Resultado do exame Adicional Farbar Recovery Scan Tool (x64) VersÃ£o: 01-01-2017
Executado por cesar silva (03-01-2017 19:15:29)
Executando a partir de C:\Users\cesar silva\Desktop
Windows 8.1 Single Language (Update) (X64) (2015-07-29 04:08:38)
Modo da InicializaÃ§Ã£o: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1615625633-780187929-2241240901-500 - Administrator - Enabled) => C:\Users\Administrador
cesar silva (S-1-5-21-1615625633-780187929-2241240901-1001 - Administrator - Enabled) => C:\Users\cesar silva
Convidado (S-1-5-21-1615625633-780187929-2241240901-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1615625633-780187929-2241240901-1003 - Limited - Enabled)

==================== Central de SeguranÃ§a ========================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicaÃ§Ã£o "Oculto" podem ser adicionados Ã  fixlist para desocultÃ¡-los. Os programas adwares devem ser desinstalados manualmente.)

AVG (Version: 16.121.7858 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4664 - AVG Technologies) Hidden
AVG PC TuneUp (x32 Version: 16.53.1 - AVG Technologies) Hidden
AVG Zen (Version: 1.101.4 - AVG Technologies) Hidden
BitComet 1.44 (HKLM-x32\...\BitComet_x64) (Version: 1.44 - CometNetwork)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Hackman Suite (HKLM-x32\...\{30614D5F-58BB-4A76-8BC9-C763A815CFC4}) (Version: 9.20 - TechnoLogismiki)
Hotspot Shield 5.4.11 Embedded (x32 Version: 5.4.11.9772 - Buildbot) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3366 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0416-0000-0000000FF1CE}) (Version: 12.0.6334.5000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pt-BR)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0 - Mozilla)
Python 2.7 pygame-1.9.1 (HKLM-x32\...\{5D13804A-67B7-49DA-9B15-65B70A83B9C3}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 2.7.8 (HKLM-x32\...\{61121B12-88BD-4261-A6EE-AB32610A56DD}) (Version: 2.7.8150 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7156 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0234 - REALTEK Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.8.0 - Synaptics Incorporated)
UltraISO Premium V9.66 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VMware Player (Version: 6.0.0 - VMware, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
XnView 2.37 (HKLM-x32\...\XnView_is1) (Version: 2.37 - Gougelet Pierre-e)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

Task: {17A091CB-201D-42E5-9882-5D42F9321159} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {31358FD9-63BB-4F46-BF9D-B285E3533D84} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\Updater.exe
Task: {3DBE0B8E-2268-48DD-B35E-61C84D764210} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22] (Oracle Corporation)
Task: {7651F2E0-E521-4F71-B156-F723A7894C10} - System32\Tasks\Anvirlauncher => C:\Program Files (x86)\AnVir Task Manager Free\anvirlauncher.exe
Task: {7C8DBB15-3BB4-4A39-BC98-378D68CA506C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {A82A356B-FB60-4798-AE90-02B670BC24D4} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager Free\anvir.exe
Task: {ABEE0A53-76BA-49E9-B9B9-F6527A2E871F} - System32\Tasks\{62F45CB1-1991-4A5C-85EA-4558E0085217} => pcalua.exe -a "C:\Users\cesar silva\Desktop\ImmunityDebugger_1_83_setup.exe" -d "C:\Users\cesar silva\Desktop"

(Se uma entrada for incluÃ­da na fixlist, o arquivo da tarefa (.job) serÃ¡ movido. O arquivo que estÃ¡ sendo executado pela tarefa nÃ£o serÃ¡ movido.)


==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== MÃ³dulos Carregados (Whitelisted) ==============

2016-10-31 17:45 - 2016-10-31 17:45 - 00592384 _____ () C:\Users\cesar silva\AppData\Local\MEGAsync\ShellExtX64.dll
2015-07-29 15:08 - 2008-06-20 01:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-04-13 06:38 - 2016-04-13 06:38 - 00482304 _____ () C:\Users\cesar silva\AppData\Local\MEGAsync\libsodium.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluÃ­da na fixlist, somente o ADS serÃ¡ removido.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [151]
AlternateDataStreams: C:\Users\Todos os UsuÃ¡rios\TEMP:CB0AACC9 [151]

==================== Modo de SeguranÃ§a (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O valor "AlternateShell" serÃ¡ restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== AssociaÃ§Ã£o (Whitelisted) ===============

(Se uma entrada for incluÃ­da na fixlist, o Ã­tem no Registro serÃ¡ restaurado para o padrÃ£o ou removido.)


==================== Internet Explorer confiÃ¡vel/restrito ===============

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro.)


==================== Hosts ConteÃºdo: ==========================

(Se necessÃ¡rio, a diretiva Hosts: pode ser incluÃ­da na fixlist para redefinir o Hosts.)

2013-08-22 11:25 - 2014-06-11 15:22 - 00001054 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 anchorfree.net
127.0.0.1 rss2search.com
127.0.0.1 techbrowsing.com
127.0.0.1 box.anchorfree.net
127.0.0.1 www.mefeedia.com
127.0.0.3 www.anchorfree.net
127.0.0.2 www.mefeedia.com
127.0.0.1 anchorfree.us
127.0.0.1 a433.com
127.0.0.3 anchorfree.net
127.0.0.1 rpt.anchorfree.net
127.0.0.1 delivery.anchorfree.us/land.php
127.0.0.1 hsselite.com
127.0.0.1 www.hsselite.com

==================== Outras Ãreas ============================

(Atualmente nÃ£o hÃ¡ nenhuma correÃ§Ã£o automÃ¡tica para esta seÃ§Ã£o.)

HKU\S-1-5-21-1615625633-780187929-2241240901-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\OEM\wallpaperdefault.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows estÃ¡ habilitado.

==================== MSCONFIG/TASK MANAGER Ã­tens desabilitados ==

HKLM\...\StartupApproved\Run32: => "TrojanScanner"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AvgUi"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "vProt"
HKU\S-1-5-21-1615625633-780187929-2241240901-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1615625633-780187929-2241240901-1001\...\StartupApproved\Run: => "SandboxieControl"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{9A27565F-B848-4F65-86D4-7C19FD9F53AF}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{71678107-EB06-4FAC-88FD-1E0BBA4392C6}] => LPort=2869
FirewallRules: [{1FF6FDB5-D698-45C1-9EAA-99B1FF5E9438}] => LPort=1900
FirewallRules: [{AEE36186-DD9A-4A05-9252-1A96E7A8A76D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EEF0D7DA-B213-49CA-A4ED-1405E7392079}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1EAF474D-CBED-4082-AF06-78426BA8B43B}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{C68E1B76-B19B-4DEF-970B-E055406F2CAC}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{8D1721BF-E431-4AF4-9C10-8397C629564C}] => C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{C08E1E5E-45F1-4490-9F5A-1B799D525F82}] => C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{3678B293-9152-4463-A968-7F0DDCD2BA3E}C:\program files\bitcomet\bitcomet.exe] => C:\program files\bitcomet\bitcomet.exe
FirewallRules: [UDP Query User{A00CB52E-93E6-4AF0-AB91-AB23AA116EA7}C:\program files\bitcomet\bitcomet.exe] => C:\program files\bitcomet\bitcomet.exe
FirewallRules: [{9B1BF0F5-4403-42A0-B00F-B62B9C051364}] => C:\program files\bitcomet\bitcomet.exe
FirewallRules: [{9DEC0214-D140-47C1-AC90-7A7CDA3C72B5}] => C:\program files\bitcomet\bitcomet.exe

==================== Pontos de RestauraÃ§Ã£o =========================

17-12-2016 15:14:08 Revo Uninstaller's restore point - Revo Uninstaller Pro 3.1.7
24-12-2016 16:49:35 Ponto de VerificaÃ§Ã£o Agendado
01-01-2017 19:52:29 Ponto de VerificaÃ§Ã£o Agendado
03-01-2017 16:35:24 Revo Uninstaller's restore point - ESET NOD32 Antivirus

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/03/2017 07:13:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geraÃ§Ã£o de contexto de ativaÃ§Ã£o para "C:\Users\cesar silva\Downloads\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de polÃ­tica "", na linha .
Uma versÃ£o de componente exigida pelo aplicativo estÃ¡ em conflito com outra versÃ£o de componente jÃ¡ ativa.
Os componentes conflitantes sÃ£o:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


Erros de Sistema:
=============
Error: (01/03/2017 06:28:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NÃ£o foi possÃ­vel iniciar o serviÃ§o Baidu PC Faster Service 3.7.0.0 devido ao seguinte erro: 
O sistema nÃ£o pode encontrar o arquivo especificado.

Error: (01/03/2017 06:28:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NÃ£o foi possÃ­vel iniciar o serviÃ§o ESET Service devido ao seguinte erro: 
O sistema nÃ£o pode encontrar o arquivo especificado.

Error: (01/03/2017 06:27:48 PM) (Source: DCOM) (EventID: 10005) (User: CESAR)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviÃ§o ShellHWDetection com argumentos "NÃ£o DisponÃ­vel" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}


==================== InformaÃ§Ãµes da MemÃ³ria =========================== 

Processador: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentagem de memÃ³ria em uso: 24%
RAM fÃ­sica total: 3977.41 MB
RAM fÃ­sica disponÃ­vel: 2983.4 MB
Virtual Total: 4681.41 MB
Virtual disponÃ­vel: 3750.68 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:450.6 GB) (Free:388.51 GB) NTFS
Drive f: (CESAR) (Removable) (Total:14.44 GB) (Free:12.11 GB) FAT32

==================== MBR & Tabela de PartiÃ§Ãµes ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D2824ED6)

Partition: GPT.

========================================================
Disk: 1 (Size: 14.5 GB) (Disk ID: 27EB44F5)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C)

==================== Fim de Addition.txt ============================