Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-07-2017
Executado por Rubiao (16-07-2017 08:58:16)
Executando a partir de D:\Arquivos de Programas\vacina
Windows 8 Pro (X64) (2017-07-07 14:44:06)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-3676086707-788309336-3385684931-500 - Administrator - Disabled)
Convidado (S-1-5-21-3676086707-788309336-3385684931-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3676086707-788309336-3385684931-503 - Limited - Disabled)
Rubiao (S-1-5-21-3676086707-788309336-3385684931-1001 - Administrator - Enabled) => C:\Users\Rubiao

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2302 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Central de Mouse e Teclado da Microsoft (HKLM\...\{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}) (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Central de Mouse e Teclado da Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Clover V3.3 (HKLM-x32\...\Clover) (Version: 3.3.5.05011 - 易捷科技)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
Corel Graphics - Windows Shell Extension (HKLM\...\_{E7F9082A-E477-4DBC-8FBC-E19B53B7BBC9}) (Version: 19.0.0.328 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{E7F9082A-E477-4DBC-8FBC-E19B53B7BBC9}) (Version: 19.0.328 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{58B4F27F-B90B-4188-AA05-088B9788F8FF}) (Version: 19.0.328 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{9E1EE683-0C7B-46E7-83EC-1F5A1D8F2296}) (Version: 2.3.170 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2017 - BR (x64) (HKLM\...\{8ABF5677-0748-4A42-A7DF-81F13027A18F}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Capture (x64) (HKLM\...\{AC9BB7B7-A763-43C5-9830-F3B78FDB051D}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Common (x64) (HKLM\...\{B8C51F00-63AE-4327-A533-375CB7B6BF26}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Common Retail (x64) (HKLM\...\{D3CBB13B-4FE7-451A-9C8F-06FBD9A36F0B}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Connect (x64) (HKLM\...\{BD0F92AD-DFDB-4BC5-BAA5-FB27892F9483}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Custom Data (x64) (HKLM\...\{E7975CC5-05E4-45E3-AFD3-234809F694A0}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - DE (x64) (HKLM\...\{DC94E7B7-DE6C-4293-A3EF-DC41FC2FA9BC}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Draw (x64) (HKLM\...\{A16C7EEB-69CB-42A1-AD10-0E19A133D957}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - EN (x64) (HKLM\...\{DB9ECE8C-5065-4388-B70D-D137A2C03152}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - ES (x64) (HKLM\...\{0EAC29D4-5379-4595-ACE9-FA6A3DC08418}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Filters (x64) (HKLM\...\{EEC42BAD-9517-450D-AF99-FA3C16D0377C}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Font Manager (x64) (HKLM\...\{D276DE88-654E-4738-A736-6E18D12F0C34}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - FR (x64) (HKLM\...\{24BE747D-7DBA-4322-9B6D-6F7F2E931E31}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM (x64) (HKLM\...\{904B10A6-0D9C-4645-9C61-504FA92B9220}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM Content (x64) (HKLM\...\{54F024CB-16AF-4CC0-9BC2-D2507E7C6C01}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IT (x64) (HKLM\...\{546B4AB1-64CF-4713-8750-B21CD86874F9}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - NL (x64) (HKLM\...\{6A8F754C-F722-4C4C-AAC2-50B386FD604A}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - PHOTO-PAINT (x64) (HKLM\...\{B2D66383-4F98-4108-B6A3-F9CF8715875C}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Redist (x64) (HKLM\...\{47865C60-4ED8-4678-B23F-C2D1C2DDC09C}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Setup Files (x64) (HKLM\...\{07B49D5C-2AB6-4D40-8A9B-BEDA6021A7C7}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - VBA (x64) (HKLM\...\{5330DEB9-A612-4679-ACC1-D3D9C6190824}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - VideoBrowser (x64) (HKLM\...\{C451F155-26B7-48F2-8A8F-9428B4D479D2}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Workspaces (x64) (HKLM\...\{F3EFAF0E-DF3C-4384-8A0F-90D79FEFD7F5}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Writing Tools (x64) (HKLM\...\{E38357D4-1B80-400F-A6D7-B4D5DD83D979}) (Version: 19.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 (64-Bit) (HKLM\...\_{07B49D5C-2AB6-4D40-8A9B-BEDA6021A7C7}) (Version: 19.0.0.328 - Corel Corporation)
CorelDRAW Graphics Suite 2017 (HKLM\...\{03E21392-CE4A-4FC6-B593-370E7A7E345A}) (Version: 19.0 - Corel Corporation) Hidden
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.0.2051 - Foxit Software Inc.)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Network Connections 22.3.108.0 (HKLM\...\PROSetDX) (Version: 22.3.108.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Lazy Nezumi Pro 17.3.25.1950 (HKLM-x32\...\Lazy Nezumi Pro_is1) (Version: 17.3.25.1950 - Guillaume Stordeur)
Legendas 3.5 (HKLM-x32\...\{461C0377-D2EC-4FB0-B038-847BC6455432}_is1) (Version: 3.5 - LegendasBrasil.org)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Malwarebytes versão 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.8229.2086 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProplusRetail - pt-br) (Version: 16.0.8229.2086 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\OneDriveSetup.exe) (Version: 17.3.6944.0627 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mobirise (HKLM-x32\...\Mobirise_is1) (Version:  - Mobirise.com)
Mozilla Firefox 54.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 pt-BR)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.1.1 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 pt-BR)) (Version: 52.2.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Opera Stable 46.0.2597.46 (HKLM-x32\...\Opera 46.0.2597.46) (Version: 46.0.2597.46 - Opera Software)
PaintTool SAI (HKLM-x32\...\PaintTool SAI1.1.0) (Version: 1.1.0 - Eddie Sekiguchi Softwares)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version:  - Kakao Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Subtitle Edit 3.4.11 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.11.0 - Nikse)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
Visual Studio 2010 SP1 Runtime x64 (HKLM\...\{F6305232-7952-4CCE-BDCD-9B2E66591C4A}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2010 SP1 Runtime x86 (HKLM-x32\...\{AEA163A5-BA2F-4E63-9529-DE8606AC82A4}) (Version: 1.0.0 - Microsoft Corporation)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.5.0 - Azureus Software, Inc.)
WhatsApp (HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\WhatsApp) (Version: 0.2.5093 - WhatsApp)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ShellIconOverlayIdentifiers: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-07] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ContextMenuHandlers01: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-07] (AVAST Software)
ContextMenuHandlers01: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-12-23] (Foxit Software Inc.)
ContextMenuHandlers01: [Legendas230] -> {08940faf-34c4-4e6e-8bd4-18c128696403} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers01: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
ContextMenuHandlers02: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-07] (AVAST Software)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers03: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers04: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers06: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-07] (AVAST Software)
ContextMenuHandlers06: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-12-23] (Foxit Software Inc.)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {040A95B9-70B3-4418-97B6-DF50922040C6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {1BFB9D89-D8F3-4348-AFDB-5AE231F38CBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-11] (Google Inc.)
Task: {28F59897-E702-4CCB-9B3A-BA096312220D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-14] (Microsoft Corporation)
Task: {342D66F6-2D8D-454D-854F-7D5679FBE74A} - System32\Tasks\update-S-1-5-21-3676086707-788309336-3385684931-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {41C5AF68-B7CA-49FF-B72B-6951DF3B9605} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {430D914D-2F33-4262-9650-8D4ED7001EB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-11] (Google Inc.)
Task: {5BEC828A-131F-4C29-B5DE-B9BB6CF8FE55} - System32\Tasks\SUPERAntiSpyware Scheduled Task 4e6dfd45-6962-49f5-8f48-341a1e2812ea => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {6C2ECDCC-1160-4236-9729-10F2D526A1AA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation)
Task: {73E05901-6B2B-448E-B182-FC4D223013E9} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {7EBBE6CE-34E1-4AE2-8432-E9F8BBCDCB93} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {80AAAC75-2D5A-4462-A56B-D84112115392} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-07-07] (AVAST Software)
Task: {820BDEA3-B5B8-47AB-851F-141D3CEA192D} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-05-29] (Corel Corporation)
Task: {82E7EEDF-30EB-4159-8907-8CA5BA88659C} - System32\Tasks\Opera scheduled Autoupdate 1499547384 => C:\Program Files\Opera\launcher.exe [2017-07-11] (Opera Software)
Task: {843E1328-6AB1-44C9-B402-60A104ACC803} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-08] ()
Task: {8A22E442-1B4C-47C1-8BB2-62807B416619} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation)
Task: {9F3A0914-82E7-4C23-BF98-2B63DD5E049C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {BCCB5ED5-49B8-4D07-A5AA-15536B3DF926} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {BDD97ED2-617E-4DFD-9ECF-55D36A251FE1} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {CCEE7039-C570-4E67-9BE2-A416F1D5BF62} - System32\Tasks\FUB => C:\Program Files\DriverSetupUtility\FUB\FUB.bat
Task: {CDB183C3-1FDC-42FC-8CF6-11B6FC3178E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-14] (Microsoft Corporation)
Task: {D818F2C8-9700-45B9-A247-5AD7BF259A35} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-08] ()
Task: {D9EDBD0F-6862-4B1F-9717-2AE54F38F06F} - System32\Tasks\SUPERAntiSpyware Scheduled Task cedc2120-dc5a-4f95-8a2e-0235d026fddf => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {DC34D15F-59AA-47A2-81D1-B89C8A542F76} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-mrubiao@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {F7F66DB6-7E35-4C91-B8CC-2EFE3F1E6B3D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 4e6dfd45-6962-49f5-8f48-341a1e2812ea.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task cedc2120-dc5a-4f95-8a2e-0235d026fddf.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3676086707-788309336-3385684931-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


==================== Módulos Carregados (Whitelisted) ==============

2017-07-14 21:45 - 2017-07-16 07:50 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 17:58 - 2017-03-18 17:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-06-07 17:09 - 2017-06-07 17:09 - 00598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2016-06-10 01:41 - 2016-06-10 01:41 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-03-18 17:59 - 2017-03-20 00:59 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-07 04:41 - 2017-04-07 04:41 - 00054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 08:22 - 2017-06-30 08:22 - 00073728 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2017-07-07 20:26 - 2017-04-12 18:43 - 01873920 _____ () C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe
2017-07-07 12:52 - 2017-07-07 12:51 - 02259968 _____ () C:\Users\Rubiao\AppData\Local\WhatsApp\app-0.2.5093\ffmpeg.dll
2017-07-16 07:46 - 2017-07-16 07:46 - 00221184 _____ () \\?\C:\Users\Rubiao\AppData\Local\Temp\6240.tmp.node
2017-07-16 07:46 - 2017-07-16 07:46 - 00486400 _____ () \\?\C:\Users\Rubiao\AppData\Local\Temp\6399.tmp.node
2017-07-07 12:52 - 2017-07-07 12:51 - 02917376 _____ () C:\Users\Rubiao\AppData\Local\WhatsApp\app-0.2.5093\libglesv2.dll
2017-07-07 12:52 - 2017-07-07 12:51 - 00095232 _____ () C:\Users\Rubiao\AppData\Local\WhatsApp\app-0.2.5093\libegl.dll
2017-07-16 07:46 - 2017-07-16 07:46 - 00486400 _____ () \\?\C:\Users\Rubiao\AppData\Local\Temp\6D9B.tmp.node
2017-07-09 14:46 - 2017-07-09 14:46 - 00603136 _____ () d:\arquivos de programas\clover\cloversvc.dll
2017-07-07 12:07 - 2017-07-07 12:07 - 00170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-07-12 11:54 - 2017-07-12 11:54 - 01038952 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-07-07 12:07 - 2017-07-07 12:07 - 67109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-07-07 12:07 - 2017-07-07 12:07 - 00192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-07-07 12:07 - 2017-07-07 12:07 - 00224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-07-07 12:07 - 2017-07-07 12:07 - 00292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-07-07 12:07 - 2017-07-07 12:07 - 02962096 _____ () C:\Program Files\AVAST Software\Avast\aswDataScan.dll
2017-07-07 12:07 - 2017-07-07 12:07 - 00689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-06-07 17:07 - 2017-06-07 17:07 - 00569856 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Existem ainda 7936 sites a mais.

IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\123simsen.com -> www.123simsen.com

Existem ainda 7936 sites a mais.


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2017-07-07 11:36 - 2017-07-11 00:04 - 00454414 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	platform.wondershare.com127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Existem ainda 15594 mais linhas.


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3676086707-788309336-3385684931-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rubiao\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 201.17.128.239 - 201.17.128.247
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

MSCONFIG\startupfolder: C:^Users^Rubiao^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => 
MSCONFIG\startupreg: OneDrive => "C:\Users\Rubiao\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
HKLM\...\StartupApproved\StartupFolder: => "Dual Smart Solution.lnk"
HKU\S-1-5-21-3676086707-788309336-3385684931-1001\...\StartupApproved\Run: => "OneDrive"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{CC82B28C-5CC4-44BF-BE81-9CEDA6BC6A03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{64B19D0C-3E0F-40C4-809A-019ABA6D0DE3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A2236134-68B7-4D91-B61D-06603DBF6B81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D1AFD896-430B-478A-98F7-C928DD69D1E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F4FF8DA-FC00-403D-A526-D7BC2F34A8A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7A853EF-1531-4A9A-835F-CA95D177940B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ED94FF23-AA6E-492A-B3BA-CE1132BFBD89}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D38DC9F-0230-4DD7-B6C1-761D5A2EB539}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2017\Programs64\CorelDrw.exe
FirewallRules: [{875AB2CA-3BE5-4CFF-9393-7103ED75F43D}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{6DAD2A26-F38E-4DE8-84F4-C16267CD1BFE}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{22A3DBCA-1FA8-46F7-9DDC-B33F201B96A2}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{D9FD3A27-2C5C-4E38-839B-96989AEE4E79}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [{1322F2FC-48C3-4AFF-8203-DDA2D2F232E9}] => (Allow) C:\Program Files\Opera\46.0.2597.39\opera.exe
FirewallRules: [TCP Query User{1B639702-1639-4EB8-9C58-5B8E37C4FF55}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{B280ECBF-EDAD-4CD8-9F2A-124C3B724259}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [{E6C16518-9009-4500-A65C-AA42507A80CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E806E2DB-8D57-4885-82FC-2ED539C17DF8}] => (Allow) C:\Program Files\Opera\46.0.2597.46\opera.exe

==================== Pontos de Restauração =========================

15-07-2017 09:33:39 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/15/2017 07:26:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: RUBIÃO)
Description: O pacote Microsoft.Windows.ShellExperienceHost_10.0.15063.332_neutral_neutral_cw5n1h2txyewy+App foi terminado porque levou muito tempo para ser suspenso.

Error: (07/14/2017 10:41:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: MicrosoftEdge.exe, versão: 11.0.15063.447, carimbo de data/hora: 0x5948acf2
Nome do módulo com falha: ntdll.dll, versão: 10.0.15063.447, carimbo de data/hora: 0xa329d3a8
Código de exceção: 0xc0000409
Deslocamento da falha: 0x000000000009626f
ID do processo com falha: 0x12c4
Hora de início do aplicativo com falha: 0x01d2fd0b7e1e3b28
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll
ID do Relatório: 86fb19aa-eb18-4708-8cc8-6567e42e942b
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge

Error: (07/14/2017 10:41:35 PM) (Source: ESENT) (EventID: 454) (User: )
Description: MicrosoftEdge (4804) C:\Users\Rubiao\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\: Falha na recuperação/restauração do banco de dados com erro inesperado -501.

Error: (07/14/2017 10:41:35 PM) (Source: ESENT) (EventID: 465) (User: )
Description: MicrosoftEdge (4804) C:\Users\Rubiao\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\: Foram detectados dados corrompidos durante a recuperação de software no arquivo de log C:\Users\Rubiao\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log. O registro da falha na soma de verificação localiza-se na posição END. Os dados incompatíveis com o padrão de preenchimento apareceram pela primeira vez no setor isec 59 reason 6. Esse arquivo de log foi danificado e está inutilizável.

Error: (07/14/2017 10:41:35 PM) (Source: ESENT) (EventID: 477) (User: )
Description: MicrosoftEdge (4804) C:\Users\Rubiao\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\: Falha na verificação da leitura do intervalo de log do arquivo "C:\Users\Rubiao\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log" no deslocamento 241664 (0x000000000003b000) para 4096 (0x00001000) devido a uma incompatibilidade de soma de verificação do intervalo. A soma de verificação esperada era 1585854219880350760 (0x16021602c185c428) e a soma de verificação real foi 4612319348961690664 (0x40024002c185c428). A operação de leitura falhará com o erro -501 (0xfffffe0b). Se essa condição persistir, restaure o arquivo de log por meio de um backup anterior.

Error: (07/14/2017 10:41:35 PM) (Source: ESENT) (EventID: 465) (User: )
Description: MicrosoftEdge (4804) C:\Users\Rubiao\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\: Foram detectados dados corrompidos durante a recuperação de software no arquivo de log C:\Users\Rubiao\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log. O registro da falha na soma de verificação localiza-se na posição END. Os dados incompatíveis com o padrão de preenchimento apareceram pela primeira vez no setor isec 59 reason 6. Esse arquivo de log foi danificado e está inutilizável.

Error: (07/14/2017 10:41:35 PM) (Source: ESENT) (EventID: 477) (User: )
Description: MicrosoftEdge (4804) C:\Users\Rubiao\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\: Falha na verificação da leitura do intervalo de log do arquivo "C:\Users\Rubiao\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log" no deslocamento 241664 (0x000000000003b000) para 4096 (0x00001000) devido a uma incompatibilidade de soma de verificação do intervalo. A soma de verificação esperada era 1585854219880350760 (0x16021602c185c428) e a soma de verificação real foi 6053493219952804904 (0x54025402c185c428). A operação de leitura falhará com o erro -501 (0xfffffe0b). Se essa condição persistir, restaure o arquivo de log por meio de um backup anterior.

Error: (07/14/2017 10:41:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: firefox.exe, versão: 54.0.1.6388, carimbo de data/hora: 0x5953d1f8
Nome do módulo com falha: xul.dll, versão: 54.0.1.6388, carimbo de data/hora: 0x5953d62e
Código de exceção: 0x80000003
Deslocamento da falha: 0x008a6bcb
ID do processo com falha: 0x1ffc
Hora de início do aplicativo com falha: 0x01d2fd0b7818304b
Caminho do aplicativo com falha: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Caminho do módulo com falha: C:\Program Files (x86)\Mozilla Firefox\xul.dll
ID do Relatório: 934ee519-5663-4325-af6e-69aa0cf0ce5f
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (07/14/2017 10:41:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: firefox.exe, versão: 54.0.1.6388, carimbo de data/hora: 0x5953d1f8
Nome do módulo com falha: xul.dll, versão: 54.0.1.6388, carimbo de data/hora: 0x5953d62e
Código de exceção: 0x80000003
Deslocamento da falha: 0x008a6bcb
ID do processo com falha: 0x165c
Hora de início do aplicativo com falha: 0x01d2fd0b6dbffc64
Caminho do aplicativo com falha: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Caminho do módulo com falha: C:\Program Files (x86)\Mozilla Firefox\xul.dll
ID do Relatório: 47278d6e-0650-4c41-b107-5b2cf7973c90
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (07/14/2017 10:34:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: MicrosoftEdge.exe, versão: 11.0.15063.447, carimbo de data/hora: 0x5948acf2
Nome do módulo com falha: KERNEL32.DLL, versão: 10.0.15063.296, carimbo de data/hora: 0xf5fa43df
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000003fca
ID do processo com falha: 0x26e0
Hora de início do aplicativo com falha: 0x01d2fd0a8289ea02
Caminho do aplicativo com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNEL32.DLL
ID do Relatório: 0fd16c82-aef0-42f4-8c64-a3fa24fa56c1
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge


Erros de Sistema:
=============
Error: (07/16/2017 07:41:28 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: O computador foi reinicializado após uma verificação de erro. Essa verificação foi: 0x00000139 (0x0000000000000003, 0xffffa801f32f1150, 0xffffa801f32f10a8, 0x0000000000000000). Um despejo de memória foi salvo em: C:\WINDOWS\MEMORY.DMP. Id de Relatório: 9b276391-a7f5-425b-bf0e-9f396e601c76.

Error: (07/16/2017 07:41:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro: 
Não há suporte para o pedido.

Error: (07/16/2017 07:41:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 07:24:29 do dia ‎16/‎07/‎2017 não era esperado.

Error: (07/16/2017 07:24:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro: 
Não há suporte para o pedido.

Error: (07/15/2017 08:02:45 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (07/15/2017 07:49:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro: 
Não há suporte para o pedido.

Error: (07/15/2017 06:41:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro: 
Não há suporte para o pedido.

Error: (07/15/2017 02:04:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro: 
Não há suporte para o pedido.

Error: (07/15/2017 12:03:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro: 
Não há suporte para o pedido.

Error: (07/15/2017 12:03:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 10:45:40 do dia ‎15/‎07/‎2017 não era esperado.


CodeIntegrity:
===================================
  Date: 2017-07-15 12:12:15.411
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-15 12:12:15.281
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-15 12:07:25.897
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-15 12:06:54.438
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-15 12:06:46.093
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-15 12:06:45.773
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-15 12:06:45.650
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-14 22:41:35.866
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-14 22:41:35.632
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-14 22:41:35.503
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentagem de memória em uso: 27%
RAM física total: 16173.14 MB
RAM física disponível: 11782.44 MB
Virtual Total: 18605.14 MB
Virtual disponível: 14107.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.01 GB) (Free:11.64 GB) NTFS
Drive d: (Meus Documentos) (Fixed) (Total:921.75 GB) (Free:94.67 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 9207DFE1)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D5B81D08)
Partition 1: (Active) - (Size=921.7 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================