Start:: CloseProcesses: Startup: C:\Users\PICHAU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HealthPulse.lnk [2026-05-12] <==== ATENÇÃO ShortcutTarget: HealthPulse.lnk -> C:\Users\PICHAU\AppData\Local\WellnessPulse Solutions\HealthPulse.vbs () [Arquivo não assinado] <==== ATENÇÃO Task: {6AD56B86-597A-4572-86A9-4262A3B6C8F3} - System32\Tasks\SnSensor{5C15-14AA-F661-1C30-D572E5B8FC4583A} => C:\Windows\system32\conhost.exe [867840 2025-07-04] (Microsoft Windows -> Microsoft Corporation) -> mshta.exe hxxps://snconor.vg Task: {1CD13E3F-56FE-4BC3-9E86-6A03C183610A} - System32\Tasks\SnSensor{C56E-5BB6-184C-5970-4EA308491ADDC6A} => C:\Windows\system32\conhost.exe [867840 2025-07-04] (Microsoft Windows -> Microsoft Corporation) -> mshta.exe hxxps://snconor.vg 2026-05-15 23:20 - 2026-05-15 23:20 - 000004088 _____ C:\Windows\system32\Tasks\SnSensor{C56E-5BB6-184C-5970-4EA308491ADDC6A} 2026-05-15 23:20 - 2026-05-15 23:20 - 000004088 _____ C:\Windows\system32\Tasks\SnSensor{5C15-14AA-F661-1C30-D572E5B8FC4583A} 2026-05-12 12:54 - 2026-05-12 12:54 - 000000000 ____D C:\Users\PICHAU\AppData\Local\WellnessPulse Solutions HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO S2 obupdate; C:\Program Files (x86)\OneBrowser\Update\OBUpdateService.exe -service (Nenhum Arquivo) <==== ATENÇÃO C:\Program Files (x86)\OneBrowser FirewallRules: [{0C9D7926-9BEF-4097-AE2F-29CDA7EDCF95}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Nenhum Arquivo FirewallRules: [{737D4AFB-1795-4A7B-9EF5-82E837A00F4F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Nenhum Arquivo FirewallRules: [{3309D98E-ED15-4675-B767-0F1C51551D99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RealRTCW\coop\RTCWCoop.x64.exe => Nenhum Arquivo FirewallRules: [{D0C157BB-DDE1-4F35-A1C0-9BF4BF5C2789}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RealRTCW\coop\RTCWCoop.x64.exe => Nenhum Arquivo FirewallRules: [{D61208C0-4E4C-4E10-9555-DA9CC042A58D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RealRTCW\mp\ioWolfMP.x86.exe => Nenhum Arquivo FirewallRules: [{8043AC60-1D6F-4556-AE95-B8DB38991C5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RealRTCW\mp\ioWolfMP.x86.exe => Nenhum Arquivo FirewallRules: [TCP Query User{F5E0B27A-45F2-40CF-8BE3-1DA4807624B9}C:\users\pichau\downloads\ff\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\ff\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D376D592-4B4E-459F-9972-E8A81DF11F23}C:\users\pichau\downloads\ff\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\ff\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{14CED313-1D47-4B2F-BEA6-A68BA065DA8B}C:\program files (x86)\steam\steamapps\common\painkiller resurrection\bin\resurrectioneditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller resurrection\bin\resurrectioneditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{014D50F1-E067-4319-AF73-564AB59E3227}C:\program files (x86)\steam\steamapps\common\painkiller resurrection\bin\resurrectioneditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller resurrection\bin\resurrectioneditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{19DA5361-4DAD-49B6-A75B-6F55241AD85E}C:\users\pichau\downloads\ff\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\ff\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{4706E07C-5810-40C4-B493-FA85B9F47115}C:\users\pichau\downloads\ff\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\ff\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{4BAB64BB-9E26-4610-A750-3B773CEAF9FB}C:\users\pichau\downloads\painkiller - rise of evil 1.99d\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\painkiller - rise of evil 1.99d\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{C5DE6473-5D04-4135-B69B-8D1EA4E0C321}C:\users\pichau\downloads\painkiller - rise of evil 1.99d\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\painkiller - rise of evil 1.99d\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{A6483E5E-91D7-4C37-99A4-265911CCEFE7}C:\games\bonus\multiplayer\clash\clash.exe] => (Allow) C:\games\bonus\multiplayer\clash\clash.exe => Nenhum Arquivo FirewallRules: [UDP Query User{6DD54E78-33F1-44C1-B5C3-FF08B224BF83}C:\games\bonus\multiplayer\clash\clash.exe] => (Allow) C:\games\bonus\multiplayer\clash\clash.exe => Nenhum Arquivo FirewallRules: [TCP Query User{6D0C1A75-3112-4F93-9A70-2BA2AE07159A}C:\program files (x86)\steam\steamapps\common\painkiller resurrection\bin\resurrectioneditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller resurrection\bin\resurrectioneditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{32E49FEA-13EC-484B-8FEE-1FC9D33E8048}C:\program files (x86)\steam\steamapps\common\painkiller resurrection\bin\resurrectioneditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller resurrection\bin\resurrectioneditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{BB5C7B9C-1CB7-4A0C-AEA1-2290A08FD27A}C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\editor\paineditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{E87CCA4E-E5D6-4E6F-BD85-2CDB993C5E24}C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\editor\paineditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{8B2C1B95-6966-408E-9127-FF6838EE1B8D}C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseeditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseeditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{FB727FF1-EDED-4940-B600-588FFDDD421A}C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseeditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseeditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{641A8A7C-97BD-4E6C-AF34-1858C393B613}C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseserver.exe] => (Block) C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseserver.exe => Nenhum Arquivo FirewallRules: [UDP Query User{32ACF0F5-15B9-437A-9AC6-92A01F856D41}C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseserver.exe] => (Block) C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseserver.exe => Nenhum Arquivo FirewallRules: [TCP Query User{B7001D78-6F7B-4EDB-84B1-EB571F58A3C8}C:\test\rpcs3\rpcs3.exe] => (Allow) C:\test\rpcs3\rpcs3.exe => Nenhum Arquivo FirewallRules: [UDP Query User{45D7CB7B-9502-4286-AC32-95B342C2E2F2}C:\test\rpcs3\rpcs3.exe] => (Allow) C:\test\rpcs3\rpcs3.exe => Nenhum Arquivo FirewallRules: [TCP Query User{BA48F8E2-896A-485A-A58A-D9CE0ACA46ED}C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\painserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\painserver.exe => Nenhum Arquivo FirewallRules: [UDP Query User{4189EA2A-5652-407D-804E-5F1EF38AF9AC}C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\painserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\painserver.exe => Nenhum Arquivo FirewallRules: [TCP Query User{9F19E9CB-6DF6-42BB-8ECD-85AAD1CE684E}C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseeditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseeditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{88739158-5E83-44B1-A1B7-499310AF9007}C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseeditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller overdose\bin\overdoseeditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{0D6749B2-F0E8-4510-AA26-73617B356E19}C:\users\pichau\downloads\reloverdose 1.5standalone\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\reloverdose 1.5standalone\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{EF2B4A86-288B-4C5E-B400-3899FA502C7E}C:\users\pichau\downloads\reloverdose 1.5standalone\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\reloverdose 1.5standalone\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{B5AB4FE9-D7A3-4F75-846E-7CD7F66AC06C}C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\editor\paineditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{7EACF98D-5D5B-44E9-9D74-5C2D7AA9ED76}C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\editor\paineditor.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\painkiller black edition\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{EDE2CC13-8E7A-4D39-BBFE-53E72EF36CC3}C:\users\pichau\downloads\painkiller fear factor 5.3 final\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\painkiller fear factor 5.3 final\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{87129D5F-FBAB-4DA7-A222-16179A2D1E4A}C:\users\pichau\downloads\painkiller fear factor 5.3 final\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\painkiller fear factor 5.3 final\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{5DD0D50B-4429-474D-8B10-C831399C5B94}C:\users\pichau\downloads\painkiller fear factor 5.3 final\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\painkiller fear factor 5.3 final\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{173AF66A-B855-4EAA-8ED4-7BDF1C617858}C:\users\pichau\downloads\painkiller fear factor 5.3 final\bin\editor\paineditor.exe] => (Allow) C:\users\pichau\downloads\painkiller fear factor 5.3 final\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{5D2F1CF2-AB61-4712-9008-B6DA2D26E61F}C:\program files (x86)\steam\steamapps\common\doom 3 bfg edition\cstdoom3-bfg.exe] => (Block) C:\program files (x86)\steam\steamapps\common\doom 3 bfg edition\cstdoom3-bfg.exe => Nenhum Arquivo FirewallRules: [UDP Query User{97DC9840-0FBA-4F8D-80EE-32CBF0EA4C82}C:\program files (x86)\steam\steamapps\common\doom 3 bfg edition\cstdoom3-bfg.exe] => (Block) C:\program files (x86)\steam\steamapps\common\doom 3 bfg edition\cstdoom3-bfg.exe => Nenhum Arquivo FirewallRules: [TCP Query User{106C7C4F-0422-41DD-948E-6AC501C8F7A7}C:\program files (x86)\steam\steamapps\common\doom 3 bfg edition\cstdoom3-bfg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom 3 bfg edition\cstdoom3-bfg.exe => Nenhum Arquivo FirewallRules: [UDP Query User{0BC24889-BB0D-4280-BFAD-A9DC82CE1C87}C:\program files (x86)\steam\steamapps\common\doom 3 bfg edition\cstdoom3-bfg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom 3 bfg edition\cstdoom3-bfg.exe => Nenhum Arquivo FirewallRules: [TCP Query User{2BA6378A-74A5-41AD-87E5-467FC3C46FCA}C:\users\pichau\downloads\reloverdose 1.5standalone\bin\editor\paineditor.exe] => (Block) C:\users\pichau\downloads\reloverdose 1.5standalone\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D8378A76-7DA7-4719-AB84-652BC9F5906A}C:\users\pichau\downloads\reloverdose 1.5standalone\bin\editor\paineditor.exe] => (Block) C:\users\pichau\downloads\reloverdose 1.5standalone\bin\editor\paineditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{60BFF910-80A4-47D0-B897-AF7A4AC0BC1A}C:\users\pichau\downloads\painkiller - division of satan\bin\divisioneditor.exe] => (Allow) C:\users\pichau\downloads\painkiller - division of satan\bin\divisioneditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{15B8C9D3-6733-4097-8CFC-A3B1334B5A20}C:\users\pichau\downloads\painkiller - division of satan\bin\divisioneditor.exe] => (Allow) C:\users\pichau\downloads\painkiller - division of satan\bin\divisioneditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{4FEF5DD8-B9DE-4A3B-A9F0-68CD3A573142}C:\users\pichau\downloads\painkiller - division of satan\bin\divisioneditor.exe] => (Allow) C:\users\pichau\downloads\painkiller - division of satan\bin\divisioneditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{1697B4B3-1B0C-4172-BE35-6B01F4FD3043}C:\users\pichau\downloads\painkiller - division of satan\bin\divisioneditor.exe] => (Allow) C:\users\pichau\downloads\painkiller - division of satan\bin\divisioneditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{DE8982A8-C5B2-4069-B467-B250F841C989}C:\users\pichau\downloads\dedkiller whispers of pain beta 0.3.1\bin\editor\dedkillerwopeditor.exe] => (Allow) C:\users\pichau\downloads\dedkiller whispers of pain beta 0.3.1\bin\editor\dedkillerwopeditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D2D51F06-42E6-47FB-8A64-200590FAD791}C:\users\pichau\downloads\dedkiller whispers of pain beta 0.3.1\bin\editor\dedkillerwopeditor.exe] => (Allow) C:\users\pichau\downloads\dedkiller whispers of pain beta 0.3.1\bin\editor\dedkillerwopeditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{7296DF2E-439F-48EA-A2F4-C901976E496C}C:\users\pichau\downloads\dedkiller whispers of pain beta 0.3.1\dedkiller whispers of pain beta 0.3.1\bin\editor\dedkillerwopeditor.exe] => (Allow) C:\users\pichau\downloads\dedkiller whispers of pain beta 0.3.1\dedkiller whispers of pain beta 0.3.1\bin\editor\dedkillerwopeditor.exe => Nenhum Arquivo FirewallRules: [UDP Query User{F74D14DA-1D11-43A4-8A0E-65A4511093FB}C:\users\pichau\downloads\dedkiller whispers of pain beta 0.3.1\dedkiller whispers of pain beta 0.3.1\bin\editor\dedkillerwopeditor.exe] => (Allow) C:\users\pichau\downloads\dedkiller whispers of pain beta 0.3.1\dedkiller whispers of pain beta 0.3.1\bin\editor\dedkillerwopeditor.exe => Nenhum Arquivo FirewallRules: [TCP Query User{96FDEB13-C44F-4E97-997C-5D1E811036C7}C:\users\pichau\downloads\the.kreed\the.kreed\k2.exe] => (Block) C:\users\pichau\downloads\the.kreed\the.kreed\k2.exe => Nenhum Arquivo FirewallRules: [UDP Query User{C17FE715-8726-489B-A29A-DF5142AE976E}C:\users\pichau\downloads\the.kreed\the.kreed\k2.exe] => (Block) C:\users\pichau\downloads\the.kreed\the.kreed\k2.exe => Nenhum Arquivo FirewallRules: [TCP Query User{BF989377-3D1E-4C77-AB88-B9A1377FA4BF}C:\program files (x86)\the kreed\k2.exe] => (Block) C:\program files (x86)\the kreed\k2.exe => Nenhum Arquivo FirewallRules: [UDP Query User{03A5C461-30FD-4124-A123-E905B4B935D3}C:\program files (x86)\the kreed\k2.exe] => (Block) C:\program files (x86)\the kreed\k2.exe => Nenhum Arquivo FirewallRules: [TCP Query User{F1AAB5F9-9709-44AD-921C-22BA0E109B15}C:\program files (x86)\the kreed\k2.exe] => (Allow) C:\program files (x86)\the kreed\k2.exe => Nenhum Arquivo FirewallRules: [UDP Query User{6E590231-7DDA-4E6F-B558-F6BF6B84580E}C:\program files (x86)\the kreed\k2.exe] => (Allow) C:\program files (x86)\the kreed\k2.exe => Nenhum Arquivo FirewallRules: [TCP Query User{F149AF82-0EE5-408E-BF6B-DC96E3FEE1F4}C:\games\aliens colonial marines\binaries\win32\acm.exe] => (Allow) C:\games\aliens colonial marines\binaries\win32\acm.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D73D063D-98FF-4490-8ABA-93829B87B680}C:\games\aliens colonial marines\binaries\win32\acm.exe] => (Allow) C:\games\aliens colonial marines\binaries\win32\acm.exe => Nenhum Arquivo FirewallRules: [TCP Query User{B2E9FEAE-4D31-487B-9FF1-E429054F0704}C:\gog games\soldier of fortune\sof.exe] => (Block) C:\gog games\soldier of fortune\sof.exe => Nenhum Arquivo FirewallRules: [UDP Query User{4E61931B-CBA0-4206-9324-21F547135185}C:\gog games\soldier of fortune\sof.exe] => (Block) C:\gog games\soldier of fortune\sof.exe => Nenhum Arquivo FirewallRules: [TCP Query User{3423DBA6-2E0E-41E3-88B1-4F0E3F5434A5}C:\gog games\soldier of fortune payback\sof3.exe] => (Allow) C:\gog games\soldier of fortune payback\sof3.exe => Nenhum Arquivo FirewallRules: [UDP Query User{8FFBA2C1-D823-474D-9D1E-8910A1A9FED6}C:\gog games\soldier of fortune payback\sof3.exe] => (Allow) C:\gog games\soldier of fortune payback\sof3.exe => Nenhum Arquivo FirewallRules: [TCP Query User{72CEEB16-ADA6-4D4C-87A2-4AFD0CBE6592}C:\emulator\xenia\emulators\xenia netplay\xenia_canary_netplay.exe] => (Allow) C:\emulator\xenia\emulators\xenia netplay\xenia_canary_netplay.exe => Nenhum Arquivo FirewallRules: [UDP Query User{32108251-CD2F-4AFA-A9F9-62137C9D587D}C:\emulator\xenia\emulators\xenia netplay\xenia_canary_netplay.exe] => (Allow) C:\emulator\xenia\emulators\xenia netplay\xenia_canary_netplay.exe => Nenhum Arquivo FirewallRules: [TCP Query User{6A9DFF07-858A-49D0-B078-5DA7E85C81A4}C:\magipacks\aliens colonial marines\binaries\win32\acm.exe] => (Allow) C:\magipacks\aliens colonial marines\binaries\win32\acm.exe => Nenhum Arquivo FirewallRules: [UDP Query User{FD70FC57-DBDB-48C5-A576-45AA8AF360AA}C:\magipacks\aliens colonial marines\binaries\win32\acm.exe] => (Allow) C:\magipacks\aliens colonial marines\binaries\win32\acm.exe => Nenhum Arquivo FirewallRules: [TCP Query User{3556BD43-D01A-4264-8820-18460B5DE95F}C:\magipacks\aliens colonial marines\binaries\win32\acm.exe] => (Allow) C:\magipacks\aliens colonial marines\binaries\win32\acm.exe => Nenhum Arquivo FirewallRules: [UDP Query User{DDE1972B-C8D1-4DA1-8EC2-2BF703ED2F7E}C:\magipacks\aliens colonial marines\binaries\win32\acm.exe] => (Allow) C:\magipacks\aliens colonial marines\binaries\win32\acm.exe => Nenhum Arquivo FirewallRules: [TCP Query User{7484C14E-BCCE-4EA7-99E8-29C6EDB472D2}C:\gog games\soldier of fortune\sof.exe] => (Allow) C:\gog games\soldier of fortune\sof.exe => Nenhum Arquivo FirewallRules: [UDP Query User{69702FB9-EC91-4456-8D96-5170A33150BA}C:\gog games\soldier of fortune\sof.exe] => (Allow) C:\gog games\soldier of fortune\sof.exe => Nenhum Arquivo FirewallRules: [TCP Query User{90650F31-C39D-4492-8617-69EC7F335177}C:\users\pichau\appdata\local\temp\rarsfx0\supermodel.exe] => (Allow) C:\users\pichau\appdata\local\temp\rarsfx0\supermodel.exe => Nenhum Arquivo FirewallRules: [UDP Query User{152DDCEB-46CD-4774-BBC3-BC14820307F3}C:\users\pichau\appdata\local\temp\rarsfx0\supermodel.exe] => (Allow) C:\users\pichau\appdata\local\temp\rarsfx0\supermodel.exe => Nenhum Arquivo FirewallRules: [TCP Query User{70AFD6FC-ABCD-4721-AA89-7CE00B919B67}C:\users\pichau\appdata\local\temp\rarsfx1\supermodel.exe] => (Block) C:\users\pichau\appdata\local\temp\rarsfx1\supermodel.exe => Nenhum Arquivo FirewallRules: [UDP Query User{C94D9D53-A93F-48B6-9A6C-E3D03730F5BB}C:\users\pichau\appdata\local\temp\rarsfx1\supermodel.exe] => (Block) C:\users\pichau\appdata\local\temp\rarsfx1\supermodel.exe => Nenhum Arquivo FirewallRules: [TCP Query User{09257945-8BD4-4622-8F5F-05465D37DAD0}C:\emulator\tpbootstrapper\n2\budgieloader.exe] => (Allow) C:\emulator\tpbootstrapper\n2\budgieloader.exe => Nenhum Arquivo FirewallRules: [UDP Query User{1BCA3CE8-3E85-4EE0-8CC1-7FD9C6DD7170}C:\emulator\tpbootstrapper\n2\budgieloader.exe] => (Allow) C:\emulator\tpbootstrapper\n2\budgieloader.exe => Nenhum Arquivo FirewallRules: [{A35EB48E-45EE-4682-B07C-84881B342045}] => (Allow) C:\GOG Games\WH40K Fire Warrior\FireWarrior.exe => Nenhum Arquivo FirewallRules: [TCP Query User{C9B92667-2939-4EE4-B673-F0590EC7377C}C:\program files (x86)\playlogic\gene troopers\gt.exe] => (Allow) C:\program files (x86)\playlogic\gene troopers\gt.exe => Nenhum Arquivo FirewallRules: [UDP Query User{06AD1E0B-07E5-4873-8F7F-84A7BD0DA653}C:\program files (x86)\playlogic\gene troopers\gt.exe] => (Allow) C:\program files (x86)\playlogic\gene troopers\gt.exe => Nenhum Arquivo FirewallRules: [TCP Query User{A977A973-5DFC-4CE0-9C5A-481BB4B24E3C}C:\gog games\soldier of fortune payback\sof3.exe] => (Allow) C:\gog games\soldier of fortune payback\sof3.exe => Nenhum Arquivo FirewallRules: [UDP Query User{C6C124DD-3AAF-4F92-A0E3-2D438D205CB8}C:\gog games\soldier of fortune payback\sof3.exe] => (Allow) C:\gog games\soldier of fortune payback\sof3.exe => Nenhum Arquivo FirewallRules: [TCP Query User{AB2FBFCC-81BC-4535-ADAF-DF5C73295DF9}C:\gog games\xiii\system\xiii.exe] => (Allow) C:\gog games\xiii\system\xiii.exe => Nenhum Arquivo FirewallRules: [UDP Query User{9A883CC6-B254-4A48-83F2-149B91D9407F}C:\gog games\xiii\system\xiii.exe] => (Allow) C:\gog games\xiii\system\xiii.exe => Nenhum Arquivo FirewallRules: [{669B7D24-552D-4D36-A7BE-6676F3EB8FD9}] => (Block) C:\gog games\xiii\system\xiii.exe => Nenhum Arquivo FirewallRules: [{83791053-3D0B-4DC1-9006-4EF33D7D7CBF}] => (Block) C:\gog games\xiii\system\xiii.exe => Nenhum Arquivo FirewallRules: [TCP Query User{15E3C71B-A47D-4FF2-B479-3C41E27667B5}C:\magipacks\aliens versus predator 2\primal hunt\avp2xserv.exe] => (Block) C:\magipacks\aliens versus predator 2\primal hunt\avp2xserv.exe => Nenhum Arquivo FirewallRules: [UDP Query User{EE13F687-37B2-4853-A19F-32D481703605}C:\magipacks\aliens versus predator 2\primal hunt\avp2xserv.exe] => (Block) C:\magipacks\aliens versus predator 2\primal hunt\avp2xserv.exe => Nenhum Arquivo FirewallRules: [TCP Query User{083FD6A6-862E-462A-8D27-6D091D6C25CB}C:\magipacks\aliens versus predator 2\avp2serv.exe] => (Allow) C:\magipacks\aliens versus predator 2\avp2serv.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D0B9015E-CC22-4FEE-9CFC-024B37F97D32}C:\magipacks\aliens versus predator 2\avp2serv.exe] => (Allow) C:\magipacks\aliens versus predator 2\avp2serv.exe => Nenhum Arquivo FirewallRules: [TCP Query User{8CD45921-1130-47A6-A61E-0088C8786355}C:\magipacks\aliens versus predator 2\primal hunt\lithtech.exe] => (Allow) C:\magipacks\aliens versus predator 2\primal hunt\lithtech.exe => Nenhum Arquivo FirewallRules: [UDP Query User{8626BEDB-4405-4A2F-A728-278A600F3735}C:\magipacks\aliens versus predator 2\primal hunt\lithtech.exe] => (Allow) C:\magipacks\aliens versus predator 2\primal hunt\lithtech.exe => Nenhum Arquivo FirewallRules: [{599E5498-B717-4DA6-8F16-29BD7C26FFB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam Revolution\Bin\SeriousSam.exe => Nenhum Arquivo FirewallRules: [{E050A20B-0661-4F24-BFFD-7A946579716E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam Revolution\Bin\SeriousSam.exe => Nenhum Arquivo FirewallRules: [TCP Query User{B6953982-CC7F-4867-B022-A6C3ABFD6E0A}C:\magipacks\aliens versus predator 2\avp2serv.exe] => (Block) C:\magipacks\aliens versus predator 2\avp2serv.exe => Nenhum Arquivo FirewallRules: [UDP Query User{50457342-7257-46B6-9D96-EDF8BCFE9383}C:\magipacks\aliens versus predator 2\avp2serv.exe] => (Block) C:\magipacks\aliens versus predator 2\avp2serv.exe => Nenhum Arquivo FirewallRules: [TCP Query User{6BE106F9-26FC-42C2-85BD-D68A84585D3E}C:\program files (x86)\playlogic\gene troopers\gt.exe] => (Allow) C:\program files (x86)\playlogic\gene troopers\gt.exe => Nenhum Arquivo FirewallRules: [UDP Query User{72CBE751-DCDC-4082-BE6A-9F48E478DA9E}C:\program files (x86)\playlogic\gene troopers\gt.exe] => (Allow) C:\program files (x86)\playlogic\gene troopers\gt.exe => Nenhum Arquivo FirewallRules: [TCP Query User{C69734C7-3342-4699-BCCE-27A7A4C08EBD}C:\users\pichau\desktop\avp_remake_2022_08_30\avp_remake_2022_08_30\avp\binaries\win64\avp.exe] => (Allow) C:\users\pichau\desktop\avp_remake_2022_08_30\avp_remake_2022_08_30\avp\binaries\win64\avp.exe => Nenhum Arquivo FirewallRules: [UDP Query User{5A4F0964-F4A3-40E4-91C4-E0609BE8A799}C:\users\pichau\desktop\avp_remake_2022_08_30\avp_remake_2022_08_30\avp\binaries\win64\avp.exe] => (Allow) C:\users\pichau\desktop\avp_remake_2022_08_30\avp_remake_2022_08_30\avp\binaries\win64\avp.exe => Nenhum Arquivo FirewallRules: [TCP Query User{543FBDDD-D0B8-4E86-A715-D1825F4B2501}C:\program files (x86)\r.g. mechanics\alien rage unlimited\singleplayer\binaries\win32\shippingpc-afeargame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\alien rage unlimited\singleplayer\binaries\win32\shippingpc-afeargame.exe => Nenhum Arquivo FirewallRules: [UDP Query User{98D0568B-5D8B-4479-A590-BD7AFB475B88}C:\program files (x86)\r.g. mechanics\alien rage unlimited\singleplayer\binaries\win32\shippingpc-afeargame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\alien rage unlimited\singleplayer\binaries\win32\shippingpc-afeargame.exe => Nenhum Arquivo FirewallRules: [{9B1515B6-89D3-4CD7-BF9D-89FB41993C4A}] => (Allow) C:\GOG Games\WH40K Fire Warrior\FireWarrior.exe => Nenhum Arquivo FirewallRules: [TCP Query User{27C6115A-756C-413B-AFB3-9B437DCC0D55}C:\gog games\fear 3\f.e.a.r. 3.exe] => (Allow) C:\gog games\fear 3\f.e.a.r. 3.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D8579A3C-22C2-4D47-B9C3-6F219EBF51F6}C:\gog games\fear 3\f.e.a.r. 3.exe] => (Allow) C:\gog games\fear 3\f.e.a.r. 3.exe => Nenhum Arquivo FirewallRules: [TCP Query User{8DC3C95B-893A-42EF-BFF5-D6DA6AB9B28A}C:\games\hellforces\hell.exe] => (Allow) C:\games\hellforces\hell.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D1E416C9-D91C-4F4F-8955-06E0B2C8365B}C:\games\hellforces\hell.exe] => (Allow) C:\games\hellforces\hell.exe => Nenhum Arquivo FirewallRules: [TCP Query User{FEF244F6-0B45-4197-97E3-859D70F8111E}C:\gog games\red faction\rf.exe] => (Allow) C:\gog games\red faction\rf.exe => Nenhum Arquivo FirewallRules: [UDP Query User{DCCF0656-5E6B-4E5B-A7B8-4C423826ACE3}C:\gog games\red faction\rf.exe] => (Allow) C:\gog games\red faction\rf.exe => Nenhum Arquivo FirewallRules: [TCP Query User{A1EA70C6-B71D-407D-AB62-84F3502E9A67}C:\games\enemy front\bin32\enemyfront.exe] => (Allow) C:\games\enemy front\bin32\enemyfront.exe => Nenhum Arquivo FirewallRules: [UDP Query User{DBF759E3-3691-48DA-8B90-3AC8FB1FC229}C:\games\enemy front\bin32\enemyfront.exe] => (Allow) C:\games\enemy front\bin32\enemyfront.exe => Nenhum Arquivo FirewallRules: [TCP Query User{BBC0E15B-5733-4092-9257-A06AC2E830F9}C:\program files (x86)\turning point - fall of liberty\binaries\ltcg-tpgame.exe] => (Allow) C:\program files (x86)\turning point - fall of liberty\binaries\ltcg-tpgame.exe => Nenhum Arquivo FirewallRules: [UDP Query User{89BED5B9-B2A4-45BD-9C2F-0EC6640C9245}C:\program files (x86)\turning point - fall of liberty\binaries\ltcg-tpgame.exe] => (Allow) C:\program files (x86)\turning point - fall of liberty\binaries\ltcg-tpgame.exe => Nenhum Arquivo FirewallRules: [TCP Query User{435C2345-63E0-4C4C-808D-F93A40013A83}C:\users\pichau\downloads\avp_remake_2022_08_30\avp_remake_2022_08_30\avp\binaries\win64\avp.exe] => (Allow) C:\users\pichau\downloads\avp_remake_2022_08_30\avp_remake_2022_08_30\avp\binaries\win64\avp.exe => Nenhum Arquivo FirewallRules: [UDP Query User{0207676B-2E92-42CB-87A7-AEE331075140}C:\users\pichau\downloads\avp_remake_2022_08_30\avp_remake_2022_08_30\avp\binaries\win64\avp.exe] => (Allow) C:\users\pichau\downloads\avp_remake_2022_08_30\avp_remake_2022_08_30\avp\binaries\win64\avp.exe => Nenhum Arquivo FirewallRules: [TCP Query User{493C361C-0BEA-40A1-AC1E-E3EEFB202BA0}C:\games\enemy front\bin32\enemyfront.exe] => (Block) C:\games\enemy front\bin32\enemyfront.exe => Nenhum Arquivo FirewallRules: [UDP Query User{B85C8D69-F46A-47D8-AD3A-8093AE09510A}C:\games\enemy front\bin32\enemyfront.exe] => (Block) C:\games\enemy front\bin32\enemyfront.exe => Nenhum Arquivo FirewallRules: [{27AF5C6C-C579-4869-BF06-177A7DF7E430}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe => Nenhum Arquivo FirewallRules: [{C56D4B6C-A207-4CB2-A4CC-90BB12210687}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe => Nenhum Arquivo FirewallRules: [{AAF029CE-1B9B-4E15-BBDA-51E0736DE0E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe => Nenhum Arquivo FirewallRules: [{3E92980B-A1A0-4841-B21F-C7854ECA1AB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe => Nenhum Arquivo FirewallRules: [TCP Query User{D330887E-553B-487A-A830-1111E1A898B8}C:\users\pichau\downloads\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Block) C:\users\pichau\downloads\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe => Nenhum Arquivo FirewallRules: [UDP Query User{3DF97331-B083-4A80-B78F-2B838F5937EB}C:\users\pichau\downloads\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Block) C:\users\pichau\downloads\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe => Nenhum Arquivo FirewallRules: [{85507C36-715B-4F56-9753-C0702AF5E1A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Toyland Tussle\Toyland Tussle\Toyland Tussle.exe => Nenhum Arquivo FirewallRules: [{3BC27D83-CEFB-4CD8-B844-B9CBE0E96FCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Toyland Tussle\Toyland Tussle\Toyland Tussle.exe => Nenhum Arquivo FirewallRules: [{B12AA45B-3E51-409C-8E15-D5657C42D446}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Nenhum Arquivo FirewallRules: [{8028C10F-6ECD-44EA-BCBC-02CFE3460591}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => Nenhum Arquivo FirewallRules: [{F544017E-80D2-4EF4-8C7B-AECAA2C67707}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => Nenhum Arquivo FirewallRules: [TCP Query User{82C1E6D5-DFAA-48C4-9D0E-E6729B54BE76}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe => Nenhum Arquivo FirewallRules: [UDP Query User{4205B318-9917-466F-85B8-0DC48A68D246}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe => Nenhum Arquivo FirewallRules: [TCP Query User{7E40F677-8167-44ED-8D22-F67CC4194775}C:\program files\keepstreams\keepstreams\youtubedl\youtubetomp3service.exe] => (Allow) C:\program files\keepstreams\keepstreams\youtubedl\youtubetomp3service.exe => Nenhum Arquivo FirewallRules: [UDP Query User{7C296B00-7E1F-4879-AF8B-7381A69A3B1D}C:\program files\keepstreams\keepstreams\youtubedl\youtubetomp3service.exe] => (Allow) C:\program files\keepstreams\keepstreams\youtubedl\youtubetomp3service.exe => Nenhum Arquivo FirewallRules: [TCP Query User{3C394763-EC04-4793-B16E-5F59BD98F7E1}C:\program files\keepstreams\keepstreams\keepstreams64.exe] => (Allow) C:\program files\keepstreams\keepstreams\keepstreams64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{4519C1E6-44A7-43A8-9300-98958D8BDC1C}C:\program files\keepstreams\keepstreams\keepstreams64.exe] => (Allow) C:\program files\keepstreams\keepstreams\keepstreams64.exe => Nenhum Arquivo FirewallRules: [TCP Query User{ED2968EC-D706-4FD0-A65E-6BEB1250E6D1}C:\program files\keepstreams\keepstreams\youtubedl\youtubetomp3service.exe] => (Allow) C:\program files\keepstreams\keepstreams\youtubedl\youtubetomp3service.exe => Nenhum Arquivo FirewallRules: [UDP Query User{C4CD5791-DDDD-4630-A647-0BE9760C5571}C:\program files\keepstreams\keepstreams\youtubedl\youtubetomp3service.exe] => (Allow) C:\program files\keepstreams\keepstreams\youtubedl\youtubetomp3service.exe => Nenhum Arquivo FirewallRules: [TCP Query User{EBE312CF-D4ED-4BF0-AF60-C346A70765EC}C:\program files\keepstreams\keepstreams\keepstreams64.exe] => (Allow) C:\program files\keepstreams\keepstreams\keepstreams64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{F1E4F23D-70FA-48A1-9E50-81AF2EDC35C2}C:\program files\keepstreams\keepstreams\keepstreams64.exe] => (Allow) C:\program files\keepstreams\keepstreams\keepstreams64.exe => Nenhum Arquivo HKU\S-1-5-21-2989126380-3126960157-2797847750-1001\...\Run: [YouTubeToMP3] => "C:\Program Files\KeepStreams\KeepStreams\KeepStreams64.exe" mode=StartWhenPowerUp (Nenhum Arquivo) HKU\S-1-5-21-2989126380-3126960157-2797847750-1001\...\MountPoints2: {0b4d2541-ef2e-11f0-b908-0229667e0f77} - "W:\BootStrap.exe" HKU\S-1-5-21-2989126380-3126960157-2797847750-1001\...\MountPoints2: {5fd88a58-faba-11f0-b911-023a68701670} - "X:\AUTORUN.EXE" HKU\S-1-5-21-2989126380-3126960157-2797847750-1001\...\MountPoints2: {8ff78e7a-1695-11f1-b928-0229646e1a7b} - "F:\AUTORUN.EXE" HKU\S-1-5-21-2989126380-3126960157-2797847750-1001\...\MountPoints2: {91ef485b-fe56-11f0-b916-0229667e0f77} - "E:\autorun.exe" HKU\S-1-5-21-2989126380-3126960157-2797847750-1001\...\MountPoints2: {91ef4861-fe56-11f0-b916-0229667e0f77} - "F:\autorun.exe" HKU\S-1-5-21-2989126380-3126960157-2797847750-1001\...\MountPoints2: {a1233f1f-d95b-11f0-b8f2-001a7dda7113} - "V:\AUTORUN.EXE" HKU\S-1-5-21-2989126380-3126960157-2797847750-1001\...\MountPoints2: {d4b86a86-eb23-11f0-b901-001a7dda7113} - "V:\autorun.exe" HKU\S-1-5-21-2989126380-3126960157-2797847750-1001\...\MountPoints2: {d4b86a93-eb23-11f0-b901-001a7dda7113} - "W:\autorun.exe" Powershell: @("$env:APPDATA","$env:LOCALAPPDATA") | ForEach-Object { Get-ChildItem $_ -Recurse -Filter "index.js" -ErrorAction SilentlyContinue } | Where-Object { $_.FullName -match "discord_desktop_core" } | ForEach-Object { Write-Host "--- $($_.FullName) ---"; (Get-Content $_.FullName -Raw).Substring(0,[Math]::Min(2000,(Get-Content $_.FullName -Raw).Length)) } Powershell: (Get-ItemProperty "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU" -ErrorAction SilentlyContinue).PSObject.Properties | Where-Object { $_.Name -match "^[a-z]$" } | ForEach-Object { Write-Host "$($_.Name): $($_.Value)" } StartPowershell: # Replace /scanonly with /clean if you also want to delete items -- however, this will activate a trial license on the system, I do not recommend it $hmpExe = "$env:TEMP\HitmanPro_x64.exe" $logFile = "$env:TEMP\HitmanPro_ScanLog.txt" Invoke-WebRequest -Uri "https://dl.surfright.nl/HitmanPro_x64.exe" -OutFile $hmpExe -UseBasicParsing $proc = Start-Process $hmpExe -ArgumentList "/ews","/scanonly","/noinstall","/log=`"$logFile`"","/logtype=txt" -Wait -PassThru if (!(Test-Path $logFile)) { Write-Host "Scan failed (exit $($proc.ExitCode))"; exit 1 } Get-Content $logFile -Encoding Unicode EndPowershell: EmptyTemp: End::