cjoint

Publicité


Publicité

Commentaire : Kamia Addition

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by Felipe Kamia at 2015-05-19 19:40:46
Running from C:\Users\Felipe Kamia\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-174019988-414781078-1319990136-500 - Administrator - Disabled)
Convidado (S-1-5-21-174019988-414781078-1319990136-501 - Limited - Disabled)
Felipe Kamia (S-1-5-21-174019988-414781078-1319990136-1000 - Administrator - Enabled) => C:\Users\Felipe Kamia
HomeGroupUser$ (S-1-5-21-174019988-414781078-1319990136-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Titanium Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: Trend Micro Titanium Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.120 - Atheros)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.33 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.33 - Research In Motion Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.29.0 - Conexant)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Crusader Kings II (HKLM-x32\...\Crusader Kings II_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0316 - DT Soft Ltd)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell System Detect (HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
Dell Touchpad (HKLM\...\Elantech) (Version: 10.3.2.2 - ELAN Microelectronic Corp.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Democracy 3 (HKLM-x32\...\GOGPACKDEMOCRACY3_is1) (Version: 2.6.0.11 - GOG.com)
DigitalPersona Fingerprint Software 6.1 (HKLM\...\{208DCBFA-D02A-426B-865F-312529654438}) (Version: 6.1.0.279 - DigitalPersona, Inc.)
Dropbox (HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
Evernote v. 5.2.1 (HKLM-x32\...\{5E6D0ABA-ABDE-11E3-9AED-00163E98E7D6}) (Version: 5.2.1.3108 - Evernote Corp.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Football Manager 2014 Demo (HKLM-x32\...\Steam App 242380) (Version: - )
Football Superstars (HKLM-x32\...\Steam App 219870) (Version: - CyberSports Ltd.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: GBBD Caixa Economica Federal - )
GBBD Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.7.0.7 - )
Google Chrome (HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Deskjet 1000 J110 series Ajuda (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1022 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021F0}) (Version: 7.0.210 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Team Bondi)
MAGIX Photostory 2015 Deluxe (HKLM-x32\...\MX.{C9302FCA-B414-4D09-8393-7CACF844BFD0}) (Version: 14.0.2.51 - MAGIX Software GmbH)
MAGIX Photostory 2015 Deluxe (Version: 14.0.2.51 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{6CC42881-5756-4D63-BA64-CA19ABA47677}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware versão 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mendeley Desktop 1.10.1 (HKLM-x32\...\Mendeley Desktop) (Version: 1.10.1 - Mendeley Ltd.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\SkyDriveSetup.exe) (Version: 17.0.2006.0314 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.11.0.1 - )
Monitor da tecnologia Intel® Turbo Boost 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Mozilla Firefox 34.0.5 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 pt-BR)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Music Manager (HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\MusicManager) (Version: - Google, Inc.)
MyFreeCodec (HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\MyFreeCodec) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.14.010 - Dell Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realpolitik (HKLM-x32\...\Realpolitik) (Version: - )
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.39019 - Realtek Semiconductor Corp.)
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Sid Meiers Civilization Beyond Earth (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1) (Version: 1 - )
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Software básico do dispositivo HP Deskjet 1000 J110 series (HKLM\...\{5CD4705D-8EED-4C6B-9B52-6A1FFC39332B}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 2.31 - NCH Software)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0018 - ST Microelectronics)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version: - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version: - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version: - FireFly Studios)
Stronghold Kingdoms (HKLM-x32\...\Steam App 47410) (Version: - FireFly Studios)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tableau 8.0 (HKLM-x32\...\{EDE08054-DC93-42C6-BE59-2137BFFEF6F6}) (Version: 8.0.998 - Tableau Software)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version: - Galactic Cafe)
Total War ROME II (HKLM-x32\...\VG90YWxXYXJST01FSUk=_is1) (Version: 1 - )
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.1 - Trend Micro Inc.)
Trend Micro Titanium Internet Security (Version: 3.00 - Trend Micro Inc.) Hidden
Tropico 4 Collectors Bundle (HKLM-x32\...\Tropico 4 Collectors Bundle_is1) (Version: - )
Unity Web Player (HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Validity Sensors DDK (HKLM\...\{459CD4B8-A458-4100-91A5-3388354B3F7D}) (Version: 4.3.215.0 - Validity Sensors, Inc.)
Vivo 3G (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.0 - )
Warsaw 1.3.1 (HKLM-x32\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.3.1 - GAS Tecnologia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
YNAB 4 version 4.3.656 (HKLM-x32\...\com.ynab.YNAB4.LiveCaptive_is1) (Version: 4.3.656 - YouNeedABudget.com)
You Need A Budget 4 Trial (YNAB) (HKLM-x32\...\Steam App 228240) (Version: - YouNeedABudget.com)
ZHPDiag 2015 (HKLM-x32\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)
Zona (HKLM-x32\...\Zona)) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-174019988-414781078-1319990136-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

15-05-2015 12:46:35 Ponto de Verificação Agendado
18-05-2015 11:30:07 ZHPFix Restore System Point
18-05-2015 22:26:23 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2015-05-18 22:26 - 00000841 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09499C58-8CCF-4978-8E81-27E1BE91AEF5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-08] (Adobe Systems Incorporated)
Task: {13A466A3-3640-4987-A168-CD18F6C98E95} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-174019988-414781078-1319990136-1000UA => C:\Users\Felipe Kamia\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {27AE9DBC-7788-4375-8F94-76AB8B246BE3} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {44DDB20E-4A34-4B77-ADC1-8EDD73DC1668} - System32\Tasks\{B274A86E-4748-4CC7-ADA1-14D2CA02AD94} => C:\Program Files (x86)\SEGA\Football Manager 2013\fm.exe
Task: {4972280A-255F-4E4E-825B-8806A2A4CDDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28] (Google Inc.)
Task: {51C82FC3-D889-40F5-8F90-0B1967788EA5} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {5EF9AC13-4793-4198-B90D-84F8DEDEC750} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
Task: {64CE6D75-9783-4AA1-B1A4-54E7D3825C92} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-174019988-414781078-1319990136-1000Core => C:\Users\Felipe Kamia\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {684EFEAB-2864-4462-98FA-7CB25EDEBCED} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {6A9B9A52-85D6-4D69-92CD-131D65802699} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-02-25] (Intel)
Task: {6C960EBE-E999-41EB-98A1-49BFD04E1EC5} - System32\Tasks\{F33D2AAB-1AE0-48FB-BAE1-FBFC01872267} => C:\Program Files (x86)\SEGA\Football Manager 2013\fm.exe
Task: {78E35401-700C-495F-85C4-65DC2C5E7E70} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)
Task: {7DD9BEA2-926C-4D56-9E70-32E895875C5F} - System32\Tasks\{8F326B0E-A86E-41DC-A1EE-CBA89685A0A7} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/216530
Task: {9DB0FCF0-6997-4878-B191-FC3D9C7846C7} - System32\Tasks\{C854BFCA-BC8F-476C-84FA-19FC3AD21260} => pcalua.exe -a "C:\Users\Felipe Kamia\Downloads\win64_152822 (1).exe" -d "C:\Users\Felipe Kamia\Downloads"
Task: {A2BD104F-5A58-4021-9F32-2FFD5706F2A7} - System32\Tasks\{7C063420-A30E-4835-9DED-C0A8206B96A8} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Redist\vcredist_x86.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Redist"
Task: {E9EA0D35-0527-46D7-A762-7EF778B757A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Dell SupportAssistAgent AutoUpdate.job => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-174019988-414781078-1319990136-1000Core.job => C:\Users\Felipe Kamia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-174019988-414781078-1319990136-1000UA.job => C:\Users\Felipe Kamia\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-08-29 16:50 - 2010-03-31 11:51 - 00407040 _____ () C:\Windows\System32\HPM1210LM.DLL
2012-08-29 16:51 - 2010-03-31 11:51 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2012-09-09 17:23 - 2014-06-04 17:57 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-08-17 20:16 - 2012-01-26 21:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-08-17 20:29 - 2011-05-21 05:01 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2012-08-17 20:29 - 2011-05-21 05:01 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2012-08-17 20:29 - 2011-05-21 05:01 - 00731136 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2012-08-17 20:29 - 2011-05-21 05:01 - 01719808 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2014-11-24 10:39 - 2014-11-24 10:39 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2013-01-10 07:50 - 2013-01-10 07:50 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2134117ca053ce1825bac39b909a2946\IsdiInterop.ni.dll
2012-08-17 20:05 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-08-17 20:03 - 2012-01-21 08:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-17 22:13 - 2014-04-17 22:13 - 00086528 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraPtb.dll
2014-09-03 16:15 - 2014-09-03 16:15 - 10683392 _____ () C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2014-09-03 16:15 - 2014-09-03 16:15 - 07741952 _____ () C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2014-09-03 16:15 - 2014-09-03 16:15 - 02248192 _____ () C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2014-09-03 16:15 - 2014-09-03 16:15 - 01681408 _____ () C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2015-03-31 19:33 - 2015-03-31 19:33 - 00117248 _____ () C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-03-31 19:33 - 2015-03-31 19:33 - 00231936 _____ () C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-03-31 19:33 - 2015-03-31 19:33 - 00253440 _____ () C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-03-31 19:33 - 2015-03-31 19:33 - 00344064 _____ () C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2014-09-03 16:15 - 2014-09-03 16:15 - 00026624 _____ () C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2015-05-19 18:53 - 2015-05-19 18:53 - 00043008 _____ () c:\Users\Felipe Kamia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp68gmav.dll
2015-03-04 18:45 - 2015-03-04 18:45 - 00750080 _____ () C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 18:45 - 2015-03-04 18:45 - 00047616 _____ () C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 18:45 - 2015-03-04 18:45 - 00865280 _____ () C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 18:45 - 2015-03-04 18:45 - 00200704 _____ () C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-05-19 18:53 - 2015-05-19 18:53 - 00098816 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32api.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00110080 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\pywintypes27.dll
2015-05-19 18:53 - 2015-05-19 18:53 - 00364544 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\pythoncom27.dll
2015-05-19 18:53 - 2015-05-19 18:53 - 00045568 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\_socket.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 01161216 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\_ssl.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00320512 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32com.shell.shell.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00713216 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\_hashlib.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 01175040 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\wx._core_.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00805888 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\wx._gdi_.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00811008 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\wx._windows_.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 01062400 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\wx._controls_.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00735232 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\wx._misc_.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00682496 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\pysqlite2._sqlite.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00128512 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\_elementtree.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00127488 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\pyexpat.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00087552 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\_ctypes.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00119808 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32file.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00108544 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32security.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00007168 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\hashobjs_ext.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00017408 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\usb_ext.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00167936 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32gui.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00018432 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32event.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00013824 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\common.time34.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00036864 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\_psutil_windows.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00038912 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32inet.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00011264 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32crypt.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00070656 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\wx._html2.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00027136 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\_multiprocessing.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00020480 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\_yappi.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00035840 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32process.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00686080 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\unicodedata.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00122368 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\wx._wizard.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00024064 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32pipe.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00010240 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\select.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00025600 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32pdh.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00525640 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\windows._lib_cacheinvalidation.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00017408 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32profile.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00022528 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\win32ts.pyd
2015-05-19 18:53 - 2015-05-19 18:53 - 00078336 _____ () C:\Users\Felipe Kamia\AppData\Local\Temp\_MEI49522\wx._animate.pyd
2010-11-22 19:56 - 2010-11-22 19:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 19:56 - 2010-11-22 19:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 19:56 - 2010-11-22 19:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-13 20:26 - 2014-05-13 20:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-13 20:26 - 2014-05-13 20:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-13 20:26 - 2014-05-13 20:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-13 20:26 - 2014-05-13 20:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 19:57 - 2010-11-22 19:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 19:56 - 2010-11-22 19:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 19:56 - 2010-11-22 19:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 19:56 - 2010-11-22 19:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 19:57 - 2010-11-22 19:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 19:57 - 2010-11-22 19:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 19:56 - 2010-11-22 19:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 15:17 - 2011-02-15 15:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 19:57 - 2010-11-22 19:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-13 20:26 - 2014-05-13 20:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 19:56 - 2010-11-22 19:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 19:56 - 2010-11-22 19:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-13 21:37 - 2014-08-13 21:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-13 21:37 - 2014-08-13 21:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 19:56 - 2010-11-22 19:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 19:56 - 2010-11-22 19:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 19:57 - 2010-11-22 19:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 19:56 - 2010-11-22 19:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-20 21:05 - 2013-11-20 21:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 19:57 - 2010-11-22 19:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-17 21:56 - 2014-06-17 21:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 15:17 - 2011-02-15 15:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-22 20:06 - 2010-11-22 20:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-09 20:52 - 2013-05-09 20:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-09 20:52 - 2013-05-09 20:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-09 20:52 - 2013-05-09 20:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 15:57 - 2013-05-03 15:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 15:56 - 2013-05-03 15:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 15:56 - 2013-05-03 15:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 15:57 - 2013-05-03 15:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 15:56 - 2013-05-03 15:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 15:57 - 2013-05-03 15:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 15:57 - 2013-05-03 15:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 15:57 - 2013-05-03 15:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 15:57 - 2013-05-03 15:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Windows\System32:D87860CD_Bb.gbp
AlternateDataStreams: C:\Windows\System32:D87860CD_Uni.gbp
AlternateDataStreams: C:\Users\Felipe Kamia\Downloads\ForwardedMessage.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\itau.com.br -> bankline.itau.com.br


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-174019988-414781078-1319990136-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Felipe Kamia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.218.176.7 - 200.218.176.8

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Felipe Kamia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Felipe Kamia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Felipe Kamia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Diebold - Warsaw => C:\Program Files (x86)\Diebold\Warsaw\core.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Felipe Kamia\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\Felipe Kamia\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: GoogleChromeAutoLaunch_43577BD87E9EBE7447FA71619B12E56A => "C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: QuickSet => c:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Trend Micro Titanium => C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL ""
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Felipe Kamia\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{8FEDA850-96B8-4040-8200-F1381ADEE386}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6558D152-0C48-44E3-A2B6-10D682BF0F69}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B24F9327-9A62-439F-A797-0178E15F75E5}] => (Allow) LPort=2869
FirewallRules: [{ECC06F30-E94E-44C0-AF87-885B62FCB360}] => (Allow) LPort=1900
FirewallRules: [{27294D28-7C40-4632-9702-4FCE370A3120}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{C46C6D1A-9A68-4C4F-B6CA-FB6569DC6768}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{9DB75D1E-96CF-455F-BADD-4F16E88721FA}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{EFF7FC92-8C02-4E0B-935F-C67C12FB3DFF}] => (Allow) C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{10AB09C6-8BE8-4D01-90C7-DAAE872B6C55}] => (Allow) C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{441086AA-9B6F-43C9-ABE9-4AC08CDB4673}C:\users\felipe kamia\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\felipe kamia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4ECAD848-D174-4A67-A4D3-EEA809FEC3AD}C:\users\felipe kamia\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\felipe kamia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{6FCCA716-8B43-4E2A-863F-4783217F3E6A}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{D542661C-DD4B-41AC-AE3D-AE826BCABC6C}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{90938F67-7DA9-448B-8498-A4C36715F1C9}] => (Allow) LPort=4481
FirewallRules: [{AF1DE2B8-3E14-4C8E-AFCC-E72A66FC0AD2}] => (Allow) LPort=4481
FirewallRules: [{31097084-5BF8-4006-BB6A-91259C6BF2F1}] => (Allow) LPort=4482
FirewallRules: [{3A826986-1E2E-4AC8-BC1F-9D31F35CB8C0}] => (Allow) LPort=4482
FirewallRules: [{37459010-5F5C-4434-B89E-7D0E11302B27}] => (Allow) C:\Users\Felipe Kamia\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{E2B402FD-0227-47AF-9BF8-9D23E5869B0D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4404DFE7-62C0-4B5B-B75C-3867D852C8EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{55B6B594-CD9B-450B-8C7B-B1013573C88F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014 Demo\fm.exe
FirewallRules: [{7F6AD435-ABFD-4135-8709-F652D49FA851}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014 Demo\fm.exe
FirewallRules: [{0154A440-B707-4BEF-8CA8-2EDCD2F6F553}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{58199B33-9C99-46BB-B529-E59093F3AAD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{E1AA28B7-D804-437F-9B58-02690B2E4C88}] => (Allow) C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe
FirewallRules: [{04FA3765-80AE-4F58-9001-43B6F65D6322}] => (Allow) C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe
FirewallRules: [TCP Query User{365D6A3D-0EC2-42E8-A51D-9E3F8E3C0B29}C:\program files (x86)\microsoft games\rise of nations\patriots.exe] => (Block) C:\program files (x86)\microsoft games\rise of nations\patriots.exe
FirewallRules: [UDP Query User{1EE30036-8E6F-48D5-BAF6-C36207F57873}C:\program files (x86)\microsoft games\rise of nations\patriots.exe] => (Block) C:\program files (x86)\microsoft games\rise of nations\patriots.exe
FirewallRules: [{E7456996-38DE-4BCA-8405-802B894118CC}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [{50736D6C-7868-4BCC-B838-A643BA996643}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [{C4E6D542-C070-4A0D-9B01-783A14F77F9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Superstars\PatchBootstrap.exe
FirewallRules: [{F41E78FC-1B52-4323-8DBB-90737A84D948}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Superstars\PatchBootstrap.exe
FirewallRules: [TCP Query User{4AD56154-AAE3-43FC-B7F8-6C10DD8D24D0}C:\program files (x86)\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{019B0EC1-C36E-44EF-BADD-0E91C8A743E4}C:\program files (x86)\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\total war rome ii\rome2.exe
FirewallRules: [{DB65AAFF-AE3B-423A-B5D1-6878C0C2531D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D1F17A7B-6ED7-4FA2-97D4-FA77481CF66B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A7F07450-DFC1-46B2-89BB-10F80ABE1CD2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5D093DEF-AF2B-4002-99BE-624AE62FFF05}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F7E77D44-ED3F-434E-8E6C-AF530BFFDE8F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{8921960E-2B8C-49C4-BEFD-506767460E6D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E9AC7FA7-5B9B-4F4A-9398-F7FF496C994D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\YNAB 4 (Demo)\YNAB 4.exe
FirewallRules: [{3645CEDC-34E1-4BF6-A904-D471A055DDDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\YNAB 4 (Demo)\YNAB 4.exe
FirewallRules: [{0554BBA8-82F7-4B86-A43C-AB9861741292}] => (Allow) C:\Users\Felipe Kamia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DC88053F-EC99-4065-ADF2-E3F66A9C7B31}] => (Allow) C:\Users\Felipe Kamia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{71CA661C-12D8-4928-AA5F-9AF770E176A7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C7F1752D-32BE-43C4-BAD8-9D235FD6CF26}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{42AC0A51-6E15-4C06-98D6-0DC5DFE13E52}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7A0609AE-7DF0-4DD4-A3BB-759C79582A3C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{B1E36C75-F811-495E-B68A-E5E8387CAC66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{B4DCEE91-F4A5-4B35-BE8E-EE6E55DB4EAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{43CAF374-B3EA-4AF3-A54F-7A6BBC6CFA68}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{413A952E-95A7-42B1-AF78-059C4203EF8A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{56E0B333-66C5-48C2-AF2F-E0D99B1DF0FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Kingdoms\StrongholdKingdoms.exe
FirewallRules: [{8A26396E-8D13-455A-967F-4C7FB3119F40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Kingdoms\StrongholdKingdoms.exe
FirewallRules: [{2C6A8FC4-C033-4005-9044-1B7023F83110}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{1D127823-E19F-4F90-844A-F2FA92486727}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{B5B13DB1-4428-452A-807A-8AB86F7667D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{6EABCAE9-DE90-4159-9047-66A2C370BF14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{0665124C-3CA5-44C2-837E-80F12427486D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{F5115CD2-89BF-44ED-8799-4A813E5893BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{03CE75FF-E5AC-46D2-8A3E-18E11D712EF6}] => (Allow) C:\Program Files (x86)\Diebold\Warsaw\core.exe
FirewallRules: [{05F05DDF-5E6D-43C5-9837-5E8DFF9C83A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{EC79A1E4-C9A2-4469-BCF1-63CE68B232F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{59246AF6-A7A9-482F-8230-2B01D76E5ED9}C:\program files (x86)\sid meiers civilization beyond earth\civilizationbe_dx11.exe] => (Allow) C:\program files (x86)\sid meiers civilization beyond earth\civilizationbe_dx11.exe
FirewallRules: [UDP Query User{B12A4746-D579-4550-BA4F-31066D2B4AE2}C:\program files (x86)\sid meiers civilization beyond earth\civilizationbe_dx11.exe] => (Allow) C:\program files (x86)\sid meiers civilization beyond earth\civilizationbe_dx11.exe
FirewallRules: [{891855EF-F546-4F92-A1F5-F461064C24D9}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{00420BC0-AB30-4738-8CCA-3E29C45EEE8D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{CA23307D-65B2-4AE1-84B2-56571EDCA213}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8F2FC06F-D929-4285-9A8F-8ABB668D316D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4A677F73-C366-452C-81E2-4E77FC10A624}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{5D9D4B4A-0AB6-44B5-90C3-D2904E50D3B1}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3BBD0A5F-281D-4AB7-B36C-F98ED786E1DA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{64CF5A92-EB55-4ECB-A322-7D9CA6004C42}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/19/2015 06:51:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.

Error: (05/19/2015 06:51:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (05/19/2015 06:51:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (05/19/2015 06:49:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/18/2015 11:04:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.

Error: (05/18/2015 11:04:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (05/18/2015 11:04:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

Error: (05/18/2015 11:03:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/18/2015 10:17:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.

Error: (05/18/2015 10:17:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.


System errors:
=============
Error: (05/19/2015 07:41:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Trend Micro Solution Platform foi encerrado inesperadamente. Isso aconteceu 10 vez(es).

Error: (05/19/2015 07:35:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Trend Micro Solution Platform foi encerrado inesperadamente. Isso aconteceu 9 vez(es).

Error: (05/19/2015 07:30:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Trend Micro Solution Platform foi encerrado inesperadamente. Isso aconteceu 8 vez(es).

Error: (05/19/2015 07:25:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Trend Micro Solution Platform foi encerrado inesperadamente. Isso aconteceu 7 vez(es).

Error: (05/19/2015 07:20:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Trend Micro Solution Platform foi encerrado inesperadamente. Isso aconteceu 6 vez(es).

Error: (05/19/2015 07:15:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Trend Micro Solution Platform foi encerrado inesperadamente. Isso aconteceu 5 vez(es).

Error: (05/19/2015 07:10:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Trend Micro Solution Platform foi encerrado inesperadamente. Isso aconteceu 4 vez(es).

Error: (05/19/2015 07:05:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Trend Micro Solution Platform foi encerrado inesperadamente. Isso aconteceu 3 vez(es).

Error: (05/19/2015 07:00:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Trend Micro Solution Platform foi encerrado inesperadamente. Isso aconteceu 2 vez(es).

Error: (05/19/2015 06:54:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Trend Micro Solution Platform foi encerrado inesperadamente. Isso aconteceu 1 vez(es).


Microsoft Office Sessions:
=========================
Error: (05/19/2015 06:51:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (05/19/2015 06:51:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: Performance1637070000000000000000000009030000

Error: (05/19/2015 06:51:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: Performance1637070000000000000000000009030000

Error: (05/19/2015 06:49:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/18/2015 11:04:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (05/18/2015 11:04:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: Performance1637070000000000000000000009030000

Error: (05/18/2015 11:04:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: Performance1637070000000000000000000009030000

Error: (05/18/2015 11:03:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/18/2015 10:17:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (05/18/2015 10:17:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
Description: Performance1637070000000000000000000009030000


CodeIntegrity Errors:
===================================
Date: 2015-05-17 16:37:02.366
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-17 16:37:02.317
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-17 16:36:30.118
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-08-30 22:58:21.638
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-30 22:58:21.551
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-30 20:11:00.066
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-30 20:10:59.738
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-30 19:47:32.237
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-30 19:47:31.910
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-30 19:46:46.403
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz
Percentage of memory in use: 37%
Total physical RAM: 6046.31 MB
Available physical RAM: 3776.21 MB
Total Pagefile: 12090.8 MB
Available Pagefile: 9439.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:686.44 GB) (Free:385.82 GB) NTFS
Drive e: (Sid Meiers Civilization Beyond E) (CDROM) (Total:2.68 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 6EF271C2)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=686.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 8 GB) (Disk ID: 6EF271F4)
Partition 1: (Not Active) - (Size=8 GB) - (Type=84)

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité