Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 04-03-2017
Executado por Sidnei (05-03-2017 06:02:00)
Executando a partir de C:\Users\Sidnei\Desktop
Windows 8 Single Language (X64) (2015-08-01 20:09:54)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1512336316-742535504-579669538-500 - Administrator - Disabled) => C:\Users\Administrator
Convidado (S-1-5-21-1512336316-742535504-579669538-501 - Limited - Disabled) => C:\Users\Convidado
HomeGroupUser$ (S-1-5-21-1512336316-742535504-579669538-1010 - Limited - Enabled)
Sidnei (S-1-5-21-1512336316-742535504-579669538-1001 - Administrator - Enabled) => C:\Users\Sidnei
VISITANTE (S-1-5-21-1512336316-742535504-579669538-1006 - Limited - Enabled) => C:\Users\VISITANTE

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dream Chronicles (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Heartwild Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{14FE2E94-DC3D-4F7C-BB41-EB7E672B3E8B}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{CAF5FFBA-8F3B-409C-9126-74DF66A036DF}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2017) (Version: 1.0 - Receita Federal do Brasil)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
JoJo's Fashion Show (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero 2016 (HKLM-x32\...\{381DEEC4-636E-4494-99B5-7891DD3AE1CC}) (Version: 17.0.04000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2003 - Nero AG)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Westward (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0C0DF450-B5E8-4F46-A038-FB664C279939} - System32\Tasks\{89E5DA2D-407B-45BF-BA5A-A65FA884C378} => Chrome.exe hxxps://ui.skype.com/ui/0/7.32.0.104/pt/abandoninstall?page=tsProgressBar
Task: {32BA22C4-13A2-487C-BF5E-5EF2CEE32B91} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {3828389E-E102-4C64-8D6B-E8CAD1D1B4D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {4C83925E-99B8-418E-B6F1-10E4536E59A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {79650F59-41B2-48C5-9615-C8D71931E04A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {9C0C9B98-5DCA-4A72-A357-938D9A305985} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {A352D1F2-449D-45E4-9746-4A2E6A1BC911} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-24] (AVAST Software)
Task: {AF97AFA1-FA9F-4491-831A-D881B2F3E902} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-01] (Google Inc.)
Task: {B261BACD-B4CF-4213-A86D-87B588476843} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {B42695F0-D021-45FE-AF35-377FCBE5A609} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-01] (Google Inc.)
Task: {B767CF9F-5ECB-4FFF-849B-3DEDA60D6687} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {BAB4DEAD-197B-4022-98C1-05FBDF9CB322} - System32\Tasks\{B2F7AF39-202C-441B-BE97-21C8F1CEFF28} => Chrome.exe hxxps://ui.skype.com/ui/0/7.33.0.104/pt/abandoninstall?source=lightinstaller&page=tsMain
Task: {D9FE94FD-6E6E-4023-8E66-E55A4FBDCCD1} - System32\Tasks\SafeZone scheduled Autoupdate 1459400554 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {DE5B4B51-2A24-476F-9780-E289CB27ABB3} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-03-01] (Nero AG)
Task: {E0A4071C-C72E-4639-9A5B-AF6A2BD6B3A6} - System32\Tasks\{095C20E6-DC9C-4895-A915-F78C22CBA48F} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.112/pt/abandoninstall?page=tsProgressBar

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2016-08-24 22:32 - 2016-08-24 22:32 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-04 09:03 - 2017-03-04 09:03 - 05985944 _____ () C:\Program Files\AVAST Software\Avast\defs\17030400\algo.dll
2016-08-24 22:32 - 2016-08-24 22:32 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-07-03 12:14 - 2016-07-03 12:14 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-06-22 15:59 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-12-15 15:13 - 2016-12-08 03:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 15:13 - 2016-12-08 03:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1512336316-742535504-579669538-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sidnei\AppData\Roaming\Microsoft\Windows Photo Viewer\Papel de Parede do Visualizador de Fotos do Windows.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: HPWMISVC => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UNS => 2
HKLM\...\StartupApproved\StartupFolder: => "PJeOffice.lnk"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "Easybits Recovery"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "HP Quick Launch"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PJeOffice"
HKU\S-1-5-21-1512336316-742535504-579669538-1001\...\StartupApproved\Run: => "RESTART_STICKY_NOTES"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AD3BA21F-871F-4596-9FB2-5DAEC36BD972}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4FBC9043-718E-487E-BC4F-F4739D40EF90}] => (Allow) LPort=2869
FirewallRules: [{1E28889D-DA3E-46B5-9290-2A66A86A69DB}] => (Allow) LPort=1900
FirewallRules: [{84E9C982-65D6-42DA-9C9A-AD9F32146DB9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A1E32478-8F84-4703-A4D2-723857305B03}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CC9AC15B-2728-4DC6-86BC-5E7CDAC9CA9F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4EC3CB79-32C5-4390-BFBE-B14A65ECA8FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D6EF7B5-B892-495E-9D7A-841B0CA0EEB3}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{798C88BC-6249-4DAE-BB5A-F2E99949EE07}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{0495760C-8E38-4FAE-ABA1-A465F71A2B6B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{72339D4B-561F-4923-BDC6-C09C816D618C}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{106834A2-6F68-4D6A-95B0-4DF80EEA6F3F}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [{30AA2F7E-F83C-4F5B-8ABD-581CF94774EA}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{C5C2D88F-03CD-4CA0-BB68-A504C823BC85}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{0AA0D19A-B4F0-413E-9299-387CA722607A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{41F82705-5CDE-46F8-A8D0-2E5E151EB73B}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{7265E012-EDB3-4912-AA7E-5DAAB288DD7E}] => (Allow) C:\Program Files (x86)\Nero\KM\MediaHome.exe
FirewallRules: [{11ACAE77-739C-4E57-AF48-E5E2192803C7}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe
FirewallRules: [TCP Query User{468A17DD-FEEE-4862-8BA4-0E514164DE93}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{5E2808B1-10AA-4560-B501-21F1FE44F0F8}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{23BCD5CB-88CE-42FE-A600-260D8FBF914B}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{7FF00BE3-D62B-4F3D-A168-DC9FCF7B9F10}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{1632A3A4-7240-4713-BD55-A3DAE6CD56F1}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{3EDE6C4C-75EB-463E-B99E-039722D4ACF8}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [{C6B89A55-A9B1-4899-8484-115D388A04A9}] => (Allow) C:\Users\Sidnei\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{61B1162D-1B92-43B3-AAFA-672E46F64746}] => (Allow) C:\Users\Sidnei\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{214CC241-EABE-49BA-9600-3F86E1BAA306}] => (Allow) C:\Users\Sidnei\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe
FirewallRules: [{47E5765B-5002-44F1-8488-AAA6C7755250}] => (Allow) C:\Users\Sidnei\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe
FirewallRules: [{AE2CD5E0-42B4-4E8A-A9C7-9BE86DB716A0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BBD630DD-FD7A-45DF-B217-C8AC2D2E05C1}] => (Allow) C:\Program Files\AVAST Software\Avast\avastui.exe
FirewallRules: [{E558CE92-C5D9-4F1D-A299-1C3960B3BE03}] => (Allow) C:\Program Files\AVAST Software\Avast\avastui.exe
FirewallRules: [{A7EFC668-744A-4D31-B10E-5F01F7ACC96C}] => (Allow) C:\Program Files\AVAST Software\Avast\avastui.exe
FirewallRules: [{44CC4A82-A391-4556-9B95-88DE1A60A213}] => (Allow) C:\Program Files\AVAST Software\Avast\avastui.exe
FirewallRules: [{20864239-ACB8-4F9D-AC74-BE541683E81D}] => (Allow) C:\CAT40\sp2tccli.exe
FirewallRules: [{4D8B982B-3EB2-4B96-997B-4C8707075507}] => (Allow) C:\CAT40\sp2tccli.exe
FirewallRules: [{9D67146C-9F61-40DC-A6E9-5FB18630E934}] => (Allow) C:\CAT40\sp2tccli.exe
FirewallRules: [{C4338F56-AB55-46C5-8D8A-E9FA531AE49D}] => (Allow) C:\CAT40\sp2tccli.exe
FirewallRules: [{41475FA8-9FB5-46C8-8A41-F17B9C3F5838}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{639212DA-B292-45B1-82E6-CF1DC0AC0DFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B04DC5BF-082B-4E39-AC36-C148ED547EA4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{047EDFB7-E740-49FF-9A98-505CFA173C01}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1316952C-7DCA-4239-BEB9-95761460056B}] => (Allow) C:\Users\Sidnei\Desktop\certificado erecursos.cer
FirewallRules: [{2D8A796B-B5A8-4B57-90D8-DDEF6F4498F8}] => (Allow) C:\Users\Sidnei\Desktop\certificado erecursos.cer
FirewallRules: [{08640457-58ED-403C-B67E-64F092EBD061}] => (Allow) C:\Users\Sidnei\Desktop\certificado erecursos.cer
FirewallRules: [{1BC72C56-21B1-4132-84E7-F2D7797688EE}] => (Allow) C:\Users\Sidnei\Desktop\certificado erecursos.cer

==================== Pontos de Restauração =========================

22-02-2017 21:39:37 Configurado LabelPrint
03-03-2017 16:23:54 Ponto de Verificação Agendado
05-03-2017 04:21:05 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (03/05/2017 01:33:18 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\Users\Sidnei\AppData\Local\Temp\vc_redist.x86.exe /install /quiet /norestart; Descrição = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215; Erro = 0x80070514).

Error: (03/03/2017 01:24:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa glcnd.exe versão 6.2.8516.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 1068

Hora de Início: 01d29442e5c38505

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe\glcnd.exe

ID do Relatório: 2d443a77-0036-11e7-80d0-d89d6706b022

Nome completo do pacote com falha: Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: Microsoft.Reader

Error: (03/03/2017 01:23:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ISO)
Description: O aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader não foi iniciado dentro do tempo alocado.

Error: (03/02/2017 05:05:12 PM) (Source: MsiInstaller) (EventID: 10005) (User: ISO)
Description: Produto: Microsoft Office Single Image 2010 -- Erro 25004.A chave de produto inserida não pode ser usada neste computador. Isso provavelmente se deve ao fato de versões de avaliação anteriores do Office 2010 estarem sendo instaladas. (Erro do sistema: -1073422306)

Error: (03/02/2017 05:05:11 PM) (Source: Office Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E01E
Partial Pkey=C28GQ
ACID=42122f59-2850-485e-b0c0-1aaca1c88923
Detailed Error[?]

Error: (03/02/2017 05:05:06 PM) (Source: Office Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E01E
Partial Pkey=C28GQ
ACID=42122f59-2850-485e-b0c0-1aaca1c88923
Detailed Error[?]

Error: (03/02/2017 03:51:18 PM) (Source: Office Software Protection Platform Service) (EventID: 1010) (User: )
Description: Acquisition of Rights Account Certificate failed. hr=0x80072EFD

Error: (03/02/2017 03:51:18 PM) (Source: Office Software Protection Platform Service) (EventID: 8200) (User: )
Description: License acquisition failure details. 
hr=0x80072EFD

Error: (03/02/2017 03:35:42 PM) (Source: Office Software Protection Platform Service) (EventID: 1010) (User: )
Description: Acquisition of Rights Account Certificate failed. hr=0x80072EE7

Error: (03/02/2017 03:35:42 PM) (Source: Office Software Protection Platform Service) (EventID: 8200) (User: )
Description: License acquisition failure details. 
hr=0x80072EE7


Erros de Sistema:
=============
Error: (03/04/2017 04:20:28 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: O alocador DHCP se desabilitou sozinho no endereço IP 192.168.1.3, porque o endereço IP está fora do escopo 192.168.137.0/255.255.255.0 do qual os endereços estão sendo alocados para clientes DHCP. Para habilitar o alocador DHCP neste endereço IP, altere o escopo para que inclua o endereço IP ou altere o endereço IP para que ele se encaixe no escopo.

Error: (03/04/2017 04:20:07 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: O alocador DHCP se desabilitou sozinho no endereço IP 192.168.182.97, porque o endereço IP está fora do escopo 192.168.137.0/255.255.255.0 do qual os endereços estão sendo alocados para clientes DHCP. Para habilitar o alocador DHCP neste endereço IP, altere o escopo para que inclua o endereço IP ou altere o endereço IP para que ele se encaixe no escopo.

Error: (03/04/2017 04:19:45 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: O alocador DHCP se desabilitou sozinho no endereço IP 192.168.182.97, porque o endereço IP está fora do escopo 192.168.137.0/255.255.255.0 do qual os endereços estão sendo alocados para clientes DHCP. Para habilitar o alocador DHCP neste endereço IP, altere o escopo para que inclua o endereço IP ou altere o endereço IP para que ele se encaixe no escopo.

Error: (03/04/2017 04:19:26 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: O alocador DHCP se desabilitou sozinho no endereço IP 169.254.104.210, porque o endereço IP está fora do escopo 192.168.137.0/255.255.255.0 do qual os endereços estão sendo alocados para clientes DHCP. Para habilitar o alocador DHCP neste endereço IP, altere o escopo para que inclua o endereço IP ou altere o endereço IP para que ele se encaixe no escopo.

Error: (03/04/2017 02:12:07 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: O alocador DHCP se desabilitou sozinho no endereço IP 192.168.1.3, porque o endereço IP está fora do escopo 192.168.137.0/255.255.255.0 do qual os endereços estão sendo alocados para clientes DHCP. Para habilitar o alocador DHCP neste endereço IP, altere o escopo para que inclua o endereço IP ou altere o endereço IP para que ele se encaixe no escopo.

Error: (03/04/2017 02:12:07 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: O ICS_IPV6 não configurou a pilha do IPv6.

Error: (03/04/2017 02:11:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço YSearchUtilSvc devido ao seguinte erro: 
O sistema não pode encontrar o arquivo especificado.

Error: (03/04/2017 02:11:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Easybits Services for Windows devido ao seguinte erro: 
Acesso negado.

Error: (03/04/2017 02:11:23 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: AUTORIDADE NT)
Description: 0xc000014d0

Error: (03/04/2017 09:41:44 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: O serviço Cliente da Política de Grupo não foi desligado corretamente após receber um controle de pré-desligamento.


==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentagem de memória em uso: 41%
RAM física total: 3983.27 MB
RAM física disponível: 2323.57 MB
Virtual Total: 5775.27 MB
Virtual disponível: 3796.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:235.88 GB) (Free:85.75 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.91 GB) (Free:1.91 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8778090D)

Partition: GPT.

==================== Fim de Addition.txt ============================