E34.tmp 0 bytes

File C:\Windows\Temp\DMI65F1.tmp 0 bytes

File C:\Windows\Temp\DMI9CEE.tmp 0 bytes

File C:\Windows\Temp\DMI19CF.tmp 0 bytes

File C:\Windows\Temp\DMI1C11.tmp 0 bytes

File C:\Windows\Temp\DMID2D.tmp 0 bytes

File C:\Windows\Temp\DMI74B5.tmp 0 bytes

File C:\Windows\Temp\DMIB5B6.tmp 0 bytes

File C:\Windows\Temp\DMIC566.tmp 0 bytes

File C:\Windows\Temp\DMICC4C.tmp 0 bytes

File C:\Windows\Temp\DMIEF16.tmp 0 bytes

File C:\Windows\Temp\DMI249D.tmp 0 bytes

File C:\Windows\Temp\DMIA8E5.tmp 0 bytes

File C:\Windows\Temp\DMIC0E1.tmp 0 bytes

File C:\Windows\Temp\DMICF98.tmp 0 bytes

File C:\Windows\Temp\DMI5BBF.tmp 0 bytes

File C:\Windows\Temp\DMI3249.tmp 0 bytes

File C:\Windows\Temp\DMI346D.tmp 0 bytes

File C:\Windows\Temp\DMI40E4.tmp 0 bytes

File C:\Windows\Temp\DMIB740.tmp 0 bytes

File C:\Windows\Temp\DMIC23A.tmp 0 bytes

File C:\Windows\Temp\DMI709F.tmp 0 bytes

File C:\Windows\Temp\DMI79F8.tmp 0 bytes

File C:\Windows\Temp\DMI934C.tmp 0 bytes

File C:\Windows\Temp\DMI935.tmp 0 bytes

File C:\Windows\Temp\DMIAC6A.tmp 0 bytes

File C:\Windows\Temp\DMIAC8F.tmp 0 bytes

File C:\Windows\Temp\DMIB8BF.tmp 0 bytes

File C:\Windows\Temp\DMICAE7.tmp 0 bytes

File C:\Windows\Temp\DMID9B9.tmp 0 bytes

File C:\Windows\Temp\DMI43A3.tmp 0 bytes

File C:\Windows\Temp\DMI43BD.tmp 0 bytes

File C:\Windows\Temp\DMI5D26.tmp 0 bytes

File C:\Windows\Temp\DMI646A.tmp 0 bytes

File C:\Windows\Temp\DMI94BC.tmp 0 bytes

File C:\Windows\Temp\DMI5A33.tmp 0 bytes

File C:\Windows\Temp\DMI2808.tmp 0 bytes

File C:\Windows\Temp\DMI4AA8.tmp 0 bytes

File C:\Windows\Temp\DMI4ABA.tmp 0 bytes

File C:\Windows\Temp\DMI88E5.tmp 0 bytes

File C:\Windows\Temp\DMIA46B.tmp 0 bytes

File C:\Windows\Temp\DMI390F.tmp 0 bytes

File C:\Windows\Temp\DMI71A8.tmp 0 bytes

File C:\Windows\Temp\DMIE7A3.tmp 0 bytes

File C:\Windows\Temp\DMI2CCA.tmp 0 bytes

File C:\Windows\Temp\DMIE65.tmp 0 bytes

File C:\Windows\Temp\DMI1347.tmp 0 bytes

File C:\Windows\Temp\DMI80DB.tmp 0 bytes

File C:\Windows\Temp\DMIA2F9.tmp 0 bytes

File C:\Windows\Temp\DMIA314.tmp 0 bytes

File C:\Windows\Temp\DMIADD6.tmp 0 bytes

File C:\Windows\Temp\DMI62C0.tmp 0 bytes

File C:\Windows\Temp\DMI46FF.tmp 0 bytes

File C:\Windows\Temp\DMI615D.tmp 0 bytes

File C:\Windows\Temp\DMIA5F.tmp 0 bytes

File C:\Windows\Temp\DMI5429.tmp 0 bytes

File C:\Windows\Temp\DMI496B.tmp 0 bytes

File C:\Windows\Temp\DMI7B96.tmp 0 bytes

File C:\Windows\Temp\DMI2E03.tmp 0 bytes

File C:\Windows\Temp\DMI423C.tmp 0 bytes

File C:\Windows\Temp\DMI4266.tmp 0 bytes

File C:\Windows\Temp\DMI4EE0.tmp 0 bytes

File C:\Windows\Temp\DMI21D.tmp 0 bytes

File C:\Windows\Temp\DMI2227.tmp 0 bytes

File C:\Windows\Temp\DMI77D2.tmp 0 bytes

File C:\Windows\Temp\DMI8A22.tmp 0 bytes

File C:\Windows\Temp\DMI10B7.tmp 0 bytes

File C:\Windows\Temp\DMI4819.tmp 0 bytes

File C:\Windows\Temp\DMI4861.tmp 0 bytes

File C:\Windows\Temp\DMIDC83.tmp 0 bytes

File C:\Windows\Temp\DMI6AB3.tmp 0 bytes

File C:\Windows\Temp\DMI6ABF.tmp 0 bytes

File C:\Windows\Temp\DMI834E.tmp 0 bytes

File C:\Windows\Temp\DMI8357.tmp 0 bytes

File C:\Windows\Temp\DMI8FAB.tmp 0 bytes

File C:\Windows\Temp\DMI90E8.tmp 0 bytes

File C:\Windows\Temp\DMI9105.tmp 0 bytes

File C:\Windows\Temp\DMI20B0.tmp 0 bytes

File C:\Windows\Temp\DMI6D40.tmp 0 bytes

File C:\Windows\Temp\DMI8242.tmp 0 bytes

File C:\Windows\Temp\DMI825D.tmp 0 bytes

File C:\Windows\Temp\DMIE4B1.tmp 0 bytes

File C:\Windows\Temp\DMIE4C5.tmp 0 bytes

File C:\Windows\Temp\DMID5E0.tmp 0 bytes

File C:\Windows\Temp\DMID61A.tmp 0 bytes

File C:\Windows\Temp\DMI3DF1.tmp 0 bytes

File C:\Windows\Temp\DMI86.tmp 0 bytes

File C:\Windows\Temp\DMI5532.tmp 0 bytes

File C:\Windows\Temp\DMI6873.tmp 0 bytes

File C:\Windows\Temp\DMIDAC2.tmp 0 bytes

File C:\Windows\Temp\DMIED2C.tmp 0 bytes

File C:\Windows\Temp\DMI9676.tmp 0 bytes

File C:\Windows\Temp\DMI9A6E.tmp 0 bytes

File C:\Windows\Temp\DMI9A79.tmp 0 bytes

File C:\Windows\Temp\DMIF541.tmp 0 bytes

File C:\Windows\Temp\DMI3575.tmp 0 bytes

File C:\Windows\Temp\DMI368E.tmp 0 bytes

File C:\Windows\Temp\DMI44F.tmp 0 bytes

File C:\Windows\Temp\DMI9221.tmp 0 bytes

File C:\Windows\Temp\DMIB1D9.tmp 0 bytes

File C:\Windows\Temp\DMI1AE8.tmp 0 bytes

File C:\Windows\Temp\DMI3016.tmp 0 bytes

File C:\Windows\Temp\DMI4FCE.tmp 0 bytes

File C:\Windows\Temp\DMI4FF7.tmp 0 bytes

File C:\Windows\Temp\DMI7559.tmp 0 bytes

File C:\Windows\Temp\DMI93A3.tmp 0 bytes

File C:\Windows\Temp\DMID949.tmp 0 bytes

File C:\Windows\Temp\DMIFF42.tmp 0 bytes

File C:\Windows\Temp\DMI9926.tmp 0 bytes

File C:\Windows\Temp\DMI9940.tmp 0 bytes

File C:\Windows\Temp\DMIC513.tmp 0 bytes

File C:\Windows\Temp\DMIEBD9.tmp 0 bytes

File C:\Windows\Temp\DMID786.tmp 0 bytes

File C:\Windows\Temp\DMIA815.tmp 0 bytes

File C:\Windows\Temp\DMIF10A.tmp 0 bytes

File C:\Windows\Temp\DMI1F97.tmp 0 bytes

File C:\Windows\Temp\DMIC63C.tmp 0 bytes

File C:\Windows\Temp\DMIDD8D.tmp 0 bytes

File C:\Windows\Temp\DMI972D.tmp 0 bytes

File C:\Windows\Temp\DMI9D28.tmp 0 bytes

File C:\Windows\Temp\DMI6E14.tmp 0 bytes

File C:\Windows\Temp\DMI9B87.tmp 0 bytes

File C:\Windows\Temp\DMIBE9B.tmp 0 bytes

File C:\Windows\Temp\DMIBEB0.tmp 0 bytes

File C:\Windows\Temp\DMIC893.tmp 0 bytes

File C:\Windows\Temp\DMIC8BC.tmp 0 bytes

File C:\Windows\Temp\DMIE973.tmp 0 bytes

File C:\Windows\Temp\DMIF33C.tmp 0 bytes

File C:\Windows\Temp\DMIFB2B.tmp 0 bytes

File C:\Windows\Temp\DMI1B70.tmp 0 bytes

File C:\Windows\Temp\DMI1C9C.tmp 0 bytes

File C:\Windows\Temp\DMI7A8D.tmp 0 bytes

File C:\Windows\Temp\DMIB113.tmp 0 bytes

File C:\Windows\Temp\DMI70A9.tmp 0 bytes

File C:\Windows\Temp\DMI738B.tmp 0 bytes

File C:\Windows\Temp\DMI73AF.tmp 0 bytes

File C:\Windows\Temp\DMIB01A.tmp 0 bytes

File C:\Windows\Temp\DMIEE48.tmp 0 bytes

File C:\Windows\Temp\DMI9800.tmp 0 bytes

File C:\Windows\Temp\DMI9827.tmp 0 bytes

File C:\Windows\Temp\DMI3234.tmp 0 bytes

File C:\Windows\Temp\DMI796F.tmp 0 bytes

File C:\Windows\Temp\DMI7983.tmp 0 bytes

File C:\Windows\Temp\DMIB885.tmp 0 bytes

File C:\Windows\Temp\DMIBCB6.tmp 0 bytes

File C:\Windows\Temp\DMIC7B3.tmp 0 bytes

File C:\Windows\Temp\DMID0AD.tmp 0 bytes

File C:\Windows\Temp\DMID0EF.tmp 0 bytes

File C:\Windows\Temp\DMID266.tmp 0 bytes

File C:\Windows\Temp\DMID39E.tmp 0 bytes

File C:\Windows\Temp\DMI3B43.tmp 0 bytes

File C:\Windows\Temp\DMI3B8B.tmp 0 bytes

File C:\Windows\Temp\DMI3B9.tmp 0 bytes

File C:\Windows\Temp\DMI5DB.tmp 0 bytes

File C:\Windows\Temp\DMI7865.tmp 0 bytes

File C:\Windows\Temp\DMIF446.tmp 0 bytes

File C:\Windows\Temp\DMIF63A.tmp 0 bytes

File C:\Windows\Temp\DMI18B7.tmp 0 bytes

File C:\Windows\Temp\DMI8D98.tmp 0 bytes

File C:\Windows\Temp\DMI8DBC.tmp 0 bytes

File C:\Windows\Temp\DMIB796.tmp 0 bytes

File C:\Windows\Temp\DMIA50C.tmp 0 bytes

File C:\Windows\Temp\DMI3EB1.tmp 0 bytes

File C:\Windows\Temp\DMI3EDB.tmp 0 bytes

File C:\Windows\Temp\DMI3F15.tmp 0 bytes

File C:\Windows\Temp\DMI411E.tmp 0 bytes

File C:\Windows\Temp\DMI45B1.tmp 0 bytes

File C:\Windows\Temp\DMI45B6.tmp 0 bytes

File C:\Windows\Temp\DMI45CC.tmp 0 bytes

File C:\Windows\Temp\DMI6FE.tmp 0 bytes

File C:\Windows\Temp\DMIB9D8.tmp 0 bytes

File C:\Windows\Temp\DMIFA12.tmp 0 bytes

File C:\Windows\Temp\DMI8465.tmp 0 bytes

File C:\Windows\Temp\DMI8470.tmp 0 bytes

File C:\Windows\Temp\DMIB6F5.tmp 0 bytes

File C:\Windows\Temp\DMIB938.tmp 0 bytes

File C:\Windows\Temp\DMICCEE.tmp 0 bytes

File C:\Windows\Temp\DMI5B4E.tmp 0 bytes

File C:\Windows\Temp\DMI626C.tmp 0 bytes

File C:\Windows\Temp\DMI649F.tmp 0 bytes

File C:\Windows\Temp\DMI9F94.tmp 0 bytes

File C:\Windows\Temp\DMIA635.tmp 0 bytes

File C:\Windows\Temp\DMIBD88.tmp 0 bytes

File C:\Windows\Temp\DMIC419.tmp 0 bytes

File C:\Windows\Temp\DMIC43E.tmp 0 bytes

File C:\Windows\Temp\DMI2180.tmp 0 bytes

File C:\Windows\Temp\DMI3987.tmp 0 bytes

File C:\Windows\Temp\DMI3FDA.tmp 0 bytes

File C:\Windows\Temp\DMI4B5A.tmp 0 bytes

File C:\Windows\Temp\DMI5C32.tmp 0 bytes

File C:\Windows\Temp\DMI86CD.tmp 0 bytes

File C:\Windows\Temp\DMI944A.tmp 0 bytes

File C:\Windows\Temp\DMI9453.tmp 0 bytes

File C:\Windows\Temp\DMIAD90.tmp 0 bytes

File C:\Windows\Temp\DMIADB2.tmp 0 bytes

File C:\Windows\Temp\DMI72B2.tmp 0 bytes

File C:\Windows\Temp\DMI72D9.tmp 0 bytes

File C:\Windows\Temp\DMI9E22.tmp 0 bytes

File C:\Windows\Temp\DMI9E27.tmp 0 bytes

File C:\Windows\Temp\DMIA1B3.tmp 0 bytes

File C:\Windows\Temp\DMIA1C7.tmp 0 bytes

File C:\Windows\Temp\DMIA1FA.tmp 0 bytes

File C:\Windows\Temp\DMIB5E1.tmp 0 bytes

File C:\Windows\Temp\DMI29E.tmp 0 bytes

File C:\Windows\Temp\DMI2A07.tmp 0 bytes

File C:\Windows\Temp\DMI5CE3.tmp 0 bytes

File C:\Windows\Temp\DMI89EE.tmp 0 bytes

File C:\Windows\Temp\DMIA403.tmp 0 bytes

File C:\Windows\Temp\DMIAEFF.tmp 0 bytes

File C:\Windows\Temp\DMID4C7.tmp 0 bytes

File C:\Windows\Temp\DMID532.tmp 0 bytes

File C:\Windows\Temp\DMIFC3.tmp 0 bytes

File C:\Windows\Temp\DMIFC4B.tmp 0 bytes

File C:\Windows\Temp\DMI4940.tmp 0 bytes

File C:\Windows\Temp\DMI88E9.tmp 0 bytes

File C:\Windows\Temp\DMI88EF.tmp 0 bytes

File C:\Windows\Temp\DMID858.tmp 0 bytes

File C:\Windows\Temp\DMID85D.tmp 0 bytes

File C:\Windows\Temp\DMI1693.tmp 0 bytes

File C:\Windows\Temp\DMI16CD.tmp 0 bytes

File C:\Windows\Temp\DMI2F2C.tmp 0 bytes

File C:\Windows\Temp\DMI2F32.tmp 0 bytes

File C:\Windows\Temp\DMID182.tmp 0 bytes

File C:\Windows\Temp\DMIDBDC.tmp 0 bytes

File C:\Windows\Temp\DMIDBF1.tmp 0 bytes

File C:\Windows\Temp\DMI26C1.tmp 0 bytes

File C:\Windows\Temp\DMI26CA.tmp 0 bytes

File C:\Windows\Temp\DMIBBFF.tmp 0 bytes

File C:\Windows\Temp\DMIF7E0.tmp 0 bytes

File C:\Windows\Temp\DMIFD45.tmp 0 bytes

File C:\Windows\Temp\DMI2940.tmp 0 bytes

File C:\Windows\Temp\DMI2B92.tmp 0 bytes

File C:\Windows\Temp\DMI2FB5.tmp 0 bytes

File C:\Windows\Temp\DMI3110.tmp 0 bytes

File C:\Windows\Temp\DMI59DD.tmp 0 bytes

File C:\Windows\Temp\DMI603A.tmp 0 bytes

File C:\Windows\Temp\DMI6043.tmp 0 bytes

File C:\Windows\Temp\DMI743F.tmp 0 bytes

File C:\Windows\Temp\DMI8B3B.tmp 0 bytes

File C:\Windows\Temp\DMI8B41.tmp 0 bytes

File C:\Windows\Temp\DMI6302.tmp 0 bytes

File C:\Windows\Temp\DMI6BD7.tmp 0 bytes

File C:\Windows\Temp\DMI6BEB.tmp 0 bytes

File C:\Windows\Temp\DMI6BEE.tmp 0 bytes

File C:\Windows\Temp\DMI7D01.tmp 0 bytes

File C:\Windows\Temp\DMI7D4.tmp 0 bytes

File C:\Windows\Temp\DMI7FFB.tmp 0 bytes

File C:\Windows\Temp\DMI9544.tmp 0 bytes

File C:\Windows\Temp\DMIA06.tmp 0 bytes

File C:\Windows\Temp\DMIA084.tmp 0 bytes

File C:\Windows\Temp\DMIA088.tmp 0 bytes

File C:\Windows\Temp\DMIA08E.tmp 0 bytes

File C:\Windows\Temp\DMIC352.tmp 0 bytes

File C:\Windows\Temp\DMIF877.tmp 0 bytes

File C:\Windows\Temp\DMIF8B1.tmp 0 bytes

File C:\Windows\Temp\DMI570E.tmp 0 bytes

File C:\Windows\Temp\DMI57BA.tmp 0 bytes

File C:\Windows\Temp\DMI57D2.tmp 0 bytes

File C:\Windows\Temp\DMI760F.tmp 0 bytes

File C:\Windows\Temp\DMIBAB7.tmp 0 bytes

File C:\Windows\Temp\DMI329D.tmp 0 bytes

File C:\Windows\Temp\DMI6874.tmp 0 bytes

File C:\Windows\Temp\DMI699A.tmp 0 bytes

File C:\Windows\Temp\DMI3CD3.tmp 0 bytes

File C:\Windows\Temp\DMI3CD8.tmp 0 bytes

File C:\Windows\Temp\DMIEDB5.tmp 0 bytes

File C:\Windows\Temp\DMIEDCD.tmp 0 bytes

File C:\Windows\Temp\DMIEDD.tmp 0 bytes

File C:\Windows\Temp\DMI58E7.tmp 0 bytes

File C:\Windows\Temp\DMI5A96.tmp 0 bytes

File C:\Windows\Temp\DMI7DCE.tmp 0 bytes

File C:\Windows\Temp\DMI7DF3.tmp 0 bytes

File C:\Windows\Temp\DMI7E07.tmp 0 bytes

File C:\Windows\Temp\DMID445.tmp 0 bytes

File C:\Windows\Temp\DMIF74E.tmp 0 bytes

File C:\Windows\Temp\DMI4059.tmp 0 bytes

File C:\Windows\Temp\DMI4060.tmp 0 bytes

File C:\Windows\Temp\DMI473E.tmp 0 bytes

File C:\Windows\Temp\DMI4744.tmp 0 bytes

File C:\Windows\Temp\DMI4748.tmp 0 bytes

File C:\Windows\Temp\DMI50D8.tmp 0 bytes

File C:\Windows\Temp\DMI5111.tmp 0 bytes

File C:\Windows\Temp\DMICE17.tmp 0 bytes

File C:\Windows\Temp\DMICE3B.tmp 0 bytes

File C:\Windows\Temp\DMIEAC1.tmp 0 bytes

File C:\Windows\Temp\DMIEACB.tmp 0 bytes

File C:\Windows\Temp\DMI114A.tmp 0 bytes

File C:\Windows\Temp\DMI81C.tmp 0 bytes

File C:\Windows\Temp\DMI8C54.tmp 0 bytes

File C:\Windows\Temp\DMI8C7E.tmp 0 bytes

File C:\Windows\Temp\DMI8FE0.tmp 0 bytes

File C:\Windows\Temp\DMI8FF5.tmp 0 bytes

File C:\Windows\Temp\DMIA9EE.tmp 0 bytes

File C:\Windows\Temp\DMIAA33.tmp 0 bytes

File C:\Windows\Temp\DMI1532.tmp 0 bytes

File C:\Windows\Temp\DMI157A.tmp 0 bytes

File C:\Windows\Temp\DMI1586.tmp 0 bytes

File C:\Windows\Temp\DMI2DA0.tmp 0 bytes

File C:\Windows\Temp\DMI879C.tmp 0 bytes

File C:\Windows\Temp\DMI8F45.tmp 0 bytes

File C:\Windows\Temp\DMI95D5.tmp 0 bytes

File C:\Windows\Temp\DMIE8AD.tmp 0 bytes

File C:\Windows\Temp\DMI6511.tmp 0 bytes

File C:\Windows\Temp\DMI6526.tmp 0 bytes

File C:\Windows\Temp\DMIABE4.tmp 0 bytes

File C:\Windows\Temp\DMID625.tmp 0 bytes

File C:\Windows\Temp\DMI904.tmp 0 bytes

File C:\Windows\Temp\DMI5012.tmp 0 bytes

File C:\Windows\Temp\DMID3B4.tmp 0 bytes

---- EOF - GMER 2.1 ----

Desde já, obrigado!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Desculpe a demora :)

Se ainda precisa de ajuda refaça os logs, pois preciso dos mesmos com datas atualizadas: Leia Antes de Postar - Criando um novo Tópico

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×