Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-02-2016 Ran by Casa (2016-02-15 19:52:51) Running from C:\Users\Casa\Desktop Microsoft Windows 7 Ultimate (X86) (2011-11-07 17:01:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-3923423384-1465317235-2915663045-500 - Administrator - Disabled) Casa (S-1-5-21-3923423384-1465317235-2915663045-1000 - Administrator - Enabled) => C:\Users\Casa Convidado (S-1-5-21-3923423384-1465317235-2915663045-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated) Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated) Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.) Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASSISTAT - Statistical Assistance (HKLM\...\ASSISTAT - Statistical Assistance) (Version: - ) aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Avast Free Antivirus (HKLM\...\avast) (Version: 11.1.2245 - AVAST Software) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) calibre (HKLM\...\{CF0D492B-12F2-40B0-AF33-0F1BAA0BEF37}) (Version: 2.28.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited) GBBD Caixa Economica Federal (HKLM\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.11.0.1 - ) globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.) Google Earth Pro (HKLM\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google) Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden GunboundPS (HKLM\...\GunboundPS_is1) (Version: - Softnyx co.,ltd.) HP Deskjet 2540 series Ajuda (HKLM\...\{70B5D5B2-8014-4C22-9963-361B1F07B81A}) (Version: 30.0.0 - Hewlett Packard) HP Deskjet 2540 series Software básico do dispositivo (HKLM\...\{831C1695-CF1D-4379-B432-89139C7159FB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) IDRISI Selva (HKLM\...\IDRISI Selva) (Version: 17.00 - Clark Labs / Clark University) IDRISI Selva (Version: 17.00 - Clark Labs / Clark University) Hidden Java 8 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 7.9.0 (HKLM\...\KLiteCodecPack_is1) (Version: 7.9.0 - ) LightScribe System Software (HKLM\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Módulo de Segurança - Banco do Brasil (HKLM\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: GBBD Banco do Brasil - ) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) Opera Stable 34.0.2036.36 (HKLM\...\Opera 34.0.2036.36) (Version: 34.0.2036.36 - Opera Software) Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.) QGIS Lyon 2.12.2 Lyon (HKLM\...\QGIS Lyon) (Version: - QGIS Development Team) QGIS Pisa 2.10.1 Pisa (HKLM\...\QGIS Pisa) (Version: - QGIS Development Team) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.18 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Spring 5.2.2 Português_x64 (HKLM\...\Spring 5.2.2 Português_x64) (Version: - ) Spring 5.2.2 Português_x86 (HKLM\...\Spring 5.2.2 Português_x86) (Version: - ) Suporte para Aplicativos Apple (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TZip 1.0 (HKLM\...\TZip) (Version: 1.0 - TZip) VideoCAM Look (HKLM\...\{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}) (Version: 4.7.5.4 - ) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {001F8583-EB87-4C4A-82F1-6E9D9E320DF1} - System32\Tasks\{41FEE92B-7CB6-408C-85FA-00D992C20A14} => Chrome.exe hxxp://ui.skype.com/ui/0/6.21.0.104/pt/abandoninstall?page=tsMain Task: {09C4544B-94CB-4605-A826-80FF6A404797} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3923423384-1465317235-2915663045-1000UA => C:\Users\Casa\AppData\Local\Google\Update\GoogleUpdate.exe Task: {0E0083AE-EE53-455D-8715-9D016AC3BAF3} - System32\Tasks\{FB9286B6-C798-4E17-B02E-995E2145DF8C} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsMain Task: {102559E2-C90B-4BC0-8F23-03DBF85142B3} - System32\Tasks\{09AB0F3B-A2DA-454A-A9CB-B0A0AD092789} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.111&LastError=404 Task: {141B7F2E-A26B-49EA-8CE1-4C9086B909E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3923423384-1465317235-2915663045-1000Core => C:\Users\Casa\AppData\Local\Google\Update\GoogleUpdate.exe Task: {1822550F-6086-4ACA-84F8-20C7F6E2D854} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {1A1C6D6F-2D44-4E6D-8A2D-5EAF3C43FF9A} - System32\Tasks\{39EBE72D-7668-4766-AB9A-FD016238A508} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsMain Task: {1B101577-E546-4702-B29D-86551C5833D8} - System32\Tasks\{9673AB67-AFD4-4A98-95CD-881222DD238B} => pcalua.exe -a C:\GitzWC\Season1\uninstall.exe Task: {21564AFD-388B-4A24-8337-AD05589966AA} - System32\Tasks\{5F9214AA-71B3-462A-9202-30F1E67EC786} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsMain Task: {216DAA09-BB92-4887-83B1-26619D58CF4F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-12] (Adobe Systems Incorporated) Task: {2E6F25F3-E440-41B1-BC7C-A7D7CFBFBF95} - System32\Tasks\{7C20DB9A-A79D-4A3E-A8CD-709EC9897F6B} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsMain Task: {30E419CB-5652-4135-B6CD-DAE2BD3804BA} - System32\Tasks\Upibd => C:\PROGRA~1\SHOPPE~4\Faidti.bat Task: {36D8CC13-BD75-4441-917C-3E6BB527B96E} - System32\Tasks\Opera scheduled Autoupdate 1452046037 => C:\Program Files\Opera\launcher.exe [2015-12-14] (Opera Software) Task: {3CEF9B7A-C84A-4B86-B3F8-C3CD20008D6E} - System32\Tasks\{4081B0C1-5F61-40F6-B592-72E6A7B10545} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsBing Task: {4A3887D3-1628-45C6-9B61-8AE4E74D4B3E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-12] (Adobe Systems Incorporated) Task: {4FD50E6B-AEA6-48C4-A1FA-B69C53A857A4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {50AFDC79-F2F0-4874-B3C4-C1B2E34C2533} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.) Task: {524BAB3B-ED53-4279-9889-9440C3B571D3} - System32\Tasks\{938842AA-33E5-48E8-B75B-33D39C1D39F3} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsMain Task: {543BC415-7A43-4415-B2C5-31CB975CF0EE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {5E39F61B-17BB-463B-A3BC-11D15CEF051E} - System32\Tasks\{76ECB240-11A7-401F-8EF7-B0E73B0E576D} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsMain Task: {60D2552D-D243-4036-A964-F7D0536ED984} - System32\Tasks\17F4DBEA-964E-40FF-8B80-1A38D237B359 => C:\Users\Casa\AppData\Local\17F4DBEA-964E-40FF-8B80-1A38D237B359\17F4DBEA-964E-40FF-8B80-1A38D237B359.exe <==== ATTENTION Task: {629304D4-0673-406A-AE71-6139AAF61AA0} - System32\Tasks\{6F0E26FF-5AAC-4073-9AF6-4E9F273D66C2} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsMain Task: {644E95C8-9C2A-4BBD-8D7E-DD05817E4022} - System32\Tasks\{5CC7850B-48FD-4A4A-AE6A-247E9447C1EC} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.5.0.117&LastError=404 Task: {78A14EB9-191E-4E3E-99CC-425D3DFB7834} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-23] (AVAST Software) Task: {84D5F12E-7BF5-4C4B-97A0-5CE3F955177B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3923423384-1465317235-2915663045-1000 Task: {9B774C40-BC27-47CD-B142-C25630A306BF} - System32\Tasks\{921390F9-5ADF-4F83-8E24-44377E9EB120} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsMain Task: {A9B46BC4-20BC-48D1-93EE-3025EAC365A1} - System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => C:\Users\Casa\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [2015-05-14] () <==== ATTENTION Task: {B6BFF532-8F6E-494B-A2A6-6C98E914880D} - System32\Tasks\{A60A6D91-5471-4FB7-AF63-8AF4BE201343} => Chrome.exe hxxp://ui.skype.com/ui/0/6.21.0.104/pt/abandoninstall?page=tsMain Task: {D281C9F9-C168-429C-9B4B-E545D2AFCBBD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.) Task: {DA0B0613-EB4D-4981-9443-523B9C038AED} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-23] (AVAST Software) Task: {DD2CE908-4FB5-44EB-B730-E73052A49D9D} - System32\Tasks\Felpu => C:\PROGRA~1\SHOPPE~2\Lujanib.bat Task: {DDAA2ADD-290D-427E-B20B-C0CC68BDF4C8} - System32\Tasks\{A01B7A21-049F-4826-A0EC-DFD447B0795D} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsMain Task: {DDB8592C-E576-43CC-86CD-497D73920B87} - System32\Tasks\{2AC48A57-1EC7-417D-AB03-C1AC933DD252} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/pt/abandoninstall?page=tsMain (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3923423384-1465317235-2915663045-1000Core.job => C:\Users\Casa\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3923423384-1465317235-2915663045-1000UA.job => C:\Users\Casa\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job => C:\Users\Casa\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe-RunCheckUpdate C:\Users\Casa\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe <==== ATTENTION ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Casa\Desktop\QGIS Desktop 2.12.2.lnk -> C:\Program Files\QGIS Lyon\bin\nircmd.exe (NirSoft) -> exec hide C:\PROGRA~1\QGISLY~1\bin\qgis.bat ShortcutWithArgument: C:\Users\Casa\Desktop\QGIS\SAGA GIS (2.1.2).lnk -> C:\Program Files\QGIS Lyon\bin\nircmd.exe (NirSoft) -> exec hide C:\PROGRA~1\QGISLY~1\bin\saga_gui.bat ShortcutWithArgument: C:\Users\Casa\Desktop\JUNIOR\QGIS\SAGA GIS (2.1.2).lnk -> C:\Program Files\QGIS Pisa\bin\nircmd.exe (NirSoft) -> exec hide C:\PROGRA~1\QGISPI~1\bin\saga_gui.bat ShortcutWithArgument: C:\Users\Casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.searchtudo.com/pt/?uid={4e2cae62e3b7481cbc6bf791fcac812a}&r=eg ShortcutWithArgument: C:\Users\Casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.searchtudo.com/pt/?uid={4e2cae62e3b7481cbc6bf791fcac812a}&r=eg ShortcutWithArgument: C:\Users\Casa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.searchtudo.com/pt/?uid={4e2cae62e3b7481cbc6bf791fcac812a}&r=eg ShortcutWithArgument: C:\Users\Casa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\Users\Casa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\Users\Casa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk -> C:\Program Files\Adobe\Adobe Widget Browser\Adobe Widget Browser.exe () -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.searchtudo.com/pt/?uid={4e2cae62e3b7481cbc6bf791fcac812a}&r=eg ==================== Loaded Modules (Whitelisted) ============== 2015-12-30 15:08 - 2015-12-30 15:08 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll 2015-12-23 14:00 - 2015-12-23 14:00 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-12-23 13:59 - 2015-12-23 13:59 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-12-28 12:19 - 2015-12-28 12:19 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122801\algo.dll 2015-12-23 14:00 - 2015-12-23 14:00 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2011-11-07 16:56 - 2011-05-28 22:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll 2014-07-31 13:16 - 2014-07-31 13:16 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-12-23 14:00 - 2015-12-23 14:00 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-12-08 17:25 - 2015-12-08 17:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll 2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files\Skype\Phone\ssScreenVVS2.dll 2016-02-12 17:26 - 2015-12-10 10:56 - 00193456 _____ () C:\Program Files\SkypeUpdateEx\SkypeUpdateEx.exe 2016-02-12 17:26 - 2015-12-08 11:12 - 00126896 _____ () C:\Program Files\SkypeUpdateEx\SkypeUpdate.dll 2016-01-23 17:40 - 2015-12-08 10:24 - 07142328 _____ () C:\Users\Casa\AppData\Roaming\XBox\XBLive.exe 2016-01-23 17:40 - 2015-11-30 10:08 - 00256440 _____ () C:\Users\Casa\AppData\Roaming\XBox\Xbox.Live.dll 2016-02-12 17:30 - 2016-02-09 09:58 - 16810824 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll 2016-01-08 01:59 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Casa\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2016-01-08 01:59 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Casa\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt AlternateDataStreams: C:\Windows\System32:E401E3DD_Bb.gbp AlternateDataStreams: C:\Windows\System32:E401E3DD_Cef.gbp AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst AlternateDataStreams: C:\Users\Casa\AppData\Roaming\Launcher__16211_il391044.exe:typelib ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Audiosrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\drmkaud => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HDAudBus => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MMCSS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="[6cFgE][Şοûпđ, νìδ℮ô άήδ ğªмè ¢őήťřόℓŀèґš !!! !!! !]" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{640167b4-59b0-47a6-b335-a6b3c0695aea} => ""="Portable Media Devices" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Audiosrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\drmkaud => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HDAudBus => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MMCSS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ufadedatpa => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="[6cFgE][Şοûпđ, νìδ℮ô άήδ ğªмè ¢őήťřόℓŀèґš !!! !!! !]" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{640167b4-59b0-47a6-b335-a6b3c0695aea} => ""="Portable Media Devices" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7778 more sites. IE trusted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\...\123simsen.com -> www.123simsen.com There are 7778 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 00:04 - 2015-03-11 12:05 - 00444931 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.10sek.com 127.0.0.1 10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 www.123fporn.info 127.0.0.1 123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com There are 15271 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3923423384-1465317235-2915663045-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Casa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 200.204.0.10 - 200.204.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Users^Casa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SmartWeb.lnk => C:\Windows\pss\SmartWeb.lnk.Startup MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Facebook Update => "C:\Users\Casa\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: gmsd_br_005010117 => MSCONFIG\startupreg: gmsd_br_005010135 => MSCONFIG\startupreg: GoogleChromeAutoLaunch_24058EE0A4650D25CD1906AC59992FC0 => "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window MSCONFIG\startupreg: GoogleChromeAutoLaunch_4129C1338700D7B1080DDB82359D2F0A => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LightGate => C:\ProgramData\LightGate.exe MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden MSCONFIG\startupreg: NBAgent => "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart MSCONFIG\startupreg: Pando Media Booster => C:\Program Files\Pando Networks\Media Booster\PMB.exe MSCONFIG\startupreg: PlusService => C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{1191AF98-9414-453B-A3E5-A61CCD19DF29}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{183478CA-0E05-4830-BC5A-10F85E6FECAF}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{BF115FE5-0732-49F2-8C42-8995BE7C892A}] => (Allow) LPort=2869 FirewallRules: [{A818E233-4164-4CFB-93BA-3DD90B00D572}] => (Allow) LPort=1900 FirewallRules: [{26D28B20-7D24-4F91-937D-3B840C6792AB}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{8C53FC47-7B07-4944-9DF9-63A847A994C4}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [TCP Query User{DC7E9AD8-1595-44FD-9B8A-378C1B577D10}C:\game\softnyxgame\gunboundps\gunbound.gme] => (Allow) C:\game\softnyxgame\gunboundps\gunbound.gme FirewallRules: [UDP Query User{503BBEA7-8837-4035-A137-765B7485F217}C:\game\softnyxgame\gunboundps\gunbound.gme] => (Allow) C:\game\softnyxgame\gunboundps\gunbound.gme FirewallRules: [{DEB08CBD-D701-40FD-A64A-11215F8252A6}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{FC7BC511-F0DB-4321-87EA-A2A8F816DE52}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{B32600B5-B90B-4188-BAC1-68B7A754AE9A}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{0E5F8EBD-4747-4127-A297-DA5F83822734}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{FA411D04-F9FA-445D-8844-2047FF0693DF}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{6E099FBA-3A17-4B4C-BBB3-25569BADC8D1}] => (Allow) LPort=7935 FirewallRules: [{A537C296-D0DE-4E22-9C2A-43BCD28EBBF5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{BBC9CF1D-0F6B-46BA-B9C5-B3FD421E306F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{522B7EAD-EEBD-4542-85D8-0CFD563C3F74}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{DFD551A6-3295-41A8-A65B-740B3743936A}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{23976883-89A5-43EF-8791-4255B6D9AD14}] => (Allow) LPort=5357 FirewallRules: [{02EA3129-901F-4AB3-8227-72ED64E64524}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{65D1D33D-09DC-490B-BA69-06E9BE8AB415}] => (Allow) C:\Users\Casa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B0ED7059-9F47-4F96-A2FE-F5B29EE13D34}] => (Allow) C:\Users\Casa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5048C4D2-2414-4333-9662-78D4E7004A7F}] => (Allow) C:\Users\Casa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{16FC21F3-1592-45C6-B6D2-26209A1C5A3B}] => (Allow) C:\Users\Casa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3F4B5283-54E7-479D-A690-297575428317}] => (Allow) C:\Users\Casa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FAF88793-E1C1-4FCA-8CF8-2348A8C94889}] => (Allow) C:\Users\Casa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{1014D54D-832E-49CC-8DA8-1C85A5AF398C}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe FirewallRules: [UDP Query User{A437B5D9-6F15-4E94-8CBE-239F82978CBB}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe FirewallRules: [{2F7D8A3E-B67D-4551-883A-B7D62F85499D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 12-02-2016 17:00:50 Revo Uninstaller's restore point - iTunes 12-02-2016 17:13:17 Revo Uninstaller's restore point - Java 7 Update 55 12-02-2016 17:14:16 Removed Java 7 Update 55 12-02-2016 17:21:55 Revo Uninstaller's restore point - Java(TM) 6 Update 31 12-02-2016 17:23:33 Removed Java(TM) 6 Update 31 12-02-2016 17:35:07 Revo Uninstaller's restore point - Corel Graphics - Windows Shell Extension 12-02-2016 18:39:02 Revo Uninstaller's restore point - JavaFX 2.1.1 12-02-2016 18:40:49 Removido JavaFX 2.1.1 12-02-2016 18:55:39 Revo Uninstaller's restore point - Spybot - Search & Destroy ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/15/2016 06:35:57 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Falha de ativação da licença do Windows. Erro 0x80070005. Error: (02/15/2016 06:08:42 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Falha de ativação da licença do Windows. Erro 0x80070005. Error: (02/15/2016 06:03:23 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Falha de ativação da licença do Windows. Erro 0x80070005. Error: (02/15/2016 05:58:36 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Falha de ativação da licença do Windows. Erro 0x80070005. Error: (02/15/2016 05:56:45 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Falha de ativação da licença do Windows. Erro 0x80070005. Error: (02/15/2016 02:05:11 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: O backup não foi concluído devido a um erro ao gravar no local de backup J:\. Erro: Não é possível encontrar a localização de cópia de segurança ou esta não é válida. Reveja as definições de cópia de segurança e verifique a localização de cópia de segurança. (0x81000006). Error: (02/15/2016 01:56:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: SkypeC2CAutoUpdateSvc.exe, versão: 8.0.0.9103, carimbo de hora: 0x568f9008 Nome do módulo de falhas: SafeGuard32.dll_unloaded, versão: 0.0.0.0, carimbo de hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento com falha: 0x6e7b42c3 Identificação do processo com falha: 0x7e8 Hora de início do aplicativo com falha: 0xSkypeC2CAutoUpdateSvc.exe0 Caminho do aplicativo com falha: SkypeC2CAutoUpdateSvc.exe1 FCaminho do módulo de falhas: SkypeC2CAutoUpdateSvc.exe2 Identificação do Relatório: SkypeC2CAutoUpdateSvc.exe3 Error: (02/15/2016 01:55:07 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Falha de ativação da licença do Windows. Erro 0x80070005. Error: (02/14/2016 02:11:03 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Falha de ativação da licença do Windows. Erro 0x80070005. Error: (02/14/2016 01:55:49 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Falha de ativação da licença do Windows. Erro 0x80070005. System errors: ============= Error: (02/15/2016 06:36:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço GoogleChromeUpService devido ao seguinte erro: %%2 Error: (02/15/2016 06:34:59 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Windows Search, mas essa ação falhou com o seguinte erro: %%1056 Error: (02/15/2016 06:34:31 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: A chamada ScRegSetValueExW falhou para DeleteFlag com o seguinte erro: %%5 Error: (02/15/2016 06:34:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Error: (02/15/2016 06:34:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Xbox Live Network Manager Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/15/2016 06:34:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Windows Live ID Sign-in Assistant foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (02/15/2016 06:34:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço SkypeUpdateEx foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/15/2016 06:34:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço scpVista foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/15/2016 06:34:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço LightScribeService Direct Disc Labeling Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/15/2016 06:34:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço GoogleChromeUpSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es). CodeIntegrity: =================================== Date: 2014-12-01 19:41:48.667 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-01 18:42:04.340 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-01 17:53:34.435 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-01 14:17:09.295 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-01 14:10:06.797 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-01 14:01:17.157 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-01 13:54:00.360 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-01 12:58:13.818 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-01 12:19:05.320 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-01 11:39:05.897 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz Percentage of memory in use: 78% Total physical RAM: 2037.18 MB Available physical RAM: 429.79 MB Total Virtual: 4074.36 MB Available Virtual: 2042.04 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.79 GB) (Free:104.17 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 1549F232) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================