Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-08-2015 02
Ran by PAULO (2015-08-25 19:38:00)
Running from C:\Users\PAULO\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3024616143-3309111996-383524719-500 - Administrator - Disabled)
Convidado (S-1-5-21-3024616143-3309111996-383524719-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3024616143-3309111996-383524719-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3024616143-3309111996-383524719-1005 - Limited - Enabled)
PAULO (S-1-5-21-3024616143-3309111996-383524719-1001 - Administrator - Enabled) => C:\Users\PAULO
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Atualizações da NVIDIA 2.5.12.11 (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
COMODO Programs Manager (HKLM\...\{D968E920-3A49-48EB-BA1D-8964DCDF0CA9}) (Version: 1.3_build_30 - COMODO)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Nombre de su organización)
Devil May Cry 4 (HKLM-x32\...\Steam App 45700) (Version: - Capcom)
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DriverEasy 4.9.5 (HKLM\...\DriverEasy_is1) (Version: 4.9.5.0 - Easeware)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
i-Menu version 4.0.8 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.0.8 - AOC)
Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Mega Codec Pack 11.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.0 - )
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lords Of The Fallen (HKLM-x32\...\Steam App 265300) (Version: - CI Games)
Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 pt-BR)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
My Lockbox 3.5 (HKLM\...\My Lockbox_is1) (Version: 3.5 - )
NVIDIA Áudio Virtual Miracast 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA Driver de áudio HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Driver de gráficos 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Painel de controle da NVIDIA 355.60 (Version: 355.60 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{B36586AD-3256-47B6-8AE7-FA0D8727D7C2}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.30 - VSO-Software SARL)
Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
Xerox WorkCentre 3045B (HKLM-x32\...\InstallShield_{645082D0-144F-42A1-B7CD-1419DC7BA06D}) (Version: 1.006.00 - Xerox)
Xerox WorkCentre 3045B (x32 Version: 1.006.00 - Xerox) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
23-08-2015 11:40:16 Installed Chipset_Win7_8_8.1_10_10.1.1.8.zip by DriverEasy
25-08-2015 00:01:05 avast! antivirus system restore point
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 10:25 - 2015-07-30 18:38 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0ED49012-824F-4237-89CB-3D770CA8DDE9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-QUARTO-PAULO PC-QUARTO => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2015-06-26] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1A33D4AA-4B9B-4216-A2CE-B825B77D307C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {238E391B-77A6-423C-A4BC-1C884FC57542} - System32\Tasks\{B3F96D29-1135-4038-BDB6-C39434087B93} => pcalua.exe -a C:\Users\PAULO\Desktop\CPM_SETUP_1.3.2.30_xp_vista_server2003_win7.exe -d C:\Users\PAULO\Desktop
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {53081C05-9A26-4E08-93CB-AE8174081B91} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {6610E1F5-15A9-4339-BEA6-9FFF8DDA4DC8} - System32\Tasks\{6D13DCED-2294-4FF9-B29D-DEE76E2D5F07} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {6ACE2B94-257B-42C7-B35C-154D4A69E437} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15] (Google Inc.)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {78F8091B-9C69-482C-AD59-2680695137AA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {89FE7362-F53F-40EE-BD11-431F1B69B82C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {8C883DAF-766B-44A8-8A49-E820AC89FC62} - System32\Tasks\{84016D63-C0E3-421E-8B71-9D9343BBB46C} => pcalua.exe -a C:\PROGRA~2\WSE_AS~1\\uninstall.exe
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-06] (Microsoft Corporation)
Task: {9454773F-2DF2-4305-AAEE-338C020A82E3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-25] (AVAST Software)
Task: {96AFF688-61A2-4B26-B6FE-B7FCDDE067E9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {9A7D896A-EB28-4D91-B43A-3C6C660EC9DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A06F675D-626C-4ECB-AFC8-69788F1B3FFE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {ACB50037-CC28-4269-900A-680F0786D716} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B3173518-F6B6-43DD-BCFE-43720A94B87D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B88DA3DB-C6F9-4721-ADDE-ACD93D682603} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {BD7C5B4A-39D9-4987-95C1-AE79CAA1463E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C475EC89-EF57-49FB-B5C0-B375D2F39F54} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {C4EE5AE9-95F1-4745-A1A8-6D399855B0E7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-11] (Microsoft Corporation)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C5FB748C-1E7F-4F49-8A4F-D9C11085BB85} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {C8996A91-1654-43F9-BF71-49C361DD1006} - System32\Tasks\Driver Booster SkipUAC (PAULO) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {C9F536A7-B843-4A51-B716-ADF957FDBDCB} - System32\Tasks\{841843E4-782A-4933-BC62-E1311650F293} => pcalua.exe -a C:\Users\PAULO\Desktop\CSC_3.0.172695.53_xp_vista_server2003_server2008_win7.exe -d C:\Users\PAULO\Desktop
Task: {CF7DAF55-2C3A-45B2-BCF0-9B99F5412F2A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D742F6B7-2251-46A9-965A-D03E287BDABD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D934EF78-6B25-4CF8-8C1A-BAD71ED14471} - System32\Tasks\{E066C28C-6946-49DE-8BF2-1FA302394993} => pcalua.exe -a "C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe" -d "C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86"
Task: {DC0F2990-F938-4FF0-ADAE-7E23CAB64988} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-07-21] ()
Task: {E5E7662B-C2E3-4153-B05C-A7BC20149B5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15] (Google Inc.)
Task: {F3AAFB9E-E774-4F28-8061-133DA0862673} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F7D75242-2DCE-40C1-8BF4-4C5A585EEED8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-10 08:00 - 2015-07-10 08:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-06 19:39 - 2015-08-06 19:39 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-06-04 12:37 - 2015-08-07 01:27 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-03-09 14:34 - 2012-03-09 14:34 - 00022528 _____ () C:\WINDOWS\System32\xrhr3aLM.DLL
2011-09-05 12:11 - 2011-09-05 12:11 - 00116032 _____ () C:\Program Files\COMODO\COMODO Programs Manager\CPMService.exe
2015-08-18 21:25 - 2015-08-11 06:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00095744 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
2015-08-06 22:40 - 2015-07-30 03:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-06 22:40 - 2015-07-30 03:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-11 19:43 - 2015-08-02 22:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 08:00 - 2015-07-10 13:49 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-18 21:26 - 2015-08-11 05:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-11 19:43 - 2015-08-02 22:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-17 14:34 - 2015-07-17 14:34 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00247296 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe
2012-01-03 10:04 - 2012-01-03 10:04 - 00227840 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
2012-01-03 10:05 - 2012-01-03 10:05 - 04476928 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
2015-08-25 00:03 - 2015-08-25 00:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-25 00:03 - 2015-08-25 00:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-25 14:54 - 2015-08-25 14:54 - 02961408 _____ () C:\Program Files\AVAST Software\Avast\defs\15082501\algo.dll
2015-03-31 00:47 - 2015-07-24 01:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-25 00:03 - 2015-08-25 00:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
AlternateDataStreams: C:\Users\PAULO\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3024616143-3309111996-383524719-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "mylbx"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{BEDF8AD2-F793-4B15-A475-DF17030499B1}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{9160FFE4-74ED-466F-A777-7784A47C8453}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1C0189E6-1B17-4947-A8B1-1ECC95C587B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{58B5291B-4149-400C-AEC0-9D9B6D636014}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C933F2DD-F4C6-475B-8BDE-CD717C7AC4DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B27C2E1A-1A3F-403E-A580-25EEFB342791}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{43993F34-A928-4407-B733-4A869E9FE30C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{F61FDE08-D3CF-4625-A695-A0D81C7A245C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{1FC4FC10-A97B-444F-A95D-1DF281BA3398}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A42A53C7-FBAD-42BB-8C9B-1D5587774512}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE00A264-7973-4A18-8CFE-886FDFA982A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{8B40A1D4-E648-4C05-A4D1-B392F6599822}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{8DE55BA0-D9DC-4104-A85C-C8D6DFC2F6B6}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{0CB39068-1ECB-42D3-9D75-F9A27915C79C}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{E314AE35-3916-4AA9-8D33-618C40F7B295}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{DEB34A9C-11A4-48FD-BB4F-75BF182F65A0}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{CE71AC71-6F1F-484D-B13F-7E9A52BF4A97}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{CCF2D37D-DE27-4771-BB36-3DB2DD66B810}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{F1FDC53C-9006-4EB9-BC90-CC69DDBB253F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{3B7DE8E9-97EB-41B2-B113-CD30C54D65D7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{9DB0FCE5-AB20-4236-9028-2BA540C284D6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{702330B3-0A01-4D65-88C5-046CEAAF1889}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E690B223-2C4D-4967-999F-57CF9060C129}] => (Allow) LPort=1688
FirewallRules: [{782C72A2-BE22-4DB9-B676-934F6EF9A510}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{C1C6E1E2-57AC-4D8C-82B3-C0D32461B39A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{3074D75B-DBF7-46F7-B985-0ABA84827E42}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{615A85CB-D898-4FE7-BD63-C2FEE6368595}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{9391BE92-5E67-41A9-9A6B-CA4AA0E7D218}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{83F44A12-C3CE-4EB4-8D9A-A69B3B105B52}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{32643DDC-BF4B-40FC-B30B-5F80889E2964}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DA8613DE-463D-42BB-A52C-BD5AEB61FA60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67BDE6B2-9800-4E7B-897F-BF8BE845E54C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{47F86E19-4EC7-4228-B003-442559D48CFD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{36D0CD8C-FDDA-4393-952C-FFCD624104AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FB7F45E-ADDC-4607-9E96-4F72FDE202AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3F9566A3-6A62-494A-916E-CFC0D2AC006D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{C7A6D6AA-BDBD-4FD4-9B99-DDA5C550E09A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{A0925A00-F981-41D0-B3E3-EEECF50DE434}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8F490827-67A1-4B9E-AE4D-E9280300BF27}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B8598DA6-45C1-4ABA-9E23-F9AA4D3A18A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Devil May Cry 4\DevilMayCry4_DX9.exe
FirewallRules: [{3A555917-D28B-4826-AE8D-D66A75145F01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Devil May Cry 4\DevilMayCry4_DX9.exe
FirewallRules: [{A2EFC2F8-41D6-4D1C-8580-49326187F871}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Devil May Cry 4\DevilMayCry4_DX10.exe
FirewallRules: [{586327BA-2F47-4799-BD69-75A200DC18FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Devil May Cry 4\DevilMayCry4_DX10.exe
FirewallRules: [{9A654E14-9315-478E-8694-9C34F78CAC14}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AD6FE3D1-4189-4FBA-AD89-69AD6E6F2523}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{804B0338-926F-47C7-BDA0-449FB71BB864}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{856673CF-D2B9-407B-9950-117E8D3EA80E}] => (Allow) C:\Users\PAULO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{65E4EE44-6A97-431B-AFF9-E18EE9D32941}] => (Allow) C:\Users\PAULO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{366123C2-96EB-40D4-A04A-DC6AACB7A757}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3BCEED32-4F66-4E6C-96D0-7E67695853FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{926B7D92-A421-49CD-AB4B-84CFFBF38125}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F93BF829-0872-4DB7-8BEE-ECAC0BCC85DC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B89BA75B-1A7B-4D59-9A4B-D2133243F6BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{A307C75E-2AE3-4B58-9753-EA84B94D8DB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{7581D6B7-8758-4858-8212-F821836031D9}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{022B8AB5-6177-4DFA-A607-BC2D0105BCA4}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{CAE8950E-FE1C-4E57-B9FD-92A24C483436}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{2014C5A2-B96F-4C5C-9D47-9A83FACB664C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [TCP Query User{08FDA30C-1C8B-45D9-8E6B-4CB645BFA62D}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{A77185E7-D767-4B5D-A73D-79AB9319741F}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{15E58A70-0067-44F7-BFEA-889E05B4B006}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{2B9FBD58-0D53-42CC-BBA6-86E446C746A7}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{A0AC4A89-E03F-4B51-9ADF-064F3E495B24}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/25/2015 07:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: OHub.exe, versão: 16.0.6106.2350, carimbo de data/hora: 0x55c40ea1
Nome do módulo com falha: Mso30Imm.dll, versão: 16.0.6014.1000, carimbo de data/hora: 0x55a5783f
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000012b70
ID do processo com falha: 0x1c70
Hora de início do aplicativo com falha: 0xOHub.exe0
Caminho do aplicativo com falha: OHub.exe1
Caminho do módulo com falha: OHub.exe2
ID do Relatório: OHub.exe3
Nome completo do pacote com falha: OHub.exe4
ID do aplicativo relativo ao pacote com falha: OHub.exe5
Error: (08/25/2015 07:18:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007fff8a030668
ID do processo com falha: 0x938
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5
Error: (08/25/2015 03:45:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-QUARTO)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/25/2015 02:59:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de data/hora: 0x55c116b1
Nome do módulo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de data/hora: 0x55c116b1
Código de exceção: 0x40000015
Deslocamento da falha: 0x00052d24
ID do processo com falha: 0x7c0
Hora de início do aplicativo com falha: 0xjucheck.exe0
Caminho do aplicativo com falha: jucheck.exe1
Caminho do módulo com falha: jucheck.exe2
ID do Relatório: jucheck.exe3
Nome completo do pacote com falha: jucheck.exe4
ID do aplicativo relativo ao pacote com falha: jucheck.exe5
Error: (08/25/2015 02:53:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007ff8095f0668
ID do processo com falha: 0x878
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5
Error: (08/25/2015 01:28:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-QUARTO)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/25/2015 01:27:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.10240.16425, carimbo de data/hora: 0x55bec5f5
Nome do módulo com falha: StartUI.dll, versão: 10.0.10240.16431, carimbo de data/hora: 0x55c9bb30
Código de exceção: 0x80000003
Deslocamento da falha: 0x00000000001c028f
ID do processo com falha: 0x1308
Hora de início do aplicativo com falha: 0xShellExperienceHost.exe0
Caminho do aplicativo com falha: ShellExperienceHost.exe1
Caminho do módulo com falha: ShellExperienceHost.exe2
ID do Relatório: ShellExperienceHost.exe3
Nome completo do pacote com falha: ShellExperienceHost.exe4
ID do aplicativo relativo ao pacote com falha: ShellExperienceHost.exe5
Error: (08/25/2015 12:01:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (08/24/2015 11:29:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: OHub.exe, versão: 16.0.6106.2350, carimbo de data/hora: 0x55c40ea1
Nome do módulo com falha: Mso30Imm.dll, versão: 16.0.6014.1000, carimbo de data/hora: 0x55a5783f
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000012b70
ID do processo com falha: 0xcfc
Hora de início do aplicativo com falha: 0xOHub.exe0
Caminho do aplicativo com falha: OHub.exe1
Caminho do módulo com falha: OHub.exe2
ID do Relatório: OHub.exe3
Nome completo do pacote com falha: OHub.exe4
ID do aplicativo relativo ao pacote com falha: OHub.exe5
Error: (08/24/2015 11:27:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007ff8a3a10668
ID do processo com falha: 0xa3c
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5
System errors:
=============
Error: (08/25/2015 07:20:55 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (08/25/2015 07:19:44 PM) (Source: DCOM) (EventID: 10016) (User: PC-QUARTO)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}PC-QUARTOPAULOS-1-5-21-3024616143-3309111996-383524719-1001LocalHost (Usando LRPC)Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (08/25/2015 07:18:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Service KMSELDI foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (08/25/2015 07:17:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço KMS Server Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (08/25/2015 07:17:01 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Falha na inicialização porque o transporte não abriu os Endereços iniciais.
Error: (08/25/2015 07:17:01 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Falha na inicialização porque o transporte não abriu os Endereços iniciais.
Error: (08/25/2015 03:45:22 PM) (Source: DCOM) (EventID: 10010) (User: PC-QUARTO)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (08/25/2015 03:45:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (08/25/2015 03:45:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (08/25/2015 03:45:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Microsoft Office:
=========================
Error: (08/25/2015 07:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1Mso30Imm.dll16.0.6014.100055a5783fc00000050000000000012b701c7001d0df8422b78feeC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\Mso30Imm.dll0b07a2f5-9753-49d9-8359-a31786c7b7e4Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
Error: (08/25/2015 07:18:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.0000000000000000000007fff8a03066893801d0df83c9be3233C:\Program Files\KMSpico\Service_KMS.exeunknown60576afb-cd3e-4476-8d80-b74853a49758
Error: (08/25/2015 03:45:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-QUARTO)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
Error: (08/25/2015 02:59:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.60.2755c116b1jucheck.exe2.8.60.2755c116b14000001500052d247c001d0df5fcc74a4f5C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeb62775e0-ad6f-48cf-b489-4480e6b385b2
Error: (08/25/2015 02:53:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.0000000000000000000007ff8095f066887801d0df5ec18bf717C:\Program Files\KMSpico\Service_KMS.exeunknown7b2d5d03-3c3e-4e59-9c3a-fe347ec05d73
Error: (08/25/2015 01:28:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-QUARTO)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
Error: (08/25/2015 01:27:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ShellExperienceHost.exe10.0.10240.1642555bec5f5StartUI.dll10.0.10240.1643155c9bb308000000300000000001c028f130801d0dedd99acfda1C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exeC:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\StartUI.dll2337e746-6021-4f43-8dd9-d904e55603bcMicrosoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewyApp
Error: (08/25/2015 12:01:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
Error: (08/24/2015 11:29:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1Mso30Imm.dll16.0.6014.100055a5783fc00000050000000000012b70cfc01d0dedde90de822C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\Mso30Imm.dllb9acc6cc-00c3-486d-b126-809aa6e42b0dMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
Error: (08/24/2015 11:27:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.0000000000000000000007ff8a3a10668a3c01d0dedd7453e150C:\Program Files\KMSpico\Service_KMS.exeunknowncb758555-d60f-4014-b742-d3f6a00a35ad
CodeIntegrity:
===================================
Date: 2015-08-24 23:29:46.516
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe that did not meet the Windows signing level requirements.
Date: 2015-08-24 23:29:46.489
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe that did not meet the Windows signing level requirements.
Date: 2015-08-24 23:29:46.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe that did not meet the Windows signing level requirements.
Date: 2015-08-24 23:29:46.436
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe that did not meet the Windows signing level requirements.
Date: 2015-08-24 22:16:39.519
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 22:16:39.487
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 22:16:39.455
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 22:16:36.521
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 22:16:36.488
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 22:16:36.455
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3340 CPU @ 3.10GHz
Percentage of memory in use: 19%
Total physical RAM: 12251.46 MB
Available physical RAM: 9894.1 MB
Total Virtual: 14107.46 MB
Available Virtual: 11501.59 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.12 GB) (Free:718.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 000DB11A)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by PAULO (2015-08-25 19:38:00)
Running from C:\Users\PAULO\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3024616143-3309111996-383524719-500 - Administrator - Disabled)
Convidado (S-1-5-21-3024616143-3309111996-383524719-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3024616143-3309111996-383524719-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3024616143-3309111996-383524719-1005 - Limited - Enabled)
PAULO (S-1-5-21-3024616143-3309111996-383524719-1001 - Administrator - Enabled) => C:\Users\PAULO
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Atualizações da NVIDIA 2.5.12.11 (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
COMODO Programs Manager (HKLM\...\{D968E920-3A49-48EB-BA1D-8964DCDF0CA9}) (Version: 1.3_build_30 - COMODO)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Nombre de su organización)
Devil May Cry 4 (HKLM-x32\...\Steam App 45700) (Version: - Capcom)
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DriverEasy 4.9.5 (HKLM\...\DriverEasy_is1) (Version: 4.9.5.0 - Easeware)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
i-Menu version 4.0.8 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.0.8 - AOC)
Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Mega Codec Pack 11.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.0 - )
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lords Of The Fallen (HKLM-x32\...\Steam App 265300) (Version: - CI Games)
Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 pt-BR)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
My Lockbox 3.5 (HKLM\...\My Lockbox_is1) (Version: 3.5 - )
NVIDIA Áudio Virtual Miracast 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA Driver de áudio HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Driver de gráficos 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Painel de controle da NVIDIA 355.60 (Version: 355.60 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{B36586AD-3256-47B6-8AE7-FA0D8727D7C2}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.30 - VSO-Software SARL)
Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
Xerox WorkCentre 3045B (HKLM-x32\...\InstallShield_{645082D0-144F-42A1-B7CD-1419DC7BA06D}) (Version: 1.006.00 - Xerox)
Xerox WorkCentre 3045B (x32 Version: 1.006.00 - Xerox) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
23-08-2015 11:40:16 Installed Chipset_Win7_8_8.1_10_10.1.1.8.zip by DriverEasy
25-08-2015 00:01:05 avast! antivirus system restore point
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 10:25 - 2015-07-30 18:38 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0ED49012-824F-4237-89CB-3D770CA8DDE9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-QUARTO-PAULO PC-QUARTO => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2015-06-26] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1A33D4AA-4B9B-4216-A2CE-B825B77D307C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {238E391B-77A6-423C-A4BC-1C884FC57542} - System32\Tasks\{B3F96D29-1135-4038-BDB6-C39434087B93} => pcalua.exe -a C:\Users\PAULO\Desktop\CPM_SETUP_1.3.2.30_xp_vista_server2003_win7.exe -d C:\Users\PAULO\Desktop
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {53081C05-9A26-4E08-93CB-AE8174081B91} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {6610E1F5-15A9-4339-BEA6-9FFF8DDA4DC8} - System32\Tasks\{6D13DCED-2294-4FF9-B29D-DEE76E2D5F07} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {6ACE2B94-257B-42C7-B35C-154D4A69E437} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15] (Google Inc.)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {78F8091B-9C69-482C-AD59-2680695137AA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {89FE7362-F53F-40EE-BD11-431F1B69B82C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {8C883DAF-766B-44A8-8A49-E820AC89FC62} - System32\Tasks\{84016D63-C0E3-421E-8B71-9D9343BBB46C} => pcalua.exe -a C:\PROGRA~2\WSE_AS~1\\uninstall.exe
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-06] (Microsoft Corporation)
Task: {9454773F-2DF2-4305-AAEE-338C020A82E3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-25] (AVAST Software)
Task: {96AFF688-61A2-4B26-B6FE-B7FCDDE067E9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {9A7D896A-EB28-4D91-B43A-3C6C660EC9DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A06F675D-626C-4ECB-AFC8-69788F1B3FFE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {ACB50037-CC28-4269-900A-680F0786D716} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B3173518-F6B6-43DD-BCFE-43720A94B87D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B88DA3DB-C6F9-4721-ADDE-ACD93D682603} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {BD7C5B4A-39D9-4987-95C1-AE79CAA1463E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C475EC89-EF57-49FB-B5C0-B375D2F39F54} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {C4EE5AE9-95F1-4745-A1A8-6D399855B0E7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-11] (Microsoft Corporation)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C5FB748C-1E7F-4F49-8A4F-D9C11085BB85} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {C8996A91-1654-43F9-BF71-49C361DD1006} - System32\Tasks\Driver Booster SkipUAC (PAULO) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {C9F536A7-B843-4A51-B716-ADF957FDBDCB} - System32\Tasks\{841843E4-782A-4933-BC62-E1311650F293} => pcalua.exe -a C:\Users\PAULO\Desktop\CSC_3.0.172695.53_xp_vista_server2003_server2008_win7.exe -d C:\Users\PAULO\Desktop
Task: {CF7DAF55-2C3A-45B2-BCF0-9B99F5412F2A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D742F6B7-2251-46A9-965A-D03E287BDABD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D934EF78-6B25-4CF8-8C1A-BAD71ED14471} - System32\Tasks\{E066C28C-6946-49DE-8BF2-1FA302394993} => pcalua.exe -a "C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe" -d "C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86"
Task: {DC0F2990-F938-4FF0-ADAE-7E23CAB64988} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-07-21] ()
Task: {E5E7662B-C2E3-4153-B05C-A7BC20149B5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15] (Google Inc.)
Task: {F3AAFB9E-E774-4F28-8061-133DA0862673} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F7D75242-2DCE-40C1-8BF4-4C5A585EEED8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-10 08:00 - 2015-07-10 08:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-06 19:39 - 2015-08-06 19:39 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-06-04 12:37 - 2015-08-07 01:27 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-03-09 14:34 - 2012-03-09 14:34 - 00022528 _____ () C:\WINDOWS\System32\xrhr3aLM.DLL
2011-09-05 12:11 - 2011-09-05 12:11 - 00116032 _____ () C:\Program Files\COMODO\COMODO Programs Manager\CPMService.exe
2015-08-18 21:25 - 2015-08-11 06:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00095744 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
2015-08-06 22:40 - 2015-07-30 03:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-06 22:40 - 2015-07-30 03:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-11 19:43 - 2015-08-02 22:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 08:00 - 2015-07-10 13:49 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-18 21:26 - 2015-08-11 05:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-11 19:43 - 2015-08-02 22:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-17 14:34 - 2015-07-17 14:34 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00247296 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe
2012-01-03 10:04 - 2012-01-03 10:04 - 00227840 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
2012-01-03 10:05 - 2012-01-03 10:05 - 04476928 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
2015-08-25 00:03 - 2015-08-25 00:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-25 00:03 - 2015-08-25 00:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-25 14:54 - 2015-08-25 14:54 - 02961408 _____ () C:\Program Files\AVAST Software\Avast\defs\15082501\algo.dll
2015-03-31 00:47 - 2015-07-24 01:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-25 00:03 - 2015-08-25 00:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
AlternateDataStreams: C:\Users\PAULO\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3024616143-3309111996-383524719-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "mylbx"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{BEDF8AD2-F793-4B15-A475-DF17030499B1}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{9160FFE4-74ED-466F-A777-7784A47C8453}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1C0189E6-1B17-4947-A8B1-1ECC95C587B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{58B5291B-4149-400C-AEC0-9D9B6D636014}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C933F2DD-F4C6-475B-8BDE-CD717C7AC4DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B27C2E1A-1A3F-403E-A580-25EEFB342791}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{43993F34-A928-4407-B733-4A869E9FE30C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{F61FDE08-D3CF-4625-A695-A0D81C7A245C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{1FC4FC10-A97B-444F-A95D-1DF281BA3398}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A42A53C7-FBAD-42BB-8C9B-1D5587774512}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE00A264-7973-4A18-8CFE-886FDFA982A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{8B40A1D4-E648-4C05-A4D1-B392F6599822}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{8DE55BA0-D9DC-4104-A85C-C8D6DFC2F6B6}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{0CB39068-1ECB-42D3-9D75-F9A27915C79C}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{E314AE35-3916-4AA9-8D33-618C40F7B295}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{DEB34A9C-11A4-48FD-BB4F-75BF182F65A0}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{CE71AC71-6F1F-484D-B13F-7E9A52BF4A97}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{CCF2D37D-DE27-4771-BB36-3DB2DD66B810}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{F1FDC53C-9006-4EB9-BC90-CC69DDBB253F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{3B7DE8E9-97EB-41B2-B113-CD30C54D65D7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{9DB0FCE5-AB20-4236-9028-2BA540C284D6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{702330B3-0A01-4D65-88C5-046CEAAF1889}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E690B223-2C4D-4967-999F-57CF9060C129}] => (Allow) LPort=1688
FirewallRules: [{782C72A2-BE22-4DB9-B676-934F6EF9A510}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{C1C6E1E2-57AC-4D8C-82B3-C0D32461B39A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{3074D75B-DBF7-46F7-B985-0ABA84827E42}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{615A85CB-D898-4FE7-BD63-C2FEE6368595}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{9391BE92-5E67-41A9-9A6B-CA4AA0E7D218}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{83F44A12-C3CE-4EB4-8D9A-A69B3B105B52}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{32643DDC-BF4B-40FC-B30B-5F80889E2964}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DA8613DE-463D-42BB-A52C-BD5AEB61FA60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67BDE6B2-9800-4E7B-897F-BF8BE845E54C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{47F86E19-4EC7-4228-B003-442559D48CFD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{36D0CD8C-FDDA-4393-952C-FFCD624104AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FB7F45E-ADDC-4607-9E96-4F72FDE202AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3F9566A3-6A62-494A-916E-CFC0D2AC006D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{C7A6D6AA-BDBD-4FD4-9B99-DDA5C550E09A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{A0925A00-F981-41D0-B3E3-EEECF50DE434}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8F490827-67A1-4B9E-AE4D-E9280300BF27}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B8598DA6-45C1-4ABA-9E23-F9AA4D3A18A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Devil May Cry 4\DevilMayCry4_DX9.exe
FirewallRules: [{3A555917-D28B-4826-AE8D-D66A75145F01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Devil May Cry 4\DevilMayCry4_DX9.exe
FirewallRules: [{A2EFC2F8-41D6-4D1C-8580-49326187F871}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Devil May Cry 4\DevilMayCry4_DX10.exe
FirewallRules: [{586327BA-2F47-4799-BD69-75A200DC18FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Devil May Cry 4\DevilMayCry4_DX10.exe
FirewallRules: [{9A654E14-9315-478E-8694-9C34F78CAC14}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AD6FE3D1-4189-4FBA-AD89-69AD6E6F2523}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{804B0338-926F-47C7-BDA0-449FB71BB864}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{856673CF-D2B9-407B-9950-117E8D3EA80E}] => (Allow) C:\Users\PAULO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{65E4EE44-6A97-431B-AFF9-E18EE9D32941}] => (Allow) C:\Users\PAULO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{366123C2-96EB-40D4-A04A-DC6AACB7A757}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3BCEED32-4F66-4E6C-96D0-7E67695853FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{926B7D92-A421-49CD-AB4B-84CFFBF38125}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F93BF829-0872-4DB7-8BEE-ECAC0BCC85DC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B89BA75B-1A7B-4D59-9A4B-D2133243F6BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{A307C75E-2AE3-4B58-9753-EA84B94D8DB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{7581D6B7-8758-4858-8212-F821836031D9}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{022B8AB5-6177-4DFA-A607-BC2D0105BCA4}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{CAE8950E-FE1C-4E57-B9FD-92A24C483436}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{2014C5A2-B96F-4C5C-9D47-9A83FACB664C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [TCP Query User{08FDA30C-1C8B-45D9-8E6B-4CB645BFA62D}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{A77185E7-D767-4B5D-A73D-79AB9319741F}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{15E58A70-0067-44F7-BFEA-889E05B4B006}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{2B9FBD58-0D53-42CC-BBA6-86E446C746A7}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{A0AC4A89-E03F-4B51-9ADF-064F3E495B24}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/25/2015 07:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: OHub.exe, versão: 16.0.6106.2350, carimbo de data/hora: 0x55c40ea1
Nome do módulo com falha: Mso30Imm.dll, versão: 16.0.6014.1000, carimbo de data/hora: 0x55a5783f
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000012b70
ID do processo com falha: 0x1c70
Hora de início do aplicativo com falha: 0xOHub.exe0
Caminho do aplicativo com falha: OHub.exe1
Caminho do módulo com falha: OHub.exe2
ID do Relatório: OHub.exe3
Nome completo do pacote com falha: OHub.exe4
ID do aplicativo relativo ao pacote com falha: OHub.exe5
Error: (08/25/2015 07:18:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007fff8a030668
ID do processo com falha: 0x938
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5
Error: (08/25/2015 03:45:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-QUARTO)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/25/2015 02:59:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de data/hora: 0x55c116b1
Nome do módulo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de data/hora: 0x55c116b1
Código de exceção: 0x40000015
Deslocamento da falha: 0x00052d24
ID do processo com falha: 0x7c0
Hora de início do aplicativo com falha: 0xjucheck.exe0
Caminho do aplicativo com falha: jucheck.exe1
Caminho do módulo com falha: jucheck.exe2
ID do Relatório: jucheck.exe3
Nome completo do pacote com falha: jucheck.exe4
ID do aplicativo relativo ao pacote com falha: jucheck.exe5
Error: (08/25/2015 02:53:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007ff8095f0668
ID do processo com falha: 0x878
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5
Error: (08/25/2015 01:28:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-QUARTO)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/25/2015 01:27:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.10240.16425, carimbo de data/hora: 0x55bec5f5
Nome do módulo com falha: StartUI.dll, versão: 10.0.10240.16431, carimbo de data/hora: 0x55c9bb30
Código de exceção: 0x80000003
Deslocamento da falha: 0x00000000001c028f
ID do processo com falha: 0x1308
Hora de início do aplicativo com falha: 0xShellExperienceHost.exe0
Caminho do aplicativo com falha: ShellExperienceHost.exe1
Caminho do módulo com falha: ShellExperienceHost.exe2
ID do Relatório: ShellExperienceHost.exe3
Nome completo do pacote com falha: ShellExperienceHost.exe4
ID do aplicativo relativo ao pacote com falha: ShellExperienceHost.exe5
Error: (08/25/2015 12:01:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (08/24/2015 11:29:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: OHub.exe, versão: 16.0.6106.2350, carimbo de data/hora: 0x55c40ea1
Nome do módulo com falha: Mso30Imm.dll, versão: 16.0.6014.1000, carimbo de data/hora: 0x55a5783f
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000012b70
ID do processo com falha: 0xcfc
Hora de início do aplicativo com falha: 0xOHub.exe0
Caminho do aplicativo com falha: OHub.exe1
Caminho do módulo com falha: OHub.exe2
ID do Relatório: OHub.exe3
Nome completo do pacote com falha: OHub.exe4
ID do aplicativo relativo ao pacote com falha: OHub.exe5
Error: (08/24/2015 11:27:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007ff8a3a10668
ID do processo com falha: 0xa3c
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5
System errors:
=============
Error: (08/25/2015 07:20:55 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (08/25/2015 07:19:44 PM) (Source: DCOM) (EventID: 10016) (User: PC-QUARTO)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}PC-QUARTOPAULOS-1-5-21-3024616143-3309111996-383524719-1001LocalHost (Usando LRPC)Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (08/25/2015 07:18:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Service KMSELDI foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (08/25/2015 07:17:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço KMS Server Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (08/25/2015 07:17:01 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Falha na inicialização porque o transporte não abriu os Endereços iniciais.
Error: (08/25/2015 07:17:01 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Falha na inicialização porque o transporte não abriu os Endereços iniciais.
Error: (08/25/2015 03:45:22 PM) (Source: DCOM) (EventID: 10010) (User: PC-QUARTO)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (08/25/2015 03:45:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (08/25/2015 03:45:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (08/25/2015 03:45:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Microsoft Office:
=========================
Error: (08/25/2015 07:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1Mso30Imm.dll16.0.6014.100055a5783fc00000050000000000012b701c7001d0df8422b78feeC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\Mso30Imm.dll0b07a2f5-9753-49d9-8359-a31786c7b7e4Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
Error: (08/25/2015 07:18:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.0000000000000000000007fff8a03066893801d0df83c9be3233C:\Program Files\KMSpico\Service_KMS.exeunknown60576afb-cd3e-4476-8d80-b74853a49758
Error: (08/25/2015 03:45:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-QUARTO)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
Error: (08/25/2015 02:59:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.60.2755c116b1jucheck.exe2.8.60.2755c116b14000001500052d247c001d0df5fcc74a4f5C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeb62775e0-ad6f-48cf-b489-4480e6b385b2
Error: (08/25/2015 02:53:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.0000000000000000000007ff8095f066887801d0df5ec18bf717C:\Program Files\KMSpico\Service_KMS.exeunknown7b2d5d03-3c3e-4e59-9c3a-fe347ec05d73
Error: (08/25/2015 01:28:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-QUARTO)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
Error: (08/25/2015 01:27:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ShellExperienceHost.exe10.0.10240.1642555bec5f5StartUI.dll10.0.10240.1643155c9bb308000000300000000001c028f130801d0dedd99acfda1C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exeC:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\StartUI.dll2337e746-6021-4f43-8dd9-d904e55603bcMicrosoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewyApp
Error: (08/25/2015 12:01:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
Error: (08/24/2015 11:29:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1Mso30Imm.dll16.0.6014.100055a5783fc00000050000000000012b70cfc01d0dedde90de822C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\Mso30Imm.dllb9acc6cc-00c3-486d-b126-809aa6e42b0dMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
Error: (08/24/2015 11:27:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.0000000000000000000007ff8a3a10668a3c01d0dedd7453e150C:\Program Files\KMSpico\Service_KMS.exeunknowncb758555-d60f-4014-b742-d3f6a00a35ad
CodeIntegrity:
===================================
Date: 2015-08-24 23:29:46.516
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe that did not meet the Windows signing level requirements.
Date: 2015-08-24 23:29:46.489
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe that did not meet the Windows signing level requirements.
Date: 2015-08-24 23:29:46.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe that did not meet the Windows signing level requirements.
Date: 2015-08-24 23:29:46.436
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe that did not meet the Windows signing level requirements.
Date: 2015-08-24 22:16:39.519
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 22:16:39.487
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 22:16:39.455
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 22:16:36.521
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 22:16:36.488
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 22:16:36.455
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3340 CPU @ 3.10GHz
Percentage of memory in use: 19%
Total physical RAM: 12251.46 MB
Available physical RAM: 9894.1 MB
Total Virtual: 14107.46 MB
Available Virtual: 11501.59 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.12 GB) (Free:718.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 000DB11A)
Partition: GPT.
==================== End of Addition.txt ============================