Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 26-10-2017
Executado por Positivo (27-10-2017 10:45:39)
Executando a partir de C:\Users\Positivo\Desktop
Windows 10 Home Versão 1703 15063.674 (X64) (2017-07-19 13:18:38)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2524955510-2097076431-3199697009-500 - Administrator - Disabled)
Convidado (S-1-5-21-2524955510-2097076431-3199697009-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2524955510-2097076431-3199697009-503 - Limited - Disabled)
Positivo (S-1-5-21-2524955510-2097076431-3199697009-1001 - Administrator - Enabled) => C:\Users\Positivo

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

4K Video Downloader 4.3 (HKLM-x32\...\{D0CA3944-0FD5-40FF-97A1-FEDFFB5EE31F}) (Version: 4.3.2.2215 - Open Media LLC)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Apowersoft Online Launcher versão 1.4.6 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED)
Apowersoft Online Launcher versão 1.6.1 (HKU\S-1-5-21-2524955510-2097076431-3199697009-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.6.1 - APOWERSOFT LIMITED)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
BlueStacks App Player (HKLM-x32\...\{AA655366-D323-404D-AA9B-AD562CAE1DD0}) (Version: 2.2.21.6212 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
ControlAP II 1.3.7 (HKLM-x32\...\{A75A2559-40B0-4C25-A7ED-19D593F2A6E9}) (Version: 1.3.7 - OEM)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
dr.fone toolkit para Android (Version 8.2.6) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.2.6.59 - Wondershare Technology Co.,Ltd.)
Driver 1.4.1 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.4.1 - OEM)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Galeria de Fotos (HKLM-x32\...\{9EE1AE8B-4872-41CA-8C9A-C33D899523E0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
H829 USB Hybrid ISDB-Tb 10.2.64.110 (HKLM-x32\...\H829 USB Hybrid ISDB-Tb) (Version: 10.2.64.110 - )
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 604.10125.2655.573 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850416-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2524955510-2097076431-3199697009-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{C05F4139-CB6B-4272-A0BF-861FEB667F27}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 56.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 56.0.1 (x64 pt-BR)) (Version: 56.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.1.6484 - Mozilla)
Online Video Converter version 1.0.6 (HKU\S-1-5-21-2524955510-2097076431-3199697009-1001\...\{628BF902-EB66-4BDB-97CB-AE4AAAAA5A7F}_is1) (Version: 1.0.6 - APOWERSOFT LIMITED)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
POSITIVO TV (HKLM-x32\...\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.4.4.194.15040802 - POSITIVO) Hidden
POSITIVO TV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.4.4.194.15040802 - POSITIVO)
qBittorrent 3.3.12 (HKLM-x32\...\qBittorrent) (Version: 3.3.12 - The qBittorrent project)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.92 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7695 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SecondLifeViewer (HKLM-x32\...\SecondLifeViewer) (Version: 5.0.7.327710 - Linden Research, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2524955510-2097076431-3199697009-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Positivo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ShellIconOverlayIdentifiers: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Positivo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ShellIconOverlayIdentifiers: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Positivo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-12] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Positivo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ShellIconOverlayIdentifiers-x32: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Positivo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ShellIconOverlayIdentifiers-x32: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Positivo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-12] (AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Positivo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWoW64\WSCM64.dll [2014-10-24] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-12] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Positivo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Positivo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-22] ()
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-06] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-12] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {23B97298-5BF0-426E-AE7E-6AE9A0B64500} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {4F7D7C0C-1A88-4B06-A515-5301AAEB0DEE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {53740F52-6159-4B94-A475-6A8004B354F4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {5D11B38F-D269-4D5C-B668-3FFA5EC02558} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {61E9D3AC-BF89-4EB2-9E58-E7B215867632} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {7C4E0B0D-640A-4FC4-9DA0-5E95E0CCCFF9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {81B79C27-7998-4387-9CC3-3115AC587783} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-28] (Google Inc.)
Task: {C52AD77E-CDDE-4745-81DF-87B6C24FBC66} - System32\Tasks\SafeZone scheduled Autoupdate 1461868362 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {CFA2CC7A-C895-4C1C-B7C9-9709543A0F31} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-12] (AVAST Software)
Task: {F6F9FAF9-F068-4477-BE51-6064A50655B1} - \AVAST Software\Avast settings backup -> Nenhum Arquivo <==== ATENÇÃO
Task: {FCC85BC3-701C-489F-8624-9ABAE971CA50} - \GoogleUpdateTaskMachineCore1d1f018cc3dd0c4 -> Nenhum Arquivo <==== ATENÇÃO
Task: {FEEBF36B-6C65-40FA-9330-AAAE1D8B6A55} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d1a159aa6fb344.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d1aec03d9faee8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


==================== Módulos Carregados (Whitelisted) ==============

2016-04-27 16:09 - 2009-12-06 12:13 - 000397312 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2017-03-18 17:58 - 2017-03-18 17:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-10-31 16:45 - 2017-06-22 21:12 - 000598528 _____ () C:\Users\Positivo\AppData\Local\MEGAsync\ShellExtX64.dll
2017-02-03 19:06 - 2014-10-24 14:16 - 000721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll
2017-03-18 17:59 - 2017-03-20 00:59 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-27 16:09 - 2014-02-12 11:33 - 000159744 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2013-12-06 15:33 - 2013-12-06 15:33 - 000508416 _____ () C:\Program Files (x86)\OEM\ControlAP II 1.3.7\ControlAP II.exe
2017-10-12 08:46 - 2017-10-12 08:46 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-09-26 16:42 - 2017-09-21 04:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-26 16:42 - 2017-09-21 04:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2016-04-27 16:09 - 2012-06-09 07:33 - 000053248 _____ () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2017-10-12 08:46 - 2017-10-12 08:46 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-12 08:46 - 2017-10-12 08:46 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-07-09 20:29 - 2017-07-09 20:29 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-12 08:46 - 2017-10-12 08:46 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-12 08:46 - 2017-10-12 08:46 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-12 08:45 - 2017-10-12 08:45 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-12 08:46 - 2017-10-12 08:46 - 000700656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2009-11-17 17:21 - 2009-11-17 17:21 - 000092160 _____ () C:\Program Files (x86)\OEM\ControlAP II 1.3.7\SoilIO.dll
2016-04-13 05:38 - 2016-04-13 05:38 - 000482304 _____ () C:\Users\Positivo\AppData\Local\MEGAsync\libsodium.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-07-10 08:04 - 2017-09-17 19:14 - 000000830 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2524955510-2097076431-3199697009-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Positivo\Pictures\Seventeen\C3vEycyUkAQMpLb.jpg
DNS Servers: 192.168.25.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

HKU\S-1-5-21-2524955510-2097076431-3199697009-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2524955510-2097076431-3199697009-1001\...\StartupApproved\Run: => "BlueStacks Agent"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{1E429D51-9164-4E8E-A0B9-CA2A52F01506}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{3A6E4A60-469B-4EA8-ADA0-8F826CE70C73}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [TCP Query User{6E95C01D-2E46-4D74-BC5C-D1F7A3956091}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{28D05CCC-E033-40A8-8ED7-072C37B9FB3F}C:\program files (x86)\wondershare\dr.fone toolkit for android\drfoneandroid.exe] => (Allow) C:\program files (x86)\wondershare\dr.fone toolkit for android\drfoneandroid.exe
FirewallRules: [TCP Query User{9B06BBDE-0985-4A83-8F68-B6DF51FBE9DB}C:\program files (x86)\wondershare\dr.fone toolkit for android\drfoneandroid.exe] => (Allow) C:\program files (x86)\wondershare\dr.fone toolkit for android\drfoneandroid.exe
FirewallRules: [{BA5B000B-D2E0-43BA-A057-7372248354A0}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{C3E84FAD-B321-4FB8-ABF4-F8C07A591179}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{E70F4B75-1B5B-47C4-B6B8-2A52A3AB0A81}] => (Allow) C:\Users\Positivo\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe
FirewallRules: [{A300D99E-8CED-4BCE-B6DD-8A701035A555}] => (Allow) C:\Users\Positivo\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe
FirewallRules: [{BE30D466-D0E6-4248-94D4-9A863CEBA7E8}] => (Allow) C:\Users\Positivo\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{6372B966-BF40-4B81-9C0E-09B90B093EB5}] => (Allow) C:\Users\Positivo\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{96A7424C-5587-4B8A-B83F-611227BD5DB5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A8CEBE2D-2682-4C7C-8ABC-59ACC6EFD59F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{60787D02-42F6-489A-BFC3-418CBBE94BE0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{6D746BB3-6819-4FBE-A82E-6C33DF8076BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{822C6B99-A5EB-4263-B6AA-5588EDDD5AF1}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{A51C188C-88D8-4B63-A49A-75CD85DDCFA7}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{39BF078A-B661-4DBC-B1DA-8146076CB0E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{350BD815-2BD6-4A8E-9C2B-DA714AE96C76}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8BA4833F-7CFC-4CFC-BF1B-2C267394B5DF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{64AFEE35-1D18-4C3B-A130-67B141FFED85}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8229E633-5358-4EB3-9EA3-1C5B8C514E5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A8CAC31F-EDD0-4B01-A14C-DAFDBA7E25B8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7B12049C-2D68-4EC4-9D1D-CDCC2716B72F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{53D593C5-EA4F-41DB-A767-5B6B7BE56976}] => (Allow) LPort=2869
FirewallRules: [{07C474AF-9E09-41FF-A560-C6EE2BB9574D}] => (Allow) LPort=1900
FirewallRules: [{1C25A39A-7F3F-4CE7-969A-C8A3B055732A}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{7D194B3E-2E5F-427D-B754-430212DAA9E1}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [TCP Query User{30EDE1BB-9903-4FCC-A20B-05B601A22DCF}C:\program files (x86)\bywifi\bywifi.exe] => (Allow) C:\program files (x86)\bywifi\bywifi.exe
FirewallRules: [UDP Query User{F0A94DF9-1C1E-4C19-AAEB-6833CD24163B}C:\program files (x86)\bywifi\bywifi.exe] => (Allow) C:\program files (x86)\bywifi\bywifi.exe
FirewallRules: [{E42A0E51-9A32-4BA9-A8FA-1A61C0E4E765}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

08-10-2017 19:16:16 Ponto de Verificação Agendado
18-10-2017 18:15:46 Installed 4K Video Downloader 4.3
26-10-2017 23:09:31 Ponto de Verificação Agendado

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (10/27/2017 09:42:08 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\Office15\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\Office15\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (10/27/2017 09:40:29 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/27/2017 09:40:23 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=8

Error: (10/26/2017 10:22:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\Office15\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\Office15\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (10/26/2017 10:22:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/26/2017 10:22:01 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=7

Error: (10/26/2017 10:21:53 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=TimerEvent

Error: (10/23/2017 07:23:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/23/2017 07:23:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/23/2017 07:23:47 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\Office15\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\Office15\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.


Erros de Sistema:
=============
Error: (10/27/2017 10:04:11 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (10/21/2017 10:58:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2PQ4GEG)
Description: O servidor {7966B4D8-4FDC-4126-A10B-39A3209AD251} não se registrou no DCOM dentro do tempo limite necessário.

Error: (10/21/2017 10:58:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2PQ4GEG)
Description: O servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} não se registrou no DCOM dentro do tempo limite necessário.

Error: (10/18/2017 06:05:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Gerenciador de Mapas Baixados foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (10/13/2017 12:44:49 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2PQ4GEG)
Description: O servidor {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} não se registrou no DCOM dentro do tempo limite necessário.

Error: (10/13/2017 12:44:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2PQ4GEG)
Description: O servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} não se registrou no DCOM dentro do tempo limite necessário.

Error: (10/13/2017 12:44:45 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} não se registrou no DCOM dentro do tempo limite necessário.

Error: (10/13/2017 12:43:41 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2PQ4GEG)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Iniciar para o aplicativo de Servidor COM com CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 e APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 ao usuário DESKTOP-2PQ4GEG\Positivo SID (S-1-5-21-2524955510-2097076431-3199697009-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (10/13/2017 12:43:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BstHdDrv devido ao seguinte erro: 
O sistema não pode encontrar o arquivo especificado.

Error: (10/13/2017 12:43:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro: 
Não há suporte para o pedido.


==================== Informações da Memória =========================== 

Processador: Intel(R) Celeron(R) CPU N2808 @ 1.58GHz
Percentagem de memória em uso: 70%
RAM física total: 3986.59 MB
RAM física disponível: 1166.89 MB
Virtual Total: 5138.59 MB
Virtual disponível: 1820.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:465.22 GB) (Free:326.07 GB) NTFS
Drive e: (Office 2013) (CDROM) (Total:0.68 GB) (Free:0 GB) UDF

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D041FEF5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Fim de Addition.txt ============================