Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 11-07-2017
Executado por JRI (12-07-2017 00:22:03)
Executando a partir de C:\Users\JRI\Downloads
Microsoft Windows 7 Ultimate (X86) (2017-05-31 03:30:38)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2983164581-3880577354-3238212098-500 - Administrator - Disabled)
Convidado (S-1-5-21-2983164581-3880577354-3238212098-501 - Limited - Enabled)
JRI (S-1-5-21-2983164581-3880577354-3238212098-1000 - Administrator - Enabled) => C:\Users\JRI

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2983164581-3880577354-3238212098-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Acoustica Mixcraft 7 (32-bits) (HKLM\...\Mixcraft 7-32) (Version: 7.0.7.316 - Acoustica)
Adobe Acrobat Reader DC - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
AmpliTube 3 version 3.15.0 (HKLM\...\{DA5202AC-12BF-4330-B8EA-BC77F991FA1C}_is1) (Version: 3.15.0 - IK Multimedia)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (HKLM\...\{5D0275EA-F3CE-450A-A5A3-F852E30CA46F}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (HKLM\...\{994F3055-8433-46A7-8E1F-6CC7B68B01F0}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (HKLM\...\{EFB8E269-0619-475B-8C5B-96F98551AA33}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (HKLM\...\{84749C5C-FA80-4779-BD96-544165A8CD31}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (HKLM\...\{30FAE453-9F77-4F70-928E-042BEF00D011}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (HKLM\...\{41263A64-D276-484F-9056-AD58C8995E35}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (HKLM\...\{8DADD35F-49CE-4D18-AE6D-135DD150E74F}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (HKLM\...\{7F5DE3F2-5865-4D4A-89D1-AAEFE1F96E50}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (HKLM\...\{657EAD32-8E7A-43C0-A794-3BB31B00DC34}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (HKLM\...\{D29A4F85-0FB7-4E54-B591-044652C4295F}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (HKLM\...\{0A0143FF-ECB5-4960-A2E0-DC3150ABBBE0}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (HKLM\...\{950055ED-DC61-4874-8EDB-E5CDE1D218CD}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (HKLM\...\{F3286FA3-DF68-4948-8D1D-ED3A539077B3}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (HKLM\...\{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (HKLM\...\{877522BE-A318-4603-9B00-DF319C6FA2B1}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (HKLM\...\{4C614BD3-607E-4289-BB51-4D87EC7BBD62}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (HKLM\...\{246FE426-2661-4DD6-9603-DF2E6832387C}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (HKLM\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.0.0.491 - Corel Corporation)
CorelDRAW Graphics Suite X7 (HKLM\...\{08A60D9D-C206-46BF-9602-1F2616878CF7}) (Version: 17.0 - Corel Corporation) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.214 - ALPS ELECTRIC CO., LTD.)
Dll-Files Fixer (HKLM\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com)
Driver Easy 5.1.3 (HKLM\...\DriverEasy_is1) (Version: 5.1.3 - Easeware)
Driver Whiz (HKLM\...\Driver Whiz) (Version: 2.8.2 - 383 Media, Inc.)
Driver.Whiz.v.2.8.2.0 (HKLM\...\{77F6B480-F810-4462-BD0E-935F2EB954CE}) (Version: 2.8.2.0 - Driver.Whiz) Hidden
ESET NOD32 Antivirus (HKLM\...\{CB4019BE-1DE5-447B-A700-57AD3E933E5B}) (Version: 10.1.210.2 - ESET, spol. s r.o.)
FormatFactory 3.6.0.0 (HKLM\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Google Chrome (HKLM\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
IK Multimedia Authorization Manager version 1.0.14 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.14 - IK Multimedia)
Intel(R) C++ Redistributables on IA-32 (HKLM\...\{644B16B7-3B5D-4316-965C-03E49D749C40}) (Version: 17.0.210 - Intel Corporation)
KORG USB-MIDI Driver Tools for Windows (HKLM\...\{BA7B30BF-69C8-4269-9B4E-968C9ACD9CE9}) (Version: 1.14.0603 - Korg Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.99 - LSI Corporation)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.8201.2102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2983164581-3880577354-3238212098-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Motorola Device Manager (HKLM\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{BA562260-B4FA-4D87-ADC5-963783028C68}) (Version: 6.4.0 - Motorola Mobility LLC)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Native Instruments Kontakt 5 (HKLM\...\Native Instruments Kontakt 5) (Version: 5.5.0.409 - Native Instruments)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Pacote de Driver do Windows - Intel Corporation (igfx) Display (10/01/2012 8.15.10.2697) (HKLM\...\9EDF5A7B3FAF31B1B325EB8A0A37C9D81CAAB079) (Version: 10/01/2012 8.15.10.2697 - Intel Corporation)
Pacote de Driver do Windows - Ralink (netr73) Net (09/30/2011 4.00.10.0000) (HKLM\...\B2511B13C79097B15E149B136865F2B828B96827) (Version: 09/30/2011 4.00.10.0000 - Ralink)
Pacote de Driver do Windows - SAMSUNG Electronics Co., Ltd. Net (08/24/2016 2.12.4.0) (HKLM\...\A483FD0A19B4AB0EF2793C0AF579603A1A620E2D) (Version: 08/24/2016 2.12.4.0 - SAMSUNG Electronics Co., Ltd. )
Pacote de Driver do Windows - SAMSUNG Electronics Co., Ltd. WPD (08/24/2016 2.12.4.0) (HKLM\...\AC27CD7B0C23B90BF628C7A9AECF3465BE8FD400) (Version: 08/24/2016 2.12.4.0 - SAMSUNG Electronics Co., Ltd. )
Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Ralink RT7x Wireless LAN Card (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.5.4.0 - Ralink)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8110 - Realtek Semiconductor Corp.)
REAPER (HKLM\...\REAPER) (Version: - )
ReaPlugs (HKLM\...\ReaPlugs) (Version: - )
Waves Complete (HKLM\...\Complete_is1) (Version: 2017.06.19 - Waves)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ShellIconOverlayIdentifiers: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\JRI\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-23] ()
ShellIconOverlayIdentifiers: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\JRI\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-23] ()
ShellIconOverlayIdentifiers: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\JRI\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-23] ()
ContextMenuHandlers01: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-04-26] (ESET)
ContextMenuHandlers01: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\JRI\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-23] ()
ContextMenuHandlers01: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers02: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-04-26] (ESET)
ContextMenuHandlers03: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\JRI\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-23] ()
ContextMenuHandlers04: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\JRI\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-23] ()
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-05-31] (Intel Corporation)
ContextMenuHandlers06: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-04-26] (ESET)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {01CD4BBB-DF92-4B5F-9027-65E2C74123E5} - System32\Tasks\Motorola Device Manager Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {03A13390-588E-4FE5-8E7B-1F8561F64483} - System32\Tasks\DriverWhiz_RebootScan => C:\Program Files (x86)\DriverWhiz\DriverWhiz.exe [2017-05-08] ()
Task: {1F0E457C-FF43-4851-86D4-734CC5310F4A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-26] ()
Task: {26764C7C-3BBD-4AC3-8C98-F2514300357A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {3E4249D1-3D64-4C59-AE1A-16285758582E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-06-26] (Microsoft Corporation)
Task: {5109E385-D014-48CE-820C-0C7D6AE66073} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {6282C2B5-F142-496C-9AD7-8BFAC84E6844} - System32\Tasks\RDReminder => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {7235F0F0-8F21-47C2-8339-4242293CD5E6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-06-26] (Microsoft Corporation)
Task: {8428E88D-4EBC-4523-8F47-88D5E00E7223} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-05-31] (Google Inc.)
Task: {98BF2613-27EF-49CA-B60D-C794405E9B1A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-26] ()
Task: {B9F348D1-13F1-4C96-95C8-05C9E10754AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-05-31] (Google Inc.)
Task: {C90EB1D2-3276-41DE-A1AE-9CE69CC55231} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {C9903650-8A35-40F0-BF47-9B584446B849} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2017-05-17] (Easeware)
Task: {E0B48A86-32B3-4FA0-B447-49710C0C3B14} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {E6813C39-40EC-4A01-850C-BE478A31E4FB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-03] (Adobe Systems Incorporated)
Task: {EC16BCAC-042A-4595-AD20-C11FCBC84AC5} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path OfficeSoftwareProtectionProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
Task: {FA214419-7167-4CDC-9882-527B3AF30EE2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


==================== Módulos Carregados (Whitelisted) ==============

2017-04-26 13:31 - 2017-06-23 17:57 - 00569856 _____ () C:\Users\JRI\AppData\Local\MEGAsync\ShellExtX32.dll
2017-06-29 20:30 - 2017-06-22 23:21 - 02877272 _____ () C:\Program Files\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-29 20:30 - 2017-06-22 23:21 - 00086360 _____ () C:\Program Files\Google\Chrome\Application\59.0.3071.115\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8 [302]
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:DBC416F8 [302]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:04 - 2009-06-10 18:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2983164581-3880577354-3238212098-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\JRI\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.42.129
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AgereModemAudio => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: KMS-R@1n => 2
MSCONFIG\Services: Motorola Device Manager => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: PST Service => 2
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk => C:\Windows\pss\Ralink Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^JRI^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JRI^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Start.lnk => C:\Windows\pss\Start.lnk.Startup
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: KORG USB-MIDI Driver => C:\Program Files\KORG\KORG USB-MIDI Driver\EsHelper2.exe /s
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
MSCONFIG\startupreg: uTorrent => "C:\Users\JRI\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{1FAF082D-82C0-4A8F-944B-257ABE35FD93}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F52E6E50-3C30-4BB5-9A44-DA8CADE3CD78}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FirewallRules: [{E7046213-1B73-4049-AEC9-BF7394FB5F39}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9F974EFE-FA9F-420F-95FF-5C551CE9FFC3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{5D31B435-AFF1-49BE-A8B2-5891A2F9D3BE}] => (Allow) C:\Users\JRI\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{6DA1F8E9-E0E6-46C6-AAFB-70257EA0C3AA}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{5FD7A389-FB6C-4BE7-95B1-58E6A6F7C9EB}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [TCP Query User{09DD2625-7936-4144-AAF4-1B85DB7748DB}C:\program files\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{F6A2A999-305F-4FEE-8557-B17DAAA08D78}C:\program files\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [{EB14B42B-4755-45D5-A2B5-30575514DA82}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe
FirewallRules: [{78B4BAD6-A186-495D-B349-3F2C8B9EFA94}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe
FirewallRules: [{A18D2560-15F7-4D94-9B70-A3C05B4DC91A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5C089B12-379E-49B6-A5DE-80429F1F8B87}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{46264337-8DF0-418A-A253-07899E6E4498}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C6145D3B-57F9-4469-BBCC-E5393396612A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{AF73F33C-9021-4FF2-AA4F-BA99D8870D2C}] => (Allow) C:\Users\JRI\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DDE2F9AF-1289-45E6-A590-8047B34ADB40}] => (Allow) C:\Users\JRI\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9BC417E1-7167-4C6B-B62C-EE0EA3FA6AF0}] => (Allow) C:\Users\JRI\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{98D4D608-C9DF-4CB8-8DB4-062C69A687E1}] => (Allow) C:\Users\JRI\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC528107-8F4F-4566-A8AD-54DA62B3BC5F}] => (Allow) C:\Users\JRI\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8167562A-7FB1-43E1-AA6A-9FB872AB1048}] => (Allow) C:\Users\JRI\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{78509981-8619-4D2D-8D14-90B05A67332F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{57598FC6-EE24-429E-939B-9C0634BBC7F2}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D5C13493-50A5-425A-9985-FDEC30CAFF18}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E3223492-41AE-4C5D-8D4C-9F201873A275}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{06A156A2-F47C-415A-B978-38F4640F94A3}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{27AC3E82-DF9D-4D9F-A390-F576FD76A294}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{38A78E60-9FA5-45C5-A1D2-20470DBED837}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe

==================== Pontos de Restauração =========================

09-07-2017 01:46:16 Removed Waves Complete V9r2
09-07-2017 02:18:10 Installed Driver.Whiz.v.2.8.2.0
09-07-2017 02:23:24 Instalação de Pacote de Driver de Dispositivo: Intel Corporation Adaptadores de vídeo
09-07-2017 03:22:56 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
09-07-2017 03:23:44 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
09-07-2017 14:10:54 DLL-Files Fixer dom, jul 09, 17 14:10

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Ricoh xD-Picture Card Controller
Description:
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Ricoh Company
Service:
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

Name: Ricoh R/RL/5C476(II) ou controlador CardBus compatível
Description: Ricoh R/RL/5C476(II) ou controlador CardBus compatível
Class Guid: {4d36e977-e325-11ce-bfc1-08002be10318}
Manufacturer: RICOH
Service: pci
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/11/2017 10:47:03 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: O backup não foi concluído devido a um erro ao gravar no local de backup G:\. Erro: O local de backup não foi encontrado ou não é válido. Examine as configurações de backup e verifique o local de backup. (0x81000006).

Error: (07/09/2017 03:04:07 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: O Sistema de Eventos COM+ não pôde remover o EventSystem.EventSubscription objeto {5C70CD3A-8913-4D93-94F7-79182EF1B930}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Nome do objeto: HB_StopScreenSaver Descrição do objeto: O HRESULT foi 80070005.

Error: (07/09/2017 03:00:49 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: O Sistema de Eventos COM+ não pôde remover o EventSystem.EventSubscription objeto {5C70CD3A-8913-4D93-94F7-79182EF1B930}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Nome do objeto: HB_StopScreenSaver Descrição do objeto: O HRESULT foi 80070005.

Error: (07/09/2017 02:53:07 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: O Sistema de Eventos COM+ não pôde remover o EventSystem.EventSubscription objeto {5C70CD3A-8913-4D93-94F7-79182EF1B930}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Nome do objeto: HB_StopScreenSaver Descrição do objeto: O HRESULT foi 80070005.

Error: (07/09/2017 02:19:34 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: O Sistema de Eventos COM+ não pôde remover o EventSystem.EventSubscription objeto {60042969-6CCA-46CD-81D4-22A056C989F3}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Nome do objeto: HB_StartScreenSaver Descrição do objeto: O HRESULT foi 80070005.

Error: (07/09/2017 02:10:54 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.


Operação:
Obtendo Dados do Gravador

Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {970b0a07-77e1-4974-a554-fe3ba987c280}

Error: (07/09/2017 10:46:44 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: O Sistema de Eventos COM+ não pôde remover o EventSystem.EventSubscription objeto {5C70CD3A-8913-4D93-94F7-79182EF1B930}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Nome do objeto: HB_StopScreenSaver Descrição do objeto: O HRESULT foi 80070005.

Error: (07/09/2017 04:21:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "c:\program files (x86)\driverwhiz\DPInst64.exe".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (07/09/2017 04:21:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "c:\program files\Waves\emotion lv1\eMotion LV1.exe".
Assembly dependente Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (07/09/2017 04:20:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files\KORG\KORG USB-MIDI Driver\EzSetup64.exe".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.


Erros de Sistema:
=============
Error: (07/11/2017 10:35:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
pcmcia

Error: (07/11/2017 10:35:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Ricoh xD-Picture Card Driver devido ao seguinte erro:
O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.

Error: (07/09/2017 03:01:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
pcmcia

Error: (07/09/2017 03:01:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Ricoh xD-Picture Card Driver devido ao seguinte erro:
O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.

Error: (07/09/2017 02:59:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
pcmcia

Error: (07/09/2017 02:59:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Ricoh xD-Picture Card Driver devido ao seguinte erro:
O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.

Error: (07/09/2017 02:23:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
pcmcia

Error: (07/09/2017 02:23:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Ricoh xD-Picture Card Driver devido ao seguinte erro:
O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.

Error: (07/09/2017 10:47:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
pcmcia

Error: (07/09/2017 10:47:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Ricoh xD-Picture Card Driver devido ao seguinte erro:
O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.


==================== Informações da Memória ===========================

Processador: Intel(R) Celeron(R) CPU 570 @ 2.26GHz
Percentagem de memória em uso: 59%
RAM física total: 2039.16 MB
RAM física disponível: 825.16 MB
Virtual Total: 4078.32 MB
Virtual disponível: 2402.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:73.48 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 2544BBB8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================