Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01 Ran by Takahashi (2015-09-11 12:18:42) Running from C:\Users\Takahashi\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2012-10-27 13:10:36) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-1801391826-1823754422-2914053238-500 - Administrator - Disabled) Convidado (S-1-5-21-1801391826-1823754422-2914053238-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1801391826-1823754422-2914053238-1002 - Limited - Enabled) Takahashi (S-1-5-21-1801391826-1823754422-2914053238-1000 - Administrator - Enabled) => C:\Users\Takahashi ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ashampoo HDD Control 2 2.07 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG) ASSISTAT - Statistical Assistance (HKLM-x32\...\ASSISTAT - Statistical Assistance) (Version: - ) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.) CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd) Dropbox (HKU\S-1-5-21-1801391826-1823754422-2914053238-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.) ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.) FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production) Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden HP Deskjet 2540 series Software básico do dispositivo (HKLM\...\{A4BA74B3-3DCB-47CC-9C80-C2CBAC26C6EB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft) Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-1801391826-1823754422-2914053238-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 33.1.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 pt-BR)) (Version: 33.1.1 - Mozilla) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) R for Windows 3.1.1 (HKLM\...\R for Windows 3.1.1_is1) (Version: 3.1.1 - R Core Team) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1025 - RStudio) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SigmaPlot 12.0 (HKLM-x32\...\{730E22C0-A5A9-4A1B-AE66-570573DCA0E8}) (Version: 12.0 - Systat Software, Inc.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) STATISTICA (HKLM-x32\...\{76C2ABD2-E1B4-49A3-A301-912F53FF1E57}) (Version: 7.00.0000 - StatSoft) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{45AD9785-5503-4B26-981A-AF62A355ADF2}) (Version: - Microsoft) USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab) Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe No File CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation No File CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Takahashi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Takahashi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation No File CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\pt-BR\acadficn.dll No File CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Takahashi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Takahashi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) ==================== Restore Points ========================= 10-09-2015 19:24:22 WinThruster qui, set 10, 15 19:24 10-09-2015 19:34:17 Installed iTunes 10-09-2015 19:37:49 Installed iTunes 10-09-2015 19:49:14 Windows Update 10-09-2015 19:56:45 Revo Uninstaller's restore point - OneSoftPerDay 025.013010084 10-09-2015 20:03:20 Uniblue PC Mechanic installation 10-09-2015 20:24:55 Revo Uninstaller's restore point - 1.0.0.1 10-09-2015 20:30:23 Revo Uninstaller's restore point - PhraseProfessor 1.10.0.24 10-09-2015 20:31:47 Revo Uninstaller's restore point - GamesDesktop 020.004010084 10-09-2015 20:36:23 Revo Uninstaller's restore point - Opera Stable 31.0.1889.241 10-09-2015 20:38:44 Revo Uninstaller's restore point - Mozilla Maintenance Service 10-09-2015 20:40:20 Revo Uninstaller's restore point - oursurfing uninstall 11-09-2015 00:06:05 Revo Uninstaller's restore point - YAC(Yet Another Cleaner!) 11-09-2015 00:09:39 Revo Uninstaller's restore point - YAC(Yet Another Cleaner!) 11-09-2015 09:40:00 Revo Uninstaller's restore point - UPCleaner ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {022D0304-83E1-4A8D-B55A-847B3F3F41BE} - \Desk 365 RunAsStdUser -> No File <==== ATTENTION Task: {07AD4D21-5B5D-4EC3-9A76-383C91CBFBA0} - \WinThruster_UPDATES -> No File <==== ATTENTION Task: {23E20378-4349-4E61-9D2C-4008B6CFEB77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {25C471B9-E83D-4D6D-9496-FBB0D9C50D9B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1801391826-1823754422-2914053238-1000UA => C:\Users\Takahashi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.) Task: {2C23AEA0-805B-42B6-88A3-0498DA380563} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd) Task: {2D59BB1B-BEE9-45D8-A248-7C9226511CFF} - System32\Tasks\{ACF76C72-B053-4C81-816D-02F136608D10} => pcalua.exe -a C:\Users\Takahashi\Downloads\PenDriveVirusRemover_Setup_En.exe -d C:\Users\Takahashi\Downloads Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION Task: {39A7DFC4-7C83-4460-80B6-A44D51FDF265} - \WinThruster -> No File <==== ATTENTION Task: {4081376A-3FF9-425F-8F3C-303158A09B9C} - System32\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200} => C:\ProgramData\ToolsUpdatePlatform\CallBackInstall.exe Task: {4288544B-1D27-4326-A51B-2559FA918942} - \DealPlyUpdate -> No File <==== ATTENTION Task: {463A9D41-702C-4E18-B133-F8C1CFE18A29} - System32\Tasks\Pritc => C:\Users\TAKAHA~1\AppData\Local\Temp\27846\iiiii2.exe <==== ATTENTION Task: {471CF587-E0DD-4D19-8736-4F8E952DA0FA} - System32\Tasks\{41EC073E-34FD-45DD-93FC-84DC9F0C244F} => pcalua.exe -a "F:\Office2007PT-BR\Office 2007 PT-BR\setup.exe" -d "F:\Office2007PT-BR\Office 2007 PT-BR" Task: {50F9C781-959C-4480-9F80-F369C63C5963} - \WinThruster_DEFAULT -> No File <==== ATTENTION Task: {51B99D64-7C13-4EC2-94A7-FE1497CD26A9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-30] (Avast Software s.r.o.) Task: {60EEC352-5689-4EE7-A0E3-DC8F9DFCB782} - \PhraseProfessor Auto Updater 1.10.0.24 Core -> No File <==== ATTENTION Task: {6DAFD0C4-6DC8-4F43-81AD-34D1A94A3660} - \WinKit -> No File <==== ATTENTION Task: {6E43C3B5-F1EA-449B-930E-61758124DB3E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for TAMARA-Takahashi Tamara => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-06-26] (Microsoft Corporation) Task: {7428A2CC-F53B-45B1-BD82-8B500EA0D0F9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {795B01D4-38A0-4B28-A705-6A1F293E1420} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {7F53B8B6-936B-45D8-B1BE-305950D43D69} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION Task: {7FD97BAB-BF44-4206-919A-B07EC06BA1C0} - System32\Tasks\svchost => C:\Users\TAKAHA~1\AppData\Local\Temp\setup_685.exe <==== ATTENTION Task: {8BEEC08E-976E-4B30-83D1-E55E8B183D2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {8CDA7E5E-33D3-427B-A130-2BD62521B38E} - \Omiga Plus RunAsStdUser -> No File <==== ATTENTION Task: {8F2B3E4A-11FA-435C-B55A-932AE5D184D1} - \WordSurfer Auto Updater 1.10.0.19 Core -> No File <==== ATTENTION Task: {99E490EE-8A12-4C5D-9539-509495387824} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe Task: {9ED87450-1E8F-4792-89D4-446A4AF01217} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {A89BE61E-A1F0-4AA9-8BAF-C424FBDABA7B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated) Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION Task: {BC074D3E-3BAD-47AB-9903-5F902AE69BD4} - \PhraseProfessor Auto Updater 1.10.0.24 Pending Update -> No File <==== ATTENTION Task: {BF9703AD-2030-49B6-AB60-758132CAE2E4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1801391826-1823754422-2914053238-1000Core => C:\Users\Takahashi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.) Task: {C0587B19-6A54-4C2D-A97D-2BC2BF24EE44} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {C68A6BD8-4358-4961-9D43-4F69C8998ADA} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION Task: {D0E32B45-F176-4362-8641-B77EB4FF0C60} - \Dealply -> No File <==== ATTENTION Task: {DCB81B58-E9F6-41CB-B4D3-658407F90389} - \Winsta Update -> No File <==== ATTENTION Task: {E0CE88D6-65FA-491D-8405-08587C86E419} - \Convertor -> No File <==== ATTENTION Task: {EFDF3828-4C92-47F1-B385-22D2749CAC71} - \WordSurfer Auto Updater 1.10.0.19 Pending Update -> No File <==== ATTENTION Task: {F444722F-73A1-4559-A263-F7FCEB8C61C4} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {F6A4E1BA-145A-4858-ACBB-C3076F76F6D3} - \BrowserProtect -> No File <==== ATTENTION Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1801391826-1823754422-2914053238-1000Core.job => C:\Users\Takahashi\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1801391826-1823754422-2914053238-1000UA.job => C:\Users\Takahashi\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job => C:\ProgramData\ToolsUpdatePlatform\CallBackInstall.exe ==================== Loaded Modules (Whitelisted) ============== 2012-10-27 11:40 - 2012-07-29 22:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe 2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-06-04 23:37 - 2013-06-04 23:37 - 00095696 _____ () C:\Program Files (x86)\Baidu\IME\2.8.1.12\BaiduJPServ.exe 2013-06-04 23:38 - 2013-06-04 23:38 - 00250048 _____ () C:\Program Files (x86)\Baidu\IME\2.8.1.12\BaiduCloudEngine.exe 2013-06-04 23:37 - 2013-06-04 23:37 - 00606400 _____ () C:\Program Files (x86)\Baidu\IME\2.8.1.12\ServAgent.exe 2012-10-26 07:18 - 2012-02-14 14:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-06-30 08:56 - 2015-06-30 08:56 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-06-30 08:56 - 2015-06-30 08:56 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-09-11 09:04 - 2015-09-11 09:04 - 02962944 _____ () C:\Program Files\AVAST Software\Avast\defs\15091100\algo.dll 2013-06-04 23:38 - 2013-06-04 23:38 - 00065728 _____ () C:\Program Files (x86)\Baidu\IME\2.8.1.12\PipeLib.dll 2015-06-30 08:56 - 2015-06-30 08:56 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-06-23 13:56 - 2013-05-29 11:17 - 00033792 _____ () C:\Program Files (x86)\USB Disk Security\locales\portuese.dll 2015-09-04 10:39 - 2015-08-27 21:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll 2015-09-04 10:39 - 2015-08-27 21:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-1801391826-1823754422-2914053238-1000\...\bb.com.br -> www.bb.com.br ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1801391826-1823754422-2914053238-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Takahashi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 189.4.0.148 - 189.4.0.152 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{F7886580-D27C-4438-834C-2AEE79DEA0C0}] => (Allow) C:\Program Files (x86)\Megacubo\megacubo.exe FirewallRules: [{FE20BBAB-C8D6-4357-AD5F-63DC7BCB3600}] => (Allow) C:\Program Files (x86)\Megacubo\megacubo.exe FirewallRules: [TCP Query User{63F68965-33BE-4F50-B54A-5010C55DC5D9}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{3408041F-757B-429A-975D-CA7C94F58DCB}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [TCP Query User{357C565B-8C65-4546-9FD4-6CF92EEFB077}C:\program files (x86)\keyholetv\keyholetv.exe] => (Allow) C:\program files (x86)\keyholetv\keyholetv.exe FirewallRules: [UDP Query User{F4C38179-9B7E-4BCD-9274-39C331BEEF0F}C:\program files (x86)\keyholetv\keyholetv.exe] => (Allow) C:\program files (x86)\keyholetv\keyholetv.exe FirewallRules: [{303E5BC8-3A25-47E4-B0F1-BE5137A919E8}] => (Allow) C:\Users\Takahashi\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{0E3A06D8-A8F7-4B2B-B55A-9D6703F88152}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{F39B33C8-21AF-4754-9775-8131BDE4CE48}] => (Allow) LPort=2869 FirewallRules: [{52071D59-AF22-4700-85E3-ECC45C5E86F6}] => (Allow) LPort=1900 FirewallRules: [{B5FFD462-DA2D-4EDC-97F3-EE2A312BAF5E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{C3AF5611-048B-4044-B829-1A89B459D34A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C4A7B450-3D8D-4ED9-BAF0-254D24246154}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{6CEB4237-16B3-4F36-AEFD-BB3C5C3CF08D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{B2281C6E-C06C-4F13-BE65-4BBE78BCED9F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{7004FC73-8041-4208-878B-D0ABD9D4D617}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{8D379A91-DC34-4BA6-9143-2D619E79BAE6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{BC362B7B-EEF3-4714-9E64-61AC7ED8CE17}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{EAC5FDAC-5BB8-47BF-B0E5-F1FA09FF91FE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{5B888DAE-6556-42F6-8B0E-A1C6C781A553}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{5573702C-88CB-4FCE-9A34-63107A3C76C5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D5D4D594-E15A-40F2-8DA9-A724E2A41DA1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{D15C3A5F-6C3E-4DF7-A0C1-87FC93943AF5}C:\users\takahashi\downloads\ativ_1 ofc2013 by arphanetbr\arquivos\microsoft toolkit 2.4.7\microsoft toolkit 2.4.7.exe] => (Allow) C:\users\takahashi\downloads\ativ_1 ofc2013 by arphanetbr\arquivos\microsoft toolkit 2.4.7\microsoft toolkit 2.4.7.exe FirewallRules: [UDP Query User{3C2ACF27-DEE5-48FF-928A-6C72AE0E7302}C:\users\takahashi\downloads\ativ_1 ofc2013 by arphanetbr\arquivos\microsoft toolkit 2.4.7\microsoft toolkit 2.4.7.exe] => (Allow) C:\users\takahashi\downloads\ativ_1 ofc2013 by arphanetbr\arquivos\microsoft toolkit 2.4.7\microsoft toolkit 2.4.7.exe FirewallRules: [TCP Query User{35D8F425-5D7E-41AF-8258-8CF527E6CA88}C:\users\takahashi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\takahashi\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{3489F1CA-6FF0-4D0A-BAA0-EEBF912CBDEC}C:\users\takahashi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\takahashi\appdata\local\akamai\netsession_win.exe FirewallRules: [{43D0ECF2-9CB3-4D12-9B77-318A7B5008DA}] => (Allow) LPort=50996 FirewallRules: [{1F818A79-740A-4C4E-B99E-8AD8E8C77445}] => (Allow) LPort=5000 FirewallRules: [TCP Query User{3B61059D-D0AE-423E-898D-8AD2B43FE1BE}C:\users\takahashi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\takahashi\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{0D4214AD-16E3-40E4-82B8-0131C442BD81}C:\users\takahashi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\takahashi\appdata\local\akamai\netsession_win.exe FirewallRules: [{766E54C0-C1F8-4DFB-8013-C7D8051FC47D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{18D533AA-CA96-4280-B4A9-A034A82229DA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{7200FAFB-5940-4B35-9A7E-49159E7092BB}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{33060B0E-53E7-4E26-802E-B1333E486801}] => (Allow) C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{C991DDDC-E34F-41B3-BC7A-F9FF19A24665}] => (Allow) C:\Users\Takahashi\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{061CDBCA-C616-441A-9DC9-8C1830C60B54}C:\users\takahashi\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\takahashi\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{62DBF972-82B3-4930-8B89-BAC27A37771B}C:\users\takahashi\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\takahashi\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{311FCC60-AC6A-477D-87FE-7EBF5C3B6858}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{D3D28F10-D59B-4308-8C14-AF24766C43CD}] => (Allow) LPort=5357 FirewallRules: [{9007C7F2-1AB6-46E6-B6E3-36AF3F79128B}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{87B4E54C-1BA2-4E10-A2E7-72A51B99365D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D553B6E3-017D-46F7-9852-986C80822594}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{FA05D5A7-225F-4AC0-8156-5CC171A8E26C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{EDC04A7A-BEAD-43B8-B2AB-20C976BE8451}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{127EB9F7-E7AC-4221-810C-9F60793B2ABD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe ==================== Faulty Device Manager Devices ============= Name: YAC NDIS Driver Description: YAC NDIS Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: iSafeNetFilter Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: YAC Kit Driver Description: YAC Kit Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: iSafeKrnlKit Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: YAC Ring3 Driver Description: YAC Ring3 Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: iSafeKrnlR3 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (09/11/2015 12:12:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/11/2015 09:03:28 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/11/2015 01:16:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/11/2015 01:12:58 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/11/2015 12:51:39 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.PowerShell.Editor, Version=1.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020 Error: (09/11/2015 12:01:46 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <4, 0x8004117f, Falha ao adicionar projeto: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>. Error: (09/11/2015 12:01:46 AM) (Source: Windows Search Service) (EventID: 9000) (User: ) Description: O Windows Search Service não pode abrir o repositório de propriedades do Jet. Detalhes: 0x%08x (0x8004117f - O servidor de índices de conteúdo não pode atualizar ou acessar as informações devido a um erro no banco de dados. Pare e reinicie o serviço de pesquisa. Se o problema persistir, redefina e rastreie novamente o índice de conteúdo. Em alguns casos, pode ser necessário excluir e recriar esse índice. (HRESULT : 0x8004117f)) Error: (09/11/2015 12:01:45 AM) (Source: ESENT) (EventID: 485) (User: ) Description: Windows (4944) Windows: Uma tentativa de excluir o arquivo "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" falhou com o erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação para excluir o arquiva falhará com o erro -1032 (0xfffffbf8). Error: (09/11/2015 12:01:35 AM) (Source: ESENT) (EventID: 490) (User: ) Description: Windows (4944) Windows: Falha ao tentar abrir o arquivo "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" para acesso de leitura/gravação com o erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação de abertura do arquivo falhará com o erro -1032 (0xfffffbf8). Error: (09/11/2015 12:00:35 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: O serviço Pesquisa do Windows está sendo interrompido devido a um problema no indexador:The catalog is corrupt. Detalhes: O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801) System errors: ============= Error: (09/11/2015 12:14:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço do Google Update (gupdate) devido ao seguinte erro: %%1053 Error: (09/11/2015 12:14:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço do Google Update (gupdate). Error: (09/11/2015 12:12:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: iSafeKrnl iSafeKrnlKit iSafeKrnlR3 iSafeNetFilter Error: (09/11/2015 12:11:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço YAC Service devido ao seguinte erro: %%2 Error: (09/11/2015 09:41:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço UPCleaner SVC foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (09/11/2015 09:05:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço do Google Update (gupdate) devido ao seguinte erro: %%1053 Error: (09/11/2015 09:05:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço do Google Update (gupdate). Error: (09/11/2015 09:03:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: iSafeKrnl iSafeKrnlKit iSafeKrnlR3 iSafeNetFilter ppfd_vt_1_10_0_24 UGBroMon UGKrnlDrv UGProtect wsafd_1_10_0_19 Error: (09/11/2015 09:03:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço UPKernel devido ao seguinte erro: %%3 Error: (09/11/2015 09:03:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%3 Microsoft Office: ========================= CodeIntegrity: =================================== Date: 2015-09-10 20:05:30.617 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-10 20:05:30.525 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-10 20:05:29.237 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-10 20:05:29.154 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-10 20:05:27.914 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-10 20:05:27.834 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-10 20:05:06.771 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-10 20:05:06.690 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-10 20:03:39.673 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-10 20:03:39.435 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Percentage of memory in use: 63% Total physical RAM: 3934.36 MB Available physical RAM: 1435.67 MB Total Virtual: 7866.91 MB Available Virtual: 5496.34 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:134.74 GB) (Free:61.93 GB) NTFS Drive d: () (Fixed) (Total:330.92 GB) (Free:324.34 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7BB99B6E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=134.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=330.9 GB) - (Type=OF Extended) ==================== End of Addition.txt ============================