Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by maikon (2016-03-15 21:07:32) Running from C:\Users\maikon1\Downloads Windows 10 Pro Version 1511 (X64) (2015-12-15 01:27:33) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3909884390-1257746683-1627875442-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3909884390-1257746683-1627875442-503 - Limited - Disabled) Guest (S-1-5-21-3909884390-1257746683-1627875442-501 - Limited - Disabled) maikon (S-1-5-21-3909884390-1257746683-1627875442-1001 - Administrator - Enabled) => C:\Users\maikon1 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated) Atualizações da NVIDIA 2.10.2.40 (Version: 2.10.2.40 - NVIDIA Corporation) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC) Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform) Chroma Squad (HKLM-x32\...\Steam App 251130) (Version: - Behold Studios) Chromium (HKU\.DEFAULT\...\Chromium) (Version: 46.0.2472.0 - Chromium) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Deadpool (HKLM-x32\...\Deadpool_is1) (Version: 1.0 - Activision) Deadpool (HKLM-x32\...\Deadpool_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Devil May Cry 4 Special Edition (HKLM-x32\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0051}) (Version: 6.0 - Black Box) Droid4X (HKLM-x32\...\Droid4X) (Version: 0.8.5 - Haiyu Dongxiang Co.,Ltd.) Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Evoland (HKLM-x32\...\Steam App 233470) (Version: - Shiro Games) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.10.0.1 - ) H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Daybreak Games) H1Z1: King of the Kill (HKLM-x32\...\Steam App 433850) (Version: - Daybreak Game Company) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Legend Of Glory (HKLM-x32\...\{A21DF880-B590-45F0-8EF0-7DA1F450C210}) (Version: 1.0.0 - TQ) Legend Of Glory (HKLM-x32\...\Legend Of Glory) (Version: 1.0.28 - GamesDom) LINE (HKLM-x32\...\LINE) (Version: 4.2.0.654 - LINE Corporation) Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Marvel Heroes 2016 (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mortal Kombat Kollection (HKLM-x32\...\Steam App 205350) (Version: - NetherRealm Studios, High Voltage) Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version: - NetherRealm Studios) Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version: - NetherRealm Studios) NARUTO SHIPPUDEN Ultimate Ninja STORM 4 (HKLM-x32\...\NARUTO SHIPPUDEN Ultimate Ninja STORM 4_is1) (Version: - ) NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT) Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts) NVIDIA Áudio Virtual Miracast 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation) NVIDIA Driver de áudio HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA Driver de gráficos 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation) NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.10.2.4863 - Electronic Arts, Inc.) Painel de controle da NVIDIA 364.51 (Version: 364.51 - NVIDIA Corporation) Hidden PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version: - ) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24565 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Renegade Ops (HKLM-x32\...\Steam App 99300) (Version: - Avalanche Studios) Resident Evil 5 / Biohazard 5 (HKLM-x32\...\Steam App 21690) (Version: - Capcom) Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games) Search Provided by Yahoo (HKLM-x32\...\YahooProvidedSearch) (Version: - ) <==== ATTENTION SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shards of War (HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\1d128bf6-25c8-4b8a-bfa2-12b013ab230e_is1) (Version: 75294 - Bigpoint GmbH) SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TERA (HKLM-x32\...\Steam App 323370) (Version: - Bluehole Inc.) The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED) Unity (HKLM-x32\...\Unity) (Version: 5.1.2f1 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\maikon1\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\maikon1\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\maikon1\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0978B228-DF9D-41E5-9EB1-A1F1C34D6E2C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation) Task: {0BEA1DD7-7AE3-47F5-91E4-27FCE94F1B1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {1EC9336A-7F99-4AE4-99FA-7431BB85FB35} - System32\Tasks\{05186837-C9F0-4226-ACC9-F9DFE7ABFF18} => pcalua.exe -a "C:\Program Files (x86)\CleanBrowser\uninstall.exe" -c /uninstall Task: {21C23B09-FE35-4F70-9D80-F1193B1B82ED} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation) Task: {2472BBB4-CE1C-4282-B16F-BCB3D716C955} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe Task: {2576FB9F-F9FC-42DB-BCFF-0DAD1CD873BB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated) Task: {3215C1F6-4433-4265-A7D5-B57FF9A188E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {3D16DEDB-08E9-4CA3-8C62-E6EC0EF6008E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {49165148-30EF-4DA4-8156-F8589503C308} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-06] (Google Inc.) Task: {4E53A981-74FB-4DB1-9D83-B3C60F46E8DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-06] (Google Inc.) Task: {54865556-E569-46FF-858A-D1EFE5E3B89F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\WSCStub.exe Task: {6F41E1FC-2F3D-4A67-AD71-0D278B5F706A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {8317077E-5951-4490-8C8C-51C049C9FB37} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {9973727A-80DF-4DCC-9558-6A7CF15923D5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {99BBDB6E-3AC0-4921-B845-DAFA348F1D68} - System32\Tasks\{8F607528-5B7C-4C8D-B68F-6F579B46654A} => pcalua.exe -a "C:\Program Files (x86)\WeatherTool\2.0.1.11073\InstallHelper.exe" -d "C:\Program Files (x86)\WeatherTool\2.0.1.11073" Task: {A3E5809F-6358-460F-945C-8A604256D99F} - System32\Tasks\{D982BC0B-B8F4-4112-9C41-2FE11E99C907} => pcalua.exe -a "C:\Users\Public\Sony Online Entertainment\Installed Games\Dragons Prophet\Uninstaller.exe" Task: {A9AB5318-B02F-4A7C-9DF1-CA819646E9A8} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe Task: {AC4558B1-6094-4A95-992E-09F72406AAE7} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe Task: {B2D09C9C-7125-46E5-AE17-C9E7CBA29A36} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {C196919B-B1DA-436D-BB0A-E3B0B3F8E8DA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd) Task: {CECED22D-B6D1-4371-BEE9-C77EE1CF43B7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {D2D3A53B-AC9C-4D8E-92F7-7A9B45814182} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {DD9FAE6F-A044-4BE0-9752-A5BD4F3D9669} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {E7E78985-15DB-438F-BD08-E61F1C730C92} - System32\Tasks\{661AFD44-DD6B-499F-9CDA-947A55DDEE16} => pcalua.exe -a C:\Users\maikon1\Downloads\CEVPNSetup_XPVista_x32.exe -d C:\Users\maikon1\Downloads Task: {EDE35864-6234-480C-A3CF-05D61B979654} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {F8A1BAE2-217F-4044-8B8B-2A2E4FA3BB9D} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-12-30 15:08 - 2015-12-30 15:08 - 03587000 _____ () C:\ProgramData\System32\SafeGuard64.dll 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-14 21:55 - 2016-03-08 03:42 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-12-05 14:04 - 2015-12-05 13:57 - 00269312 _____ () D:\Droid4X\Droid4XService.exe 2015-12-14 21:55 - 2013-07-04 08:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2016-03-02 17:59 - 2016-02-17 03:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2015-12-22 14:55 - 2016-02-17 03:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-03-02 17:59 - 2016-02-17 03:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2015-02-04 21:24 - 2015-02-04 21:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2016-03-14 13:43 - 2015-12-10 09:56 - 00193456 _____ () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe 2016-03-02 12:04 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-02 12:04 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-01-22 12:28 - 2016-01-22 12:28 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-17 23:45 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-03-02 12:03 - 2016-02-23 05:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-03-15 19:37 - 2016-03-15 19:37 - 00708096 _____ () C:\WINDOWS\TEMP\is-2NH5R.tmp\MediaDownloader.tmp 2016-03-15 19:53 - 2016-03-15 19:53 - 00689648 _____ () c:\windows\temp\31030\setup.exe 2016-01-13 12:07 - 2016-01-04 22:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 12:07 - 2016-01-04 22:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-27 15:35 - 2016-01-16 02:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-27 15:35 - 2016-01-16 02:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-12-14 21:55 - 2016-03-15 19:26 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2015-12-14 21:55 - 2013-07-04 08:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2015-12-30 15:08 - 2015-12-30 15:08 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll 2016-03-14 13:43 - 2015-12-08 10:12 - 00126896 _____ () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdate.dll 2016-03-14 22:14 - 2016-02-04 14:57 - 02010624 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll 2016-01-22 12:28 - 2016-01-22 12:28 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 12:28 - 2016-01-22 12:28 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-05-24 04:45 - 2016-02-17 04:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-02-19 21:11 - 2016-03-04 15:51 - 00096768 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\chrome_elf.dll 2016-02-19 21:11 - 2016-02-18 01:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll 2016-02-19 21:11 - 2016-02-18 01:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll 2016-03-10 00:01 - 2016-03-08 12:16 - 17541312 _____ () C:\Users\maikon1\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1254] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\aeriagames.com -> hxxp://aeriagames.com IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\vizzed.com -> www.vizzed.com ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 10:25 - 2016-03-15 19:30 - 00000965 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: BEService => 3 MSCONFIG\Services: Droid4XService => 2 HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk" HKLM\...\StartupApproved\StartupFolder: => "WebBrowserMixVideoPlayer.lnk" HKLM\...\StartupApproved\Run: => "Diebold - Warsaw" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "BlueStacks Agent" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Aeria Ignite" HKLM\...\StartupApproved\Run32: => "HomePageHelper" HKLM\...\StartupApproved\Run32: => "LightGate" HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_012D41C1489079A901D7DEC0EC37BB12" HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\StartupApproved\Run: => "WTFast Tray" HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\StartupApproved\Run: => "Pritc" HKU\S-1-5-21-3909884390-1257746683-1627875442-1001\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{4172603E-8C06-4BCA-87CD-CA66894DF983}] => (Allow) D:\Steam\steamapps\common\TERA\TERA-Launcher.exe FirewallRules: [{7060AA9C-3978-41D0-B5B3-9D439E5C80E0}] => (Allow) D:\Steam\steamapps\common\TERA\TERA-Launcher.exe FirewallRules: [{695C57DB-B18D-4869-8C8B-E18751940ECE}] => (Allow) D:\DragomonHunter-US\Game.bin FirewallRules: [{5EE1BA5B-51FD-4BB7-9798-B62904C3EEE4}] => (Allow) D:\DragomonHunter-US\Game.bin FirewallRules: [UDP Query User{2C06ACB1-FD6C-419B-B92A-B20A82B71AC4}C:\users\maikon1\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\maikon1\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{9D4BE2BA-5415-4EB7-98C0-E7B152B28221}C:\users\maikon1\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\maikon1\appdata\local\akamai\netsession_win.exe FirewallRules: [{EE3257AB-1604-4E56-818D-BDEF6A05FA3F}] => (Allow) D:\Droid4X\MultiMgr.exe FirewallRules: [{81437F7C-B1C3-4353-8DBF-07DC8655912E}] => (Allow) C:\Users\maikon1\LINE\LINE.exe FirewallRules: [{75E54AA8-2B07-40FD-A4CC-8B1278293505}] => (Allow) C:\Users\maikon1\LINE\LINE.exe FirewallRules: [{E0B44970-3F9E-4460-A29F-9417B8602C69}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe FirewallRules: [{AA5FEBC8-4487-4350-886C-F705AC1813DE}] => (Allow) D:\Droid4X\download\MiniThunderPlatform.exe FirewallRules: [{5306F6CE-E70A-4194-9186-E430847B6D5C}] => (Allow) D:\Droid4X\Droid4X.exe FirewallRules: [TCP Query User{82FF9121-1AEC-448C-B6F9-2797FA7BEF65}C:\users\maikon1\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\maikon1\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe FirewallRules: [UDP Query User{9E3D731A-7964-44C6-AC61-2269DBAC7836}C:\users\maikon1\downloads\7.days.to.die.alpha.v12.5.x64-ali213\7 days to die\7daystodie.exe] => (Allow) C:\users\maikon1\downloads\7.days.to.die.alpha.v12.5.x64-ali213\7 days to die\7daystodie.exe FirewallRules: [TCP Query User{64E94646-48D9-4380-892E-3BDFEE9E5C7B}C:\users\maikon1\downloads\7.days.to.die.alpha.v12.5.x64-ali213\7 days to die\7daystodie.exe] => (Allow) C:\users\maikon1\downloads\7.days.to.die.alpha.v12.5.x64-ali213\7 days to die\7daystodie.exe FirewallRules: [UDP Query User{7BD700F3-9538-49F6-8F10-D0E77DFF4C6C}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe FirewallRules: [TCP Query User{A91A12F5-A889-4236-953B-1D80A2A9360D}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe FirewallRules: [UDP Query User{FF7D42C4-6226-4AD1-9619-9D30DAB3E054}C:\program files (x86)\soundwire server\soundwireserver.exe] => (Allow) C:\program files (x86)\soundwire server\soundwireserver.exe FirewallRules: [TCP Query User{ED8324A6-092B-44E2-9416-D9EA73ABF2BC}C:\program files (x86)\soundwire server\soundwireserver.exe] => (Allow) C:\program files (x86)\soundwire server\soundwireserver.exe FirewallRules: [{56F78BA6-A3AB-4CD7-BCAD-672BE49E17D2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{EA79D806-F95C-4B05-91B1-E36FAF93D5D9}] => (Allow) LPort=1900 FirewallRules: [{48019864-EE82-4167-8AEF-4197457244E1}] => (Allow) LPort=2869 FirewallRules: [{D82FA4AC-2E67-433C-9B4F-80B2FCBC3B44}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{6086F419-774D-4C90-AF41-36FF90EFCF74}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{D258B190-0EF6-422E-A24C-9B12928DD9F7}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{2F828D99-28F3-400B-AFB3-49463A50B2E1}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{6BE3ED45-D321-4F36-8A45-48EF3212B0C2}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{A17A89EA-17DA-4E7A-8D7C-C96D68B55D1F}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{C76D97EF-388A-4845-B958-039C32544C48}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{037C9112-A52C-4B7B-A3B2-CFC777E65B4C}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{5E24A610-0022-4885-9CDA-C613D11D9080}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{728864DE-64B5-46C7-A63D-25D70B4DD673}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{4B1C4E2C-51A0-4083-8263-5B1774268243}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{E1A14DA6-CB65-4877-A11F-49DA48CF0797}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{C9E956FD-D9B8-4DD8-8BC4-84A3157D8420}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{CBC46B99-E6F1-4F85-89CF-042F7A08E515}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{E523D996-C678-4E8E-9014-2C39D1184570}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [UDP Query User{5F47D641-FDE8-40FE-A366-1C62AD08D2C1}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [TCP Query User{427E9100-48A2-4DD5-968A-418181F4D52E}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [{DCD10047-2120-43CB-A3B2-014A6C3B4828}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\dota.exe FirewallRules: [{2CDE05FD-E688-4819-ADFA-137421C1E492}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\dota.exe FirewallRules: [{C19A53BC-A0CE-4488-9D47-CC8C7C1497B1}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{154564D6-889B-4766-8B83-3ECF47FB5D36}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{2FA4A67C-06BC-4A2C-BD99-5CD07C1F4506}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{4B3F0D3C-A1D2-4FD0-BD1F-E965A0D19A52}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{E5E9BDB1-0E5D-4EEC-B721-6BD78D336296}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{01631534-C463-4619-ACD3-11CAFADB3042}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{0D820F77-63F6-419E-911B-C8E325F8C572}D:\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe] => (Allow) D:\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe FirewallRules: [UDP Query User{CE35FA6F-190C-4BE0-8D91-5853CCB9C676}D:\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe] => (Allow) D:\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe FirewallRules: [{179E6613-6054-4939-8C2A-642957E2FFD1}] => (Allow) D:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{B4742C4B-8CBF-4D3C-B484-9FB41F5584C6}] => (Allow) D:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{ED6F6301-D13D-4252-8A4B-0B31200A26B3}] => (Allow) C:\Users\maikon1\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{45E68D6A-5A34-4697-8A6B-1C9B99836CF6}] => (Allow) C:\Users\maikon1\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A21ED715-A95A-4EDA-A554-A11DD4E835B8}] => (Allow) D:\Steam\steamapps\common\Resident Evil 5\Launcher.exe FirewallRules: [{2A6F44E1-71D0-40C8-B200-64C548861279}] => (Allow) D:\Steam\steamapps\common\Resident Evil 5\Launcher.exe FirewallRules: [TCP Query User{F52F3AF1-D540-40F3-9451-46306B6F6678}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{A92852C1-35D9-4BAF-8E4B-B359165CCD5B}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{6AAB730A-6E60-4C69-8247-7FAA5DD66FF1}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{D1C49D65-D790-43CC-8A81-0756603921B3}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [{85FB0B14-2E21-4919-9F58-080FE2A150B1}] => (Allow) D:\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe FirewallRules: [{AD54F881-0F58-4B0B-88BF-4BDA734C8355}] => (Allow) D:\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe FirewallRules: [{970AE3EC-7B7D-4420-962E-E6410CB6966B}] => (Allow) D:\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe FirewallRules: [{26D8C014-75B4-43EE-ABA5-9EE0AAC1A5DA}] => (Allow) D:\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe FirewallRules: [{A6A48A3C-53F5-4250-BBA7-C39CEA53A7B7}] => (Allow) D:\Steam\steamapps\common\Evoland\Evoland.exe FirewallRules: [{901864B1-BAC5-4CB0-9479-4370253109E4}] => (Allow) D:\Steam\steamapps\common\Evoland\Evoland.exe FirewallRules: [{422B2416-6DEC-4D8E-BA37-EACA1CCB3F07}] => (Allow) D:\Steam\steamapps\common\Mortal Kombat Arcade Kollection\BINARIES\WIN32\MKHDGame.exe FirewallRules: [{6F8BAF45-35D5-49CD-8729-CEE273F5A3B4}] => (Allow) D:\Steam\steamapps\common\Mortal Kombat Arcade Kollection\BINARIES\WIN32\MKHDGame.exe FirewallRules: [{8E36C0FB-5FAB-45F6-9F33-4FB1C1A45F67}] => (Allow) D:\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe FirewallRules: [{A2552275-4900-4504-860D-994B73072832}] => (Allow) D:\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe FirewallRules: [{C18577BE-C0DB-4DE3-8DF6-643E174124B8}] => (Allow) D:\Steam\steamapps\common\Castlevania Lords of Shadow 2\bin\CLOS2.exe FirewallRules: [{798E9F96-3F87-4077-B68C-1BCD96C60A18}] => (Allow) D:\Steam\steamapps\common\Castlevania Lords of Shadow 2\bin\CLOS2.exe FirewallRules: [{36395D47-DAEA-4E0C-928A-50E8ADB2C5CC}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe FirewallRules: [{4739F90E-D89E-499D-A10F-D016634EE4A0}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe FirewallRules: [{604F7803-39BB-4FBB-B288-94955560D6A8}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe FirewallRules: [{EB5CE295-AC5B-40CD-A8F3-A4971164C0E9}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe FirewallRules: [{BD9AC5CB-DE30-4FDE-A029-D4FFC88C192F}] => (Allow) D:\Steam\steamapps\common\DB Xenoverse\DBXV.exe FirewallRules: [{8AEBB85A-8DAA-450C-A5B5-340D5A7E3C8F}] => (Allow) D:\Steam\steamapps\common\DB Xenoverse\DBXV.exe FirewallRules: [{035270BD-C71D-416E-9E55-0269502478EE}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{9414277F-D836-4937-990E-A1E0EB2C8438}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{496D0DE0-CD6B-41C8-A36A-8A9EB3DF8741}] => (Allow) D:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe FirewallRules: [{164E2598-6C56-4242-B746-F2E37762C653}] => (Allow) D:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe FirewallRules: [{51DB9064-146C-4259-8AC8-9C1CA2F5A3E1}] => (Allow) D:\Steam\steamapps\common\ChromaSquad\chromasquad.exe FirewallRules: [{D7D23F44-8716-4AE0-A95B-A53AEABB19DB}] => (Allow) D:\Steam\steamapps\common\ChromaSquad\chromasquad.exe FirewallRules: [{295EE0C1-27E3-4C9F-BD10-FF3849171363}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{E3B9ECA2-B1FA-4106-AF67-5774D65CBC85}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{BC8C6C75-6B01-42C7-A40C-3541988A7BC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{A7C68464-86DB-42F2-A77C-61D8D58CC346}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{EC970BDA-91F0-4B27-9B09-A46764FDBD97}] => (Allow) D:\Steam\steamapps\common\Gods Will Be Watching\gwbw.exe FirewallRules: [{E5A686FC-3069-4E61-86F2-5A5C527CD1F7}] => (Allow) D:\Steam\steamapps\common\Gods Will Be Watching\gwbw.exe FirewallRules: [TCP Query User{FA24DF85-3BAE-413B-87AE-0E9138619EA9}D:\steam\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) D:\steam\steamapps\common\resident evil 5\re5dx9.exe FirewallRules: [UDP Query User{50F74E26-4B85-4179-8FEE-0A6D82E04D48}D:\steam\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) D:\steam\steamapps\common\resident evil 5\re5dx9.exe FirewallRules: [{7A8D6E4B-4559-4FEB-9208-087AF9C2006F}] => (Block) D:\steam\steamapps\common\resident evil 5\re5dx9.exe FirewallRules: [{E885CE14-F583-457A-9821-84A98715A459}] => (Block) D:\steam\steamapps\common\resident evil 5\re5dx9.exe FirewallRules: [{BCD34D93-DCF5-4A19-99FF-95A3E169211A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{530BD2EC-788C-4EBC-9E06-402B8356FB72}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [TCP Query User{BAC5A42B-3A12-4912-A3BF-D9FEF748536C}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{090EAEB1-5D46-4719-A0AC-E1EC843EF5D1}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [{F85BE050-E41C-4BC0-BB5D-98CFDFAF66C2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [{88581DBC-75CB-41B0-8FC8-C2701D9B29B2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{D8CEC1BD-95A3-4E41-8F14-7B094A9CA874}C:\users\maikon1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maikon1\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2DE6DE53-677C-4E6B-9C94-9F5B529A687B}C:\users\maikon1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maikon1\appdata\roaming\spotify\spotify.exe FirewallRules: [{87E12DA6-3741-4BA6-B66D-CC8D2E293C9E}] => (Block) C:\users\maikon1\appdata\roaming\spotify\spotify.exe FirewallRules: [{3D2EDC57-1D81-4E7C-B6C2-91A172C26603}] => (Block) C:\users\maikon1\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{C58FD979-EB5F-463D-BA2E-B8DF21DC60F8}C:\users\public\sony online entertainment\installed games\dragons prophet\dp_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\dragons prophet\dp_x64.exe FirewallRules: [UDP Query User{DAECA925-CB67-49F3-8560-2F0C5D0700D1}C:\users\public\sony online entertainment\installed games\dragons prophet\dp_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\dragons prophet\dp_x64.exe FirewallRules: [{EFF515F3-F372-46FB-8DB9-5D571DC1FAB1}] => (Block) C:\users\public\sony online entertainment\installed games\dragons prophet\dp_x64.exe FirewallRules: [{FA361ABA-2E8E-462E-BB7F-BC2E8EE37C3B}] => (Block) C:\users\public\sony online entertainment\installed games\dragons prophet\dp_x64.exe FirewallRules: [{B50FAC7E-121D-4547-ABBD-B37D923A338D}] => (Allow) D:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe FirewallRules: [{689B2DA2-8854-41D2-AD73-7092FD092E24}] => (Allow) D:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe FirewallRules: [TCP Query User{29F682EF-D3E9-4CC5-AF9B-543A8EE814A7}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{A97BCA2C-E0CC-4553-A2EA-FAF1D2DA1057}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [{AED94834-FF03-4922-B6E7-15B13D8FDBD4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{3152398A-F3EB-42A3-8ADD-3DC974768F3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{03C8E401-6758-413A-BE74-DF8563778336}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{E869059F-B7DF-4146-BE48-B899AB15A257}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1B76FA5E-C5CE-4B2A-BFEA-C13AFD0D1F39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{E6712B94-D0D4-41D4-BD28-F5D06853DABA}C:\users\maikon1\appdata\local\apps\2.0\hkbjb3wm.rbr\69vlmqm8.z5p\leve..tion_277729edc54ae6cf_0000.0009_b7445b2a18252fba\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\maikon1\appdata\local\apps\2.0\hkbjb3wm.rbr\69vlmqm8.z5p\leve..tion_277729edc54ae6cf_0000.0009_b7445b2a18252fba\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [UDP Query User{D7EB368B-0D81-44DF-ACEE-FB2939E16603}C:\users\maikon1\appdata\local\apps\2.0\hkbjb3wm.rbr\69vlmqm8.z5p\leve..tion_277729edc54ae6cf_0000.0009_b7445b2a18252fba\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\maikon1\appdata\local\apps\2.0\hkbjb3wm.rbr\69vlmqm8.z5p\leve..tion_277729edc54ae6cf_0000.0009_b7445b2a18252fba\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [{82D568CB-3EB8-4641-83F4-BB4F6EE775DA}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{90C7A7AC-1475-435C-A646-DE3DFEC474F8}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{36C9E788-ABD5-47C1-A2E5-FC4C967EF3EB}] => (Allow) D:\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe FirewallRules: [{82A5D7D7-5C1A-4E47-BC14-366E69AC2CBB}] => (Allow) D:\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe FirewallRules: [{99CC3ECC-A7AA-49F4-9260-E89FC84516CF}] => (Allow) D:\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [{CFD7EE63-BB9E-4A50-8A84-C8F7E897977C}] => (Allow) D:\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [TCP Query User{DD7BD51A-1A0E-411F-87D2-642F06A511BC}D:\ut\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\ut\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{70DB1E2C-144D-4702-8F80-B42FAF841604}D:\ut\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\ut\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{72950304-3C59-45CC-9634-51C4CF25A73D}D:\ut\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\ut\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{128A086A-3FA4-40EB-9285-C16476BA14AA}D:\ut\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\ut\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{5C203A3F-E306-4327-BC7F-090AD71DD1BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E3C4D3B1-AA9A-4E4B-B1C9-BFA931B562C4}] => (Allow) D:\Steam\steamapps\common\Renegade Ops\RenegadeOps.exe FirewallRules: [{57FE307B-5D18-4583-A34C-608DED5DA52E}] => (Allow) D:\Steam\steamapps\common\Renegade Ops\RenegadeOps.exe FirewallRules: [{205093CC-E3CE-4577-97CD-8EA51889C358}] => (Allow) D:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe FirewallRules: [{BE3D1C86-10C4-4B33-9B7F-9DDA7E633E23}] => (Allow) D:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe FirewallRules: [{77E28EFC-A166-4CDD-94F3-736A5C544122}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{31C43D69-9D64-487A-AF02-62A6EB28BA71}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [TCP Query User{1BE65E74-D2DF-4F24-B27F-ED302D122BE8}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{96DD509D-D7F6-40A8-8CA3-71029704BD6D}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [TCP Query User{40CFE985-9031-49EA-876F-3FEA23847B67}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [UDP Query User{F32E5DE1-948B-481F-9FAF-B361C2465E36}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [{04988EF6-D527-4691-8E97-4BCCF5179FDD}] => (Allow) C:\Program Files\UBar\ubar.exe FirewallRules: [{C7A81C74-BA83-4572-9DBF-4913383329B1}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe FirewallRules: [{FF55B660-FFB9-4586-98E2-838F80192E7A}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe FirewallRules: [{9FDBBA96-EFDA-424F-9E1A-B551B313E763}] => (Allow) C:\Users\maikon1\AppData\Local\Temp\7zS2669.tmp\SymNRT.exe FirewallRules: [{029828A5-2FB2-4219-A5B5-8FD26A02E9F4}] => (Allow) C:\Users\maikon1\AppData\Local\Temp\7zS2669.tmp\SymNRT.exe FirewallRules: [{716C4282-B90E-47E1-AC3B-68A1F91B8F6E}] => (Allow) C:\Users\maikon1\AppData\Local\Temp\7zSB5E9.tmp\SymNRT.exe FirewallRules: [{AF72FF25-B8A8-4428-858A-103BF451CAB7}] => (Allow) C:\Users\maikon1\AppData\Local\Temp\7zSB5E9.tmp\SymNRT.exe FirewallRules: [{0A5750F9-2258-4932-8D87-3A73BE32C9E1}] => (Allow) C:\WINDOWS\system32\config\systemprofile\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{79825072-B381-40B9-8AED-4D8982593BA6}] => (Allow) C:\Users\maikon1\AppData\Local\Temp\7zS97F.tmp\SymNRT.exe FirewallRules: [{972C493C-CEF9-4D3D-B6AF-57890967E54A}] => (Allow) C:\Users\maikon1\AppData\Local\Temp\7zS97F.tmp\SymNRT.exe ==================== Restore Points ========================= 15-03-2016 02:30:50 Installed SpyHunter ==================== Faulty Device Manager Devices ============= Name: AMDA00 Interface Description: AMDA00 Interface Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: ASUSTeK Computer Inc. Service: WUDFRd Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (03/15/2016 07:34:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SystemSettingsBroker.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d7b4 Nome do módulo com falha: SettingsHandlers_Notifications.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d70b Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000002b7d1 ID do processo com falha: 0x1a80 Hora de início do aplicativo com falha: 0xSystemSettingsBroker.exe0 Caminho do aplicativo com falha: SystemSettingsBroker.exe1 Caminho do módulo com falha: SystemSettingsBroker.exe2 ID do Relatório: SystemSettingsBroker.exe3 Nome completo do pacote com falha: SystemSettingsBroker.exe4 ID do aplicativo relativo ao pacote com falha: SystemSettingsBroker.exe5 Error: (03/15/2016 07:34:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.10586.122, carimbo de data/hora: 0x56cc0133 Nome do módulo com falha: Windows.UI.Xaml.dll, versão: 10.0.10586.71, carimbo de data/hora: 0x5699d8e0 Código de exceção: 0xc000027b Deslocamento da falha: 0x00000000004a09b4 ID do processo com falha: 0x9f0 Hora de início do aplicativo com falha: 0xShellExperienceHost.exe0 Caminho do aplicativo com falha: ShellExperienceHost.exe1 Caminho do módulo com falha: ShellExperienceHost.exe2 ID do Relatório: ShellExperienceHost.exe3 Nome completo do pacote com falha: ShellExperienceHost.exe4 ID do aplicativo relativo ao pacote com falha: ShellExperienceHost.exe5 Error: (03/15/2016 07:31:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: GfExperienceService.exe, versão: 2.10.2.40, carimbo de data/hora: 0x56c2f7b4 Nome do módulo com falha: SafeGuard64.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x5683828f Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000005827b ID do processo com falha: 0x964 Hora de início do aplicativo com falha: 0xGfExperienceService.exe0 Caminho do aplicativo com falha: GfExperienceService.exe1 Caminho do módulo com falha: GfExperienceService.exe2 ID do Relatório: GfExperienceService.exe3 Nome completo do pacote com falha: GfExperienceService.exe4 ID do aplicativo relativo ao pacote com falha: GfExperienceService.exe5 Error: (03/15/2016 07:28:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: mixvideoplayersetup.exe, versão: 0.0.0.0, carimbo de data/hora: 0x4b1ae3d2 Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento da falha: 0x001442c3 ID do processo com falha: 0x290 Hora de início do aplicativo com falha: 0xmixvideoplayersetup.exe0 Caminho do aplicativo com falha: mixvideoplayersetup.exe1 Caminho do módulo com falha: mixvideoplayersetup.exe2 ID do Relatório: mixvideoplayersetup.exe3 Nome completo do pacote com falha: mixvideoplayersetup.exe4 ID do aplicativo relativo ao pacote com falha: mixvideoplayersetup.exe5 Error: (03/15/2016 07:11:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SkypeC2CAutoUpdateSvc.exe, versão: 8.0.0.9103, carimbo de data/hora: 0x568f9008 Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0004221c ID do processo com falha: 0x8e8 Hora de início do aplicativo com falha: 0xSkypeC2CAutoUpdateSvc.exe0 Caminho do aplicativo com falha: SkypeC2CAutoUpdateSvc.exe1 Caminho do módulo com falha: SkypeC2CAutoUpdateSvc.exe2 ID do Relatório: SkypeC2CAutoUpdateSvc.exe3 Nome completo do pacote com falha: SkypeC2CAutoUpdateSvc.exe4 ID do aplicativo relativo ao pacote com falha: SkypeC2CAutoUpdateSvc.exe5 Error: (03/15/2016 07:11:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SkypeC2CAutoUpdateSvc.exe, versão: 8.0.0.9103, carimbo de data/hora: 0x568f9008 Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x568382a8 Código de exceção: 0xc00001a5 Deslocamento da falha: 0x001442c3 ID do processo com falha: 0x8e8 Hora de início do aplicativo com falha: 0xSkypeC2CAutoUpdateSvc.exe0 Caminho do aplicativo com falha: SkypeC2CAutoUpdateSvc.exe1 Caminho do módulo com falha: SkypeC2CAutoUpdateSvc.exe2 ID do Relatório: SkypeC2CAutoUpdateSvc.exe3 Nome completo do pacote com falha: SkypeC2CAutoUpdateSvc.exe4 ID do aplicativo relativo ao pacote com falha: SkypeC2CAutoUpdateSvc.exe5 Error: (03/15/2016 04:47:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: GfExperienceService.exe, versão: 2.10.2.40, carimbo de data/hora: 0x56c2f7b4 Nome do módulo com falha: SafeGuard64.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x5683828f Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000005827b ID do processo com falha: 0x938 Hora de início do aplicativo com falha: 0xGfExperienceService.exe0 Caminho do aplicativo com falha: GfExperienceService.exe1 Caminho do módulo com falha: GfExperienceService.exe2 ID do Relatório: GfExperienceService.exe3 Nome completo do pacote com falha: GfExperienceService.exe4 ID do aplicativo relativo ao pacote com falha: GfExperienceService.exe5 Error: (03/15/2016 04:28:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: IEXPLORE.EXE, versão: 11.0.10586.20, carimbo de data/hora: 0x56541caa Nome do módulo com falha: ntdll.dll, versão: 10.0.10586.122, carimbo de data/hora: 0x56cc16f5 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0007c10e ID do processo com falha: 0xec0 Hora de início do aplicativo com falha: 0xIEXPLORE.EXE0 Caminho do aplicativo com falha: IEXPLORE.EXE1 Caminho do módulo com falha: IEXPLORE.EXE2 ID do Relatório: IEXPLORE.EXE3 Nome completo do pacote com falha: IEXPLORE.EXE4 ID do aplicativo relativo ao pacote com falha: IEXPLORE.EXE5 Error: (03/15/2016 04:28:37 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa iexplore.exe versão 11.0.10586.20 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 2110 Hora de Início: 01d17ef0d9d1ad18 Hora de Término: 4 Caminho do Aplicativo: C:\Program Files\Internet Explorer\iexplore.exe ID do Relatório: 1bd0e127-eae4-11e5-833b-382c4a8c5efb Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (03/15/2016 04:25:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: GfExperienceService.exe, versão: 2.10.2.40, carimbo de data/hora: 0x56c2f7b4 Nome do módulo com falha: SafeGuard64.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x5683828f Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000005827b ID do processo com falha: 0x8c4 Hora de início do aplicativo com falha: 0xGfExperienceService.exe0 Caminho do aplicativo com falha: GfExperienceService.exe1 Caminho do módulo com falha: GfExperienceService.exe2 ID do Relatório: GfExperienceService.exe3 Nome completo do pacote com falha: GfExperienceService.exe4 ID do aplicativo relativo ao pacote com falha: GfExperienceService.exe5 System errors: ============= Error: (03/15/2016 08:51:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço GbpSv. Error: (03/15/2016 08:51:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço GbpSv. Error: (03/15/2016 08:50:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço GbpSv. Error: (03/15/2016 08:50:16 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (03/15/2016 08:44:48 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (03/15/2016 08:30:13 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (03/15/2016 07:31:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço NVIDIA GeForce Experience Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/15/2016 07:29:47 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (03/15/2016 07:29:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Google Update Service (gupdate) devido ao seguinte erro: %%1053 Error: (03/15/2016 07:29:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Google Update Service (gupdate). CodeIntegrity: =================================== Date: 2016-03-15 15:13:17.421 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-15 02:30:14.868 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-15 02:30:14.650 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-15 01:19:28.994 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-15 01:19:28.774 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-14 13:42:23.547 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-14 13:42:23.531 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-14 13:42:23.435 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-14 13:42:23.416 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-14 13:42:23.388 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz Percentage of memory in use: 53% Total physical RAM: 8097.67 MB Available physical RAM: 3799.79 MB Total Virtual: 13473.67 MB Available Virtual: 7143.16 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:145.7 GB) (Free:24.05 GB) NTFS Drive d: () (Fixed) (Total:785.03 GB) (Free:241.78 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 33003C89) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=145.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=785 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================