Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-10-2015
Ran by Hugo Lucas (2015-10-18 22:59:53)
Running from C:\Users\Hugo Lucas\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-12-11 03:42:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1943314416-2941298927-1049153985-500 - Administrator - Disabled)
Convidado (S-1-5-21-1943314416-2941298927-1049153985-501 - Limited - Disabled)
Hugo Lucas (S-1-5-21-1943314416-2941298927-1049153985-1000 - Administrator - Enabled) => C:\Users\Hugo Lucas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ZoneAlarm Extreme Security Antivirus (Enabled - Up to date) {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ZoneAlarm Extreme Security Anti-Spyware (Enabled - Up to date) {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
FW: ZoneAlarm Extreme Security Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1943314416-2941298927-1049153985-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Actualizações da NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS K3 Series ScreenSaver (HKLM-x32\...\ASUS K3 Series ScreenSaver) (Version: 1.0.0002 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0030 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
Camtasia Studio 8 (HKLM-x32\...\{50542AEE-76BD-4BCD-A890-E2FF4D4E051A}) (Version: 8.0.1.903 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - ES (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
Dropbox (HKU\S-1-5-21-1943314416-2941298927-1049153985-1000\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 8.0.5.0_WHQL (HKLM\...\Elantech) (Version: 8.0.5.0 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Ferramentas de Verificação do Microsoft Office 2013 - Português (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Foxit PhantomPDF Business (HKLM-x32\...\{C923C463-4A5B-4B27-A400-F4B22A7D7E71}) (Version: 7.1.3.320 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
iRoot (HKLM-x32\...\{1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1) (Version: 1.8.5.15284 - Shenzhen Xinyi Network Co.,Ltd.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
KaraFun Player 2 (HKLM-x32\...\KaraFun Player 2_is1) (Version: 2.1.32.172 - Recisio)
Kingo ROOT version 1.4.0.2390 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.4.0.2390 - Kingosoft Technology Ltd.)
KMSpico v9.3.3 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - )
Kodi (HKU\S-1-5-21-1943314416-2941298927-1049153985-1000\...\Kodi) (Version:  - XBMC-Foundation)
Kodi (HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Kodi) (Version:  - XBMC-Foundation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Monitor da tecnologia Intel® Turbo Boost (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
Mozilla Firefox 41.0.2 (x86 pt-PT) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 pt-PT)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
NVIDIA Controlador gráfico 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA O software do sistema PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{50C961A1-889F-4A4E-9587-2772A45B6AAD}) (Version: 18.0.39 - O&O Software GmbH)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pacote de controladores do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Painel de controlo da NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
Passware Kit Professional 11.1 (HKLM-x32\...\{A56D0602-1968-4136-B925-B91007BEC614}) (Version: 11.1.4002 - Passware)
PC Tune-Up (x32 Version: 2.2.0.1 - ZoneAlarm) Hidden
Real Alternative 1.8.0 (HKLM-x32\...\RealAlt_is1) (Version: 1.8.0 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6373 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Snagit 12 (HKLM-x32\...\{bdac23f5-7943-42cf-ba56-4732fc20b6a7}) (Version: 12.0.0.1001 - TechSmith Corporation)
Snagit 12 (x32 Version: 12.0.0 - TechSmith Corporation) Hidden
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1206 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SysTools PDF Unlocker - v3.1 (HKLM-x32\...\{FBD68E88-2999-43B7-B249-E1B08FA2B065}_is1) (Version:  - SysTools Software)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
TeamViewer 8.0.19045 Final Enterprise (HKLM-x32\...\TeamViewer 8.0.19045 Final Enterprise8.0.19045) (Version: 8.0.19045 - Friends in War)
TunnelBear (HKLM-x32\...\{e0f2a0a0-0c9a-4732-b06a-c7b175d785d5}) (Version: 2.3.14.0 - TunnelBear)
TunnelBear (x32 Version: 2.3.14.0 - TunnelBear) Hidden
UltraISO Premium V8.63 (HKLM-x32\...\UltraISO_is1) (Version:  - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
WinRAR 5.10 beta 4 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
ZoneAlarm Antivirus (x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Find My Laptop (x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKU\S-1-5-21-1943314416-2941298927-1049153985-1000\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1943314416-2941298927-1049153985-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Restore Points =========================

17-10-2015 16:20:53 Removed Foxit PhantomPDF Business
17-10-2015 17:02:38 Installed Foxit PhantomPDF Business
18-10-2015 19:47:27 JRT Pre-Junkware Removal

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-09-02 13:41 - 2015-09-18 15:43 - 00513549 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 atlas.aamedia.ro
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net

There are 15448 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {135663D3-9BAF-4E93-A0E1-AED1155C5B2E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1943314416-2941298927-1049153985-1000Core => C:\Users\Hugo Lucas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {15C700E8-CE56-4495-8B92-FEDEC27A9662} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1943314416-2941298927-1049153985-1000UA => C:\Users\Hugo Lucas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {1712ED47-7045-4494-8E35-C3038D8D6FB6} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2015-09-18] (Microsoft Corporation)
Task: {17BB9064-A483-4CDB-A070-397E9B3DF7E7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {2360D151-A6B3-46EF-B95A-CBAB501BA639} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {27EFEBB0-5BE8-48EE-A11B-FBEE33301A95} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-23] (Adobe Systems Incorporated)
Task: {31779258-8BF8-4869-9028-F98AD7FB7AB4} - System32\Tasks\SUPERAntiSpyware Scheduled Task 0ab5e085-bad6-4185-863c-d23856c0782c => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {33894E83-1500-4252-B308-DAA2DD3CAFE6} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-01] (ASUS)
Task: {53874887-C630-4221-9278-9D7B21F08EC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {5434E49B-6BB2-4A9B-A1C2-135EA588D8C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {6DF876A9-FA53-44E4-9655-F7FAD073FB69} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-08-25] (@ByELDI)
Task: {7582DDAD-EA11-4325-A767-E13CD0616861} - \One System Care Monitor -> No File <==== ATTENTION
Task: {7602DC8B-4A87-4AF2-9D7D-97A97E817DD8} - \JustWrite -> No File <==== ATTENTION
Task: {84A84DD1-0220-4DEF-A19B-3BC1B7D8F807} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {87B0F36F-F30A-4AA5-B61C-9A9B02A610ED} - \KMSAutoNet -> No File <==== ATTENTION
Task: {9725BFCB-B2CC-4B13-8174-209B8E5C3CDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {ADF7E5FB-CB64-4B44-BCA0-E026E6E31F62} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {B3209B3E-E6FD-4F6E-817F-F984B2F173A6} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {B61710D0-F318-4748-8678-9F028B43FDCE} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda\RunInteractiveWin.exe [2009-09-23] ()
Task: {B6D9BAE8-548E-458F-99A6-050F480F5EF0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {C3C4AC7B-5C47-49FE-86AD-85AF16D45272} - System32\Tasks\{205C4F18-EEDE-46C8-86B7-FAD294B36BAA} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.5.0.158&amp;LastError=404
Task: {C60279C2-C722-4481-B157-0DF366DEC062} - System32\Tasks\SUPERAntiSpyware Scheduled Task e7f5e881-4f56-4592-8e95-20ef1580bf89 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {CEA73027-A736-4BCE-8EF5-BE0211562885} - \One System Care Run Delay -> No File <==== ATTENTION
Task: {D2FFC7ED-C4B5-43ED-8773-F5C3286C4E65} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {D4DD1156-45D6-45DF-8D04-BC3FA6A11F13} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {F4A5CCA7-E244-49B8-BBE8-986CF5D8C008} - System32\Tasks\{CB5C366A-E5DD-4A87-B0B1-78427DC4AF1A} => pcalua.exe -a "C:\Users\Hugo Lucas\Downloads\32bit_Win7_Win8_Win81_R275.exe" -d "C:\Users\Hugo Lucas\Downloads"
Task: {F6354914-0D6A-44DF-A89B-81AB09B008E7} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-04-17] (TechSmith Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1943314416-2941298927-1049153985-1000Core.job => C:\Users\Hugo Lucas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1943314416-2941298927-1049153985-1000UA.job => C:\Users\Hugo Lucas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\JustWrite.job => c:\programdata\{96927d2a-f853-3c20-9692-27d2af85f4ab}\worldunlock codes calculator 4.4.exe <==== ATTENTION
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0ab5e085-bad6-4185-863c-d23856c0782c.job => C:\Program Files\SUPERAntiSpyware\SASTask.exexC:\Program Files\SUPERAntiSpyware\7b7c9461-190e-45fb-b7cf-14a31d0d0385.com
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e7f5e881-4f56-4592-8e95-20ef1580bf89.job => C:\Program Files\SUPERAntiSpyware\SASTask.exexC:\Program Files\SUPERAntiSpyware\7b7c9461-190e-45fb-b7cf-14a31d0d0385.com
Task: C:\Windows\Tasks\TechSmith Updater.job => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe

==================== Loaded Modules (Whitelisted) ==============

2015-04-03 20:05 - 2015-03-13 20:41 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-04-03 20:05 - 2015-03-13 20:41 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-09-23 17:41 - 2015-09-23 17:41 - 17592008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1943314416-2941298927-1049153985-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hugo Lucas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1943314416-2941298927-1049153985-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Hugo Lucas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AFBAgent => 2
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NitroUpdateService => 2
MSCONFIG\Services: nlsX86cc => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: NVSvc => 2
MSCONFIG\Services: OODefragAgent => 2
MSCONFIG\Services: PSI_SVC_2_x64 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SpyHunter 4 Service => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TunnelBearMaintenance => 2
MSCONFIG\Services: TurboBoost => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{615251A2-E6F1-4B77-AC9E-913446C097D0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{69F4A4A7-A3DB-4103-BAC2-2FDDF9F3A735}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{6369237B-CEA6-4105-B9B8-D0B42CAF4A22}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{364CC6F7-FDDC-464E-ACD6-49AC7C3B9AD0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{FF87DF8E-5DAC-491D-B86B-A1D3EEB80F90}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{19142796-64B4-431A-BEFE-F56BA4DE485F}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{A20287EA-DFDE-4E30-8B40-60233B1E4615}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{1CD5E076-D5BC-4A21-B3A6-DC865E4D19D1}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{B9CB45FA-B38A-4AE6-AAED-F88B569C58BE}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{2EB23D82-B5B9-4FFE-8462-1B435A145EE9}] => (Allow) LPort=8298
FirewallRules: [{7004AF84-0D2C-4607-9112-3CFF751243FE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AAC2E242-C976-4DD6-8248-A75EE89E8C08}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F131B954-C46B-4AB2-9102-212EC51A13BA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{13B1F24D-E9FB-4DC9-A77D-1D298FA97850}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C7DB3659-D601-4F4F-A13E-0765BF8BF1EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BC89BCBC-356B-4751-8E60-A15FF7E16B37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{020E49D6-4C3A-4E9E-B1D7-5F72ADE7CCE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EB2740CC-C377-490C-B9AE-6126316B7DA0}] => (Allow) C:\Users\Hugo Lucas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AF81CD1B-1A7D-416D-A7AD-E4BBBCB90559}] => (Allow) C:\Users\Hugo Lucas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EB11A117-5612-4179-BAF8-A2457FFCF1A3}] => (Allow) C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4574EF0E-F455-4196-A377-38DC92D75994}] => (Allow) C:\Users\Hugo Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6CCC5DE9-6AB8-4718-A308-D9612FE714BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F1AAF7B-8EA5-400A-8E50-D0DF1D562D38}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{374AABAF-EE30-41F0-A5E3-8B01136B0D02}C:\users\hugo lucas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\hugo lucas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{9DCB675E-279B-4BD8-B225-19EA710975E4}C:\users\hugo lucas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\hugo lucas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{E0F63587-C800-4DB6-9EE6-874A8DF0B013}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3F100FD7-6685-48FA-A795-4F393C7F548A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E7FE90BF-552C-44CA-B39D-2BC260C45013}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0DC534A7-C96F-43E6-9021-58D210228295}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E6C211F0-A422-4A2F-A9A7-DB43ADDF0CC1}] => (Block) %ProgramFiles% (x86)\EaseUS\EaseUS MobiSaver for Android\bin\EMS4Android.exe
FirewallRules: [{40BCB730-7248-4911-A014-68D4865373DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7A9B56D4-8171-4049-B9BD-13F5F7905D88}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDRW.exe
FirewallRules: [{5A37D06F-1EFB-4021-8DC1-2CBA157EE3E4}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{652736A2-26A9-4F85-ABDE-0372D991FC5C}] => (Block) %ProgramFiles%\CCleaner\CCleaner64.exe
FirewallRules: [{F15C0840-85D8-47B4-9F3D-F881ABCD1E9F}] => (Block) %ProgramFiles% (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDF.exe
FirewallRules: [{3287557B-74A2-4232-9D2B-7596408C1BC2}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{DB044F98-1CAA-4D08-9259-E3C6A1BB32B1}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{BADA37C0-34D5-4A0F-9CCD-871037BDEF68}] => (Allow) LPort=1688
FirewallRules: [{D385767E-04CC-4389-A788-DD4BDA80308A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{EABA2BEC-12E7-4902-B375-884FF2A1C4BD}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/18/2015 07:39:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: Service_KMS.exe, versão: 13.5.0.0, carimbo de data/hora: 0x53fb8768
Nome do módulo com falha: KERNELBASE.dll, versão: 6.1.7601.19018, carimbo de data/hora: 0x560a0094
Código de excepção: 0xe0434352
Desvio de falha: 0x000000000000b3dd
ID do processo com falha: 0x8a0
Data/hora de início da aplicação com falha: 0xService_KMS.exe0
Caminho da aplicação com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3

Error: (10/18/2015 07:39:33 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicação: Service_KMS.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma excepção não processada.
Informações da Excepção: System.IO.IOException
Pilha:
   em System.Net.Sockets.NetworkStream.BeginRead(Byte[], Int32, Int32, System.AsyncCallback, System.Object)
   em Service_KMS.KMSEmulator.TCPServer.ᜀ(ᜀ ByRef)
   em System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   em System.Threading.ThreadHelper.ThreadStart()

Error: (10/17/2015 11:28:11 PM) (Source: MsiInstaller) (EventID: 1024) (User: HL-PC)
Description: Produto: Adobe Reader XI (11.0.12) - Português - Não foi possível instalar a actualização '{AC76BA86-7AD7-0000-2550-7A8C40011013}'. Código de erro 1625. O Windows Installer pode criar registos para ajudar na resolução de problemas de instalação de pacotes de software. Utilize a seguinte hiperligação para obter instruções sobre a activação do suporte de registo: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/17/2015 11:16:34 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Não foi possível inicializar o índice.

Detalhes:
	O catálogo de índices de conteúdos está danificado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/17/2015 11:16:34 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Não foi possível inicializar a aplicação.

Contexto: Aplicação Windows

Detalhes:
	O catálogo de índices de conteúdos está danificado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/17/2015 11:16:34 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Não foi possível inicializar o objecto do colector.

Contexto: Aplicação Windows, Catálogo SystemIndex

Detalhes:
	O catálogo de índices de conteúdos está danificado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/17/2015 11:16:33 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Não foi possível inicializar o plug-in em <Search.TripoliIndexer>.

Contexto: Aplicação Windows, Catálogo SystemIndex

Detalhes:
	Elemento não encontrado.  (HRESULT : 0x80070490) (0x80070490)

Error: (10/17/2015 11:16:32 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Não foi possível inicializar o plug-in em <Search.JetPropStore>.

Contexto: Aplicação Windows, Catálogo SystemIndex

Detalhes:
	O catálogo de índices de conteúdos está danificado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/17/2015 11:16:32 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: O Serviço Windows Search não consegue carregar as informações do arquivo de propriedades.

Contexto: Aplicação Windows, Catálogo SystemIndex

Detalhes:
	A base de dados de índices de conteúdos está danificada.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/17/2015 11:16:32 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: O Serviço Windows Search está a ser parado porque existe um problema com o indexador, The catalog is corrupt.

Detalhes:
	O catálogo de índices de conteúdos está danificado.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (10/18/2015 09:24:15 PM) (Source: bowser) (EventID: 8003) (User: )
Description: O browser principal recebeu um aviso de servidor a partir do computador MEO
que pensa que é o browser principal do domínio no transporte NetBT_Tcpip_{1E370067-30A8-4848-8BE1-3E5CAD7816FA}.
O browser principal está a ser terminado ou está a ser forçada uma eleição.

Error: (10/18/2015 07:49:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço MBAMScheduler terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (10/18/2015 07:49:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço MBAMService terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (10/18/2015 07:49:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Instalador de Módulos do Windows terminou inesperadamente. Já o fez 1 vez(es). Será efectuada a seguinte acção correctiva em 120000 milissegundos: Reiniciar o serviço.

Error: (10/18/2015 07:49:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço O&O Defrag terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (10/18/2015 07:49:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Serviço de Partilha de Rede do Windows Media Player terminou inesperadamente. Já o fez 1 vez(es). Será efectuada a seguinte acção correctiva em 30000 milissegundos: Reiniciar o serviço.

Error: (10/18/2015 07:49:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Office Software Protection Platform terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (10/18/2015 07:49:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Service KMSELDI terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (10/18/2015 07:49:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) PROSet/Wireless Registry Service terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (10/18/2015 07:49:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço NVIDIA GeForce Experience Service terminou inesperadamente. Isto aconteceu 1 vez(es).


CodeIntegrity:
===================================
  Date: 2015-10-15 17:45:21.056
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-10-15 17:45:21.041
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-10-15 17:45:21.041
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-10-15 17:45:20.994
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-10-15 17:45:20.978
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-10-15 17:45:20.978
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-10-15 17:45:19.434
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-10-15 17:45:19.418
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-10-15 17:45:19.418
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-10-15 17:45:18.857
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 43%
Total physical RAM: 6055.77 MB
Available physical RAM: 3407.92 MB
Total Virtual: 12111.54 MB
Available Virtual: 9472.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:574.58 GB) (Free:491.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: CCB0CAB4)
Partition 1: (Not Active) - (Size=21.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=574.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================