Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-06-2017 01
Ran by Cesar Paz (26-06-2017 06:38:50)
Running from C:\Users\Cesar Paz\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2012-06-02 11:54:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1274321523-2965059084-3771562600-500 - Administrator - Enabled) => C:\Users\Administrador
Cesar Paz (S-1-5-21-1274321523-2965059084-3771562600-1000 - Administrator - Enabled) => C:\Users\Cesar Paz
Convidado (S-1-5-21-1274321523-2965059084-3771562600-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Advanced Email Extractor PRO (HKLM\...\Advanced Email Extractor PRO) (Version:  - )
Alerta de HDD/SSD TOSHIBA (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.0 - TOSHIBA Corporation)
Alerta de HDD/SSD TOSHIBA (Version: 3.1.0.0 - TOSHIBA Corporation) Hidden
Assistente de Início de Sessão do Windows Live (HKLM\...\{28DA1AA2-07F2-4451-A28B-A6A01A9CE8E9}) (Version: 5.000.818.5 - Microsoft Corporation)
ATI Catalyst Install Manager (HKLM\...\{1BF4A82E-9F0F-1A2E-707D-57AD6A3A9310}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.731-100427a-099914C-Lenovo - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software)
banda larga tmn (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version:  - )
ccc-core-static (Version: 2010.0427.2150.37350 - Nome de sua empresa:) Hidden
Chessmaster Grandmaster Edition (HKLM\...\InstallShield_{27614800-84A9-484E-9CCB-43ED2F1205F5}) (Version: 1.00.0000 - Ubisoft)
Chessmaster Grandmaster Edition (Version: 1.00.0000 - Ubisoft) Hidden
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
Default (Version: 1.0.0.2 - Default Company Name) Hidden
Ferramenta de Carregamento do Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Galeria de Fotografias do Windows Live (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
GSM 1.1.4.2 (HKLM\...\GuitarScalesMethod_is1) (Version:  - GuitarScalesMethod.com)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 14 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Media Player Classic - Home Cinema 1.6.1.4235 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.1.4235 - MPC-HC Team)
Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{D7A1C3CB-1F27-4EAA-98DF-D266CA6B67D3}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 55.0 (x86 en-US) (HKLM\...\Mozilla Firefox 55.0 (x86 en-US)) (Version: 55.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.0.6382 - Mozilla)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Pacote de controladores do Windows - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF-XChange 2012 Pro (HKLM\...\{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1) (Version: 5.0.273.2 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM\...\{2eef0fe2-cc4a-47d6-959c-de2d5c2cc40b}) (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.85.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.)
Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
Registro do usuário Canon MP495 series (HKLM\...\Registro do usuário Canon MP495 series) (Version:  - )
Skype™ 7.34 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.)
SyncBackFree (HKLM\...\SyncBackFree_is1) (Version: 7.6.45.0 - 2BrightSparks)
TablEdit 2.74 (HKLM\...\TablEdit Demo_is1) (Version:  - TablEdit)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.11 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM\...\InstallShield_{342126B2-10D5-409E-884B-245347A497E1}) (Version: 1.0.04.32 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.23 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.0.07-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.1.10.0 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - Toshiba)
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.1.1.32 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)
Toshiba Manuals (HKLM\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA)
Toshiba Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.08.0001 - TOSHIBA)
TOSHIBA Palavra-passe do supervisor (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.4.1.0 - TOSHIBA Corporation)
Toshiba Photo Service - powered by myphotobook (HKLM\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.0.0-663 - myphotobook GmbH)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM\...\InstallShield_{42451051-52B5-4D74-920A-BB49861D7253}) (Version: 1.0.04.32 - TOSHIBA Corporation)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.8 - TOSHIBA)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.33 - TOSHIBA)
Toshiba TEMPRO (HKLM\...\{9E4FF410-471F-49E3-9358-74FF0D5E9901}) (Version: 3.05 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.25 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
TRORMCLauncher (HKLM\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.7 - TOSHIBA)
TRORMCLauncher (Version: 1.0.0.7 - TOSHIBA) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Utility Common Driver (Version: 1.0.50.27C - TOSHIBA) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{34795BBE-39E4-41B6-997A-B88FD7306562}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-22 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinPcap 4.0 (HKLM\...\WinPcapInst) (Version: 4.0.0.755 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1CA4C61B-1B51-45B5-9627-61062AC29653} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-09-03] (TOSHIBA CORPORATION)
Task: {24A4824B-5E56-4E0E-9E6C-B34855A7530F} - System32\Tasks\{51E122BD-C800-4CC0-BB07-FEE90F1AEE3A} => pcalua.exe -a G:\setup.exe -d G:\
Task: {50EFD6A9-BE50-4F01-A5F9-BFA3533A50CE} - System32\Tasks\{9EC76A26-4CDC-4DBD-B157-6BA45AA0CE68} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/pp/abandoninstall?page=tsProgressBar
Task: {62BAA584-212D-48B0-8358-B93031FC2B50} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {632628D1-F1B1-4810-8D83-1430B8779643} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-01] (Adobe Systems Incorporated)
Task: {72ED89E8-AC62-4D2A-BC1B-A03A3A7E2382} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-18] (Avast Software s.r.o.)
Task: {94FD6F49-6F8B-43F7-BD2B-AAFE06263E4B} - System32\Tasks\{C953AA55-0E34-49B9-A990-26FB1E4B2051} => pcalua.exe -a "C:\Program Files\Sytexis Software\Web Stream Recorder Pro\winpcap.exe" -d "C:\Program Files\Sytexis Software\Web Stream Recorder Pro"
Task: {9F7ADACF-8A10-45AA-B6F8-03AE91E77483} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {B9F026D1-8F36-43F1-BBAF-88107B388AF3} - System32\Tasks\{6FAE1BB3-3A1C-48B9-BC00-1F233022C348} => Firefox.exe hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.34.0.103&LastError=12040
Task: {BF14894B-55CC-4835-81CD-956DABD87AF5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-14] (AVAST Software)
Task: {C3DC866B-A6E6-4D89-A4FC-31EBA5D5A171} - System32\Tasks\{CD14B12B-F70E-455F-8F1D-54A301CDDF2B} => pcalua.exe -a "C:\Users\Cesar Paz\Downloads\worldunlock codes calculator setup.exe" -d "C:\Users\Cesar Paz\Downloads"
Task: {D9FAC439-B7CA-4DE0-9F10-0D43C01BDA11} - System32\Tasks\{0805AA97-4F9B-45CE-B56C-0BD7400C69F3} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}\setup.exe" -c -runfromtemp -l0x0816 -removeonly
Task: {E2584CDD-1A49-4009-8D22-81E191B3885C} - System32\Tasks\{F60EE069-E632-48D6-9CD9-3399FE8E795B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.5.0.158/pp/abandoninstall?source=lightinstaller&page=tsBing
Task: {F8EE0A43-435F-4139-8DBA-BB5219AA5765} - System32\Tasks\shut down => c:\Windows\System32\shutdown.exe [2009-07-14] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-06-25 15:42 - 2017-06-25 15:42 - 05779744 _____ () C:\Program Files\AVAST Software\Avast\defs\17062502\algo.dll
2012-07-24 09:27 - 2012-03-11 14:55 - 00088656 _____ () C:\Windows\System32\cpwmon2k.dll
2009-08-26 17:55 - 2009-08-26 17:55 - 00520192 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00270672 _____ () C:\Program Files\banda larga tmn\AssistantServices.exe
2014-03-28 10:35 - 2014-03-28 10:35 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-07-16 15:27 - 2009-07-16 15:27 - 07263544 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-07-16 15:27 - 2009-07-16 15:27 - 00052536 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2009-09-16 12:03 - 2009-06-22 15:38 - 00015160 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 19:08 - 2009-03-12 19:08 - 00049152 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-10-07 12:57 - 2006-10-07 12:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2009-07-29 15:35 - 2009-07-29 15:35 - 00014648 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00153424 _____ () C:\Program Files\banda larga tmn\UIExec.exe
2015-03-14 08:34 - 2015-03-14 08:34 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-05-15 16:01 - 2009-05-15 16:01 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-12-28 11:42 - 2014-12-28 11:42 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 01528656 _____ () C:\Program Files\banda larga tmn\UIMain.exe
2013-04-15 06:59 - 2011-12-15 20:57 - 00251216 _____ () C:\Program Files\banda larga tmn\UICommonDlg.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00386896 _____ () C:\Program Files\banda larga tmn\UISkin.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00090448 _____ () C:\Program Files\banda larga tmn\Component\SysService.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00145232 _____ () C:\Program Files\banda larga tmn\Component\BIService.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00266064 _____ () C:\Program Files\banda larga tmn\Component\BISetting.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00125776 _____ () C:\Program Files\banda larga tmn\Component\BILog.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00144720 _____ () C:\Program Files\banda larga tmn\Component\BIDevManager.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00284496 _____ () C:\Program Files\banda larga tmn\Component\BIDataBase.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00124752 _____ () C:\Program Files\banda larga tmn\Component\BIConnectRecord.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00089936 _____ () C:\Program Files\banda larga tmn\Component\BICallRecord.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00097104 _____ () C:\Program Files\banda larga tmn\Component\BIVoice.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00185168 _____ () C:\Program Files\banda larga tmn\Component\BICodec.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00155472 _____ () C:\Program Files\banda larga tmn\Component\BIRas.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00225616 _____ () C:\Program Files\banda larga tmn\Component\BISms.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00104784 _____ () C:\Program Files\banda larga tmn\Component\BIStk.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00096080 _____ () C:\Program Files\banda larga tmn\Component\BIUssd.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00236368 _____ () C:\Program Files\banda larga tmn\Component\BIConfig.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00177488 _____ () C:\Program Files\banda larga tmn\Component\BIXml.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00175440 _____ () C:\Program Files\banda larga tmn\Component\BIPhoneBook.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00245072 _____ () C:\Program Files\banda larga tmn\Component\BKService.dll
2013-04-15 06:58 - 2011-12-15 20:57 - 00157008 _____ () C:\Program Files\banda larga tmn\Component\BIOptimizationClient.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00744784 _____ () C:\Program Files\banda larga tmn\UIPlugIn\UISms.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00610128 _____ () C:\Program Files\banda larga tmn\UIPlugIn\UIConnectRecord.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 01503056 _____ () C:\Program Files\banda larga tmn\UIPlugIn\UISetting.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00685904 _____ () C:\Program Files\banda larga tmn\UIPlugIn\UIPhoneBook.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00312656 _____ () C:\Program Files\banda larga tmn\UIPlugIn\UIStk.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00324432 _____ () C:\Program Files\banda larga tmn\UIPlugIn\UIUssd.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00567632 _____ () C:\Program Files\banda larga tmn\UIPlugIn\UIMms.dll
2013-04-15 06:59 - 2011-12-15 20:57 - 00729424 _____ () C:\Program Files\banda larga tmn\CMUpdater.exe
2013-04-15 06:59 - 2011-07-30 15:38 - 00617808 _____ () C:\Program Files\banda larga tmn\UpdateAgent.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\...\123simsen.com -> www.123simsen.com

There are 7775 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2016-05-11 08:01 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1274321523-2965059084-3771562600-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cesar Paz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 88.214.178.1 - 88.214.182.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Utilitário de Configuração de Rede Sem Fios TP-LINK.lnk => C:\Windows\pss\Utilitário de Configuração de Rede Sem Fios TP-LINK.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Cesar Paz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de tela e Iniciador do OneNote 2007.lnk => C:\Windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: HWSetup => "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
MSCONFIG\startupreg: KeNotify => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: TOSHIBA Online Product Information => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
MSCONFIG\startupreg: Toshiba TEMPRO => C:\Program Files\Toshiba TEMPRO\TemproTray.exe
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D8ECDEA6-4EE2-4135-86E2-E24A5A988F50}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{BD42B4DC-1C1F-4A26-967F-2F87D43D85D5}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8FA75B39-D17B-464D-AF27-484E8D8665B6}] => (Allow) svchost.exe
FirewallRules: [{4C957BFB-7BDA-4417-A9E1-D005FCCBA878}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{4366C62C-A2C5-4CF2-B297-A71055103290}] => (Allow) C:\Program Files\FileZilla FTP Client\filezilla.exe
FirewallRules: [{D1DA991B-7E2F-478E-9AAE-99E1F3C9956C}] => (Allow) C:\Program Files\FileZilla FTP Client\filezilla.exe
FirewallRules: [{DCF9BAA3-C765-449B-8F72-3D731EB900A0}] => (Allow) C:\Program Files\FileZilla FTP Client\filezilla.exe
FirewallRules: [{CDB8B159-F973-4212-8406-825442947E5D}] => (Allow) C:\Program Files\FileZilla FTP Client\filezilla.exe
FirewallRules: [{97B90D79-4FD8-4964-94AC-34F6CEE87890}] => (Allow) LPort=48113
FirewallRules: [{18032AD1-90AF-466F-957F-5F0CCDE4D70A}] => (Allow) LPort=48114
FirewallRules: [{EA3F008A-F51F-4F87-93FF-946BF50301FA}] => (Allow) C:\Users\Cesar Paz\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CDA04271-BB31-4DA7-8E04-FC223E61F257}] => (Allow) C:\Users\Cesar Paz\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4B89729C-39E6-4271-BC75-4A6A7D1262F1}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D5A71BFE-7EA9-446C-9B15-EC38A76F3976}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6BFD5BDF-1F48-4987-AC6F-A70B3FE69E42}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1B335647-3055-4BA0-8DA8-E8334AB660C4}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BB22657D-C879-47D1-B39C-87EFA7CAAA2B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{E23E177C-C0D2-4113-A17E-293FECBBEAE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DC71D01D-F8B2-47BC-A3AE-8C295C1DD14A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8007E8D3-9314-4E2D-A0B1-BAEF95FD3534}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe

==================== Restore Points =========================

11-06-2017 23:33:43 Ponto de Verificação Agendado
19-06-2017 02:31:22 Ponto de Verificação Agendado

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2017 03:45:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: O descarregamento das cadeias do contador de desempenho do serviço WmiApRpl (WmiApRpl) falhou. A primeira DWORD na secção Data contém o código de erro.

Error: (06/25/2017 03:45:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: As cadeias de desempenho no valor de registo de desempenho estão danificadas para o fornecedor de contadores de extensão do processo Performance. O valor de BaseIndex do registo de desempenho é a primeira DWORD na secção Data, o valor de LastCounter é a segunda DWORD na secção Data e o valor LastHelp é a terceira DWORD na secção Data.

Error: (06/25/2017 03:45:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: As cadeias de desempenho no valor de registo de desempenho estão danificadas para o fornecedor de contadores de extensão do processo Performance. O valor de BaseIndex do registo de desempenho é a primeira DWORD na secção Data, o valor de LastCounter é a segunda DWORD na secção Data e o valor LastHelp é a terceira DWORD na secção Data.

Error: (06/16/2017 07:40:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: O descarregamento das cadeias do contador de desempenho do serviço WmiApRpl (WmiApRpl) falhou. A primeira DWORD na secção Data contém o código de erro.

Error: (06/16/2017 07:40:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: As cadeias de desempenho no valor de registo de desempenho estão danificadas para o fornecedor de contadores de extensão do processo Performance. O valor de BaseIndex do registo de desempenho é a primeira DWORD na secção Data, o valor de LastCounter é a segunda DWORD na secção Data e o valor LastHelp é a terceira DWORD na secção Data.

Error: (06/16/2017 07:40:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: As cadeias de desempenho no valor de registo de desempenho estão danificadas para o fornecedor de contadores de extensão do processo Performance. O valor de BaseIndex do registo de desempenho é a primeira DWORD na secção Data, o valor de LastCounter é a segunda DWORD na secção Data e o valor LastHelp é a terceira DWORD na secção Data.

Error: (06/15/2017 11:50:59 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={C30FC8D3-B371-48AD-A63E-D8D87BAABB8E}: O utilizador CesarPaz-TOSH\Cesar Paz marcou uma ligação denominada TMN que falhou. O código de erro devolvido ao falhar foi 0.

Error: (06/13/2017 01:17:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: UIMain.exe, versão: 1.0.0.1, carimbo de data/hora: 0x4ee9edc8
Nome do módulo com falha: msxml3.dll, versão: 8.110.7601.18923, carimbo de data/hora: 0x55a5cad4
Código de excepção: 0xc0000005
Desvio de falha: 0x00012aa0
ID do processo com falha: 0x744
Data/hora de início da aplicação com falha: 0x01d2e43ed7b2a13f
Caminho da aplicação com falha: C:\Program Files\banda larga tmn\UIMain.exe
Caminho do módulo com falha: C:\Windows\System32\msxml3.dll
ID do Relatório: 3331092e-5032-11e7-b7ee-701a04072bec

Error: (06/09/2017 05:08:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: O descarregamento das cadeias do contador de desempenho do serviço WmiApRpl (WmiApRpl) falhou. A primeira DWORD na secção Data contém o código de erro.

Error: (06/09/2017 05:08:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: As cadeias de desempenho no valor de registo de desempenho estão danificadas para o fornecedor de contadores de extensão do processo Performance. O valor de BaseIndex do registo de desempenho é a primeira DWORD na secção Data, o valor de LastCounter é a segunda DWORD na secção Data e o valor LastHelp é a terceira DWORD na secção Data.


System errors:
=============
Error: (06/25/2017 02:17:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O anterior encerramento do sistema, ‎25-‎06-‎2017 às 09:02:21, foi inesperado.

Error: (06/22/2017 09:52:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Foi atingido o tempo limite (30000 milissegundos) ao aguardar pela ligação do serviço Notebook Performance Tuning Service (TEMPRO).

Error: (06/22/2017 02:07:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço UI Assistant Service falhou o arranque devido ao seguinte erro: 
O serviço não respondeu ao pedido de início ou controlo atempadamente.

Error: (06/22/2017 02:07:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Foi atingido o tempo limite (30000 milissegundos) ao aguardar pela ligação do serviço UI Assistant Service.

Error: (06/22/2017 10:36:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço ConfigFree Service terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (06/22/2017 10:36:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço ConfigFree WiMAX Service terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (06/22/2017 10:36:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço TOSHIBA eco Utility Service terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (06/22/2017 10:36:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço TOSHIBA Power Saver terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (06/22/2017 10:36:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço TOSHIBA Optical Disc Drive Service terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (06/22/2017 10:36:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Notebook Performance Tuning Service (TEMPRO) terminou inesperadamente. Isto aconteceu 1 vez(es).


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 40%
Total physical RAM: 2042.88 MB
Available physical RAM: 1211.84 MB
Total Virtual: 4090.88 MB
Available Virtual: 3099.32 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:116.21 GB) (Free:82.54 GB) NTFS
Drive d: (Data) (Fixed) (Total:116.28 GB) (Free:61.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 7DF17048)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=116.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=116.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================