Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 31-12-2017
Executado por rayco (31-12-2017 16:06:42)
Executando a partir de C:\Users\rayco\Downloads
Windows 10 Home Single Language Versão 1709 16299.125 (X64) (2017-12-27 19:31:53)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1931546631-921450588-1925113609-500 - Administrator - Disabled)
Convidado (S-1-5-21-1931546631-921450588-1925113609-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1931546631-921450588-1925113609-503 - Limited - Disabled)
rayco (S-1-5-21-1931546631-921450588-1925113609-1006 - Administrator - Enabled) => C:\Users\rayco
WDAGUtilityAccount (S-1-5-21-1931546631-921450588-1925113609-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2018 (HKLM-x32\...\DRWV_18_0) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (32-bit) (HKLM-x32\...\IDSN_12_0_0_32) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Muse CC 2018 (HKLM-x32\...\MUSE_2018_0) (Version: 2018.0.0.685 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_1) (Version: 11.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AVG (HKLM\...\{E61E6143-4937-43FC-8C12-06B8A987484D}) (Version: 1.211.3 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies)
Backup and Sync from Google (HKLM-x32\...\{908DB568-E5FA-40C7-A2AA-AB340190858B}) (Version: 3.38.7642.3857 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
Estúdio Conversor de Vídeo Apowersoft V4.4.8 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.4.8 - APOWERSOFT LIMITED)
FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.108 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel(R) PRO/Wireless Driver (HKLM\...\{8736f7db-10ee-4722-b588-3a7296eafc38}) (Version: 18.40.0000.4099 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{E2FEF167-A654-48D5-BA41-0C3B5B91FE4E}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{3D45BD48-F215-4C69-B23F-256C83D1D7F0}) (Version: 1.0.0.534 - Intel Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.4266.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mouse Server versão 1.7.7.4 (HKLM-x32\...\{7AFAA880-BB05-4E38-9279-C53EECE1B7BE}_is1) (Version: 1.7.7.4 - Necta Inc.)
Mozilla Firefox 57.0.3 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0.3 (x64 pt-BR)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Popcorn-Time (HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10240.21284 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7695 - Realtek Semiconductor Corp.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Software Intel® PROSet/Wireless (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation)
Spotify (HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Stremio (HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\Stremio) (Version: 4.0.2 - Smart Code Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1931546631-921450588-1925113609-1006_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-02A0BA6768B3}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1931546631-921450588-1925113609-1006_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-12-25] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\igfxDTCM.dll [2017-12-07] (Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-12-25] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {5929AD57-0B31-4D61-AAD6-8FBB04956B0B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {A10BEADE-6D86-4B9F-ABD3-070E0477EB77} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {A1F197FE-FD47-4EDB-80A5-61CCCB0193E7} - System32\Tasks\S-1-5-21-1931546631-921450588-1925113609-1006\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {D8ED833B-38F7-49CA-B53C-719812EEABCE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


Shortcut: C:\Users\rayco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stremio\Stremio web.lnk -> C:\Users\rayco\AppData\Local\Programs\LNV\Stremio-4\stremio web.bat ()

==================== Módulos Carregados (Whitelisted) ==============

2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-27 17:49 - 2015-08-16 00:21 - 000162880 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-02-15 13:10 - 2015-07-16 20:28 - 000019432 _____ () C:\Windows\System32\ServiceRegisterProduct.exe
2017-12-27 19:15 - 2017-12-27 19:15 - 000003584 _____ () C:\WINDOWS\SECOH-QAD.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-12-27 17:51 - 2017-12-27 17:51 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-27 17:51 - 2017-12-27 17:51 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-06 00:08 - 2017-12-06 00:09 - 004698848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-13 16:04 - 2017-12-13 16:04 - 000086344 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2017-12-25 01:05 - 2017-12-25 01:05 - 000069104 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\dll_loader.dll
2017-12-25 01:05 - 2017-12-25 01:05 - 000069040 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\module_lifetime.dll
2017-12-24 23:17 - 2017-12-14 00:49 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\libglesv2.dll
2017-12-24 23:17 - 2017-12-14 00:49 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\libegl.dll
2017-12-25 01:05 - 2017-12-25 01:05 - 000207272 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-12-25 01:05 - 2017-12-25 01:05 - 000059136 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll
2017-12-25 01:05 - 2017-12-25 01:05 - 000058624 _____ () C:\Program Files (x86)\AVG\Antivirus\dll_loader.dll
2017-12-25 01:05 - 2017-12-25 01:05 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-12-25 01:05 - 2017-12-25 01:05 - 000290392 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2016-01-07 06:48 - 2016-01-07 06:48 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-12-25 00:54 - 2017-12-25 00:53 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2017-03-18 19:03 - 2017-12-14 19:08 - 000000895 _____ C:\WINDOWS\system32\Drivers\etc\hosts

5.149.252.98 www.gstatic.com
5.149.252.98 www.google-analytics.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1931546631-921450588-1925113609-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\rayco\Pictures\Tumblr\6062b5b1-cef8-4186-9c14-f8c362e4d0d4.png
DNS Servers: 201.46.240.50 - 201.46.240.43
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AvgUi"
HKLM\...\StartupApproved\Run: => "DeskmediaReaper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "CommonToolkitTray"
HKLM\...\StartupApproved\Run32: => "SWPROguard"
HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1931546631-921450588-1925113609-1006\...\StartupApproved\Run: => "MouseServer"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{9BC239EE-D95A-403B-BCFC-6EDFA7F9ACAD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5767F9CF-6E6F-42AB-B1D8-EB685E995476}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{13CE59AD-EAB9-4C1B-A731-ECAD0C4C5479}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [UDP Query User{5CA5A601-626F-4249-912C-948D64990FEA}C:\users\rayco\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\rayco\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [TCP Query User{3A6E8D94-AF53-46B6-A4FF-1793D427C035}C:\users\rayco\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\rayco\appdata\local\popcorn-time\popcorn-time.exe
FirewallRules: [{D28756CA-3C56-4482-9E41-9989D36AE7B0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8B0CE833-2AF0-4948-9661-6FEC836485AA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{61BF410A-F362-447E-9873-FCEF3DAF35C0}C:\users\rayco\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\rayco\appdata\local\programs\lnv\stremio-4\node.exe
FirewallRules: [TCP Query User{3CE5F919-BDE7-417B-92EA-3021755E6594}C:\users\rayco\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\rayco\appdata\local\programs\lnv\stremio-4\node.exe
FirewallRules: [UDP Query User{BFB1EF7B-2B4D-45B5-A149-8678AF6DFF91}C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe
FirewallRules: [TCP Query User{54D89679-ED33-4F46-BC9D-8E462BF302A0}C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe
FirewallRules: [UDP Query User{C21987FD-069B-49D8-9FF0-6E87546BF80C}C:\users\rayco\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rayco\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DF5ED352-67AA-465B-9F14-A03A70C1192B}C:\users\rayco\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rayco\appdata\roaming\spotify\spotify.exe
FirewallRules: [{16B8FF9E-0516-4C01-AE02-42E84B57716C}] => (Allow) C:\Users\rayco\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2510326F-0AF1-4CA0-86DC-E9A42EA5C90D}] => (Allow) C:\Users\rayco\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{AFB4E1DD-A79F-499C-B91C-2E62830D17D3}C:\program files (x86)\mouse server\mouseserver.exe] => (Allow) C:\program files (x86)\mouse server\mouseserver.exe
FirewallRules: [UDP Query User{C9296959-6B32-4E45-BF76-563A09781325}C:\program files (x86)\mouse server\mouseserver.exe] => (Allow) C:\program files (x86)\mouse server\mouseserver.exe

==================== Pontos de Restauração =========================

27-12-2017 17:42:14 Installed DriverSetupUtility
31-12-2017 15:29:01 Installed Fighters.

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (12/31/2017 04:07:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-01-30T17:04:33Z. Código de Erro: 0x80070002.

Error: (12/31/2017 04:07:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-01-30T17:05:03Z. Código de Erro: 0x80070002.

Error: (12/31/2017 04:06:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-01-30T17:04:33Z. Código de Erro: 0x80070002.

Error: (12/31/2017 04:06:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-01-30T17:05:03Z. Código de Erro: 0x80070002.

Error: (12/31/2017 04:05:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-01-30T17:04:33Z. Código de Erro: 0x80070002.

Error: (12/31/2017 04:05:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-01-30T17:05:03Z. Código de Erro: 0x80070002.

Error: (12/31/2017 04:04:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-01-30T17:04:33Z. Código de Erro: 0x80070002.

Error: (12/31/2017 04:04:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-01-30T17:05:03Z. Código de Erro: 0x80070002.

Error: (12/31/2017 04:03:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-01-30T17:04:33Z. Código de Erro: 0x80070002.

Error: (12/31/2017 04:02:29 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-01-30T17:04:29Z. Código de Erro: 0x80070002.


Erros de Sistema:
=============
Error: (12/31/2017 04:02:00 PM) (Source: DCOM) (EventID: 10016) (User: RAY)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RAY\rayco SID (S-1-5-21-1931546631-921450588-1925113609-1006) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/31/2017 03:59:46 PM) (Source: DCOM) (EventID: 10016) (User: RAY)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RAY\rayco SID (S-1-5-21-1931546631-921450588-1925113609-1006) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/31/2017 03:55:45 PM) (Source: DCOM) (EventID: 10016) (User: RAY)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RAY\rayco SID (S-1-5-21-1931546631-921450588-1925113609-1006) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/31/2017 03:53:05 PM) (Source: DCOM) (EventID: 10016) (User: RAY)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RAY\rayco SID (S-1-5-21-1931546631-921450588-1925113609-1006) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/31/2017 03:50:11 PM) (Source: DCOM) (EventID: 10016) (User: RAY)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RAY\rayco SID (S-1-5-21-1931546631-921450588-1925113609-1006) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/31/2017 03:21:42 PM) (Source: DCOM) (EventID: 10016) (User: RAY)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RAY\rayco SID (S-1-5-21-1931546631-921450588-1925113609-1006) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/31/2017 03:08:31 PM) (Source: DCOM) (EventID: 10016) (User: RAY)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RAY\rayco SID (S-1-5-21-1931546631-921450588-1925113609-1006) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/31/2017 03:06:03 PM) (Source: DCOM) (EventID: 10016) (User: RAY)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RAY\rayco SID (S-1-5-21-1931546631-921450588-1925113609-1006) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/31/2017 03:05:11 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/31/2017 03:05:11 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.


CodeIntegrity:
===================================
Date: 2017-12-31 15:04:43.903
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-30 17:20:02.572
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-30 13:57:45.161
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-30 12:15:55.202
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-30 02:39:17.411
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-29 00:18:26.273
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-28 16:58:52.227
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-27 23:42:50.812
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-27 18:19:29.397
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-27 17:44:58.550
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentagem de memória em uso: 59%
RAM física total: 3982 MB
RAM física disponível: 1599.3 MB
Virtual Total: 5326 MB
Virtual disponível: 2814.73 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.57 GB) (Free:771.77 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D2A056BB)

Partition: GPT.

==================== Fim de Addition.txt ============================