Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 22-01-2017
Executado por Convidado (23-01-2017 12:13:15)
Executando a partir de C:\Users\Convidado\Desktop
Windows 7 Professional Service Pack 1 (X86) (2014-11-21 15:01:19)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-4217796398-667816934-1768120610-500 - Administrator - Disabled)
Convidado (S-1-5-21-4217796398-667816934-1768120610-501 - Administrator - Enabled) => C:\Users\Convidado
HomeGroupUser$ (S-1-5-21-4217796398-667816934-1768120610-1002 - Limited - Enabled)
Ludmilla (S-1-5-21-4217796398-667816934-1768120610-1000 - Limited - Enabled) => C:\Users\Ludmilla

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)


==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Advanced Calendar 2.0 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11061 - TopTools100) <==== ATENÇÃO
AliExpress version 1.1.0.5019 (HKLM\...\70652e10-a720-11e6-bfea-d33ec8ab8d4f_is1) (Version: 1.1.0.5019 - )
Assistente de Atualização do Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2215 - AVAST Software)
Baidu Antivirus (HKLM\...\Baidu Antivirus) (Version: 5.4.3.133394 - Baidu, Inc.)
Baidu Browser (HKLM\...\Spark) (Version: 43.23 Preview - Baidu Inc.)
Baidu PC Faster (HKLM\...\Baidu PC Faster 5.1.0.0) (Version: 5.1.3.126764 - Baidu, Inc.)
Booking.com version 1.3.0.5019 (HKLM\...\{958A475F-037D-401A-AC05-209725973E11}_is1) (Version: 1.3.0.5019 - Booking.com) <==== ATENÇÃO
ByteFence Anti-Malware (HKLM\...\ByteFence) (Version: 2.8.1.0 - Byte Technologies LLC) <==== ATENÇÃO
Estudo de aprimoramento de produto para HP Deskjet 2540 series (HKLM\...\{1FBCC5F5-F0C1-4F0E-A9E0-434D13A0D10C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
FlashPeak Slimjet (HKLM\...\Slimjet) (Version: 6.0.7.0 - FlashPeak Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 2540 series Ajuda (HKLM\...\{70B5D5B2-8014-4C22-9963-361B1F07B81A}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 2540 series Software básico do dispositivo (HKLM\...\{831C1695-CF1D-4379-B432-89139C7159FB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticCoreDll (HKLM\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.474.2 - McAfee, Inc.)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Movavi Screen Capture Studio 8 (HKLM\...\Movavi Screen Capture Studio 8) (Version: 8.0.2 - Movavi)
Norton Security Scan (HKLM\...\NSS) (Version: 4.6.1.80 - Symantec Corporation)
Pokémon Trading Card Game Online (HKLM\...\{5870AC16-3EDA-42FE-8EAF-BA3EFB5CA161}) (Version: 2.40.0 - The Pokémon Company International)
ROBLOX Player for Convidado (HKU\S-1-5-21-4217796398-667816934-1768120610-501\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for Convidado (HKU\S-1-5-21-4217796398-667816934-1768120610-501\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Run_Dregol (HKLM\...\Run_Dregol) (Version:  - Run_Dregol) <==== ATENÇÃO
Safer Update Helper (Version: 1.3.193.9 - Safer Technologies LLC) Hidden
Secure Browser (HKLM\...\Secure Browser) (Version: 55.1.2883.373 - Safer Technologies)
Show do Milhao 3 (HKLM\...\Show do Milhao 3) (Version:  - )
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 5.30 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Yahoo Search Set (HKLM\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

HKU\S-1-5-21-4217796398-667816934-1768120610-501\...\ChromeHTML: -> c:\program files\google\chrome\application\chrome.exe (Google Inc.) <==== ATENÇÃO
CustomCLSID: HKU\S-1-5-21-4217796398-667816934-1768120610-501_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Convidado\AppData\Local\Roblox\Versions\version-26a546068c9d4f7a\RobloxProxy.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-4217796398-667816934-1768120610-501_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Convidado\AppData\Local\Roblox\Versions\version-26a546068c9d4f7a\RobloxProxy64.dll (ROBLOX Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {046F2826-D766-4E9E-B1B2-A9AB9773A4C9} - System32\Tasks\{109222ED-876E-413f-9CD5-F279C143FF6A} => C:\Users\Convidado\AppData\Roaming\PC App Store\Plan.exe [2015-01-12] ()
Task: {04C4CE9C-3436-49AE-B5D8-5181174CBF85} - System32\Tasks\Opera scheduled suite Autoupdate 1482516617 => C:\Users\Convidado\AppData\Local\Programs\Opera\launcher.exe
Task: {19F710EE-D4CB-46FB-A34F-44325A8DE5C3} - System32\Tasks\SaferUpdateTaskMachineUA => C:\Program Files\Safer Technologies\Update\SaferUpdate.exe [2017-01-22] (Safer Technologies LLC) <==== ATENÇÃO
Task: {39A1F439-971B-4A49-A962-65F054AB0535} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {43B53A41-96A1-4EE2-A764-2F95C001B8F1} - System32\Tasks\SaferUpdateTaskMachineCore => C:\Program Files\Safer Technologies\Update\SaferUpdate.exe [2017-01-22] (Safer Technologies LLC) <==== ATENÇÃO
Task: {5A7D0095-BE1D-4330-8C8C-90908B4B9925} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {639743FB-4AF9-4A73-B84E-8F6958C0B281} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-09] (Adobe Systems Incorporated)
Task: {6B5D8158-24FF-4709-975B-F8386E069766} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {836A2294-82CF-4D1E-B705-CD484CD267A2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-11-26] (Avast Software s.r.o.)
Task: {87818013-B45F-4D20-B6E2-BCA8AD2557B2} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js"
Task: {8EF53210-BC92-41DA-AD47-59C2BF450618} - System32\Tasks\Baidu PC Faster Update => C:\Program Files\PC Faster\5.1.0.0\Updater.exe [2015-05-07] (Baidu, Inc.)
Task: {95F7CEDC-8B4B-43D0-8959-40195AA8928B} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {9A2EA9A4-C3CE-481F-86FD-CBE65C447FA5} - System32\Tasks\Norton Product Installer => C:\Windows\System32\Adobe\Shockwave 12\SymInstallStub.exe [2016-12-25] (Symantec Corporation)
Task: {B10FE293-413A-41D6-8C47-2D0924D4C236} - System32\Tasks\{961221B0-1651-45D3-A4CE-01899C8D1631} => pcalua.exe -a C:\Users\Ludmilla\Downloads\wlsetup-web.exe -d C:\Users\Ludmilla\Downloads
Task: {C5FB0B77-30B5-4F8F-84A1-ECCE71A88300} - System32\Tasks\Baidu Antivirus Update => C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavUpdater.exe [2006-11-01] (Baidu, Inc.)
Task: {D04BEC06-4C9F-4870-9B11-94B0C80A509E} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\System32\Adobe\Shockwave 12\SymInstallStub.exe [2016-12-25] (Symantec Corporation)
Task: {D37CEC0E-50A3-4DEA-84A3-D66C00EDC2F5} - System32\Tasks\Opera scheduled Autoupdate 1482516486 => C:\Users\Convidado\AppData\Local\Programs\Opera\launcher.exe
Task: {D616B0B4-3546-4657-A01E-696DDC8988DF} - System32\Tasks\Dregol limo => "C:\ProgramData\{A76A4FA9-F7E8-9E2F-466E-EEAD96EC3D23}\1.9.3.1\fiber.js" [Argument = "433a2f50726f6772616d446174612f7b41373641344641392d463745382d394532462d343636452d4545414439364543334432337d2f312e392e332e312f6c696d6f2e646c6c" "687474703a2f2f73616f2e7265716472652e636f6d2f" "--IsErIk"] <==== ATENÇÃO
Task: {DA4A2900-6BDE-41FD-B9F7-FEA86CE74774} - System32\Tasks\SparkUpdater => C:\Program Files\baidu\Baidu Browser43.23.1000.467.1\SparkUpdate.exe [2016-01-15] (Baidu.com, Inc.)
Task: {DEBFBB11-7790-4396-82BC-1D986299F4E6} - System32\Tasks\Baidu PC Faster Service => C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe [2015-05-07] (Baidu, Inc.)
Task: {FB70E28A-26FD-41A3-93A9-9C859CCB0A47} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-11-23] (AVAST Software)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Norton Product Installer.job => C:\Windows\System32\Adobe\Shockwave 12\SymInstallStub.exe
Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\Windows\System32\Adobe\Shockwave 12\SymInstallStub.exe
Task: C:\Windows\Tasks\SaferUpdateTaskMachineCore.job => C:\Program Files\Safer Technologies\Update\SaferUpdate.exe <==== ATENÇÃO
Task: C:\Windows\Tasks\SaferUpdateTaskMachineUA.job => C:\Program Files\Safer Technologies\Update\SaferUpdate.exe <==== ATENÇÃO

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Módulos Carregados (Whitelisted) ==============

2006-11-01 00:11 - 2006-11-01 00:11 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2006-11-01 00:11 - 2006-11-01 00:11 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2006-11-01 00:02 - 2006-11-01 00:02 - 03134984 _____ () C:\Program Files\AVAST Software\Avast\defs\16112501\algo.dll
2006-11-01 00:04 - 2006-11-01 00:04 - 00297968 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\HipsLogger.dll
2006-11-01 00:04 - 2015-05-15 00:09 - 00198128 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\dark.dll
2006-11-01 00:04 - 2006-11-01 00:04 - 00540656 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\sqlite.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-11-23 05:39 - 2015-11-23 05:39 - 00139400 _____ () C:\Program Files\CalendarTool\2.0.0.11061\CalendarEntry.dll
2006-11-01 00:04 - 2006-11-01 00:04 - 00370672 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BNetOp.dll
2015-11-23 05:41 - 2015-11-23 05:41 - 00151688 _____ () C:\Program Files\CalendarTool\2.0.0.11061\CalendarServ.exe
2015-11-23 05:39 - 2015-11-23 05:39 - 02252424 _____ () C:\Program Files\CalendarTool\2.0.0.11061\Calendar.exe
2006-11-01 00:28 - 2006-11-01 00:28 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2006-11-01 00:04 - 2006-11-01 00:04 - 00277488 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\Pulgin_Dark_DeleteFileTip.dll
2016-11-23 15:22 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-11-23 15:22 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
2015-03-31 03:22 - 2015-03-31 03:22 - 00595824 _____ () C:\Program Files\PC Faster\5.1.0.0\sqlite.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"="0"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"="0"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:04 - 2016-12-23 20:04 - 00000851 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-4217796398-667816934-1768120610-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 187.64.0.122 - 187.64.0.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E128756E-E0E2-4BD1-A864-F29DF6174F1B}] => C:\Program Files\baidu\Spark\Spark.exe
FirewallRules: [{F8A83195-D82C-487C-B5E6-CB8EE544702F}] => C:\Program Files\baidu\Spark\Spark.exe
FirewallRules: [{BD0C788C-EA95-482E-90D4-43ECA5135C68}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C41949A7-5784-4353-9B5F-F3949BEB861B}] => C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{EEF5B510-D95F-4F9B-B7D9-2D245578631D}] => LPort=5357
FirewallRules: [{6A6BEC94-212B-41F1-9AE1-F41C64728328}] => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{D6A58FB3-AD6F-4877-8A23-1B2A1625EA9E}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{986C24B2-B5AA-4BBC-B7A9-C9C120FCAAB2}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{ECEA11B5-2880-4164-8372-1765BB8CC6EA}C:\program files\google\chrome\application\chrome.exe] => C:\program files\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{FBB939DE-A3A7-4336-BA10-B96077013720}C:\program files\google\chrome\application\chrome.exe] => C:\program files\google\chrome\application\chrome.exe
FirewallRules: [{8CBCEC68-5699-4E9B-9E71-083B854A666B}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{28981BE3-3EE1-478E-B0DC-FBB1D5F719B4}] => C:\Program Files\Skype\Phone\Skype.exe

==================== Pontos de Restauração =========================

Não foi possível listar os pontos de restauração
Cheque o serviço "winmgmt" ou repare o WMI.


==================== Dispositivos Apresentando Falhas No Gerenciador =============

Não foi possível listar os Dispositivos. Cheque o serviço "winmgmt" ou repare o WMI.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================

Erros de Sistema:
=============

==================== Informações da Memória =========================== 

Processador: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz
Percentagem de memória em uso: 53%
RAM física total: 1917.17 MB
RAM física disponível: 887.79 MB
Virtual Total: 3834.34 MB
Virtual disponível: 1911.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.78 GB) (Free:59.06 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 1A8B1A8A)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================