Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-10-2015 Ran by PEDRO PC (2015-10-09 13:18:54) Running from C:\Users\PEDRO PC\Desktop Windows 10 Education (X64) (2015-08-18 02:53:23) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-2703278820-35690196-3438665705-500 - Administrator - Disabled) Convidado (S-1-5-21-2703278820-35690196-3438665705-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2703278820-35690196-3438665705-503 - Limited - Disabled) PEDRO PC (S-1-5-21-2703278820-35690196-3438665705-1001 - Administrator - Enabled) => C:\Users\PEDRO PC ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2703278820-35690196-3438665705-1001\...\uTorrent) (Version: 3.4.5.41162 - BitTorrent Inc.) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Asus Sonic Suite Plugins (x32 Version: 2.1.2401 - ASUSTeKcomputer.Inc) Hidden Atualizações da NVIDIA 2.5.14.5 (Version: 2.5.14.5 - NVIDIA Corporation) Hidden Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version: - Treyarch) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software) Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON XP-211 214 216 Series Printer Uninstall (HKLM\...\EPSON XP-211 214 216 Series) (Version: - SEIKO EPSON Corporation) globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Daybreak Games) HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - ) Horyu Launcher - Horyu Lineage 2 Server (HKLM-x32\...\Horyu Launcher - Horyu Lineage 2 Server) (Version: - ) Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Lineage II (HKLM-x32\...\{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}) (Version: 90.7.2281 - NCSoft) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team) NahimicSettingsConfigurator (Version: 2.1.2401 - ASUSTeKcomputer.Inc) Hidden NVIDIA Driver de áudio HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA Driver de gráficos 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.98 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.98 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Painel de controle da NVIDIA 355.98 (Version: 355.98 - NVIDIA Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27405 - Nome de sua empresa:) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.) Realtek I2S Audio (HKLM-x32\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 6.4.10147.4305 - Realtek Semiconductor Corp.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden Software de dispositivo do Chipset Intel® (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION) Sonic Radar II (HKLM\...\{1C06B38D-C6E3-4FD0-8B06-8ADA5AFB6942}) (Version: 2.1.2401 - ASUSTeKcomputer.Inc) Sonic Studio Plugin (Version: 2.1.2401 - ASUSTeKcomputer.Inc) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.5.0 (HKLM\...\SteelSeries Engine 3) (Version: 3.5.0 - SteelSeries ApS) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft) Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 06-10-2015 21:05:42 Installed Microsoft Office Professional Plus 2013 06-10-2015 21:06:05 PROPLUS 06-10-2015 23:56:09 Configured Accusoft PICVideo Motion JPEG 4 07-10-2015 00:04:06 avast! antivirus system restore point 09-10-2015 11:05:37 WinThruster sex, out 09, 15 11:05 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 08:04 - 2015-10-06 23:07 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {351BFA2B-E186-4FE0-95A9-B89D9348314D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation) Task: {3B2F7254-B078-4954-AC5F-3DB940F00D55} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-07] (AVAST Software) Task: {7C4D3C4D-2724-4DEE-80EE-C1BC24335DE4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {7C9A03B2-6899-492C-80ED-882529447359} - System32\Tasks\bhbuld => Rundll32.exe "C:\Windows\SysWOW64\fphc7.dll",wtcoohwkr Task: {8AF84779-EB61-4880-87C4-D00BF6B863E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {D57D3F3D-1B2B-4D65-8A5B-73FAF8F908FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\bhbuld.job => C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\fphc7.dll Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-19 12:44 - 2015-07-14 23:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll 2015-08-18 00:05 - 2015-09-13 19:04 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-09-08 16:33 - 2015-09-08 16:33 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe 2015-08-19 12:44 - 2015-08-11 06:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll 2015-09-08 16:33 - 2014-04-24 03:29 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2015-08-14 19:33 - 2015-08-14 19:33 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2015-08-20 16:49 - 2015-07-08 22:26 - 00173088 _____ () C:\Users\PEDRO PC\AppData\Roaming\NetService\netservice.exe 2015-10-02 01:26 - 2015-09-17 03:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll 2015-10-02 01:26 - 2015-09-17 03:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll 2015-07-14 12:59 - 2015-07-14 12:59 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-10-02 01:25 - 2015-09-17 02:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 07:59 - 2015-07-10 07:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-10-01 14:37 - 2013-06-21 00:01 - 00109848 _____ () C:\Windows\SYSTEM32\AcpiServiceVnA64.dll 2015-10-01 14:37 - 2014-05-22 05:24 - 00096568 _____ () C:\Windows\SYSTEM32\audioLibVc.dll 2015-09-29 11:50 - 2015-09-29 11:50 - 00505096 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\SSEdevice.dll 2015-07-08 03:58 - 2015-07-08 03:58 - 00292352 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2015-10-02 01:26 - 2015-09-17 02:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-02 01:25 - 2015-09-17 02:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-02 01:25 - 2015-09-17 02:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-02 01:26 - 2015-09-17 02:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 08:00 - 2015-07-10 13:32 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-10-07 00:05 - 2015-10-07 00:05 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-10-07 00:05 - 2015-10-07 00:05 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-10-08 19:32 - 2015-10-08 19:32 - 02967040 _____ () C:\Program Files\AVAST Software\Avast\defs\15100802\algo.dll 2015-10-09 10:36 - 2015-10-09 10:36 - 02967040 _____ () C:\Program Files\AVAST Software\Avast\defs\15100900\algo.dll 2015-09-08 16:33 - 2015-10-09 10:35 - 00036352 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll 2015-09-08 16:33 - 2015-05-08 03:26 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2015-08-18 00:05 - 2015-08-26 21:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-08-18 12:39 - 2015-10-05 13:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-08-18 12:39 - 2015-07-03 13:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-08-18 12:39 - 2015-10-08 20:02 - 02422864 _____ () C:\Program Files (x86)\Steam\video.dll 2015-08-18 12:39 - 2015-09-23 21:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-08-18 12:39 - 2015-09-23 21:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-08-18 12:39 - 2015-09-23 21:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-08-18 12:39 - 2015-09-23 21:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-08-18 12:39 - 2015-09-23 21:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-08-18 12:39 - 2015-07-03 13:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-08-18 12:39 - 2015-07-03 13:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-08-18 12:39 - 2015-10-08 20:02 - 00704592 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-08-18 12:39 - 2015-09-14 17:20 - 00193536 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2015-09-04 22:42 - 2015-09-04 22:42 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2015-10-04 20:00 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll 2015-10-04 20:00 - 2014-10-31 16:40 - 01498112 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll 2015-10-07 00:05 - 2015-10-07 00:05 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-07-14 12:59 - 2015-07-14 12:59 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-08-18 12:39 - 2015-10-08 19:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-09-24 23:10 - 2015-09-23 23:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll 2015-09-24 23:10 - 2015-09-23 23:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll 2015-08-19 15:30 - 2014-11-26 00:12 - 40622592 _____ () C:\Users\PEDRO PC\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2015-08-19 15:30 - 2014-11-26 00:12 - 00911360 _____ () C:\Users\PEDRO PC\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2015-08-19 15:30 - 2014-11-26 00:12 - 00134144 _____ () C:\Users\PEDRO PC\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Kixjucfio => ""="service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2703278820-35690196-3438665705-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-2703278820-35690196-3438665705-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-2703278820-35690196-3438665705-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-2703278820-35690196-3438665705-1001\...\sony.com -> sony.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2703278820-35690196-3438665705-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.25.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{08BF0D42-69F2-4D50-8469-C98770B34989}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{99EDAA24-9F6F-46DF-8AF0-EEDA3A668F13}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{7FF47D5A-BBAF-462D-AD09-4C23A3B2D96A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{51B2B2D9-0C09-42D7-9A7B-F407933F61B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{3AEDB4FA-20C2-435D-B941-174E0C34DF6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{B7B9CE80-1775-4E90-9D10-D7E7193038AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4CEEFF0E-ABA5-45E9-9DE0-01225846ED26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E302036C-05E0-4234-A8DA-259A767F2C0E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{9C5199A1-2159-453D-BF7B-AEC7F5D9E991}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4C3222BB-C253-4667-8961-A821DA1AEFCF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2F3C6680-BFFD-40EE-ADCC-5D6F93027121}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{0F35A892-23AE-401D-86DD-DCEE69037687}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [{5B519497-0941-4F52-890F-CFAB77BBC96C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [TCP Query User{6E22C00C-8534-4DDD-B5B7-775B330A2E3B}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [UDP Query User{89F7F330-9E09-42A0-9575-F9F3752E8270}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [{0EF4F8CB-B6B5-4559-B34A-9EE2FC339261}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D61720DD-77B5-4539-A00A-62889B412890}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{61C911A8-DAEA-4259-9D7C-EF3343CC5303}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{817FF8FE-3CD6-4E26-8972-27F75FC3765D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{701FA7E9-5C0A-4B6F-B60D-C59C37CEE9C9}C:\program files (x86)\tower\l2tower.exe] => (Allow) C:\program files (x86)\tower\l2tower.exe FirewallRules: [UDP Query User{3A0E0B0E-6798-4938-9242-25D4D883B553}C:\program files (x86)\tower\l2tower.exe] => (Allow) C:\program files (x86)\tower\l2tower.exe FirewallRules: [{0D458F55-AFAF-40D4-B4D3-8F451738C95A}] => (Allow) C:\Users\PEDRO PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{412B4082-4C37-4F35-AB03-508394D984CF}] => (Allow) C:\Users\PEDRO PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{26F952C8-3674-43E3-9C0F-2D899A47E326}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe FirewallRules: [{26F8336D-8E80-46D0-821A-3437E319DFDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe FirewallRules: [{0AC438C0-AECD-4A3A-9852-7BFA3F1EEBFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{62D281AE-10C6-41A2-A9A8-D5EF830C1A67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{E6C7AE14-98F1-4C80-A80A-99F54A2D8F39}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [UDP Query User{128A7C37-E9B3-4BC5-9F45-B3853874E533}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [{FFFA50AB-8166-4627-BDD6-46E849E17082}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{CFF5ECD1-569B-4CE6-BC15-11828B41878E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{CF60D0A7-3D80-4396-94B9-0B9453431CA1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{64454250-053A-4653-9706-0A7411923DF0}] => (Block) %ProgramFiles%\Adobe\Adobe Audition CC 2015\Adobe Audition CC.exe FirewallRules: [{89372792-B9E4-4B76-8FD8-1A82A069206F}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe FirewallRules: [{0FFD847D-12B7-4E36-B60F-3B6174123A83}] => (Allow) C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe FirewallRules: [{DDD4EF9E-B3E1-4743-8074-0A6BABCF9AA5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{33C69E02-06F9-4E4E-98CA-E97126EC2664}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{40437A71-3235-4540-9988-04EAAE4893D1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{BE4D00E2-6BAC-4122-A286-CDCA76DE20B3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/09/2015 11:05:41 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (10/08/2015 11:25:37 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (5780) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032. Error: (10/08/2015 11:25:37 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (5780) Uma tentativa de criar o arquivo "C:\Windows\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8). Error: (10/08/2015 11:25:26 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (5780) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032. Error: (10/08/2015 11:25:26 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (5780) Uma tentativa de criar o arquivo "C:\Windows\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8). Error: (10/08/2015 11:25:16 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (5780) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032. Error: (10/08/2015 11:25:16 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (5780) Uma tentativa de criar o arquivo "C:\Windows\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8). Error: (10/08/2015 11:25:06 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (5780) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032. Error: (10/08/2015 11:25:06 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (5780) Uma tentativa de criar o arquivo "C:\Windows\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8). Error: (10/08/2015 11:24:55 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (5780) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032. System errors: ============= Error: (10/09/2015 10:43:20 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: O serviço Gerenciador de Autenticação Xbox Live terminou com o seguinte erro específico de serviço: %%0 Error: (10/09/2015 10:36:34 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (10/09/2015 10:35:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Util Web Amplified devido ao seguinte erro: %%2 Error: (10/09/2015 10:35:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Update Web Amplified devido ao seguinte erro: %%2 Error: (10/09/2015 10:34:27 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORIDADE NT) Description: 32212256844697766509981704 Error: (10/09/2015 10:34:57 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento do sistema que ocorreu às 01:07:56 do dia ‎09/‎10/‎2015 não era esperado. Error: (10/08/2015 11:53:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Steam Client Service devido ao seguinte erro: %%1053 Error: (10/08/2015 11:53:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Steam Client Service. Error: (10/08/2015 11:23:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SNCJMVF) Description: WindowsDefaultLockScreen Error: (10/08/2015 06:40:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070643: Atualização de segurança para o Pacote Redistribuível do Microsoft Visual C++ 2008 Service Pack 1 (KB2538243). CodeIntegrity: =================================== Date: 2015-10-02 03:04:55.079 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-02 03:04:55.069 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-02 03:04:28.608 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-02 03:04:28.602 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-02 02:14:02.131 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-02 02:14:02.115 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-01 23:53:25.106 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-01 23:53:25.099 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-01 23:51:45.956 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-01 23:51:45.950 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Percentage of memory in use: 25% Total physical RAM: 16326.43 MB Available physical RAM: 12234.51 MB Total Virtual: 18758.43 MB Available Virtual: 14050.04 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:976.47 GB) (Free:729.75 GB) NTFS Drive e: () (Fixed) (Total:886.45 GB) (Free:847.92 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 66A939F8) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=976.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=886.4 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================