Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02 Ran by ADM at 2015-05-18 21:16:59 Running from C:\Users\ADM\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= ADM (S-1-5-21-2957143589-1019319754-4208424685-1000 - Administrator - Enabled) => C:\Users\ADM Administrador (S-1-5-21-2957143589-1019319754-4208424685-500 - Administrator - Disabled) Convidado (S-1-5-21-2957143589-1019319754-4208424685-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2957143589-1019319754-4208424685-1007 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.) Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Crystal Reports Basic for Visual Studio 2008 (HKLM-x32\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects) Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects) Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden Doro 1.75 (HKLM-x32\...\Doro_is1) (Version: - CompSoft) Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions) Emergency Download Driver (HKLM-x32\...\{05DBF996-83D0-4C40-8D3A-A6850800BC88}) (Version: 1.1.7.1439 - Nokia) Estudo de melhoria do produto HP Deskjet 3050 J610 series (HKLM\...\{D23F32FF-5AFF-4D21-8CBA-D8142AAE7068}) (Version: 22.50.231.0 - Hewlett-Packard Co.) Ferramentas da Web do Microsoft SQL Server Compact 4.0 PTB (HKLM-x32\...\{06F10ED5-41FC-4110-B5CE-4F8F79B0D38B}) (Version: 4.0.8482.1 - Microsoft Corporation) Ferramentas do Visual Studio 2005 para Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.5.124 - Foxit Corporation) Fuse Installer (x32 Version: 5.0.7 - Nokia) Hidden GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.) Google Chrome (HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\Google Chrome) (Version: 28.0.1464.0 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) HP Deskjet 3050 J610 series Ajuda (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard) HP Deskjet 3510 series Ajuda (HKLM-x32\...\{949C49A5-91B7-40D2-AF9A-15681454074A}) (Version: 28.0.0 - Hewlett Packard) HP Deskjet 3510 series Estudo de aprimoramento de produtos (HKLM\...\{34B5B8D3-4106-4713-AAE1-DAE898EEB21C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3510 series Software básico do dispositivo (HKLM\...\{B332BF47-16DD-476D-AE00-31DC6DE5B87A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) IIS 7.5 Express (HKLM-x32\...\{22025051-1991-48EB-8BE8-7A3329DAE7ED}) (Version: 7.5.1070 - Microsoft Corporation) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.122 - IObit) IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil) iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.) Java(TM) SE Development Kit 6 Update 22 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160220}) (Version: 1.6.0.220 - Oracle) K-Lite Mega Codec Pack 9.7.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.0 - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Lumia UEFI Blue Driver (HKLM-x32\...\{D6EEB835-5BBF-4F6B-8382-1681148D7771}) (Version: 1.1.8.1448 - Nokia) MCTS Self-Paced Training Kit (Exam 70-432): Microsoft SQL Server 2008-Implementation and Maintenance (HKLM-x32\...\{89952D4E-52CD-4B94-9EC0-2E5A6E3FFB3C}) (Version: 2.00.00 - Microsoft Press) Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation) Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation) Microsoft Device Emulator (64 bit) version 3.0 - ENU (HKLM\...\{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Press Training Kit Exam Prep Suite 70-432 (HKLM-x32\...\{26DEB0DF-3FF0-4365-8577-5259C13FCC6E}) (Version: 1.0.0 - MeasureUp) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{C92556F2-4950-48CF-ABA3-F0026B05BCE8}) (Version: 8.05.1054 - Microsoft Corporation) Microsoft SQL Server 2005 Books Online (English) (HKLM-x32\...\{0B43A744-B1B8-4089-9BD1-9D41C7EC0AA3}) (Version: 9.00.1399.06 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{B692E59A-055C-43B7-BE0A-9C2FE0AB88B6}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 Report Builder 2.0 (HKLM-x32\...\{91CB3AD8-DFA7-4BA5-86F7-4DA10724CF5F}) (Version: 10.0.1600.60 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files RC0 (English) (HKLM-x32\...\{7D3F6746-94DE-4E1F-94F9-933B68EB68C4}) (Version: 10.0.1442.32 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 for Devices ENU (HKLM-x32\...\{241F2BF7-69EB-42A4-9156-96B2426C7504}) (Version: 3.5.5386.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 x64 PTB (HKLM\...\{072F491C-BF8C-4C46-A48D-C6722188E21B}) (Version: 4.0.8482.1 - Microsoft Corporation) Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM-x32\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation) Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM-x32\...\{1CBE3804-20DF-48DA-B048-895C206E80A5}) (Version: 9.00.1399.06 - Microsoft Corporation) Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation) Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2005 Premier Partner Edition - ENU (HKLM-x32\...\{C25EF637-BE7A-4761-9B45-9069989C319F}) (Version: 8.0.50728 - Microsoft Corporation) Microsoft Visual Studio 2005 Premier Partner Edition - ENU Service Pack 1 (KB926601) (HKLM-x32\...\KB926601.T2_28ToU260_28) (Version: 1 - Microsoft Corporation) Microsoft Visual Studio 2008 Professional Edition - ENU (HKLM-x32\...\Microsoft Visual Studio 2008 Professional Edition - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2008 Remote Debugger - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation) Microsoft Web Deploy 2.0 (HKLM\...\{5134B35A-B559-4762-94A4-FD4918977953}) (Version: 2.0.1070 - Microsoft Corporation) Microsoft Web Platform Installer 3.0 (HKLM\...\{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}) (Version: 3.0.5 - Microsoft Corporation) Microsoft WebMatrix (HKLM-x32\...\{66F0E678-69C2-4C46-BA95-117DF28C87E4}) (Version: 1.0.1073 - Microsoft Corporation) Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{29C93182-34F6-3275-A18D-59326851CD57}) (Version: 3.5.21022 - Microsoft) Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation) Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{9aa5f39c-a8de-46b0-919a-0248f8bc8490}) (Version: 6.1.5288.17011 - Microsoft Corporation) Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{62EED300-E841-4083-A1D6-60B906271804}) (Version: 6.1.5288.17011 - Microsoft Corporation) Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{A992BBAA-723D-4574-A07F-983BF8FAA3E1}) (Version: 6.1.5288.17011 - Microsoft Corporation) Módulo de Proteção - Banco Santander (Brasil) S.A. (HKLM-x32\...\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1) (Version: 3.11.0.1 - ) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nokia Connectivity Cable Driver (HKLM-x32\...\{D4BF151C-70A8-4CE2-906F-4173A575BAD9}) (Version: 7.1.182.0 - Nokia) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) PDFZilla V3.0.0 (HKLM-x32\...\PDFZilla_is1) (Version: - PDFZilla, Inc.) PRN - Edite (HKLM-x32\...\{9FD30AE4-2167-4803-BC11-D9FEC21D7005}) (Version: 2.07.00 - PROCERGS - Cia. de Processamento de Dados do Estado do Rio Grande do Sul) Product API Installer (x32 Version: 5.0.7 - Microsoft) Hidden Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.05 - Serpro - Serviço Federal de Processamento de Dados) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Software básico do dispositivo HP Deskjet 3050 J610 series (HKLM\...\{477347C0-64CF-4E41-8D51-4EB47EEE6460}) (Version: 22.50.231.0 - Hewlett-Packard Co.) SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC) Suporte para Aplicativos Apple (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Unchecky v0.3.7.5 (HKLM-x32\...\Unchecky) (Version: 0.3.7.5 - RaMMicHaeL) Unity Web Player (HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) USB Serial Port Driver (HKLM-x32\...\{3D924542-36BE-49DE-8805-8887C0C8A912}) (Version: 1.1.6.1439 - Nokia) VAP11G version 5.0.32.7 (HKLM-x32\...\VAP11G_is1) (Version: 5.0.32.7 - ) VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden Visual Studio .NET Prerequisites - English (HKLM\...\{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}) (Version: 9.0.21022 - Microsoft Corporation) Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Warface (HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\Warface) (Version: - Warface) Warsaw 1.5.1.8886 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.5.1.8886 - GAS Tecnologia) Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM-x32\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation) Windows Mobile 5.0 SDK R2 for Smartphone (HKLM-x32\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation) Windows Phone app for desktop (HKLM-x32\...\{1E18A938-C9B7-415D-8C43-753D6A917662}) (Version: 1.1.2726.0 - Microsoft Corporation) WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.5.2015.7 - Ruiware) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia) WinUSB Compatible ID Drivers (HKLM-x32\...\{316ED84C-ACDA-4F1F-8E64-52B7AFF8677D}) (Version: 1.1.9.1439 - Nokia) WinUSB Drivers ext (HKLM-x32\...\{238EAE31-4E9E-43CF-B244-C4879279E6AF}) (Version: 1.1.12.1439 - Nokia) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0001}\InprocServer32 -> C:\Users\ADM\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\ADM\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0001}\InprocServer32 -> C:\Users\ADM\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\ADM\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) ==================== Restore Points ========================= 14-05-2015 08:33:11 Windows Update 15-05-2015 20:29:41 Installed inSSIDer 4 16-05-2015 18:03:20 Installed NetLimiter 3 16-05-2015 18:04:31 Installed NetLimiter 3 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 23:34 - 2015-05-18 14:17 - 00001991 ____N C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com 0.0.0.0 cdn.bispd.com There are 4 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {039A7FF3-2840-4D00-9A3A-1E23D3340747} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation) Task: {559719A5-A7F5-489B-A50D-ECCECD7EBE26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.) Task: {641DFC46-1574-48D3-8DA6-36F2C8F21A8E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2957143589-1019319754-4208424685-1000Core => C:\Users\ADM\AppData\Local\Google\Update\GoogleUpdate.exe Task: {69F93FCA-BC6A-4E0E-AB86-2C2DCD0893B1} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {731939C7-3365-4FDB-B4F0-4F0579595997} - System32\Tasks\{A56C3021-65E8-484A-83E3-0E19CB2EC058} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2015\IRPF2015.exe" -d "C:\Arquivos de Programas RFB\IRPF2015" Task: {733C6DE0-4DE9-44FE-BC00-181A791FB5D9} - System32\Tasks\{224754D6-3D62-487C-A8C8-6F12766ECB3C} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.) Task: {771EB281-B23E-4E3B-A49D-491BF4B38C2D} - System32\Tasks\{64FBA9E2-B4FC-4748-AC9A-A2F15C843538} => Iexplore.exe http://ui.skype.com/ui/0/5.3.0.120/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent Task: {7D7831D9-3BBA-4D41-98DE-0B69FCC54216} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2957143589-1019319754-4208424685-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {8CC5119F-710D-4595-83C8-3CC13BF534BE} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {A392990B-5DE7-4A1A-92C6-2888E70D0E56} - System32\Tasks\Uninstaller_SkipUac_ADM => C:\\Users\\ADM\\Downloads\\IObitUninstallerPortable\\App\\uninstaller\\IObitUninstaler.exe Task: {A8A15D0D-7808-4C10-AD8E-A12D43F365D6} - System32\Tasks\GoogleUpdateTaskMachineCore1d02ab6b4bfa991 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.) Task: {B58E639B-0ED4-4770-9D98-35CAF3C89924} - System32\Tasks\{D8BF3C83-A6A1-44D0-81EC-9D315A794547} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent Task: {B842BA4D-421D-4696-B8D0-AB1034E08668} - System32\Tasks\{D0DEC5D3-CD24-4BBE-9F8F-E185D4C1FB8E} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent Task: {B95E1C18-D12A-4F0C-85B4-B31E3A596572} - System32\Tasks\{76F2C1A0-1172-4101-82A0-CBF244D897F9} => Iexplore.exe http://ui.skype.com/ui/0/5.3.0.116.259/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent Task: {B9C63F16-DAC5-412D-A645-8A9CE7196B44} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.) Task: {C52FFC32-964F-4349-B289-DE0219FE5E54} - System32\Tasks\{2EBF65BF-ADA6-44FF-AED4-7512E6CBE023} => Iexplore.exe http://ui.skype.com/ui/0/5.3.0.116.259/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent Task: {C93A63D7-52E2-4E19-8F31-75883AF8DF4E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2957143589-1019319754-4208424685-1000UA => C:\Users\ADM\AppData\Local\Google\Update\GoogleUpdate.exe Task: {C98984F0-6859-484B-8AAD-674FCBBE0D53} - System32\Tasks\{FF81205E-70FE-41A1-83AE-F652A6A1A287} => pcalua.exe -a C:\Users\ADM\Downloads\chromeinstall-8u45.exe -d C:\Users\ADM\Downloads Task: {CAF511A9-5CD8-408A-907C-A73135A894E3} - System32\Tasks\DeepSoftware.AM.CollectLogsTask => C:\Program Files (x86)\SoftActivity\Activity Monitor\CollectLogs.exe Task: {D583ECE0-7FE3-4C01-9C9A-5B269963154B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {D76D29F8-589B-451F-BE93-B3D3A5E9A2B8} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2957143589-1019319754-4208424685-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {E82B40C9-29FB-4C31-902B-F1EDF5489BE6} - System32\Tasks\{056C18FC-653E-47CD-8E44-8F7C1EA8902D} => pcalua.exe -a C:\Users\ADM\Downloads\revouninstaller\revouninstaller-portable\Revouninstaller.exe -d C:\Users\ADM\Downloads\revouninstaller\revouninstaller-portable Task: {E97B25E1-6D90-49DD-89A8-C70042F10943} - System32\Tasks\{F1F8D8A8-E0A9-43DF-9FCF-86A323885007} => pcalua.exe -a "C:\Users\ADM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICG2TRSZ\JavaSetup8u45.exe" -d C:\Users\ADM\Desktop Task: {F38DD9E3-D63D-4B94-AFC7-3B3C117AA500} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DeepSoftware.AM.CollectLogsTask.job => C:\Program Files (x86)\SoftActivity\Activity Monitor\CollectLogs.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfa419e8b3bd6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d02ab6b4bfa991.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HP Deskjet 3510 series.exe_{AE47217B-519D-4A7F-9994-CCC3D2250706}.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HP Deskjet 3510 series.exeý-install -prfn HP Deskjet 3510 series -ePCUrl https:/h30495.www3.hp.com Task: C:\Windows\Tasks\HP Deskjet 3510 series.exe_{D8C521EA-83BE-45F6-8058-A089404456CF}.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HP Deskjet 3510 series.exez-install -prfn HP Deskjet 3510 series (Rede) -ePCUrl https:/h30495.www3.hp.com Task: C:\Windows\Tasks\HPCustPartic.exe_{C2BE5DEF-6ECB-40A5-8FA3-791045244E28}.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe Task: C:\Windows\Tasks\ScanToPCActivationApp.exe_{754AAEC7-2778-48C2-A5F0-A2A04F2B6F79}.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe Task: C:\Windows\Tasks\Toolbox.exe_{59D7E2DB-B37E-4BA6-9AB7-D0EC1AAD6403}.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\Toolbox.exe Task: C:\Windows\Tasks\Toolbox.exe_{64C78935-E603-4301-BA25-AEBD8266F261}.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\Toolbox.exe ==================== Loaded Modules (Whitelisted) ============== 2013-10-18 12:12 - 2012-05-02 21:26 - 00460800 _____ () C:\Program Files (x86)\DoroPDFWriter\Doro.dll 2015-03-02 11:46 - 2015-03-02 11:46 - 00094832 _____ () C:\Program Files (x86)\Common Files\Microsoft\Care Suite\ADUService\ADUService.exe 2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-11-17 22:08 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll 2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-05-14 13:37 - 2015-05-05 01:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll 2015-05-14 13:37 - 2015-05-05 01:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt AlternateDataStreams: C:\Windows\System32:DC83F454_Abn.gbp AlternateDataStreams: C:\Windows\System32:DC83F454_Bb.gbp AlternateDataStreams: C:\Windows\System32:DC83F454_Bnt.gbp AlternateDataStreams: C:\Windows\System32:DC83F454_Cef.gbp AlternateDataStreams: C:\Windows\SysWOW64\drivers:GbpKmAp.lst AlternateDataStreams: C:\ProgramData\TEMP:2E77EDB1 AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:2E77EDB1 AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:5C321E34 AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:D1B5B4F1 ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\banestes.com.br -> hxxps://seg.banestes.com.br IE trusted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\bb.com.br -> www.bb.com.br IE trusted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\realsecureweb.com.br -> hxxps://www.realsecureweb.com.br IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\1001movie.com -> 1001movie.com There are 6091 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 200.175.5.139 - 200.175.89.139 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [TCP Query User{058A85B4-EBF2-4B39-B497-9709428F84BD}C:\users\adm\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\adm\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{112C3440-1F25-4CA6-B2F9-4A531B0031A9}C:\users\adm\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\adm\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{1F70C509-DF85-4497-9087-FB77912A2898}] => (Allow) C:\Users\ADM\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{45DC3E24-3810-4E44-984E-0C5EBA4F16EE}] => (Allow) C:\Users\ADM\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F12ED1EF-09CD-4800-9F24-E98DAE187A84}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/18/2015 05:09:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: chrome.exe, versão: 42.0.2311.152, carimbo de hora: 0x55481340 Nome do módulo de falhas: npsf_cef.dll, versão: 3.12.0.2, carimbo de hora: 0x542de141 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00029396 Identificação do processo com falha: 0x1030 Hora de início do aplicativo com falha: 0xchrome.exe0 Caminho do aplicativo com falha: chrome.exe1 FCaminho do módulo de falhas: chrome.exe2 Identificação do Relatório: chrome.exe3 Error: (05/18/2015 02:36:58 PM) (Source: MsiInstaller) (EventID: 10005) (User: ADM-PC) Description: Product: Microsoft_VC80_CRT_x86 -- Error 2203.Database: C:\Windows\Installer\12f134.ipi. Cannot open database file. System error -2147287035. Error: (05/18/2015 02:17:08 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 3409) (User: ) Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions. Error: (05/18/2015 02:17:08 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 8313) (User: ) Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled. Error: (05/18/2015 02:12:17 PM) (Source: MsiInstaller) (EventID: 10005) (User: ADM-PC) Description: Product: Microsoft_VC80_CRT_x86 -- Error 2203.Database: C:\Windows\Installer\c44d6b.ipi. Cannot open database file. System error -2147287035. Error: (05/18/2015 00:19:48 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (05/18/2015 10:38:39 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 3409) (User: ) Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions. Error: (05/18/2015 10:38:39 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 8313) (User: ) Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled. Error: (05/17/2015 00:37:57 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 3409) (User: ) Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions. Error: (05/17/2015 00:37:57 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 8313) (User: ) Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled. System errors: ============= Error: (05/18/2015 02:02:57 PM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi gerado: 10. O estado do erro interno é 10. Error: (05/18/2015 10:38:17 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 12:46:09 às ‎17/‎05/‎2015 não era esperado. Error: (05/14/2015 06:39:22 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED} Error: (05/14/2015 01:00:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Instalador de Módulos do Windows terminou com o erro: %%16405 Error: (05/14/2015 08:27:38 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 00:41:52 às ‎14/‎05/‎2015 não era esperado. Error: (05/12/2015 03:16:56 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 14:12:34 às ‎12/‎05/‎2015 não era esperado. Error: (05/12/2015 00:58:42 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (05/09/2015 08:05:32 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80004005 Error: (05/09/2015 08:02:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço do Agente de Implantação da Web devido ao seguinte erro: %%1053 Error: (05/09/2015 08:02:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço do Agente de Implantação da Web. Microsoft Office Sessions: ========================= Error: (05/18/2015 05:09:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: chrome.exe42.0.2311.15255481340npsf_cef.dll3.12.0.2542de141c000000500029396103001d09190854678b8C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\ADM\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dllce713843-fd99-11e4-9ef9-4487fc840258 Error: (05/18/2015 02:36:58 PM) (Source: MsiInstaller) (EventID: 10005) (User: ADM-PC) Description: Product: Microsoft_VC80_CRT_x86 -- Error 2203.Database: C:\Windows\Installer\12f134.ipi. Cannot open database file. System error -2147287035.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (05/18/2015 02:17:08 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 3409) (User: ) Description: -1 Error: (05/18/2015 02:17:08 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 8313) (User: ) Description: Error: (05/18/2015 02:12:17 PM) (Source: MsiInstaller) (EventID: 10005) (User: ADM-PC) Description: Product: Microsoft_VC80_CRT_x86 -- Error 2203.Database: C:\Windows\Installer\c44d6b.ipi. Cannot open database file. System error -2147287035.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (05/18/2015 00:19:48 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\microsoft visual studio 10.0\Common7\IDE\remote debugger\ia64\msvsmon.exe Error: (05/18/2015 10:38:39 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 3409) (User: ) Description: -1 Error: (05/18/2015 10:38:39 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 8313) (User: ) Description: Error: (05/17/2015 00:37:57 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 3409) (User: ) Description: -1 Error: (05/17/2015 00:37:57 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 8313) (User: ) Description: CodeIntegrity Errors: =================================== Date: 2015-04-18 09:59:20.826 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2015-04-07 22:39:30.761 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2015-04-07 22:17:53.631 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2014-06-21 09:50:27.972 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2014-06-21 09:31:13.505 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2013-06-22 05:47:48.586 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2013-06-01 09:40:39.419 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-01 09:35:14.833 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-01 09:27:27.293 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-01 09:24:47.207 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz Percentage of memory in use: 48% Total physical RAM: 3895.11 MB Available physical RAM: 2000.81 MB Total Pagefile: 7788.43 MB Available Pagefile: 5308.61 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:224.51 GB) (Free:70.54 GB) NTFS Drive d: () (Fixed) (Total:241.15 GB) (Free:75.92 GB) NTFS Drive e: (HP DJ3510) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2BD2C32A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=224.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=241.2 GB) - (Type=07 NTFS) ==================== End Of Log ============================