Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Ran by l (21-03-2017 20:56:06) Running from C:\Users\l\Desktop Windows 7 Home Premium (X64) (2014-08-01 21:31:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-75050290-1511656157-1570779026-500 - Administrator - Disabled) Convidado (S-1-5-21-75050290-1511656157-1570779026-501 - Limited - Disabled) l (S-1-5-21-75050290-1511656157-1570779026-1000 - Administrator - Enabled) => C:\Users\l ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: PSafe Total (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D} AS: PSafe Total (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.) Actualizações da NVIDIA 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated) Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated) Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.3.0 - IObit) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Ares 2.3.0 (HKLM-x32\...\Ares) (Version: 2.3.0-Build#3054 - Seekar Ltd) ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS) ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.) ASUS K3 Series ScreenSaver (HKLM-x32\...\ASUS K3 Series ScreenSaver) (Version: 1.0.0002 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0030 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus) ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.3.585 - ASUSTEK) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS) AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - ) biohazard 4 (HKLM-x32\...\{DFFCDB41-C2DA-47D6-96FF-03C05C0BEA22}) (Version: 1.00.0000 - CAPCOM) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.10.0.4321 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{473E82D7-79E2-43DF-8FA0-025407C93191}) (Version: 0.10.0.4321 - BlueStack Systems, Inc.) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: - Oberon Media Inc.) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP) Chromium (HKLM-x32\...\{6F548794-3FD4-5614-8E54-26945ED4F514}) (Version: - ) Compatibility Pack for Office system de 2007 (HKLM-x32\...\{90120000-0020-0816-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation) Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation) Cooking Dash (HKLM-x32\...\Cooking Dash) (Version: - Oberon Media Inc.) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts) ETDWare PS/2-X64 8.0.5.0_WHQL (HKLM\...\Elantech) (Version: 8.0.5.0 - ELAN Microelectronic Corp.) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS) FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts) FileFinder (HKLM-x32\...\FileFinder) (Version: 1.0.1 - Webitar Production Inc.) FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory) Freemake Video Converter versão 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Governor of Poker (HKLM-x32\...\Governor of Poker) (Version: - Oberon Media Inc.) Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.10.0.1 - ) Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version: - Oberon Media Inc.) Intel PROSet Wireless (x32 Version: - ) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit) iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kodi (HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\Kodi) (Version: - XBMC-Foundation) Malwarebytes versão 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger 分享元件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Clique-e-Use 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1006 - Microsoft Corporation) Microsoft Office Starter 2010 - Português (HKLM-x32\...\{90140011-0066-0816-0000-0000000FF1CE}) (Version: 14.0.4763.1006 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Monitor da tecnologia Intel® Turbo Boost (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Need for Speed Underground 2 (HKLM-x32\...\Need for Speed Underground 2) (Version: - ) Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.) NVIDIA Controlador gráfico 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation) NVIDIA O controlador de 3D Vision 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation) NVIDIA O controlador de HD Audio 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation) NVIDIA O software do sistema PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.) Pacote de controladores do Windows - Sony (libusb0) LibUsbDevices (07/28/2010 1.2.1.0) (HKLM\...\4B36B6EAD21B2BAE72F9B0A23C1959E1C0BE200E) (Version: 07/28/2010 1.2.1.0 - Sony) Painel de controlo da NVIDIA 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden Parallel Port Joystick (HKLM-x32\...\Parallel Port Joystick) (Version: - ) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) PS3 Vibration Joystick (HKLM-x32\...\{E8A24B23-2441-4C5E-A4BA-80C212B64D84}) (Version: 2009.03.20 - ) PSafe Total (HKLM-x32\...\PSafe Total) (Version: 7.3.0.1053 - PSafe) PSP ISO Compressor (HKLM-x32\...\{D47087E7-AA15-4D1D-8C0A-60F7E446D597}) (Version: 1.4.0 - danny_kay1710) PSPVC :: PSP Video Converter v3.91 (HKLM-x32\...\PSPVC) (Version: - ) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6685 - Realtek Semiconductor Corp.) Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Recomendações de Actualização do Windows 7 (HKLM-x32\...\{2FD13BF9-A05C-4acf-B8AA-146030ACD401}) (Version: 2.0.5000.0 - Microsoft Corporation) Resident Evil Revelations (HKLM-x32\...\Resident Evil Revelations_is1) (Version: - Capcom) ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.1 - Filseclab Corporation) SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation) Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.) Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit) syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.13.106.1010 - Electronic Arts Inc.) URL Helper (HKLM-x32\...\URL Helper_is1) (Version: - ) URL Snooper v2.39.01 (HKLM-x32\...\URLSnooper 2_is1) (Version: - DonationCoder.com) USB Network Driver (HKLM-x32\...\{66ED8E01-C915-41F5-B33E-C5C31F27B885}) (Version: 2007.07.3 - ) VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions) VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions) Visualizador do Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-0816-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Warsaw 1.14.2.35 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.14.2.35 - GAS Tecnologia) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS) WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies) WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.42 - ASUS) Yahoo! Powered (HKLM-x32\...\{DC1234D2-8C92-E552-3D12-95D2ED924652}) (Version: - ) <==== ATTENTION Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden מסייע Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-75050290-1511656157-1570779026-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\l\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-75050290-1511656157-1570779026-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\l\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {09F380C2-3AE0-49B0-A861-DC7937685E6F} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation) Task: {25821C3E-8B98-45D9-8311-6C51B4D7D374} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit) Task: {28FC2E62-4E67-4C1A-B119-3788E23662DC} - System32\Tasks\Uninstaller_SkipUac_l => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit) Task: {2C2FA6C3-0780-4283-9558-44B3038228CE} - System32\Tasks\{48A78210-8500-426D-B028-18F8B65A1968} => C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe [2015-08-14] (Electronic Arts) Task: {2FD40BB4-BFEA-42E1-9736-CE9BCB6EDF7E} - System32\Tasks\{1C9D6B91-1304-4CF9-94B2-CC6B2CA00753} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2013-11-15] (ASUSTeK Computer Inc.) Task: {37873D09-EA3C-45E6-9416-0D9951DE80E7} - System32\Tasks\{3DAE1775-50EB-4461-8408-7B7C7F6018ED} => pcalua.exe -a C:\Users\l\AppData\Local\Temp\Rar$EXa0.363\vcredist_x86.exe -d C:\Users\l\AppData\Local\Temp\Rar$EXa0.363 -c /q <==== ATTENTION Task: {417B1DC1-DD06-4FDD-A665-6B5C71A1A968} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {41F09562-2CDF-4686-9160-698F67CFC5BA} - System32\Tasks\{2A675FFA-B18B-49F1-A103-8EF0D6A28F88} => pcalua.exe -a "C:\Users\l\Desktop\PSP Type B Driver install - Multi Language.EXE" -d C:\Users\l\Desktop Task: {47D36B7C-F34A-4664-97DB-CBF6EF4744AD} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS) Task: {4919CD2D-6A2F-497B-BC1E-1D61D3F1DDE3} - System32\Tasks\{2DFD3CB0-096C-4C72-9FDE-CF36E9D40ADA} => C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe [2015-05-30] (Electronic Arts) Task: {49D6E645-BCC6-41C3-A03F-33F6A4707DAC} - System32\Tasks\{EEA57B73-9B14-49CC-A4B3-13AE4B834774} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2013-11-15] (ASUSTeK Computer Inc.) Task: {52D52B59-E118-4C6F-996E-454CAD66D25B} - System32\Tasks\{74A4AF33-F51D-48D6-ACFB-4BAE1FD58712} => pcalua.exe -a "C:\Program Files (x86)\FreeTime\FormatFactory\FFInst.exe" -d "C:\Program Files (x86)\FreeTime\FormatFactory" -c /Codec /AVISynth /MenuContext Task: {6053A4C1-73C0-441B-BD98-F5716CC20D44} - System32\Tasks\{4F048120-8F90-42C7-8BEF-BB31A5655F7F} => pcalua.exe -a C:\Users\l\Downloads\Nero_BurningROM2017-1.10.0.6_stub_trial.exe -d C:\Users\l\Downloads Task: {6454799E-A467-4F70-881E-4C5B66B78103} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.) Task: {64936686-2524-44E1-BDAF-1C831091828A} - System32\Tasks\{E1BB9226-4574-40F2-BD74-344501243C47} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2013-11-15] (ASUSTeK Computer Inc.) Task: {77B20990-1978-4006-B9BF-91FB491F28E7} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS) Task: {78FE3234-E1FF-4C39-97A5-9EB6414A3844} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-75050290-1511656157-1570779026-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {7F009639-734F-41C6-B71A-3FC580BD9A74} - System32\Tasks\{048E939B-F1FA-4D87-96F0-B6A507DE24D6} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2013-11-15] (ASUSTeK Computer Inc.) Task: {88A94CF6-E52C-4F72-9A65-73744EB93EC2} - System32\Tasks\{32EE65F8-09F6-410D-9B52-2E09B2FF27D5} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2013-11-15] (ASUSTeK Computer Inc.) Task: {8DD93439-8441-45CD-AF40-E96875F8C3E6} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS) Task: {8F300FFA-B911-427D-B0C2-DD04E49A66D8} - System32\Tasks\{0B4A337B-C350-4BDD-B514-BFC3D021ECB5} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2013-11-15] (ASUSTeK Computer Inc.) Task: {936630A4-A2B0-4D97-802F-7159903AB8C3} - System32\Tasks\{004F1ECE-EEB0-4893-BAB6-A2137EBFF479} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2013-11-15] (ASUSTeK Computer Inc.) Task: {9BC17F74-5B77-4A85-97F5-4836C4123B57} - System32\Tasks\{B1F23F65-8C1A-4032-8045-ED34DD69473B} => pcalua.exe -a C:\Users\l\Downloads\DiagnosticoItau.exe -d C:\Windows\system32 -c admin_service Task: {A46501E0-407C-4595-8F76-43DE1CA4BA26} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-01] (ASUS) Task: {AF609A34-B203-43C1-9011-808710BDCC2A} - System32\Tasks\{6BE14843-EAAC-4E2E-8679-2E5E8D70456B} => pcalua.exe -a C:\Users\l\AppData\Local\Temp\Rar$EXa0.475\vcredist_x86.exe -d C:\Users\l\AppData\Local\Temp\Rar$EXa0.475 -c /q <==== ATTENTION Task: {BB800BBB-AD70-4EDA-8EA6-CEF52752D2D4} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-75050290-1511656157-1570779026-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {BC7E0568-3C00-4932-BBC0-9624E71B7095} - System32\Tasks\ASC9_SkipUac_l => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-05-16] (IObit) Task: {C12012C5-397F-4104-98C2-396321DCF603} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.) Task: {D266B5A4-6EE6-4F01-B7EA-08CDFE13B44D} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2010-12-17] (ASUSTek Computer Inc.) Task: {E156990C-D81C-4495-9733-64513ABDD95F} - System32\Tasks\{49FD63BF-464A-42E0-8F2F-A493CF717E94} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2013-11-15] (ASUSTeK Computer Inc.) Task: {E419BAAB-472F-4B30-82C5-E7526416CABE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {E4CDD31E-936F-4D52-A811-186FD04DCA66} - System32\Tasks\{EB5023AF-5B30-4E37-9EC8-557B066CA145} => C:\Users\l\Desktop\xpadder_gamepad_profiler\Xpadder.exe [2008-08-29] () Task: {EB4E5098-B83F-4208-8E7B-9B6982731948} - System32\Tasks\{8A7685DC-C24F-415D-96A0-920D33CEC556} => pcalua.exe -a C:\Users\l\Downloads\Nero2017-1.10.0.6_stub_trial.exe -d C:\Users\l\Downloads Task: {EE7E3304-0D5B-485D-9058-7A838B783506} - System32\Tasks\{5C77BB28-D032-4003-A51E-5807EC198CC3} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2013-11-15] (ASUSTeK Computer Inc.) Task: {F5D8688E-AE1D-4721-8EBF-A85C99664293} - System32\Tasks\{901CC88C-C927-406D-990C-F69B3983EE56} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2013-11-15] (ASUSTeK Computer Inc.) Task: {FBB7CA9B-5399-49BF-9F86-E31CC0B98271} - System32\Tasks\{2C0A4F8D-F9AC-46A4-A1ED-2100EC3A391F} => pcalua.exe -a H:\UNIWS_TU\UNIWS.EXE -d H:\UNIWS_TU (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\l\Favorites\PSPVC PSP Video Converter.lnk -> hxxp://pspvc.nswardh.com Shortcut: C:\Users\l\Favorites\PSPVC on Twitter.lnk -> hxxp://twitter.com/sward Shortcut: C:\Users\l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ==================== Loaded Modules (Whitelisted) ============== 2011-05-02 12:41 - 2011-05-02 12:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2014-08-07 16:46 - 2014-09-13 20:48 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2010-03-15 22:48 - 2010-03-15 22:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll 2011-01-12 13:01 - 2011-01-12 13:01 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll 2011-01-12 13:01 - 2011-01-12 13:01 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll 2010-04-02 18:21 - 2008-09-30 22:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll 2010-03-15 22:48 - 2010-03-15 22:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe 2011-05-02 12:41 - 2011-05-02 12:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2011-04-22 04:38 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2017-01-21 14:35 - 2017-01-09 16:31 - 00075776 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe 2016-12-17 14:03 - 2017-03-14 15:02 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2016-11-30 17:17 - 2017-02-17 12:28 - 00022024 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe 2017-02-22 14:28 - 2008-08-29 05:12 - 00932864 _____ () C:\Users\l\Desktop\xpadder_gamepad_profiler\Xpadder.exe 2016-09-11 14:32 - 2017-01-16 00:58 - 00089360 _____ () C:\Program Files (x86)\PSafe\Total\i18n.dll 2016-09-11 14:32 - 2017-01-16 00:58 - 00087672 _____ () C:\Program Files (x86)\PSafe\Total\deepscan\qutmload.dll 2014-08-07 16:46 - 2014-09-13 20:48 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2016-09-11 14:32 - 2017-01-16 00:58 - 00837240 _____ () C:\Program Files (x86)\PSafe\Total\safemon\wdui2.dll 2016-11-30 17:17 - 2017-02-17 12:28 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2016-11-30 17:17 - 2017-02-17 12:28 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL 2014-08-06 18:15 - 2016-06-13 11:39 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\Windows\System32:1EBB909F_Bb.gbp [2] AlternateDataStreams: C:\Windows\System32:1EBB909F_Cef.gbp [2] AlternateDataStreams: C:\Windows\System32:1EBB909F_Uni.gbp [2] AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2030] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410] AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\bb.com.br -> aapj.bb.com.br IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\google.com -> www.google.com IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\google.com.br -> www.google.com.br IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\itau.b.br -> www.itau.b.br IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br IE trusted site: HKU\S-1-5-21-75050290-1511656157-1570779026-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 23:34 - 2016-12-13 10:23 - 00000870 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 live.virtualdj.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-75050290-1511656157-1570779026-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\l\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: AdvancedSystemCareService9 => 2 MSCONFIG\Services: AFBAgent => 2 MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: ASLDRService => 2 MSCONFIG\Services: ASNB4LDRSvc => 2 MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\Services: ATKGFNEXSrv => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BstHdAndroidSvc => 3 MSCONFIG\Services: BstHdLogRotatorSvc => 2 MSCONFIG\Services: BstHdUpdaterSvc => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: EvtEng => 2 MSCONFIG\Services: GfExperienceService => 2 MSCONFIG\Services: gupdate => 3 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: MyWiFiDHCPDNS => 3 MSCONFIG\Services: NvNetworkService => 2 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: NVSvc => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: QHActiveDefense => MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2 MSCONFIG\Services: RegSrvc => 2 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: Serviio => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: TurboBoost => 2 MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{465423EC-0915-46CA-BA76-A9FC64226E5C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{DA78110C-2370-4EB5-9B93-16E4CC27C9EF}] => (Allow) LPort=2869 FirewallRules: [{53158159-126F-443C-8507-1D4526A6A587}] => (Allow) LPort=1900 FirewallRules: [{5345F2F6-1E95-470E-883C-D25315BE7F08}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{B6CE2B8A-3326-4CC7-A7B0-A840B904C03F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{3B2D6E27-6F8A-47D0-8F73-7AA9B9DB2770}] => (Allow) LPort=5353 FirewallRules: [{1DEF9043-1413-470B-B7AC-463B9A6D6772}] => (Allow) LPort=8182 FirewallRules: [{90C6F77C-D435-46D1-9E4B-709EFF731E88}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{AC19B2EA-9D40-442E-AA8A-70CC3B85AA6C}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe FirewallRules: [{EB97D0F6-DA2C-438F-A26A-BBEDF9873E79}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe FirewallRules: [{45B3B37F-E310-462F-8616-9021A414EE53}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{CCE15170-78D2-4F02-8037-33BACC963A06}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{230F7D48-D127-45F0-B321-D4F4569B625D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{400B7F06-220B-4716-A4A3-7331297EE79F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{F7F20D1B-63C8-4B08-9742-63D291BCE703}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{58397061-EC89-4FB0-B6DE-077E983A23E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{D69650A5-650C-49B9-BF07-4B08D680688B}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [UDP Query User{42F2B550-AF1B-4172-9415-1FD886705BE6}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [TCP Query User{EBCC5E3D-F9A6-4939-A914-E6A6D3F7889B}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [UDP Query User{2E68925A-BAB8-4D0C-AAAA-10EBABAEA02A}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [TCP Query User{18A9889A-6959-4ECC-A89A-2EEEDB3407A0}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe] => (Block) C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe FirewallRules: [UDP Query User{2B59D1A9-B0FE-49CC-BA97-24696E72CAAF}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe] => (Block) C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe FirewallRules: [{69A6A770-5B41-439A-B1AD-970C9F07516E}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe FirewallRules: [{91F6FCF9-B125-4265-B3BE-9411248F7742}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe FirewallRules: [{A86FB504-C046-4E93-82C9-1DFF0B584E8C}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{70297F11-FB80-4E47-94C1-57C80BACB471}] => (Allow) LPort=23424 FirewallRules: [TCP Query User{89821946-E749-43B8-9AF1-FAD702FC842A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{59A14526-7CD4-457F-B2EB-5CDD126D2A01}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [TCP Query User{4B0F2688-9CAA-430F-83E7-17D37B3D580C}C:\users\l\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\l\downloads\utorrentportable\app\utorrent\utorrent.exe FirewallRules: [UDP Query User{1A12F949-4DD2-4B60-948E-083953BC182F}C:\users\l\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\l\downloads\utorrentportable\app\utorrent\utorrent.exe FirewallRules: [{442E4571-2D32-40AE-8E23-416315899811}] => (Allow) C:\Users\l\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6EA81B71-77E3-46FE-9446-2CBEFF308263}] => (Allow) C:\Users\l\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BEF3EF74-05E5-472D-B6DC-E1EEB71A8891}] => (Allow) C:\Program Files (x86)\PSafe\Total\LiveUpdate360.exe FirewallRules: [{772F5770-FBCD-4388-BB0E-98133AED9ADF}] => (Allow) C:\Program Files (x86)\PSafe\Total\LiveUpdate360.exe FirewallRules: [{7A53E0BA-6C2F-442F-BF98-EC75229891CF}] => (Allow) C:\Program Files (x86)\PSafe\Total\LiveUpdate360.exe FirewallRules: [{C0B88C47-7B06-43DA-8EAD-CE45A9EB9C69}] => (Allow) C:\Program Files (x86)\PSafe\Total\LiveUpdate360.exe FirewallRules: [TCP Query User{30ED579B-28BF-4188-8C3F-EB984452D1C5}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe FirewallRules: [UDP Query User{E2020787-337F-4460-A7E5-647D6A578A12}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe FirewallRules: [{5B3B5EBB-320F-43EB-8155-74E2586D2C8A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{A84A93F6-8810-4C44-A3A2-8604DF26EE31}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{38E247E6-7F08-443B-9909-BC060AAE1849}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E5446137-76A6-4D3C-B3A1-A087AE23895A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0CE9A544-9006-444D-94BC-A0AB663E8254}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6506C4EE-BD93-48FF-A878-9B68E1874294}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe FirewallRules: [{519DCC74-82A0-42FD-B31B-F8A83E45B355}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe FirewallRules: [{846655BF-FD15-48E2-9627-B6A3762B5305}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe FirewallRules: [{359710E3-53A2-4C6A-B4A8-79B4372BA424}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe FirewallRules: [{C0516744-155B-47C9-ABD4-714CD2BC5A66}] => (Allow) C:\Users\l\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [TCP Query User{0A179160-A340-4FDB-8DA1-BE74C3F7C948}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [UDP Query User{87F5656E-D443-4D4F-BE9E-509984635546}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [{7C1C63CC-23F7-4FE9-B093-69602F942108}] => (Allow) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe FirewallRules: [{766D7B74-85A7-4F45-A3FE-8BF47525303A}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{7E3D69B2-837F-4E75-8045-816E0D151825}] => (Allow) C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe FirewallRules: [{7FF245A5-24FE-4C8C-AC0F-352CF006D5AD}] => (Allow) C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe FirewallRules: [{198C7BEB-7B86-4066-8DCF-5B9A87D9125D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{94982F91-6483-474A-AFCB-CD400A330315}] => (Allow) C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe FirewallRules: [{6F10FCF9-C886-4F47-AB4F-832A1010DC3F}] => (Allow) C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe ==================== Restore Points ========================= 22-02-2017 13:46:27 Instalação do Pacote de Controlador de Dispositivo: Disc Soft Ltd Controladores de armazenamento 25-02-2017 19:17:06 Windows Update 18-03-2017 18:51:31 Windows Update 21-03-2017 20:37:08 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 ==================== Faulty Device Manager Devices ============= Name: Warsaw - Driver (PP) Description: Warsaw - Driver (PP) Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wsddpp Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: BlueStacks Hypervisor Description: BlueStacks Hypervisor Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: BstHdDrv Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Warsaw - Driver (PRM) Description: Warsaw - Driver (PRM) Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wsddprm Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (03/13/2017 05:25:40 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Apenas informações. (Patch task for {90140011-0066-0816-0000-0000000FF1CE}): DownloadLatest Failed: Error: (03/07/2017 10:11:54 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Apenas informações. (Patch task for {90140011-0066-0816-0000-0000000FF1CE}): DownloadLatest Failed: Error: (02/28/2017 06:01:33 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Apenas informações. (Patch task for {90140011-0066-0816-0000-0000000FF1CE}): DownloadLatest Failed: Error: (02/25/2017 07:17:09 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Apenas informações. (Patch task for {90140011-0066-0816-0000-0000000FF1CE}): DownloadLatest Failed: Error: (02/24/2017 08:59:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome da aplicação com falha: SPEED2.EXE, versão: 0.0.0.0, carimbo de data/hora: 0x214d4c48 Nome do módulo com falha: SPEED2.EXE, versão: 0.0.0.0, carimbo de data/hora: 0x214d4c48 Código de excepção: 0xc0000005 Desvio de falha: 0x002f6af9 ID do processo com falha: 0x14f0 Data/hora de início da aplicação com falha: 0x01d28eeafb56f902 Caminho da aplicação com falha: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Caminho do módulo com falha: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE ID do Relatório: 4c6e7e7b-faed-11e6-b3cb-14dae9020568 Error: (02/24/2017 07:02:55 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa SPEED2.EXE versão 0.0.0.0 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Acção. ID do Processo: 14f0 Hora de Início: 01d28ee0aaad0671 Hora de Fim: 253 Caminho da Aplicação: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE ID do Relatório: Error: (02/22/2017 04:29:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome da aplicação com falha: SPEED2.EXE, versão: 0.0.0.0, carimbo de data/hora: 0x214d4c48 Nome do módulo com falha: SPEED2.EXE, versão: 0.0.0.0, carimbo de data/hora: 0x214d4c48 Código de excepção: 0xc0000005 Desvio de falha: 0x002f6af9 ID do processo com falha: 0x2084 Data/hora de início da aplicação com falha: 0x01d28d34e9d1e548 Caminho da aplicação com falha: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Caminho do módulo com falha: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE ID do Relatório: 4b3219f8-f935-11e6-b3cb-14dae9020568 Error: (02/20/2017 05:08:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome da aplicação com falha: psxfin.exe, versão: 0.0.0.0, carimbo de data/hora: 0x46d33866 Nome do módulo com falha: psxfin.exe, versão: 0.0.0.0, carimbo de data/hora: 0x46d33866 Código de excepção: 0xc0000005 Desvio de falha: 0x0011035f ID do processo com falha: 0x1440 Data/hora de início da aplicação com falha: 0x01d28bb4db088324 Caminho da aplicação com falha: C:\Users\l\AppData\Local\Temp\RarSFX0\psxfin.exe Caminho do módulo com falha: C:\Users\l\AppData\Local\Temp\RarSFX0\psxfin.exe ID do Relatório: 64728005-f7a8-11e6-b3cb-14dae9020568 Error: (02/17/2017 01:50:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome da aplicação com falha: fifa15.exe, versão: 1.8.0.0, carimbo de data/hora: 0x55699cb1 Nome do módulo com falha: fifa15.exe, versão: 1.8.0.0, carimbo de data/hora: 0x55699cb1 Código de excepção: 0xc0000005 Desvio de falha: 0x0000000003f81a0f ID do processo com falha: 0x66c Data/hora de início da aplicação com falha: 0x01d2893df0ed93d1 Caminho da aplicação com falha: C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe Caminho do módulo com falha: C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe ID do Relatório: 3f403462-f531-11e6-b3cb-14dae9020568 Error: (02/17/2017 01:48:17 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa fifa15.exe versão 1.8.0.0 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Acção. ID do Processo: 108 Hora de Início: 01d2893d5852dbfa Hora de Fim: 0 Caminho da Aplicação: C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe ID do Relatório: System errors: ============= Error: (03/17/2017 02:02:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Foi atingido o tempo limite (60000 milissegundos) ao aguardar por uma resposta de transacção por parte do serviço defragsvc. Error: (02/17/2017 01:17:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: O serviço Gbpddreg svc falhou o arranque devido ao seguinte erro: O sistema não conseguiu localizar o ficheiro especificado. Error: (02/17/2017 01:17:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: O serviço Gbpddreg svc falhou o arranque devido ao seguinte erro: O sistema não conseguiu localizar o ficheiro especificado. Error: (02/17/2017 01:17:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: O serviço Gbpddreg svc falhou o arranque devido ao seguinte erro: O sistema não conseguiu localizar o ficheiro especificado. Error: (02/17/2017 01:17:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: O serviço Gbpddreg svc falhou o arranque devido ao seguinte erro: O sistema não conseguiu localizar o ficheiro especificado. Error: (02/17/2017 01:17:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: O serviço Gbpddreg svc falhou o arranque devido ao seguinte erro: O sistema não conseguiu localizar o ficheiro especificado. Error: (02/17/2017 01:17:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: O serviço Gbpddreg svc falhou o arranque devido ao seguinte erro: O sistema não conseguiu localizar o ficheiro especificado. Error: (02/17/2017 01:15:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falhou o carregamento dos seguintes controladores de início de arranque ou de início do sistema: gbpddreg Error: (02/17/2017 01:15:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: O serviço Origin Web Helper Service falhou o arranque devido ao seguinte erro: O serviço não respondeu ao pedido de início ou controlo atempadamente. Error: (02/17/2017 01:15:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Foi atingido o tempo limite (60000 milissegundos) ao aguardar pela ligação do serviço Origin Web Helper Service. CodeIntegrity: =================================== Date: 2016-06-22 22:44:49.368 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 22:44:49.363 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 22:44:49.347 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 22:44:49.343 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 22:44:28.852 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 22:44:28.848 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 22:44:28.832 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 22:44:28.827 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 22:44:07.886 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 22:44:07.881 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz Percentage of memory in use: 73% Total physical RAM: 4007.77 MB Available physical RAM: 1074.21 MB Total Virtual: 8013.69 MB Available Virtual: 3207.77 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:195.35 GB) (Free:22.91 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (Data) (Fixed) (Total:245.41 GB) (Free:42.85 GB) NTFS Drive f: (20110929_0655) (CDROM) (Total:1.12 GB) (Free:0 GB) CDFS Drive h: (UNIWS Tutorial by TrevelXP) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ==================== End of Addition.txt ============================