Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 16.02.2019 01
Executado por FABI (17-02-2019 10:45:47)
Executando a partir de C:\Users\FABI\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-02-16 12:52:20)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-3215228546-923796902-3056214075-500 - Administrator - Disabled)
Convidado (S-1-5-21-3215228546-923796902-3056214075-501 - Limited - Disabled)
FABI (S-1-5-21-3215228546-923796902-3056214075-1001 - Administrator - Enabled) => C:\Users\FABI
HomeGroupUser$ (S-1-5-21-3215228546-923796902-3056214075-1002 - Limited - Enabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.109 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
K-Lite Codec Pack 14.7.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.7.5 - KLCP)
Laptop Integrated Webcam Driver (1.04.01.1011)   (HKLM\...\Creative OEM002) (Version:  - )
LibreOffice 6.2.0.3 (HKLM\...\{AD0844DC-C933-4D00-814A-3B7AAD254098}) (Version: 6.2.0.3 - The Document Foundation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.6.01590 - Microsoft Corporation)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {08731A04-AAFC-4782-AE3C-C205F8ED4D59} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {36BB5458-C3FC-44B0-9B93-D4F2C109891D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {392B26DE-ABCC-4E71-B992-8869EE41F058} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {49578ECD-A887-4A93-BE65-22A367F221E1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {FBE3DC7B-C658-4B32-AA1A-2B117117BB19} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () [Arquivo não assinado]

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Módulos Carregados (Whitelisted) ==============

2019-02-16 10:01 - 2019-02-13 02:14 - 005186032 _____ () C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\libglesv2.dll
2019-02-16 10:01 - 2019-02-13 02:14 - 000117232 _____ () C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\libegl.dll
2019-02-17 09:40 - 2019-02-17 09:40 - 000654216 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-17 09:40 - 2019-02-17 09:40 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll
2019-02-17 09:40 - 2019-02-17 09:40 - 000556936 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-02-17 09:41 - 2019-02-17 09:41 - 001174920 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-02-17 09:40 - 2019-02-17 09:40 - 002024840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-02-17 09:52 - 2019-02-17 09:52 - 006884496 _____ () C:\Program Files\AVAST Software\Avast\defs\19021700\algo64.dll
2019-02-17 09:50 - 2019-02-17 09:50 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2009-06-10 18:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3215228546-923796902-3056214075-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\FABI\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 187.36.192.44 - 187.36.192.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

Se uma entrada for incluída na fixlist, será removida.


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B42AF453-BF01-4801-9D25-1D6C4D72D780}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{ED588BE0-BFFE-4AAF-8BF9-F64FE5E633EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{85DF6BCA-CD6A-4E21-9D83-272C16F49459}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Pontos de Restauração =========================

16-02-2019 09:44:43 DirectX instalado
16-02-2019 09:59:49 Windows Update
16-02-2019 10:13:02 Installed LibreOffice 6.2.0.3

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Dispositivo do sistema básico
Description: Dispositivo do sistema básico
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (02/17/2019 09:51:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa soffice.bin versão 6.2.0.3 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 12e4

Hora de Início: 01d4c6bf372d2b6e

Hora de Término: 752

Caminho do Aplicativo: C:\Program Files\LibreOffice\program\soffice.bin

Id do Relatório: afac7726-32b2-11e9-a370-0023aeeab0b3

Error: (02/17/2019 09:06:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/16/2019 10:09:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: msiexec.exe, versão: 5.0.7601.23446, carimbo de hora: 0x572a0f6f
Nome do módulo de falhas: msvcrt.dll, versão: 7.0.7601.17744, carimbo de hora: 0x4eeb033f
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00000000000011fd
Identificação do processo com falha: 0xcf0
Hora de início do aplicativo com falha: 0x01d4c5f8bd6b6dd3
Caminho do aplicativo com falha: C:\Windows\System32\msiexec.exe
FCaminho do módulo de falhas: C:\Windows\system32\msvcrt.dll
Identificação do Relatório: 08716f17-31ec-11e9-beac-0023aeeab0b3


Erros de Sistema:
=============
Error: (02/17/2019 09:59:17 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: O serviço aswbIDSAgent terminou com o erro específico de serviço %%-536753631.

Error: (02/16/2019 10:04:40 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço Creative OEM002 RunApp Service está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.

Error: (02/16/2019 09:56:46 AM) (Source: Disk) (EventID: 11) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.

Error: (02/16/2019 09:56:45 AM) (Source: Disk) (EventID: 11) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.

Error: (02/16/2019 09:56:45 AM) (Source: Disk) (EventID: 11) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.

Error: (02/16/2019 09:46:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Windows Search suspenso ao iniciar.

Error: (02/16/2019 09:33:41 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Falha na inicialização do despejo de memória!


==================== Informações da Memória =========================== 

Processador: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentagem de memória em uso: 73%
RAM física total: 4086.04 MB
RAM física disponível: 1099.15 MB
Virtual Total: 8170.27 MB
Virtual disponível: 5097.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:99.21 GB) (Free:31 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.99 GB) NTFS
Drive f: (Novo volume) (Fixed) (Total:298.09 GB) (Free:38.97 GB) NTFS


==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: F0000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=99.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2.5 GB) - (Type=0F Extended)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 74151589)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================