Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Gustavo (2015-09-20 16:21:30)
Running from C:\Users\Gustavo\Downloads
Windows 10 Home (X64) (2015-09-14 18:11:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3336594925-1444484530-2665733283-500 - Administrator - Disabled)
Convidado (S-1-5-21-3336594925-1444484530-2665733283-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3336594925-1444484530-2665733283-503 - Limited - Disabled)
Gustavo (S-1-5-21-3336594925-1444484530-2665733283-1001 - Administrator - Enabled) => C:\Users\Gustavo
HomeGroupUser$ (S-1-5-21-3336594925-1444484530-2665733283-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\uTorrent) (Version: 3.4.3.39944 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.65.1074 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
ELAN Touchpad 11.15.0.16_X64 (HKLM\...\Elantech) (Version: 11.15.0.16 - ELAN Microelectronic Corp.)
Enterprise (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.77 - NCH Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FINAL FANTASY IV (HKLM-x32\...\Steam App 312750) (Version: - Square Enix)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.18.4 - Androxyde)
Free YouTube Downloader Converter (HKLM-x32\...\Free YouTube Downloader Converter) (Version: - Eusing Software)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.9.0.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google SketchUp 8 (HKLM-x32\...\{6B5F92BB-4272-4A69-B39B-EED000BC6192}) (Version: 3.0.14372 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Officejet 4500 G510a-f Series Corporate Edition 14.0 (HKLM\...\{B584612D-3743-495A-AB28-98C44C1E2648}) (Version: 14.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel XDK (HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\ARP_for_prd_xdk_0.0.2323) (Version: 0.0.2323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
InteliMap 4.0.0 (HKLM-x32\...\InteliMap) (Version: - X25 Informática)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
K-Lite Codec Pack 9.9.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.0 - )
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Mouse Recorder Pro 2.0.7.5 (HKLM-x32\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version: - Nemex Studios)
Mozilla Firefox 40.0.3 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 pt-BR)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Proteção de Terminal Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.65 - Trusteer)
Rapport (x32 Version: 3.5.1507.65 - Trusteer) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Snappersoft USB Healer 1.4 (HKLM-x32\...\{1C9F3B97-4669-45D8-A24C-B4EF918688EC}_is1) (Version: 1.4 - Snappersoft (Pty) LTD)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.10.201507101148 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.281 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.281 - Sony)
Spotify (HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VDownloader 4.0.1201 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.8.20150402 - Xilisoft)
ZHPFix 2014 (HKLM-x32\...\ZHPFix_is1) (Version: 2014 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-09-2015 17:20:36 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 08:04 - 2015-07-10 08:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {096329C3-8FCC-462B-AE9E-C3E28DCC8599} - \SPBIW_UpdateTask_Time_323239353039313235392d2323782a32455b4134572d32 -> No File <==== ATTENTION
Task: {0B404A56-E6BC-40A8-ADEE-48C9B80226B8} - System32\Tasks\{3B7FD029-D932-411b-AF15-C96CF8EF0C18}{19F8DB95-4D78-4ddb-AC71-C610654FE37F} => C:\Program Files (x86)\WeatherTool\1.2.3.9736\InstallHelper.exe
Task: {11C9082C-31DD-45C6-AB80-B449158AD489} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {20F25DEF-EC4B-419D-9161-701576149825} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {25EE23AB-7197-455F-99B6-A11C06BBF7E9} - System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => C:\Users\Gustavo\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [2015-05-15] ()
Task: {27A2513A-83E9-4C8F-9609-751CFA30367F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {2A1A5415-E3A5-4EA1-89B5-3F7A0CE96AAF} - System32\Tasks\{51A60A61-9F08-4C3D-8CA4-2E3B37B9412E} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/pt/abandoninstall?source=lightinstaller&page=tsInstall
Task: {2EA9ACD5-2593-4476-A8D9-0DFE8FDEBBB1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {35092354-56E8-45D1-A81B-BA20844092CD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {43C227A6-1AC9-4827-8529-3067BEA6C4E6} - System32\Tasks\PFExe => C:\Users\Gustavo\AppData\Local\PriceFountain\pricefountain.exe
Task: {570F7459-0A72-49B6-9983-DF960F3BC3E8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3336594925-1444484530-2665733283-1001UA => C:\Users\Gustavo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-06] (Dropbox, Inc.)
Task: {5D1968F0-AE08-4D25-9F1E-D7956B59C9BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {76D8CB39-519D-4177-ABE0-70C5AD2D93B2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3336594925-1444484530-2665733283-1001Core => C:\Users\Gustavo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-06] (Dropbox, Inc.)
Task: {89B20000-CD55-4C1C-848B-0692A21B17D8} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {8DAD4F05-9638-425C-801F-D9E8AA215080} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION
Task: {8EA850D7-9A11-44C5-9CD0-E87BD0F4F73C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {8FE066B4-1DD9-4557-8DCC-A3EF31AEBF81} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {9DBE27FD-F588-4BDD-98AB-77119A64C618} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9FD770B6-2684-46BA-A1E2-917477CB37EE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B10C4AF6-646B-4A78-B215-E56C254659AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C2FFC3A1-F524-41DB-8A9D-9E0364D19BD1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C9655D9F-A21D-4D17-B723-E7130C25D3F0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D7A5FE58-938C-4889-B4FB-7A510F582A0E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E16C854B-765F-4306-9BB4-37696A3C5C64} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {ECB6E91C-5430-4D9C-8918-567049435D57} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F0ECE623-5A84-4618-89ED-03804975EB68} - \Driver Booster SkipUAC (Gustavo) -> No File <==== ATTENTION
Task: {F1A36DBD-CBCC-45C9-BAB1-959851957E0A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3336594925-1444484530-2665733283-1001Core.job => C:\Users\Gustavo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3336594925-1444484530-2665733283-1001UA.job => C:\Users\Gustavo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job => C:\Users\Gustavo\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe-RunCheckUpdate C:\Users\Gustavo\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe
Task: C:\WINDOWS\Tasks\{3B7FD029-D932-411b-AF15-C96CF8EF0C18}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job => C:\Program Files (x86)\WeatherTool\1.2.3.9736\InstallHelper.exen-RunCloudOPTClient C:\Program Files (x86)\WeatherTool\1.2.3.9736\CloudOPTClient\CloudOPTClient.exe
==================== Loaded Modules (Whitelisted) ==============
2015-09-14 13:45 - 2015-09-14 13:45 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-12 06:49 - 2014-05-12 06:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 08:00 - 2015-07-10 13:48 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 08:00 - 2015-07-10 13:48 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-30 16:06 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-09-14 16:07 - 2015-09-14 16:08 - 08241152 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.9.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-09-14 16:07 - 2015-09-14 16:08 - 02238976 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.9.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-09-14 15:31 - 2015-09-14 15:43 - 07246336 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\candycrushsaga.exe
2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-09-14 15:17 - 2015-09-14 15:17 - 00098816 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32api.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00110080 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\pywintypes27.dll
2015-09-14 15:17 - 2015-09-14 15:17 - 00364544 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\pythoncom27.dll
2015-09-14 15:17 - 2015-09-14 15:17 - 00045568 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_socket.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 01161216 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_ssl.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00320512 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32com.shell.shell.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00713216 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_hashlib.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 01176576 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._core_.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00806400 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._gdi_.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00816128 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._windows_.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 01067008 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._controls_.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00733184 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._misc_.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00682496 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\pysqlite2._sqlite.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00087552 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_ctypes.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00119808 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32file.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00108544 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32security.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00007168 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\hashobjs_ext.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00068096 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\usb_ext.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00167936 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32gui.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00018432 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32event.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00128512 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_elementtree.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00127488 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\pyexpat.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00013824 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\common.time34.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00036864 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_psutil_windows.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00038912 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32inet.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00011264 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32crypt.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00077312 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._html2.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00027136 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_multiprocessing.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00020480 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_yappi.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00035840 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32process.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00686080 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\unicodedata.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00123392 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._wizard.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00024064 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32pipe.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00010240 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\select.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00025600 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32pdh.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00525640 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\windows._lib_cacheinvalidation.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00017408 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32profile.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00022528 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32ts.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00078848 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._animate.pyd
2015-07-30 16:06 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2015-07-30 16:06 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-07-30 16:06 - 2015-06-30 16:21 - 00915968 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\deviceupdate_dll.dll
2015-07-30 16:06 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-03-23 19:19 - 2015-03-23 19:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-07-30 16:06 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-07-15 10:45 - 2015-07-15 10:45 - 00802304 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2015-09-14 15:18 - 2015-09-14 15:18 - 00071168 _____ () c:\users\gustavo\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbp2kmc.dll
2015-03-04 18:45 - 2015-08-05 02:26 - 00012800 _____ () C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 18:45 - 2015-08-05 02:26 - 00779776 _____ () C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 13:21 - 2015-08-05 02:26 - 00056320 _____ () C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 18:45 - 2015-08-05 02:26 - 00012288 _____ () C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-09-14 15:35 - 2015-09-14 15:47 - 01288192 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\SB_LIBEAY32.dll
2015-09-14 15:31 - 2015-09-14 15:43 - 00080384 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\libEGL.dll
2015-09-14 15:31 - 2015-09-14 15:43 - 02076672 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\libGLESv2.dll
2015-09-14 15:31 - 2015-09-14 15:43 - 00257536 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\curl.dll
2015-09-14 15:35 - 2015-09-14 15:47 - 00293888 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\SB_SSLEAY32.dll
2015-09-14 15:36 - 2015-09-14 15:47 - 00066560 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\zlib.dll
2015-09-03 20:20 - 2015-08-27 21:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-03 20:20 - 2015-08-27 21:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-20 16:21 - 2015-09-20 16:21 - 01072720 _____ () C:\Program Files (x86)\Google\Update\Install\{FD4C8731-9C8E-4AB0-A62E-CCEC7EFA5530}\45.0.2454.93_45.0.2454.85_chrome_updater.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Gustavo\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:56E2E879
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:5C321E34
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\100sexlinks.com -> 100sexlinks.com
There are 5317 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gustavo\Pictures\imrs.php.png
DNS Servers: 189.6.0.72 - 189.6.0.71
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{98A2CC75-A5D6-4BE8-BD3D-8FC4578FFB2F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{EC22B04B-6854-421D-8D06-B471C6D28555}C:\users\gustavo\appdata\local\intel\xdk\bin\node.exe] => (Allow) C:\users\gustavo\appdata\local\intel\xdk\bin\node.exe
FirewallRules: [TCP Query User{B19AAB71-A615-4402-8529-5FD5550717E0}C:\users\gustavo\appdata\local\intel\xdk\bin\node.exe] => (Allow) C:\users\gustavo\appdata\local\intel\xdk\bin\node.exe
FirewallRules: [{F872495D-C92D-4642-8774-44B8198ABB26}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{73A028B8-1E2F-4B97-95BF-EA01855E50D8}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{D3B762FF-9899-4403-A268-240C6D7CC926}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{64ECE9A7-C2CF-4965-9FD9-ECF1EEB6B310}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EAC8FE4C-357C-4348-9AAB-1243969B0CFA}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{852AF874-DDCC-4F5A-B23F-CB65A7F1CB42}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EFE40654-626D-4114-AFF1-603D1E37A5CB}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{121AAFAB-42D8-40A4-8C90-9E00B5D76819}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{7C9D7FAE-B92B-4AC4-A6A1-67C257B7D824}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{61F1E914-F831-4323-8068-73D18431F47D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7FB1C85F-5042-4AE4-87FD-05FF49F9911A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{B392C163-FE1A-47C3-8AC2-DE5B0A92111A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{7ABDCB87-F9D9-4375-B8A9-909EB1B3F9A6}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{F82AEBB1-E55A-4CE0-8560-B3957E8740BB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{1A845DF2-43E0-46EA-9FE9-1C3348207BE7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{BE94DC34-92BB-474D-B924-F75D4C52CF89}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{378D54BC-B519-4F22-9E03-0B05A18E30F3}C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe
FirewallRules: [TCP Query User{15CDFA9D-539C-4456-89BC-B79E0470407B}C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe
FirewallRules: [{477E86AA-503A-49ED-9F96-DC6866898F18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy IV\FF4_Launcher.exe
FirewallRules: [{E5E80F83-0AE7-466E-A584-E03A644F613E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy IV\FF4_Launcher.exe
FirewallRules: [{F18CF9A0-251E-4EF2-8439-FA4D2E880B6E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F5C5E075-BC68-4A27-AE16-CC2EFE582204}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C13F800-3AE4-479D-90C3-A2FA14B1ED8D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8D24A0CE-1D7D-4F39-96C5-C6C3CD8294DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{8566DF49-8707-4593-A970-19AAAD4A98DD}C:\users\gustavo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gustavo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A5877312-C262-46DB-BEB4-5438521AB513}C:\users\gustavo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gustavo\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C0758CEB-F0AA-45B1-9050-BB2D60A84C32}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{FFDACC35-1793-44F2-B92B-ED179720D4D2}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{BC6710CF-4E30-4802-B548-C6309C688757}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01A52113-CEB2-43F1-A63E-20BA90D4EBD8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{04DC420F-DCF6-4CDD-9992-B2AE5BF024FD}C:\users\gustavo\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\gustavo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{2DDBC506-CBC5-4776-90E4-3C89AF01E4B3}C:\users\gustavo\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\gustavo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{14BA364B-A2B6-4119-A93C-B67B42C9B6A3}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1DB0FC07-0893-473E-A333-78C62C831909}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{44EC1D87-E0DB-48C5-9076-72CBCEF86DCF}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{2A1B4BB7-854B-4B96-9D46-EF39AFF2C7C8}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{3EACA959-7DAF-4EE8-AFCB-68B9D5050AB3}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{7D66E69F-6F67-4ECE-82B1-1C4286F18CA7}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{55B3A377-76F8-460A-83C6-BFA3AFFAE83D}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{7F07AB8B-078C-44B5-BBCE-917F8CF6CF69}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{CD88FD86-A27D-4E8B-85FC-3812FDF918EF}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{3253BC27-16C2-4D2A-B7A9-85C34639CA7D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{D29D457F-B3FB-431D-8FDD-4D1B51CE36E5}] => (Allow) C:\Users\Gustavo\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/14/2015 05:20:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (09/14/2015 03:24:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa WinStore.Mobile.exe versão 2015.7.1.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: dc
Hora de Início: 01d0ef1a88e738a3
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
ID do Relatório: d1728a32-5b0d-11e5-9bc2-74e543df0fd3
Nome completo do pacote com falha: Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: App
Error: (09/14/2015 03:24:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GUSTAVO-NOTE2)
Description: Falha na ativação do aplicativo Microsoft.WindowsStore_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/14/2015 03:24:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: GUSTAVO-NOTE2)
Description: O aplicativo Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbwe+App não foi iniciado dentro do tempo alocado.
Error: (09/14/2015 02:27:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x80070422, O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.
.
Operação:
Instanciando servidor VSS
Error: (09/14/2015 02:27:55 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} e nome IVssCoordinatorEx2. [0x80070422, O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.
]
Operação:
Instanciando servidor VSS
System errors:
=============
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:17 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:16 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:16 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:16 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
CodeIntegrity:
===================================
Date: 2015-09-14 18:56:36.747
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:35.826
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:33.548
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:33.282
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:33.114
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:27.345
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:21.679
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:21.553
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:21.365
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:21.223
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
Percentage of memory in use: 62%
Total physical RAM: 3909.28 MB
Available physical RAM: 1469.26 MB
Total Virtual: 5317.28 MB
Available Virtual: 2305.72 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:296.7 GB) (Free:146.98 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: C98F7C0D)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Gustavo (2015-09-20 16:21:30)
Running from C:\Users\Gustavo\Downloads
Windows 10 Home (X64) (2015-09-14 18:11:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3336594925-1444484530-2665733283-500 - Administrator - Disabled)
Convidado (S-1-5-21-3336594925-1444484530-2665733283-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3336594925-1444484530-2665733283-503 - Limited - Disabled)
Gustavo (S-1-5-21-3336594925-1444484530-2665733283-1001 - Administrator - Enabled) => C:\Users\Gustavo
HomeGroupUser$ (S-1-5-21-3336594925-1444484530-2665733283-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\uTorrent) (Version: 3.4.3.39944 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.65.1074 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
ELAN Touchpad 11.15.0.16_X64 (HKLM\...\Elantech) (Version: 11.15.0.16 - ELAN Microelectronic Corp.)
Enterprise (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.77 - NCH Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FINAL FANTASY IV (HKLM-x32\...\Steam App 312750) (Version: - Square Enix)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.18.4 - Androxyde)
Free YouTube Downloader Converter (HKLM-x32\...\Free YouTube Downloader Converter) (Version: - Eusing Software)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.9.0.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google SketchUp 8 (HKLM-x32\...\{6B5F92BB-4272-4A69-B39B-EED000BC6192}) (Version: 3.0.14372 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Officejet 4500 G510a-f Series Corporate Edition 14.0 (HKLM\...\{B584612D-3743-495A-AB28-98C44C1E2648}) (Version: 14.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel XDK (HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\ARP_for_prd_xdk_0.0.2323) (Version: 0.0.2323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
InteliMap 4.0.0 (HKLM-x32\...\InteliMap) (Version: - X25 Informática)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
K-Lite Codec Pack 9.9.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.0 - )
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Mouse Recorder Pro 2.0.7.5 (HKLM-x32\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version: - Nemex Studios)
Mozilla Firefox 40.0.3 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 pt-BR)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Proteção de Terminal Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.65 - Trusteer)
Rapport (x32 Version: 3.5.1507.65 - Trusteer) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Snappersoft USB Healer 1.4 (HKLM-x32\...\{1C9F3B97-4669-45D8-A24C-B4EF918688EC}_is1) (Version: 1.4 - Snappersoft (Pty) LTD)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.10.201507101148 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.281 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.281 - Sony)
Spotify (HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VDownloader 4.0.1201 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.8.20150402 - Xilisoft)
ZHPFix 2014 (HKLM-x32\...\ZHPFix_is1) (Version: 2014 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-09-2015 17:20:36 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 08:04 - 2015-07-10 08:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {096329C3-8FCC-462B-AE9E-C3E28DCC8599} - \SPBIW_UpdateTask_Time_323239353039313235392d2323782a32455b4134572d32 -> No File <==== ATTENTION
Task: {0B404A56-E6BC-40A8-ADEE-48C9B80226B8} - System32\Tasks\{3B7FD029-D932-411b-AF15-C96CF8EF0C18}{19F8DB95-4D78-4ddb-AC71-C610654FE37F} => C:\Program Files (x86)\WeatherTool\1.2.3.9736\InstallHelper.exe
Task: {11C9082C-31DD-45C6-AB80-B449158AD489} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {20F25DEF-EC4B-419D-9161-701576149825} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {25EE23AB-7197-455F-99B6-A11C06BBF7E9} - System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => C:\Users\Gustavo\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [2015-05-15] ()
Task: {27A2513A-83E9-4C8F-9609-751CFA30367F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {2A1A5415-E3A5-4EA1-89B5-3F7A0CE96AAF} - System32\Tasks\{51A60A61-9F08-4C3D-8CA4-2E3B37B9412E} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/pt/abandoninstall?source=lightinstaller&page=tsInstall
Task: {2EA9ACD5-2593-4476-A8D9-0DFE8FDEBBB1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {35092354-56E8-45D1-A81B-BA20844092CD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {43C227A6-1AC9-4827-8529-3067BEA6C4E6} - System32\Tasks\PFExe => C:\Users\Gustavo\AppData\Local\PriceFountain\pricefountain.exe
Task: {570F7459-0A72-49B6-9983-DF960F3BC3E8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3336594925-1444484530-2665733283-1001UA => C:\Users\Gustavo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-06] (Dropbox, Inc.)
Task: {5D1968F0-AE08-4D25-9F1E-D7956B59C9BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {76D8CB39-519D-4177-ABE0-70C5AD2D93B2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3336594925-1444484530-2665733283-1001Core => C:\Users\Gustavo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-06] (Dropbox, Inc.)
Task: {89B20000-CD55-4C1C-848B-0692A21B17D8} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {8DAD4F05-9638-425C-801F-D9E8AA215080} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION
Task: {8EA850D7-9A11-44C5-9CD0-E87BD0F4F73C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {8FE066B4-1DD9-4557-8DCC-A3EF31AEBF81} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {9DBE27FD-F588-4BDD-98AB-77119A64C618} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9FD770B6-2684-46BA-A1E2-917477CB37EE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B10C4AF6-646B-4A78-B215-E56C254659AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C2FFC3A1-F524-41DB-8A9D-9E0364D19BD1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C9655D9F-A21D-4D17-B723-E7130C25D3F0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D7A5FE58-938C-4889-B4FB-7A510F582A0E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E16C854B-765F-4306-9BB4-37696A3C5C64} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {ECB6E91C-5430-4D9C-8918-567049435D57} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F0ECE623-5A84-4618-89ED-03804975EB68} - \Driver Booster SkipUAC (Gustavo) -> No File <==== ATTENTION
Task: {F1A36DBD-CBCC-45C9-BAB1-959851957E0A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3336594925-1444484530-2665733283-1001Core.job => C:\Users\Gustavo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3336594925-1444484530-2665733283-1001UA.job => C:\Users\Gustavo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job => C:\Users\Gustavo\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe-RunCheckUpdate C:\Users\Gustavo\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe
Task: C:\WINDOWS\Tasks\{3B7FD029-D932-411b-AF15-C96CF8EF0C18}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job => C:\Program Files (x86)\WeatherTool\1.2.3.9736\InstallHelper.exen-RunCloudOPTClient C:\Program Files (x86)\WeatherTool\1.2.3.9736\CloudOPTClient\CloudOPTClient.exe
==================== Loaded Modules (Whitelisted) ==============
2015-09-14 13:45 - 2015-09-14 13:45 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-12 06:49 - 2014-05-12 06:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 08:00 - 2015-07-10 13:48 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-14 13:45 - 2015-09-14 13:45 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 08:00 - 2015-07-10 13:48 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-30 16:06 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-09-14 16:07 - 2015-09-14 16:08 - 08241152 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.9.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-09-14 16:07 - 2015-09-14 16:08 - 02238976 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.9.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-09-14 15:31 - 2015-09-14 15:43 - 07246336 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\candycrushsaga.exe
2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-09-14 15:17 - 2015-09-14 15:17 - 00098816 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32api.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00110080 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\pywintypes27.dll
2015-09-14 15:17 - 2015-09-14 15:17 - 00364544 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\pythoncom27.dll
2015-09-14 15:17 - 2015-09-14 15:17 - 00045568 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_socket.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 01161216 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_ssl.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00320512 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32com.shell.shell.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00713216 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_hashlib.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 01176576 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._core_.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00806400 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._gdi_.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00816128 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._windows_.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 01067008 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._controls_.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00733184 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._misc_.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00682496 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\pysqlite2._sqlite.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00087552 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_ctypes.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00119808 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32file.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00108544 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32security.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00007168 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\hashobjs_ext.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00068096 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\usb_ext.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00167936 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32gui.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00018432 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32event.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00128512 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_elementtree.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00127488 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\pyexpat.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00013824 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\common.time34.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00036864 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_psutil_windows.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00038912 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32inet.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00011264 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32crypt.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00077312 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._html2.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00027136 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_multiprocessing.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00020480 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\_yappi.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00035840 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32process.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00686080 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\unicodedata.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00123392 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._wizard.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00024064 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32pipe.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00010240 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\select.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00025600 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32pdh.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00525640 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\windows._lib_cacheinvalidation.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00017408 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32profile.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00022528 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\win32ts.pyd
2015-09-14 15:17 - 2015-09-14 15:17 - 00078848 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI38162\wx._animate.pyd
2015-07-30 16:06 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2015-07-30 16:06 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-07-30 16:06 - 2015-06-30 16:21 - 00915968 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\deviceupdate_dll.dll
2015-07-30 16:06 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-03-23 19:19 - 2015-03-23 19:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-07-30 16:06 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-07-15 10:45 - 2015-07-15 10:45 - 00802304 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2015-09-14 15:18 - 2015-09-14 15:18 - 00071168 _____ () c:\users\gustavo\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbp2kmc.dll
2015-03-04 18:45 - 2015-08-05 02:26 - 00012800 _____ () C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 18:45 - 2015-08-05 02:26 - 00779776 _____ () C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 13:21 - 2015-08-05 02:26 - 00056320 _____ () C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 18:45 - 2015-08-05 02:26 - 00012288 _____ () C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-09-14 15:35 - 2015-09-14 15:47 - 01288192 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\SB_LIBEAY32.dll
2015-09-14 15:31 - 2015-09-14 15:43 - 00080384 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\libEGL.dll
2015-09-14 15:31 - 2015-09-14 15:43 - 02076672 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\libGLESv2.dll
2015-09-14 15:31 - 2015-09-14 15:43 - 00257536 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\curl.dll
2015-09-14 15:35 - 2015-09-14 15:47 - 00293888 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\SB_SSLEAY32.dll
2015-09-14 15:36 - 2015-09-14 15:47 - 00066560 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.580.0.0_x86__kgqvnymyfvs32\zlib.dll
2015-09-03 20:20 - 2015-08-27 21:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-03 20:20 - 2015-08-27 21:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-20 16:21 - 2015-09-20 16:21 - 01072720 _____ () C:\Program Files (x86)\Google\Update\Install\{FD4C8731-9C8E-4AB0-A62E-CCEC7EFA5530}\45.0.2454.93_45.0.2454.85_chrome_updater.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Gustavo\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:56E2E879
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:5C321E34
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\...\100sexlinks.com -> 100sexlinks.com
There are 5317 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3336594925-1444484530-2665733283-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gustavo\Pictures\imrs.php.png
DNS Servers: 189.6.0.72 - 189.6.0.71
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{98A2CC75-A5D6-4BE8-BD3D-8FC4578FFB2F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{EC22B04B-6854-421D-8D06-B471C6D28555}C:\users\gustavo\appdata\local\intel\xdk\bin\node.exe] => (Allow) C:\users\gustavo\appdata\local\intel\xdk\bin\node.exe
FirewallRules: [TCP Query User{B19AAB71-A615-4402-8529-5FD5550717E0}C:\users\gustavo\appdata\local\intel\xdk\bin\node.exe] => (Allow) C:\users\gustavo\appdata\local\intel\xdk\bin\node.exe
FirewallRules: [{F872495D-C92D-4642-8774-44B8198ABB26}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{73A028B8-1E2F-4B97-95BF-EA01855E50D8}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{D3B762FF-9899-4403-A268-240C6D7CC926}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{64ECE9A7-C2CF-4965-9FD9-ECF1EEB6B310}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EAC8FE4C-357C-4348-9AAB-1243969B0CFA}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{852AF874-DDCC-4F5A-B23F-CB65A7F1CB42}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EFE40654-626D-4114-AFF1-603D1E37A5CB}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{121AAFAB-42D8-40A4-8C90-9E00B5D76819}] => (Allow) C:\Users\Gustavo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{7C9D7FAE-B92B-4AC4-A6A1-67C257B7D824}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{61F1E914-F831-4323-8068-73D18431F47D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7FB1C85F-5042-4AE4-87FD-05FF49F9911A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{B392C163-FE1A-47C3-8AC2-DE5B0A92111A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{7ABDCB87-F9D9-4375-B8A9-909EB1B3F9A6}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{F82AEBB1-E55A-4CE0-8560-B3957E8740BB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{1A845DF2-43E0-46EA-9FE9-1C3348207BE7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{BE94DC34-92BB-474D-B924-F75D4C52CF89}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{378D54BC-B519-4F22-9E03-0B05A18E30F3}C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe
FirewallRules: [TCP Query User{15CDFA9D-539C-4456-89BC-B79E0470407B}C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe
FirewallRules: [{477E86AA-503A-49ED-9F96-DC6866898F18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy IV\FF4_Launcher.exe
FirewallRules: [{E5E80F83-0AE7-466E-A584-E03A644F613E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy IV\FF4_Launcher.exe
FirewallRules: [{F18CF9A0-251E-4EF2-8439-FA4D2E880B6E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F5C5E075-BC68-4A27-AE16-CC2EFE582204}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C13F800-3AE4-479D-90C3-A2FA14B1ED8D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8D24A0CE-1D7D-4F39-96C5-C6C3CD8294DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{8566DF49-8707-4593-A970-19AAAD4A98DD}C:\users\gustavo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gustavo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A5877312-C262-46DB-BEB4-5438521AB513}C:\users\gustavo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gustavo\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C0758CEB-F0AA-45B1-9050-BB2D60A84C32}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{FFDACC35-1793-44F2-B92B-ED179720D4D2}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{BC6710CF-4E30-4802-B548-C6309C688757}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01A52113-CEB2-43F1-A63E-20BA90D4EBD8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{04DC420F-DCF6-4CDD-9992-B2AE5BF024FD}C:\users\gustavo\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\gustavo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{2DDBC506-CBC5-4776-90E4-3C89AF01E4B3}C:\users\gustavo\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\gustavo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{14BA364B-A2B6-4119-A93C-B67B42C9B6A3}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1DB0FC07-0893-473E-A333-78C62C831909}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{44EC1D87-E0DB-48C5-9076-72CBCEF86DCF}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{2A1B4BB7-854B-4B96-9D46-EF39AFF2C7C8}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{3EACA959-7DAF-4EE8-AFCB-68B9D5050AB3}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{7D66E69F-6F67-4ECE-82B1-1C4286F18CA7}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{55B3A377-76F8-460A-83C6-BFA3AFFAE83D}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{7F07AB8B-078C-44B5-BBCE-917F8CF6CF69}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{CD88FD86-A27D-4E8B-85FC-3812FDF918EF}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{3253BC27-16C2-4D2A-B7A9-85C34639CA7D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{D29D457F-B3FB-431D-8FDD-4D1B51CE36E5}] => (Allow) C:\Users\Gustavo\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/14/2015 05:20:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (09/14/2015 03:24:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa WinStore.Mobile.exe versão 2015.7.1.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: dc
Hora de Início: 01d0ef1a88e738a3
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
ID do Relatório: d1728a32-5b0d-11e5-9bc2-74e543df0fd3
Nome completo do pacote com falha: Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: App
Error: (09/14/2015 03:24:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GUSTAVO-NOTE2)
Description: Falha na ativação do aplicativo Microsoft.WindowsStore_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (09/14/2015 03:24:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: GUSTAVO-NOTE2)
Description: O aplicativo Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbwe+App não foi iniciado dentro do tempo alocado.
Error: (09/14/2015 02:27:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x80070422, O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.
.
Operação:
Instanciando servidor VSS
Error: (09/14/2015 02:27:55 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} e nome IVssCoordinatorEx2. [0x80070422, O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.
]
Operação:
Instanciando servidor VSS
System errors:
=============
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:19 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:17 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:16 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:16 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (09/14/2015 03:16:16 PM) (Source: DCOM) (EventID: 10016) (User: GUSTAVO-NOTE2)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}gustavo-note2GustavoS-1-5-21-3336594925-1444484530-2665733283-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
CodeIntegrity:
===================================
Date: 2015-09-14 18:56:36.747
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:35.826
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:33.548
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:33.282
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:33.114
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:27.345
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:21.679
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:21.553
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:21.365
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-14 18:56:21.223
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
Percentage of memory in use: 62%
Total physical RAM: 3909.28 MB
Available physical RAM: 1469.26 MB
Total Virtual: 5317.28 MB
Available Virtual: 2305.72 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:296.7 GB) (Free:146.98 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: C98F7C0D)
Partition: GPT.
==================== End of Addition.txt ============================