Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2017 Ran by Célio Pereira (11-01-2017 19:23:21) Running from C:\Users\Célio Pereira\Desktop Windows 8.1 Pro (Update) (X64) (2015-10-08 00:03:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1985691564-1225726452-1134471747-500 - Administrator - Disabled) Célio Pereira (S-1-5-21-1985691564-1225726452-1134471747-1001 - Administrator - Enabled) => C:\Users\Célio Pereira Guest (S-1-5-21-1985691564-1225726452-1134471747-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Age of Empires III - Complete Collection (HKLM-x32\...\Age of Empires III - Complete Collection_Origami_is1) (Version: 1.0 - R.G. Origami, Seraph1) Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden AnySend (HKLM-x32\...\ASPackage) (Version: - ) Apowersoft Online Launcher versão 1.3.6 (HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.3.6 - APOWERSOFT LIMITED) Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation) Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATTENTION Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.) CleanBrowser (HKLM-x32\...\CleanBrowser) (Version: - ) <==== ATTENTION CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien) CMS (HKLM-x32\...\CMS) (Version: - ) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.) Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.8.0.18 - DivX, LLC) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) KMSpico v9.3.1 (HKLM\...\KMSpico_is1) (Version: 9.3.1 - ) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Online Video Converter version 1.0.6 (HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\{628BF902-EB66-4BDB-97CB-AE4AAAAA5A7F}_is1) (Version: 1.0.6 - APOWERSOFT LIMITED) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge) Reincubate Video Converter (HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\Reincubate Video Converter) (Version: 1.2.5.0 - Reincubate Ltd) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) Social2Search (HKLM\...\1ed4e2375a10448b2befe3b252645eff) (Version: 11.12.1.233 (i1.0) - Social2Search) <==== ATTENTION Spotify (HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated) TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.11117 - TeamViewer GmbH) The Punisher (HKLM-x32\...\{329BF75E-4876-4687-9CAD-5AE7DE56EA22}) (Version: 1.00.0000 - THQ) timesindia.xyz (HKLM-x32\...\Links2) (Version: - Links2) trotux - Uninstall (HKLM-x32\...\{93E01B07-F222-4F9B-90CA-B6186C974307}) (Version: - ) <==== ATTENTION UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUSR_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3127934) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{670823C5-9E0F-444C-A115-E8C4F37C5707}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3127934) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUSR_{670823C5-9E0F-444C-A115-E8C4F37C5707}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3127934) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{670823C5-9E0F-444C-A115-E8C4F37C5707}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony) Warsaw 1.9.0.10533 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.9.0.10533 - GAS Tecnologia) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) WinSnare (HKLM-x32\...\{2D7A9DE0-A61B-4555-9E44-8485AE3DB8A8}) (Version: 4.0.4 - WinSnare) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\ChromeHTML: -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ATTENTION CustomCLSID: HKU\S-1-5-21-1985691564-1225726452-1134471747-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {69BC0997-0E8D-4A41-8FC8-F6B93C199225} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {9781E84E-E018-482F-93C3-E85BE7B4BE97} - System32\Tasks\Microsoft\Windows\Media Center\VCore => C:\ProgramData\vCore\VCore.exe [2017-01-06] () <==== ATTENTION Task: {C12165B6-3F8D-4FF6-81E0-7FB9EB282D71} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {EDB6C3DD-B1C5-4C0C-B6C9-5F4207651B56} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {F04A805A-50DA-49D8-806D-884786BA387A} - \updengine -> No File <==== ATTENTION Task: {F501206B-EB29-4A6B-90C0-6CB6041AB008} - \Qifiryplohele Builder -> No File <==== ATTENTION Task: {FCCDDB8F-8D0A-433C-9DAB-A55A926BA26F} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\Célio Pereira\AppData\Roaming\Adobe\Manager.exe [2017-01-11] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://www.timesindia.xyz?dt=11012017&aid=55115&uid=0a140691-0aa0-4471-bc7e-c1ea0cbf0bea" ShortcutWithArgument: C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" --disable-quic ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://www.timesindia.xyz?dt=11012017&aid=55115&uid=0a140691-0aa0-4471-bc7e-c1ea0cbf0bea" --disable-quic ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://www.timesindia.xyz?dt=11012017&aid=55115&uid=0a140691-0aa0-4471-bc7e-c1ea0cbf0bea" --disable-quic ==================== Loaded Modules (Whitelisted) ============== 2017-01-10 23:57 - 2017-01-10 23:57 - 00291328 ____H () C:\Program Files (x86)\Pervetainuserent Adapter\local64spl.dll 2017-01-11 00:06 - 2017-01-11 00:06 - 01620992 _____ () C:\ProgramData\service.exe 2017-01-10 23:53 - 2016-11-10 05:19 - 05091840 _____ () C:\Users\Célio Pereira\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe 2017-01-10 23:56 - 2017-01-10 23:56 - 00148480 _____ () C:\Users\Célio Pereira\AppData\Roaming\Puziknehation\Tejerck.dll 2017-01-11 18:43 - 2017-01-11 18:43 - 01370112 _____ () C:\Users\Célio Pereira\Downloads\ZA-Scan.exe 2017-01-10 23:53 - 2016-03-06 05:40 - 00083456 _____ () C:\Users\Célio Pereira\AppData\Roaming\WMPNetworkAcSvc\Interface.dll 2015-11-26 08:08 - 2015-11-26 08:07 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-01-11 17:45 - 2017-01-11 17:45 - 00508928 _____ () c:\programdata\winsapsvc\winsap.dll 2017-01-11 17:45 - 2017-01-11 17:45 - 00131072 _____ () c:\program files (x86)\gubed\gubedzl.dll 2016-12-14 20:22 - 2016-12-08 05:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll 2016-12-14 20:22 - 2016-12-08 05:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\caixa.gov.br -> imagem.caixa.gov.br ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 11:25 - 2017-01-10 23:55 - 00003722 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 34.195.153.94 www.google-analytics.com 34.195.153.94 google-analytics.com 34.195.153.94 mc.yandex.ru 34.195.153.94 top-fwz1.mail.ru 34.195.153.94 site.yandex.net 34.195.153.94 pagead2.googlesyndication.com 34.195.153.94 ad.mail.ru 34.195.153.94 ads.adfox.ru 34.195.153.94 ads.pubmatic.com 34.195.153.94 apis.google.com 34.195.153.94 autocontext.begun.ru 34.195.153.94 b.scorecardresearch.com 34.195.153.94 c.amazon-adsystem.com 34.195.153.94 cdn.admixer.net 34.195.153.94 cdn.cxense.com 34.195.153.94 cdn.livefyre.com 34.195.153.94 cdn.onthe.io 34.195.153.94 cdn.optimizely.com 34.195.153.94 cdn.prom.st 34.195.153.94 cdn.pushwoosh.com There are 55 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Windows Photo Viewer\Papel de Parede do Visualizador de Fotos do Windows.jpg DNS Servers: 10.1.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{88FAC3D0-20E5-4234-8B8F-FF7B2A46FDD1}] => C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{AF1FA4F6-0A69-47A7-9D7A-CE386958F5F8}] => C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{F39C6598-5A51-476A-87F3-DEE039BA95BD}] => C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{D829120F-6527-4A23-A0EE-ED458E525F54}] => C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{206F2F75-65B2-4B54-A086-47E374B37ABC}] => C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{56071A90-5B3A-4B69-946C-26B3C987C258}] => C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{079C88F9-DA88-45B6-BB03-165E69D4BFA6}] => C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{7C4F6247-C380-4E62-B96B-9161CF48A6B4}] => C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{A9FA1EEA-B680-4599-BF73-63995D9AF155}] => C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe FirewallRules: [{BEE02E15-D9CA-4368-B78F-8AE6ABAAEC9F}] => C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe FirewallRules: [{FC390BB4-721E-473F-B4C4-252CD646618B}] => C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe FirewallRules: [{3DF4767A-623C-48F7-8689-EE1000E8C52C}] => C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe FirewallRules: [{5C748DBE-0017-4B2C-BD84-B02629E7FCB6}] => C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{52EEBB67-67F0-4CCE-9EB7-093E37E0F43B}] => C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{9BEE0EED-2E5F-4390-82F7-B8EA5E56C8FE}] => C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{2840266E-ACA4-4F03-B9EF-4C7F33CD5DC1}] => C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{C200C1DE-4A48-48A5-9B33-6FC82DF924EC}] => C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{8D26962E-16C0-4CD6-8A53-4B4D07976E9B}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{7CAF03A4-FA1F-4111-A167-4D5D769B8FEE}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{BFCADA51-53DE-4B83-BDB7-E998D20E4C57}] => C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{F76F45F4-332F-4D64-9709-23FBA4461FBE}] => C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{A9B3CB92-A521-4528-8D46-BACBC0F96898}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{33F7644E-C5C1-4992-A809-B90420C6734F}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{17CACC70-2604-4C7E-A41D-D3EE66E6A2B3}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{785889E4-6912-42AF-8DD6-2968D3DD9E6B}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{3701E196-D957-4897-9C38-3A03F022F605}] => LPort=1689 FirewallRules: [TCP Query User{AF846EB4-F983-4D98-995A-7F729E25A203}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{85C1D478-36AB-4B79-B513-C854A6EADA4B}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{C3B94B90-2876-4462-BB9C-9C89BFDA7D53}C:\users\célio pereira\downloads\saints row the third complete edition [multi9][pcdvd][19 dlc][revolt][www.gamestorrents.com]\revolt-srttc3\saints row the third\saintsrowthethird.exe] => C:\users\célio pereira\downloads\saints row the third complete edition [multi9][pcdvd][19 dlc][revolt][www.gamestorrents.com]\revolt-srttc3\saints row the third\saintsrowthethird.exe FirewallRules: [UDP Query User{8A45211E-6123-44CD-8CE6-FC9ADC7E3EBD}C:\users\célio pereira\downloads\saints row the third complete edition [multi9][pcdvd][19 dlc][revolt][www.gamestorrents.com]\revolt-srttc3\saints row the third\saintsrowthethird.exe] => C:\users\célio pereira\downloads\saints row the third complete edition [multi9][pcdvd][19 dlc][revolt][www.gamestorrents.com]\revolt-srttc3\saints row the third\saintsrowthethird.exe FirewallRules: [TCP Query User{5126B8AC-EE8D-471F-B86E-8C4685857C79}C:\users\célio pereira\downloads\saints row the third complete edition [multi9][pcdvd][19 dlc][revolt][www.gamestorrents.com]\revolt-srttc3\saints row the third\saintsrowthethird_dx11.exe] => C:\users\célio pereira\downloads\saints row the third complete edition [multi9][pcdvd][19 dlc][revolt][www.gamestorrents.com]\revolt-srttc3\saints row the third\saintsrowthethird_dx11.exe FirewallRules: [UDP Query User{57697B61-09E9-4AD6-90A5-62890C9C509A}C:\users\célio pereira\downloads\saints row the third complete edition [multi9][pcdvd][19 dlc][revolt][www.gamestorrents.com]\revolt-srttc3\saints row the third\saintsrowthethird_dx11.exe] => C:\users\célio pereira\downloads\saints row the third complete edition [multi9][pcdvd][19 dlc][revolt][www.gamestorrents.com]\revolt-srttc3\saints row the third\saintsrowthethird_dx11.exe FirewallRules: [TCP Query User{D0573D46-14E4-4D6A-A463-161FDB9AB3FB}C:\users\célio pereira\appdata\roaming\spotify\spotify.exe] => C:\users\célio pereira\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{3D30927A-D49E-486C-A9DB-3FD0D40447A7}C:\users\célio pereira\appdata\roaming\spotify\spotify.exe] => C:\users\célio pereira\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{C17515FC-C524-4116-9D5E-6323FDD96059}C:\users\célio pereira\appdata\roaming\spotify\spotify.exe] => C:\users\célio pereira\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{66563508-80CA-42B1-B5CD-EF2801854096}C:\users\célio pereira\appdata\roaming\spotify\spotify.exe] => C:\users\célio pereira\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{99CEF600-273A-4238-BE02-F7CDEDA1F4AE}C:\users\célio pereira\downloads\call of duty 5 world at war v_1.7 full game -=aviara=-\call of duty - world at war\cod5sp.exe] => C:\users\célio pereira\downloads\call of duty 5 world at war v_1.7 full game -=aviara=-\call of duty - world at war\cod5sp.exe FirewallRules: [UDP Query User{78C2121D-D0B9-4AA1-B71F-EB03E9B14306}C:\users\célio pereira\downloads\call of duty 5 world at war v_1.7 full game -=aviara=-\call of duty - world at war\cod5sp.exe] => C:\users\célio pereira\downloads\call of duty 5 world at war v_1.7 full game -=aviara=-\call of duty - world at war\cod5sp.exe FirewallRules: [TCP Query User{5F6C95FC-A57C-48B3-8754-E04AE89621BD}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe FirewallRules: [UDP Query User{DEB0031A-359D-4A30-B103-7E8BDDA15C5C}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe FirewallRules: [TCP Query User{082F7E7D-6B53-4096-9337-861B1C6556F2}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe FirewallRules: [UDP Query User{C6562E5A-5760-4ECD-9F4C-5B809048307C}C:\program files (x86)\cms\cms.exe] => C:\program files (x86)\cms\cms.exe FirewallRules: [{FF98E7AD-EF35-4F3D-8F73-0115E5787B6D}] => LPort=1689 FirewallRules: [{E053693B-09A4-4CFA-A28D-A522EE535040}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E246AC61-0BF6-4950-86AC-EEDD790F6FA6}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{7C81A5A4-0CFD-4328-A116-4EDBF965798E}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe] => C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe FirewallRules: [UDP Query User{1FE0C6A1-FDF4-4B04-A31C-FA0CE09F7DD9}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe] => C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe FirewallRules: [{FCC0713E-C0DC-4B04-A099-D0AB834F1E3F}] => C:\Program Files (x86)\Apowersoft\MKV Converter Studio\MKV Converter Studio.exe FirewallRules: [{FB8E8927-4B83-462D-9A34-9A55DAABCE66}] => C:\Program Files (x86)\Apowersoft\MKV Converter Studio\MKV Converter Studio.exe FirewallRules: [TCP Query User{A24F9887-6B31-4AF8-B0D8-D2EFFED13D17}C:\program files (x86)\age of empires iii - complete collection\age3y.exe] => C:\program files (x86)\age of empires iii - complete collection\age3y.exe FirewallRules: [UDP Query User{31320D83-166B-4862-9AA8-8066EA89D826}C:\program files (x86)\age of empires iii - complete collection\age3y.exe] => C:\program files (x86)\age of empires iii - complete collection\age3y.exe FirewallRules: [{F24853A5-96AB-4021-93A0-4AA7B29DCFE7}] => C:\program files (x86)\age of empires iii - complete collection\age3y.exe FirewallRules: [{70F16052-674C-42AE-B7DF-CE28F40E6F8E}] => C:\program files (x86)\age of empires iii - complete collection\age3y.exe FirewallRules: [TCP Query User{AD79938E-0294-4B39-BBDC-6B17B86B4884}C:\users\célio pereira\appdata\local\temp\rar$exa0.485\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\célio pereira\appdata\local\temp\rar$exa0.485\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [UDP Query User{66FA9F38-696A-469C-990F-A3B94579A01B}C:\users\célio pereira\appdata\local\temp\rar$exa0.485\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\célio pereira\appdata\local\temp\rar$exa0.485\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [{EA16356F-DABD-43B7-839E-A397E4AF4348}] => C:\users\célio pereira\appdata\local\temp\rar$exa0.485\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [{C0E7E453-C6E3-4D10-8A0B-CCDC9DBB7F03}] => C:\users\célio pereira\appdata\local\temp\rar$exa0.485\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [TCP Query User{AF6A0A3A-2F67-49DA-A8F3-C732223A5740}C:\users\célio pereira\appdata\local\temp\rar$exa0.601\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\célio pereira\appdata\local\temp\rar$exa0.601\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [UDP Query User{E06C137C-EC82-4DF0-9B01-F780E1475151}C:\users\célio pereira\appdata\local\temp\rar$exa0.601\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\célio pereira\appdata\local\temp\rar$exa0.601\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [TCP Query User{45F30153-58AB-4732-9832-E21AD89808F5}C:\users\célio pereira\appdata\local\temp\rar$exa0.659\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\célio pereira\appdata\local\temp\rar$exa0.659\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [UDP Query User{8E97D748-7FA1-4882-B702-933153BBE42B}C:\users\célio pereira\appdata\local\temp\rar$exa0.659\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\célio pereira\appdata\local\temp\rar$exa0.659\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [TCP Query User{931AC1CC-36F1-46AA-B3D2-D53DDDA37174}C:\users\célio pereira\appdata\local\temp\rar$exa0.487\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\célio pereira\appdata\local\temp\rar$exa0.487\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [UDP Query User{8414676A-9AF2-46E3-87EB-36280958B087}C:\users\célio pereira\appdata\local\temp\rar$exa0.487\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\célio pereira\appdata\local\temp\rar$exa0.487\tjoc\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [{4E36553B-AF7E-46F3-A552-AEF1C3D1D55B}] => C:\Users\Célio Pereira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DEAD9B8D-34FA-447B-9F03-77E3D9A70D07}] => C:\Users\Célio Pereira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{000679A1-A286-4639-AF01-4C0EDE7AD9B3}] => C:\Users\Célio Pereira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{05881954-F9C2-4E18-BC24-4365C0ED37BF}] => C:\Users\Célio Pereira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2CF91439-6681-43AB-AEED-827BA322A236}] => C:\Users\Célio Pereira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D9F7500C-FAFE-4F0C-B0BC-A556A87919C7}] => C:\Users\Célio Pereira\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{B19D62B0-BF90-4F62-86C2-DF7D133948EF}C:\program files (x86)\age of empires iii - complete collection\age3.exe] => C:\program files (x86)\age of empires iii - complete collection\age3.exe FirewallRules: [UDP Query User{A6F32262-0363-44E1-8D3C-9FFEFB918723}C:\program files (x86)\age of empires iii - complete collection\age3.exe] => C:\program files (x86)\age of empires iii - complete collection\age3.exe FirewallRules: [{01A6C9A5-0269-444D-93AF-A88827992CBC}] => C:\program files (x86)\age of empires iii - complete collection\age3.exe FirewallRules: [{96CAA57F-99A4-4F7D-B409-6751B9910229}] => C:\program files (x86)\age of empires iii - complete collection\age3.exe FirewallRules: [TCP Query User{54ABA284-9755-4F43-B8E6-E06408595E90}C:\users\célio pereira\desktop\j\jogos\fc\singularity mod\saints row the third\saintsrowthethird.exe] => C:\users\célio pereira\desktop\j\jogos\fc\singularity mod\saints row the third\saintsrowthethird.exe FirewallRules: [UDP Query User{B97B6F3D-7D58-4E22-A48F-8E4225917D1D}C:\users\célio pereira\desktop\j\jogos\fc\singularity mod\saints row the third\saintsrowthethird.exe] => C:\users\célio pereira\desktop\j\jogos\fc\singularity mod\saints row the third\saintsrowthethird.exe FirewallRules: [{87FFFD0E-EB96-47D8-8F3C-6C8C194F28F2}] => C:\users\célio pereira\desktop\j\jogos\fc\singularity mod\saints row the third\saintsrowthethird.exe FirewallRules: [{D0D22089-AA55-4655-A17D-ADCBE5CACED5}] => C:\users\célio pereira\desktop\j\jogos\fc\singularity mod\saints row the third\saintsrowthethird.exe FirewallRules: [{3E5F015F-1E51-44F7-A771-4929827ECEF8}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{49DC177A-247C-4DBB-8B86-670A89AA6964}] => C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe FirewallRules: [{D4B9E642-603A-406E-9F62-D2444A01DC73}] => C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{2E47A1FD-88FE-427C-857F-4C0B483B9063}] => C:\Program Files\KMSpico\Service_KMS.exe ==================== Restore Points ========================= 24-12-2016 17:17:44 Scheduled Checkpoint 02-01-2017 19:15:10 Scheduled Checkpoint 09-01-2017 21:03:49 Scheduled Checkpoint 10-01-2017 23:57:08 Windows Defender Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/11/2017 07:16:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa IEXPLORE.EXE versão 11.0.9600.18124 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 718 Hora de Início: 01d26c4fe63b0921 Hora de Término: 16 Caminho do Aplicativo: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ID do Relatório: 26444a3f-d843-11e6-82b3-2089845db180 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/11/2017 03:50:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: gta_sa.exe, versão: 0.0.0.0, carimbo de data/hora: 0x427101ca Nome do módulo com falha: $fastman92limitadjuster.asi_unloaded, versão: 0.0.0.0, carimbo de data/hora: 0x58699a93 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00019e70 ID do processo com falha: 0xaa0 Hora de início do aplicativo com falha: 0x01d26c32f8b25147 Caminho do aplicativo com falha: C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe Caminho do módulo com falha: $fastman92limitadjuster.asi ID do Relatório: 6c33de91-d826-11e6-82b3-2089845db180 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/11/2017 02:58:38 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa mmc.exe versão 6.3.9600.17415 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 964 Hora de Início: 01d26bc691588132 Hora de Término: 7 Caminho do Aplicativo: C:\Windows\system32\mmc.exe ID do Relatório: 9b6d9ebd-d7ba-11e6-82b3-2089845db180 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/11/2017 02:51:52 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa mmc.exe versão 6.3.9600.17415 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 8ac Hora de Início: 01d26bc5b4db3dff Hora de Término: 9 Caminho do Aplicativo: C:\Windows\system32\mmc.exe ID do Relatório: 9b33a60b-d7b9-11e6-82b3-2089845db180 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/11/2017 02:45:49 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa mmc.exe versão 6.3.9600.17415 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 1410 Hora de Início: 01d26bc39e01241c Hora de Término: 11 Caminho do Aplicativo: C:\Windows\system32\mmc.exe ID do Relatório: d0a66585-d7b8-11e6-82b3-2089845db180 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/11/2017 01:12:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de data/hora: 0x55c116b1 Nome do módulo com falha: jucheck.exe, versão: 2.8.60.27, carimbo de data/hora: 0x55c116b1 Código de exceção: 0x40000015 Deslocamento da falha: 0x00052d24 ID do processo com falha: 0x1090 Hora de início do aplicativo com falha: 0x01d26bb87ce2e262 Caminho do aplicativo com falha: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe Caminho do módulo com falha: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe ID do Relatório: bcca8859-d7ab-11e6-82b3-2089845db180 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/11/2017 01:06:51 AM) (Source: Software Protection Platform Service) (EventID: 1017) (User: ) Description: Falha na instalação do Comprovante da Compra. 0xC004F069 Pkey Parcial=VQTBG ACID=? Erro Detalhado[?] Error: (01/11/2017 01:06:29 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 13.3.0.0, carimbo de data/hora: 0x53b06ef6 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0x00000000 Deslocamento da falha: 0x00007ffb928e0668 ID do processo com falha: 0x8d8 Hora de início do aplicativo com falha: 0x01d26bb786a0cc23 Caminho do aplicativo com falha: C:\Program Files\KMSpico\Service_KMS.exe Caminho do módulo com falha: unknown ID do Relatório: f21ae094-d7aa-11e6-82b3-2089845db180 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/11/2017 01:02:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe_PcaSvc, versão: 6.3.9600.17415, carimbo de data/hora: 0x54504177 Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18438, carimbo de data/hora: 0x57ae642e Código de exceção: 0xc0000008 Deslocamento da falha: 0x00000000000925fa ID do processo com falha: 0x1698 Hora de início do aplicativo com falha: 0x01d26b96931e7fc8 Caminho do aplicativo com falha: C:\Windows\system32\svchost.exe Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll ID do Relatório: 7395fab2-d7aa-11e6-82b2-2089845db180 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/11/2017 12:32:41 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: RevoUninPro.exe, versão: 3.1.6.0, carimbo de data/hora: 0x57305c8d Nome do módulo com falha: RevoUninPro.exe, versão: 3.1.6.0, carimbo de data/hora: 0x57305c8d Código de exceção: 0x40000015 Deslocamento da falha: 0x0000000000275d2e ID do processo com falha: 0x21e4 Hora de início do aplicativo com falha: 0x01d26bafaf5c0f9d Caminho do aplicativo com falha: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe Caminho do módulo com falha: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe ID do Relatório: 38e87c88-d7a6-11e6-82b2-2089845db180 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: System errors: ============= Error: (01/11/2017 05:45:53 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço iThemes5 está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (01/11/2017 03:48:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário NT AUTHORITY\SYSTEM SID (S-1-5-18) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (01/11/2017 03:33:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (01/11/2017 03:33:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (01/11/2017 02:55:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Central de Segurança devido ao seguinte erro: A conta especificada para este serviço é diferente da conta especificada para outros serviços executando no mesmo processo. Error: (01/11/2017 02:55:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Central de Segurança devido ao seguinte erro: A conta especificada para este serviço é diferente da conta especificada para outros serviços executando no mesmo processo. Error: (01/11/2017 02:54:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Central de Segurança devido ao seguinte erro: A conta especificada para este serviço é diferente da conta especificada para outros serviços executando no mesmo processo. Error: (01/11/2017 02:54:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Central de Segurança devido ao seguinte erro: A conta especificada para este serviço é diferente da conta especificada para outros serviços executando no mesmo processo. Error: (01/11/2017 02:53:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Central de Segurança devido ao seguinte erro: A conta especificada para este serviço é diferente da conta especificada para outros serviços executando no mesmo processo. Error: (01/11/2017 02:53:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Central de Segurança devido ao seguinte erro: A conta especificada para este serviço é diferente da conta especificada para outros serviços executando no mesmo processo. CodeIntegrity: =================================== Date: 2016-12-17 02:47:08.311 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-14 19:23:09.429 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-30 07:43:12.138 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-11 15:58:37.117 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-23 04:25:36.174 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-02 10:05:45.791 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-29 20:06:42.122 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-02 17:57:23.878 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-08-31 14:07:38.531 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-08-25 21:07:33.876 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Percentage of memory in use: 41% Total physical RAM: 5962.35 MB Available physical RAM: 3470.65 MB Total Virtual: 6922.35 MB Available Virtual: 4411.22 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.42 GB) (Free:69.91 GB) NTFS Drive d: (PUNISHER3) (CDROM) (Total:0.31 GB) (Free:0 GB) CDFS Drive f: (PUNISHER1) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D5E49E54) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================