samuelmachado

Oi Marcelo, obrigado pela dica e links, vou ver eles. Abs!

Muito obrigado, vou passar o antivirus e se não resolver vou reinstalar! O windows tem a opção restaurar PC mantendo arquivos. Acha que adianta ou tenho que formatar mesmo amigo?

Oi Ricardov, Usei o comando mas não deu certo Erro: 0x800f081f Não foi possível localizar os arquivos de origem. Use a opção "Origem" para especificar o local dos arquivos necessários à restauração do recurso. Para saber mais sobre como especificar um local de origem, consulte https://go.microsoft.com/fwlink/?LinkId=243077. O arquivo de log do DISM pode ser localizado em C:\Windows\Logs\DISM\dism.log C:\Windows\system32>

Boa noite, Executei o comando sfc /scannow no pronto de comando e acusou "A Proteção de Recursos do Windows encontrou arquivos corrompidos, mas não conseguiu corrigir alguns deles. Para reparos online, os detalhes são incluídos no arquivo de log CBS localizado em windir\Logs\CBS\CBS.log. Por exemplo, C:\Windows\Logs\CBS\CBS.log. Para reparos offline, os detalhes são incluídos no arquivo de log fornecido pelo sinalizador /OFFLOGFILE." De que forma posso solucionar isto? Desde já agradeço!

Muito obrigado pela ajuda Elias. Sem palavras. Um forte abraço!

Oi Elias! Quando eu inicio o computador não aparece mais o DOS pedindo para instalar o XMRIG.EXE. Acredito que o problema esteja resolvido!!!!

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 04-07-2021 Executado por Samuel e Letícia (04-07-2021 23:30:57) Run:1 Executando a partir de C:\Users\Samuel e Letícia\Desktop Perfis Carregados: Samuel e Letícia Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: () [Arquivo não assinado] C:\Program Files\qBittorrent\qbittorrent.exe C:\Program Files\qBittorrent Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk [2021-04-23] ShortcutAndArgument: start.lnk -> C:\Program Files (x86)\Install\starter.cmd => C:\Program Files (x86)\Install\xmrig.exe C:\Program Files (x86)\Install Task: {07182ADA-3959-4600-A553-97A4BD4DB2A5} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation) Task: {0F53D1EB-C79B-4051-8ABA-1A4FB0BEAE1C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-07-03] (Mozilla Corporation -> Mozilla Foundation) Task: {2445644A-15CD-4BD2-8222-3A04561226A4} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {2BA0827A-AD54-429E-8B58-A1313D1636A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-24] (Google LLC -> Google LLC) Task: {5407B24D-7456-4F02-A40F-E9D3E85EF6D5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [315056 2021-03-25] (Microsoft Corporation -> Microsoft Corporation) Task: {56862BA3-EC35-4DE8-8383-5B4D40E14343} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation) Task: {575BEE8A-808F-487F-B4E0-4F49C51E6B5F} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29802464 2021-06-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {672FDB9E-F5CA-48D2-8D6E-093A96DB5AE3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [5967976 2015-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {69F1BA2E-2ECE-44FB-AA89-0102ED5CA91B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-24] (Google LLC -> Google LLC) Task: {6B8318EA-CB88-4450-8EA5-BD711B3BD352} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\Windows\TEMP\is-M4T57.tmp\corefixer.exe <==== ATENÇÃO Task: {76AC1260-9B75-4B8F-B160-6129CA74B5AD} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [248552 2021-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {7C6633AD-4842-4CAD-9D5C-FD4FE3FC5B36} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1628464 2021-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {7FE31423-6F0E-474A-9FA4-95D74F61B108} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [5967976 2015-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {9179A8B4-800D-4821-962A-B74C563D7385} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [10893616 2021-05-20] (Lespeed Technology Co., Ltd -> WiseCleaner.com) Task: {A4C25941-B761-47E5-9F16-A289589DD708} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [268328 2021-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {B638CBF1-4D13-4D56-B300-8048488B57EB} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-02-25] () [Arquivo não assinado] Task: {B8A95955-90DC-4DF0-9EC9-86B09C4ADBA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [315056 2021-03-25] (Microsoft Corporation -> Microsoft Corporation) Task: {BCF96FDE-BC62-431C-A258-55AEA4E0196F} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651216 2021-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {D97735F1-036B-44F6-B3FB-8ADB1B7F0FD3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {F9485F38-347A-402A-87C0-5F20FF0F51E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274] AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [14514] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410] AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274] AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [14514] AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274] AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [14514] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [14514] FirewallRules: [{96A380E3-C213-4B61-8CEA-BBBCBD4E9A5C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Arquivo não assinado] FirewallRules: [{9664865B-D3CD-4F90-B168-96A827E4E53A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Arquivo não assinado] CloseProcesses: CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: CreateRestorePoint: ***************** Ponto de Restauração criado com sucesso. C:\Program Files\qBittorrent\qbittorrent.exe => Não foi encontrado em execução o processo C:\Program Files\qBittorrent => movido com sucesso C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk => movido com sucesso ShortcutAndArgument: start.lnk -> C:\Program Files (x86)\Install\starter.cmd => => Erro: Nenhuma correção automática foi encontrada para esta entrada. "C:\Program Files (x86)\Install\xmrig.exe" => não encontrado (a) C:\Program Files (x86)\Install => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07182ADA-3959-4600-A553-97A4BD4DB2A5}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07182ADA-3959-4600-A553-97A4BD4DB2A5}" => removido (a) com sucesso. C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F53D1EB-C79B-4051-8ABA-1A4FB0BEAE1C}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F53D1EB-C79B-4051-8ABA-1A4FB0BEAE1C}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2445644A-15CD-4BD2-8222-3A04561226A4}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2445644A-15CD-4BD2-8222-3A04561226A4}" => removido (a) com sucesso. C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC_QUEENCREEK" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BA0827A-AD54-429E-8B58-A1313D1636A1}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BA0827A-AD54-429E-8B58-A1313D1636A1}" => removido (a) com sucesso. C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5407B24D-7456-4F02-A40F-E9D3E85EF6D5}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5407B24D-7456-4F02-A40F-E9D3E85EF6D5}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentFallBack2016" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{56862BA3-EC35-4DE8-8383-5B4D40E14343}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56862BA3-EC35-4DE8-8383-5B4D40E14343}" => removido (a) com sucesso. C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{575BEE8A-808F-487F-B4E0-4F49C51E6B5F}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{575BEE8A-808F-487F-B4E0-4F49C51E6B5F}" => removido (a) com sucesso. C:\Windows\System32\Tasks\AviraSystemSpeedupUpdate => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AviraSystemSpeedupUpdate" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{672FDB9E-F5CA-48D2-8D6E-093A96DB5AE3}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{672FDB9E-F5CA-48D2-8D6E-093A96DB5AE3}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69F1BA2E-2ECE-44FB-AA89-0102ED5CA91B}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69F1BA2E-2ECE-44FB-AA89-0102ED5CA91B}" => removido (a) com sucesso. C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6B8318EA-CB88-4450-8EA5-BD711B3BD352}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B8318EA-CB88-4450-8EA5-BD711B3BD352}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Rerun Warsaw's CoreFixer => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Rerun Warsaw's CoreFixer" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76AC1260-9B75-4B8F-B160-6129CA74B5AD}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76AC1260-9B75-4B8F-B160-6129CA74B5AD}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Avira_Security_Service_SCM_Watchdog => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira_Security_Service_SCM_Watchdog" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7C6633AD-4842-4CAD-9D5C-FD4FE3FC5B36}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C6633AD-4842-4CAD-9D5C-FD4FE3FC5B36}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Avira_Security_Systray => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira_Security_Systray" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7FE31423-6F0E-474A-9FA4-95D74F61B108}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FE31423-6F0E-474A-9FA4-95D74F61B108}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Office\Office Automatic Updates => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9179A8B4-800D-4821-962A-B74C563D7385}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9179A8B4-800D-4821-962A-B74C563D7385}" => removido (a) com sucesso. C:\Windows\System32\Tasks\WiseCleaner\WRCSkipUAC => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WiseCleaner\WRCSkipUAC" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4C25941-B761-47E5-9F16-A289589DD708}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4C25941-B761-47E5-9F16-A289589DD708}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Avira_Security_Update => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira_Security_Update" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B638CBF1-4D13-4D56-B300-8048488B57EB}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B638CBF1-4D13-4D56-B300-8048488B57EB}" => removido (a) com sucesso. C:\Windows\System32\Tasks\klcp_update => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B8A95955-90DC-4DF0-9EC9-86B09C4ADBA0}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8A95955-90DC-4DF0-9EC9-86B09C4ADBA0}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentLogOn2016" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BCF96FDE-BC62-431C-A258-55AEA4E0196F}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCF96FDE-BC62-431C-A258-55AEA4E0196F}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Avira_Antivirus_Systray => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira_Antivirus_Systray" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D97735F1-036B-44F6-B3FB-8ADB1B7F0FD3}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D97735F1-036B-44F6-B3FB-8ADB1B7F0FD3}" => removido (a) com sucesso. C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9485F38-347A-402A-87C0-5F20FF0F51E4}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9485F38-347A-402A-87C0-5F20FF0F51E4}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso. C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => movido com sucesso HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\caljgklbbfbcjjanaijlacgncafpegll => removido (a) com sucesso. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh => removido (a) com sucesso. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removido (a) com sucesso. C:\ProgramData => ":chnpbmzkyg" ADS removido (a) com sucesso. C:\ProgramData => ":YXVtLmh6aQ" ADS removido (a) com sucesso. C:\Windows\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso. "C:\Users\All Users" => ":chnpbmzkyg" ADS não encontrado (a). "C:\Users\All Users" => ":YXVtLmh6aQ" ADS não encontrado (a). "C:\Users\Todos os Usuários" => ":chnpbmzkyg" ADS não encontrado (a). "C:\Users\Todos os Usuários" => ":YXVtLmh6aQ" ADS não encontrado (a). "C:\ProgramData\Dados de Aplicativos" => ":chnpbmzkyg" ADS não encontrado (a). "C:\ProgramData\Dados de Aplicativos" => ":YXVtLmh6aQ" ADS não encontrado (a). "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96A380E3-C213-4B61-8CEA-BBBCBD4E9A5C}" => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9664865B-D3CD-4F90-B168-96A827E4E53A}" => removido (a) com sucesso. Processos fechados com sucesso. ========= ipconfig /flushdns ========= Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-21-2542081707-378966687-2905941670-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-21-2542081707-378966687-2905941670-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. ========= Fim de RemoveProxy: ========= Ponto de Restauração criado com sucesso. =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27437131 B Java, Flash, Steam htmlcache => 17129111 B Windows/system/drivers => 169141 B Edge => 0 B Chrome => 1278361471 B Firefox => 98205279 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 8178 B NetworkService => 6280022 B Samuel e Letícia => 11361164 B RecycleBin => 0 B EmptyTemp: => 1.3 GB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 23:33:14 ====

FRST Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 04-07-2021 Executado por Samuel e Letícia (administrador) em DESKTOP-UBM4B7P (MSI MS-7817) (04-07-2021 19:49:22) Executando a partir de E:\chapolin\Temporada 3 Perfis Carregados: Samuel e Letícia Platform: Windows 10 Pro Versão 20H2 19042.1052 (X64) Idioma: Português (Brasil) Navegador padrão: Chrome Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) () [Arquivo não assinado] C:\Program Files\qBittorrent\qbittorrent.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <26> (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Intel(R) pGFX 2020 -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Samuel e Letícia\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 8\updater-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 8\ws.exe (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) C:\Program Files\Diebold\Warsaw\core.exe <2> ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288672 2021-05-21] (IDSA Production signing key 2021 -> Intel) HKU\S-1-5-21-2542081707-378966687-2905941670-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\...\Print\Monitors\PDF Architect 8 Monitor: C:\Windows\system32\spool\DRIVERS\x64\architect_pdfpmon_v.4.12.26.3.dll [932984 2021-05-25] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com)) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2021-05-25] (pdfforge GmbH) [Arquivo não assinado] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-30] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk [2021-04-23] ShortcutAndArgument: start.lnk -> C:\Program Files (x86)\Install\starter.cmd => ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {07182ADA-3959-4600-A553-97A4BD4DB2A5} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation) Task: {0F53D1EB-C79B-4051-8ABA-1A4FB0BEAE1C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-07-03] (Mozilla Corporation -> Mozilla Foundation) Task: {2445644A-15CD-4BD2-8222-3A04561226A4} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {2BA0827A-AD54-429E-8B58-A1313D1636A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-24] (Google LLC -> Google LLC) Task: {5407B24D-7456-4F02-A40F-E9D3E85EF6D5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [315056 2021-03-25] (Microsoft Corporation -> Microsoft Corporation) Task: {56862BA3-EC35-4DE8-8383-5B4D40E14343} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation) Task: {575BEE8A-808F-487F-B4E0-4F49C51E6B5F} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29802464 2021-06-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {672FDB9E-F5CA-48D2-8D6E-093A96DB5AE3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [5967976 2015-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {69F1BA2E-2ECE-44FB-AA89-0102ED5CA91B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-24] (Google LLC -> Google LLC) Task: {6B8318EA-CB88-4450-8EA5-BD711B3BD352} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\Windows\TEMP\is-M4T57.tmp\corefixer.exe <==== ATENÇÃO Task: {76AC1260-9B75-4B8F-B160-6129CA74B5AD} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [248552 2021-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {7C6633AD-4842-4CAD-9D5C-FD4FE3FC5B36} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1628464 2021-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {7FE31423-6F0E-474A-9FA4-95D74F61B108} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [5967976 2015-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {9179A8B4-800D-4821-962A-B74C563D7385} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [10893616 2021-05-20] (Lespeed Technology Co., Ltd -> WiseCleaner.com) Task: {A4C25941-B761-47E5-9F16-A289589DD708} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [268328 2021-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {B638CBF1-4D13-4D56-B300-8048488B57EB} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-02-25] () [Arquivo não assinado] Task: {B8A95955-90DC-4DF0-9EC9-86B09C4ADBA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [315056 2021-03-25] (Microsoft Corporation -> Microsoft Corporation) Task: {BCF96FDE-BC62-431C-A258-55AEA4E0196F} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651216 2021-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {D97735F1-036B-44F6-B3FB-8ADB1B7F0FD3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {F9485F38-347A-402A-87C0-5F20FF0F51E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{a5e06b11-41cd-4fa3-94cb-24b82cfd74c3}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{da2fecec-e343-4739-8e3a-b5c3b1df2a58}: [DhcpNameServer] 192.168.8.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Samuel e Letícia\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-04] FireFox: ======== FF DefaultProfile: 6fvw2zen.default FF ProfilePath: C:\Users\Samuel e Letícia\AppData\Roaming\Mozilla\Firefox\Profiles\6fvw2zen.default [2021-03-28] FF ProfilePath: C:\Users\Samuel e Letícia\AppData\Roaming\Mozilla\Firefox\Profiles\cothkxox.default-release [2021-07-04] FF Extension: (Bilômetro) - C:\Users\Samuel e Letícia\AppData\Roaming\Mozilla\Firefox\Profiles\cothkxox.default-release\Extensions\{09d09f49-3615-4cf3-ad57-a6cc924f29e8}.xpi [2021-05-17] FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-03-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-03-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-25] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-25] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2021-07-04] Chrome: ======= CHR Profile: C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default [2021-07-04] CHR Extension: (Apresentações) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-24] CHR Extension: (Documentos) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-24] CHR Extension: (Google Drive) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-24] CHR Extension: (YouTube) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-24] CHR Extension: (Avira Password Manager) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-06-29] CHR Extension: (Avira Safe Shopping) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-06-27] CHR Extension: (Planilhas) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-24] CHR Extension: (Segurança do navegador Avira) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-06-29] CHR Extension: (Documentos Google off-line) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-28] CHR Extension: (Adblock - No More Ads) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbcmmhijbfhblohmfjopjjlagmkgem [2021-03-26] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-24] CHR Extension: (Gmail) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-24] CHR Extension: (Chrome Media Router) - C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-26] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208432 2021-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2021-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484904 2021-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484904 2021-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [575776 2021-02-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988816 2021-03-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383976 2021-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [266128 2021-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation -> Microsoft Corporation) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-14] (HP Inc. -> HP Inc.) R3 PDF Architect 8; C:\Program Files\PDF Architect 8\ws.exe [2731616 2020-11-16] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 8 Creator; C:\Program Files\PDF Architect 8\creator-ws.exe [628832 2020-11-16] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 8 Update Service; C:\Program Files\PDF Architect 8\updater-ws.exe [1826400 2020-11-16] (pdfforge GmbH -> pdfforge GmbH) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1141648 2020-08-10] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 avelam; C:\Windows\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [209744 2021-03-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 phantomtap; C:\Windows\System32\drivers\phantomtap.sys [50248 2021-05-06] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [8218304 2019-04-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [41008 2021-02-04] (McAfee, LLC. -> The OpenVPN Project) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation) R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation) S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [47800 2021-05-19] (Gas Informatica Ltda -> GAS Tecnologia) R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [61456 2020-08-11] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44728 2020-07-10] (Gas Informatica Ltda -> GAS Tecnologia) R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43528 2020-07-23] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) Erro ao ler arquivo: "C:\Users\Samuel e Letícia\Desktop\APznzaZ02wY1jACcFNx49V8A91mInxCRzIEkioAGyxIFiwbser48X0c4ACQ-b8qP2URIPikRBOth9PdHqP2tOdEXkeGrIngeTNtmPiSVbqNmHo1XeACRHFvVMt7NOTLDhGIjgRxD5iA-N41DotbgpUXdoa5JIqAgaOYbQExvbqCj3Lvq_WqDeVx6yw28eSQI6N9NZFR_3sABSNb6rsqHYH5006mgu7O8FsJXXNBfdTTTNcXrM767xjp6GKt.pdf" 2021-07-04 01:05 - 2021-07-04 01:05 - 000001425 _____ C:\Windows\system32\default_error_stack-000001-000000.txt 2021-07-03 21:42 - 2021-07-03 21:42 - 000000304 _____ C:\Users\Samuel e Letícia\Desktop\Search 2.txt 2021-07-03 21:39 - 2021-07-03 21:39 - 000000304 _____ C:\Users\Samuel e Letícia\Desktop\Search.txt 2021-07-03 21:37 - 2021-07-04 19:49 - 000000000 ____D C:\FRST 2021-07-03 21:34 - 2021-07-03 21:34 - 000008332 _____ C:\Users\Samuel e Letícia\Desktop\ZHPCleaner (R).html 2021-07-03 21:34 - 2021-07-03 21:34 - 000002294 _____ C:\Users\Samuel e Letícia\Desktop\zhp.txt 2021-07-03 21:34 - 2021-07-03 21:34 - 000002279 _____ C:\Users\Samuel e Letícia\Desktop\ZHPCleaner (R).txt 2021-07-03 21:32 - 2021-07-03 21:32 - 000002127 _____ C:\Users\Samuel e Letícia\Desktop\report zhp.txt 2021-07-03 21:30 - 2021-07-03 21:30 - 000008050 _____ C:\Users\Samuel e Letícia\Desktop\ZHPCleaner (S).html 2021-07-03 21:30 - 2021-07-03 21:30 - 000002106 _____ C:\Users\Samuel e Letícia\Desktop\ZHPCleaner (S).txt 2021-07-03 21:21 - 2021-07-03 21:21 - 000001405 _____ C:\Users\Samuel e Letícia\Desktop\AdwCleaner[S00].txt 2021-07-03 21:20 - 2021-07-03 21:34 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\ZHP 2021-07-03 21:20 - 2021-07-03 21:20 - 000000886 _____ C:\Users\Samuel e Letícia\Desktop\ZHPCleaner.lnk 2021-07-03 21:20 - 2021-07-03 21:20 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Local\ZHP 2021-07-03 21:18 - 2021-07-03 21:18 - 000000000 ____D C:\AdwCleaner 2021-07-03 19:24 - 2021-07-03 19:24 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-07-03 15:59 - 2021-07-04 10:37 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-07-03 08:20 - 2021-07-03 08:21 - 000000000 ____D C:\Users\Samuel e Letícia\Desktop\Virus 2021-06-27 18:27 - 2021-06-27 18:27 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\Avira 2021-06-27 16:41 - 2021-06-27 16:43 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\com.nst.iptvsmartersplayer 2021-06-27 16:41 - 2021-06-27 16:41 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\IPTV Smarters Player 2021-06-27 16:40 - 2021-06-27 16:40 - 000002824 _____ C:\Users\Samuel e Letícia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IPTV Smarters Player.lnk 2021-06-27 16:40 - 2021-06-27 16:40 - 000002816 _____ C:\Users\Samuel e Letícia\Desktop\IPTV Smarters Player.lnk 2021-06-27 16:40 - 2021-06-27 16:40 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Local\com.nst.iptvsmartersplayer-updater 2021-06-27 14:24 - 2021-06-27 14:39 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\Wise Registry Cleaner 2021-06-27 14:24 - 2021-06-27 14:24 - 000001300 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk 2021-06-27 14:24 - 2021-06-27 14:24 - 000001300 _____ C:\ProgramData\Desktop\Wise Registry Cleaner.lnk 2021-06-27 14:24 - 2021-06-27 14:24 - 000000000 ____D C:\Windows\system32\Tasks\WiseCleaner 2021-06-27 14:24 - 2021-06-27 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner 2021-06-27 14:24 - 2021-06-27 14:24 - 000000000 ____D C:\Program Files (x86)\Wise 2021-06-27 14:22 - 2021-06-27 14:24 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\GlarySoft 2021-06-27 14:22 - 2021-06-27 14:24 - 000000000 ____D C:\Program Files (x86)\Glarysoft 2021-06-27 14:05 - 2021-07-01 20:24 - 000000000 ____D C:\Users\Public\Security Sessions 2021-06-27 14:01 - 2021-06-27 14:01 - 000003374 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray 2021-06-27 14:01 - 2021-06-27 14:01 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf 2021-06-27 14:01 - 2021-03-25 17:05 - 000209744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2021-06-27 14:01 - 2021-02-09 18:03 - 000199312 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2021-06-27 14:01 - 2019-06-07 15:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys 2021-06-27 14:01 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2021-06-27 14:01 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2021-06-27 14:01 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys 2021-06-27 14:01 - 2019-03-20 18:50 - 000022336 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avelam.sys 2021-06-27 13:59 - 2021-07-04 13:59 - 000003786 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate 2021-06-27 13:59 - 2021-07-01 17:08 - 000003718 _____ C:\Windows\system32\Tasks\Avira_Security_Update 2021-06-27 13:59 - 2021-06-27 14:05 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Local\Avira 2021-06-27 13:59 - 2021-06-27 13:59 - 000003428 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog 2021-06-27 13:59 - 2021-06-27 13:59 - 000002816 _____ C:\Windows\system32\Tasks\Avira_Security_Systray 2021-06-27 13:59 - 2021-06-27 13:59 - 000000000 ____D C:\Users\Public\Speedup Sessions 2021-06-27 13:58 - 2021-07-01 17:07 - 000001078 _____ C:\Users\Public\Desktop\Avira.lnk 2021-06-27 13:58 - 2021-07-01 17:07 - 000001078 _____ C:\ProgramData\Desktop\Avira.lnk 2021-06-27 13:58 - 2021-07-01 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2021-06-27 13:58 - 2021-06-27 14:05 - 000000000 ____D C:\ProgramData\Avira 2021-06-27 13:58 - 2021-06-27 14:04 - 000070143 _____ C:\Users\Samuel 2021-06-27 13:58 - 2021-06-27 14:01 - 000000000 ____D C:\Program Files (x86)\Avira 2021-06-27 13:29 - 2021-06-27 13:29 - 000001389 _____ C:\Users\Samuel e Letícia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-06-27 13:29 - 2021-06-27 13:29 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Local\ESET 2021-06-27 13:12 - 2021-07-03 19:07 - 000000000 ____D C:\Program Files (x86)\Install 2021-06-25 22:43 - 2021-06-25 22:43 - 000051322 _____ C:\Users\Samuel e Letícia\Desktop\Contracheque_062021_264362426580.pdf 2021-06-25 19:24 - 2021-06-25 19:24 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\LocalLow\Voxler 2021-06-25 19:23 - 2021-06-25 19:23 - 000000722 _____ C:\Users\Samuel e Letícia\Desktop\Lets Sing 2019.lnk 2021-06-25 19:23 - 2021-06-25 19:23 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lets Sing 2019 2021-06-25 14:16 - 2021-06-25 14:16 - 000352874 _____ C:\Users\Samuel e Letícia\Desktop\PROVA 2 CRÍTICA LITERÁRIA - LETÍCIA SOARES.pdf 2021-06-24 11:51 - 2021-06-24 11:51 - 000303692 _____ C:\Users\Samuel e Letícia\Desktop\(96) Pinterest.html 2021-06-24 11:51 - 2021-06-24 11:51 - 000000000 ____D C:\Users\Samuel e Letícia\Desktop\(96) Pinterest_files 2021-06-23 21:08 - 2021-06-23 21:08 - 013853606 _____ C:\Users\Samuel e Letícia\Desktop\Gaulejac 2007 Gestão como doença social.pdf 2021-06-21 18:25 - 2021-06-21 18:25 - 000148949 _____ C:\Users\Samuel e Letícia\Desktop\Recibo.pdf 2021-06-20 18:27 - 2021-06-20 18:27 - 001873383 _____ C:\Users\Samuel e Letícia\Desktop\catalogo_HB20S_Diamond_digital.pdf 2021-06-19 16:30 - 2021-06-19 16:38 - 000005120 _____ C:\Users\Samuel e Letícia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2021-06-19 16:28 - 2021-06-19 16:28 - 000000408 _____ C:\Users\Samuel e Letícia\AppData\Roaming\CamShapes.ini 2021-06-19 16:28 - 2021-06-19 16:28 - 000000408 _____ C:\Users\Samuel e Letícia\AppData\Roaming\CamLayout.ini 2021-06-19 16:28 - 2021-06-19 16:28 - 000000064 _____ C:\Users\Samuel e Letícia\AppData\Roaming\Camdata.ini 2021-06-19 16:27 - 2021-06-19 16:28 - 000004536 _____ C:\Users\Samuel e Letícia\AppData\Roaming\CamStudio.cfg 2021-06-19 16:27 - 2021-06-19 16:28 - 000000000 ____D C:\Users\Samuel e Letícia\Documents\My CamStudio Temp Files 2021-06-19 16:27 - 2021-06-19 16:27 - 000000000 ____D C:\Users\Samuel e Letícia\Documents\My CamStudio Videos 2021-06-19 16:26 - 2021-06-19 16:26 - 000000096 _____ C:\Users\Samuel e Letícia\AppData\Roaming\version2.xml 2021-06-19 15:50 - 2021-06-20 10:21 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\Doblon 2021-06-19 15:40 - 2021-06-19 16:46 - 000000000 ____D C:\Users\Samuel e Letícia\Desktop\List Samuquinha 2021-06-19 15:30 - 2021-06-20 10:21 - 000000000 ____D C:\Users\Samuel e Letícia\Documents\My Karaoke 2021-06-19 15:30 - 2021-06-20 10:21 - 000000000 ____D C:\Program Files (x86)\Doblon 2021-06-19 11:26 - 2021-06-19 12:05 - 000000000 ____D C:\Users\Samuel e Letícia\Desktop\Banda 2021-06-12 09:04 - 2021-06-12 09:04 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Local\Helios 2021-06-12 00:23 - 2021-06-12 00:23 - 000000987 _____ C:\Users\Public\Desktop\Little Nightmares II.lnk 2021-06-12 00:23 - 2021-06-12 00:23 - 000000987 _____ C:\ProgramData\Desktop\Little Nightmares II.lnk 2021-06-10 16:10 - 2021-06-10 16:10 - 002942821 _____ C:\Users\Samuel e Letícia\Desktop\Gramatica.pdf 2021-06-09 22:18 - 2021-06-12 09:04 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Local\UnrealEngine 2021-06-08 19:05 - 2021-06-08 19:05 - 000001425 _____ C:\Windows\system32\default_error_stack-000000-000000.txt 2021-06-08 16:19 - 2021-06-08 16:19 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2021-06-08 16:19 - 2021-06-08 16:19 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2021-06-08 16:19 - 2021-06-08 16:19 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll 2021-06-08 16:19 - 2021-06-08 16:19 - 001864192 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll 2021-06-08 16:19 - 2021-06-08 16:19 - 001823792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-06-08 16:19 - 2021-06-08 16:19 - 001393496 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-06-08 16:19 - 2021-06-08 16:19 - 001314120 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-06-08 16:19 - 2021-06-08 16:19 - 000657464 _____ C:\Windows\system32\WindowManagementAPI.dll 2021-06-08 16:19 - 2021-06-08 16:19 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2021-06-08 16:19 - 2021-06-08 16:19 - 000468440 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll 2021-06-08 16:19 - 2021-06-08 16:19 - 000451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2021-06-08 16:19 - 2021-06-08 16:19 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2021-06-08 16:19 - 2021-06-08 16:19 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe 2021-06-08 16:19 - 2021-06-08 16:19 - 000097280 _____ C:\Windows\system32\Drivers\cimfs.sys 2021-06-08 16:19 - 2021-06-08 16:19 - 000011353 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-06-08 16:18 - 2021-06-08 16:18 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2021-06-08 16:18 - 2021-06-08 16:18 - 000287232 _____ C:\Windows\system32\CoreMas.dll 2021-06-08 16:18 - 2021-06-08 16:18 - 000272384 _____ C:\Windows\system32\TpmTool.exe 2021-06-07 20:02 - 2021-06-07 20:02 - 006593748 _____ C:\Users\Samuel e Letícia\Desktop\Leticia da Rosa Soares - Evaluacion.pdf 2021-06-07 18:15 - 2021-06-07 18:15 - 001498694 _____ C:\Users\Samuel e Letícia\Desktop\ACFrOgCmM_1ARxbDy6mWlJd2TeO1Hi9k2ZKJAcTmhPo4TKkOwNJsy8OH5BkfOmUXl8YCre8nlIbqq11BSxbhIVJtwN1ZnM-JbB_svlM94UnjzyiFAebrb5MT_xdEWE1bKPlwnsjI-kjsWpej72XO.pdf 2021-06-07 13:09 - 2021-06-07 13:09 - 000409449 _____ C:\Users\Samuel e Letícia\Desktop\aula_luciane_07_junho.pdf 2021-06-06 19:17 - 2021-06-06 19:17 - 000069947 _____ C:\Users\Samuel e Letícia\Desktop\documento.pdf 2021-06-05 15:51 - 2021-06-05 15:51 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\PDF Architect 8 2021-06-05 15:38 - 2021-06-05 15:38 - 000076635 _____ C:\Users\Samuel e Letícia\Desktop\Atestado_medico_vacinacao_comorbidades.pdf 2021-06-04 19:49 - 2021-06-04 19:49 - 052109466 _____ C:\Users\Samuel e Letícia\Desktop\strawberry_shortcake_v1.2.3_mod.apk ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-07-04 19:41 - 2020-11-18 23:45 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-07-04 19:37 - 2021-03-25 00:12 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\qBittorrent 2021-07-04 19:37 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-07-04 12:06 - 2021-03-28 13:39 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\LocalLow\Mozilla 2021-07-04 11:52 - 2021-03-28 13:39 - 000000000 ____D C:\ProgramData\Mozilla 2021-07-04 10:48 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness 2021-07-04 10:42 - 2021-03-24 22:59 - 001651946 _____ C:\Windows\system32\PerfStringBackup.INI 2021-07-04 10:42 - 2019-12-07 11:53 - 000715500 _____ C:\Windows\system32\prfh0416.dat 2021-07-04 10:42 - 2019-12-07 11:53 - 000140656 _____ C:\Windows\system32\prfc0416.dat 2021-07-04 10:42 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF 2021-07-04 10:39 - 2021-05-19 00:45 - 000000000 ____D C:\Windows\Minidump 2021-07-04 10:37 - 2021-03-28 13:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-07-04 10:37 - 2021-03-24 23:10 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-07-04 10:37 - 2021-03-24 23:10 - 000000000 __SHD C:\Users\Samuel e Letícia\IntelGraphicsProfiles 2021-07-04 10:37 - 2021-03-24 23:02 - 000000000 ___RD C:\Users\Samuel e Letícia\OneDrive 2021-07-04 10:37 - 2021-03-24 22:53 - 000008192 ___SH C:\DumpStack.log.tmp 2021-07-04 10:37 - 2020-11-18 23:45 - 000472000 _____ C:\Windows\system32\FNTCACHE.DAT 2021-07-04 10:37 - 2020-11-18 23:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-07-04 01:06 - 2019-12-07 06:03 - 000524288 _____ C:\Windows\system32\config\BBI 2021-07-03 19:24 - 2021-03-28 13:39 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-07-02 19:20 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-07-02 18:31 - 2020-11-18 23:48 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-02 18:31 - 2020-11-18 23:48 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-07-02 18:31 - 2020-11-18 23:48 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-07-02 18:30 - 2021-03-24 23:02 - 000003400 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2542081707-378966687-2905941670-1001 2021-07-02 18:30 - 2021-03-24 22:58 - 000002418 _____ C:\Users\Samuel e Letícia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-06-30 02:40 - 2021-03-24 23:29 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-06-30 02:40 - 2021-03-24 23:29 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-06-30 02:40 - 2021-03-24 23:29 - 000002204 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2021-06-29 16:09 - 2020-11-18 23:47 - 000003618 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-06-29 16:09 - 2020-11-18 23:47 - 000003494 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-06-28 01:05 - 2021-03-24 22:58 - 000000000 ____D C:\Users\Samuel e Letícia 2021-06-27 14:59 - 2021-03-27 18:11 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\LocalLow\Temp 2021-06-27 14:40 - 2021-03-24 23:29 - 000000000 ____D C:\Program Files\Google 2021-06-27 14:01 - 2019-12-07 06:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-06-27 13:38 - 2021-05-25 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 8 2021-06-27 13:15 - 2021-03-24 22:59 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Local\VirtualStore 2021-06-25 13:30 - 2021-05-18 12:10 - 000000000 ____D C:\Users\Samuel e Letícia\Desktop\LETÍCIA - ATIVIDADES DA SEMANA 2021-06-25 10:53 - 2021-04-11 11:17 - 000000000 ____D C:\Users\Samuel e Letícia\Desktop\LÍVIA - AULA DA SEMANA 2021-06-25 08:29 - 2021-03-24 22:59 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Local\Packages 2021-06-14 18:15 - 2021-04-08 19:09 - 000000000 ____D C:\Users\Samuel e Letícia\AppData\Roaming\DS4Windows 2021-06-12 23:40 - 2021-05-20 23:31 - 000040401 _____ C:\Users\Samuel e Letícia\Desktop\Financeiro Casa.xlsx 2021-06-12 11:09 - 2020-11-18 23:45 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-06-09 22:14 - 2021-03-24 23:33 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-06-08 19:07 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-06-08 19:04 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\PrintDialog 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemResources 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\oobe 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\migwiz 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\lv-LV 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\et-EE 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\Dism 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-06-08 19:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\bcastdvr 2021-06-08 16:22 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp 2021-06-08 16:11 - 2021-03-24 23:21 - 000000000 ____D C:\Windows\system32\MRT 2021-06-08 16:09 - 2021-03-24 23:20 - 132447432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-06-05 15:51 - 2021-05-25 21:30 - 000000000 ____D C:\ProgramData\PDF Architect 8 2021-06-05 15:50 - 2021-06-02 17:46 - 000000000 ____D C:\Users\Samuel e Letícia\Desktop\RELAÇÃO ESTUDANTES - VACINA ==================== Arquivos na raiz de alguns diretórios ======== 2021-06-19 16:28 - 2021-06-19 16:28 - 000000064 _____ () C:\Users\Samuel e Letícia\AppData\Roaming\Camdata.ini 2021-06-19 16:28 - 2021-06-19 16:28 - 000000408 _____ () C:\Users\Samuel e Letícia\AppData\Roaming\CamLayout.ini 2021-06-19 16:28 - 2021-06-19 16:28 - 000000408 _____ () C:\Users\Samuel e Letícia\AppData\Roaming\CamShapes.ini 2021-06-19 16:27 - 2021-06-19 16:28 - 000004536 _____ () C:\Users\Samuel e Letícia\AppData\Roaming\CamStudio.cfg 2021-06-19 16:26 - 2021-06-19 16:26 - 000000096 _____ () C:\Users\Samuel e Letícia\AppData\Roaming\version2.xml 2021-06-19 16:30 - 2021-06-19 16:38 - 000005120 _____ () C:\Users\Samuel e Letícia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2021-04-03 23:03 - 2021-04-03 23:03 - 000003446 _____ () C:\Users\Samuel e Letícia\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ======================== ------------------------------ Addition Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 04-07-2021 Executado por Samuel e Letícia (04-07-2021 19:50:27) Executando a partir de E:\chapolin\Temporada 3 Windows 10 Pro Versão 20H2 19042.1052 (X64) (2021-03-25 01:55:12) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-2542081707-378966687-2905941670-500 - Administrator - Disabled) Convidado (S-1-5-21-2542081707-378966687-2905941670-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2542081707-378966687-2905941670-503 - Limited - Disabled) Samuel e Letícia (S-1-5-21-2542081707-378966687-2905941670-1001 - Administrator - Enabled) => C:\Users\Samuel e Letícia WDAGUtilityAccount (S-1-5-21-2542081707-378966687-2905941670-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Avira Antivirus (Disabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2104.2083 - Avira Operations GmbH & Co. KG) Hidden Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.4.17510 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.51.20430 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;) Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.11.0.11177 - Avira Operations GmbH & Co. KG) Hidden CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.) CrystalDiskInfo 8.12.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.0 - Crystal Dew World) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC) Intel Driver && Support Assistant (HKLM-x32\...\{C38DE4F8-DF58-4B5D-9D4C-1F68773A2AE2}) (Version: 21.3.21.5 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{50883721-017E-40C5-9B65-F11F20DE8B45}) (Version: 2.4.07630 - Intel Corporation) Intel(R) Graphics Driver Software (HKLM-x32\...\{d9e1af9c-46b1-481f-bd13-dffef7b14da2}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5171 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{9360c8cc-b617-469a-bb35-829c13e21d97}) (Version: 21.3.21.5 - Intel) IPTV Smarters Player 3.0.0 (HKU\S-1-5-21-2542081707-378966687-2905941670-1001\...\fee38e36-bd5c-5f8c-a4c4-29d7f942a22c) (Version: 3.0.0 - IPTV Smarters Player) IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.3 - Receita Federal do Brasil) Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation) K-Lite Mega Codec Pack 16.1.4 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.1.4 - KLCP) Little Nightmares II (HKLM-x32\...\Little Nightmares II_is1) (Version: - ) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.4266.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2542081707-378966687-2905941670-1001\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation) Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.29917 (HKLM\...\{E81E55D9-90EF-4123-B1B9-033E296772FD}) (Version: 14.29.29917 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.29917 (HKLM\...\{5FD9933E-9C5E-48E5-AED3-5CB9C39DAB0E}) (Version: 14.29.29917 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.29917 (HKLM-x32\...\{FCC30AAF-0D27-403D-AA35-5C6D94D682B6}) (Version: 14.29.29917 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.29917 (HKLM-x32\...\{FF8C8F7D-1BDA-4D1D-92CF-C756A2722C1B}) (Version: 14.29.29917 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{47C2CCDB-7A04-3797-992B-A84D3E90258F}) (Version: 10.0.60833 - Microsoft Corporation) Mozilla Firefox 89.0.2 (x64 pt-BR) (HKLM\...\Mozilla Firefox 89.0.2 (x64 pt-BR)) (Version: 89.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 87.0 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden PDF Architect 8 Edit Module (HKLM\...\{C0F370AC-91F0-4AF0-8974-E61F91830082}) (Version: 8.0.56.12577 - pdfforge GmbH) Hidden PDF Architect 8 View Module (HKLM\...\{742A4199-7DB6-4830-95C4-570D5CB709AF}) (Version: 8.0.56.12577 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0364FA7}) (Version: 4.2.0 - pdfforge GmbH) qBittorrent 4.3.4.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.4.1 - The qBittorrent project) Silent Hill 3 - Dublado em Português (HKLM-x32\...\Silent Hill 3 - Dublado em Português) (Version: - ) SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) TP-Link Archer T2U Nano Driver (HKLM-x32\...\{2162AC17-3E53-42BC-9CBA-D60EAFAB8628}) (Version: 2.1.0 - TP-Link) Warsaw 2.18.0.65 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.18.0.65 - Diebold Nixdorf) WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH) Wise Registry Cleaner 10.3.5 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.3.5 - WiseCleaner.com, Inc.) Packages: ========= HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_128.1.219.0_x64__v10z8vjag6ke6 [2021-07-02] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-26] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-26] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0 [2021-06-30] (Spotify AB) [Startup Task] ==================== Exame Personalizado CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2542081707-378966687-2905941670-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel) ContextMenuHandlers1: [PDFArchitect8_ManagerExt] -> {DDD1CFB8-3C9C-4269-B905-43CC309D569E} => C:\Program Files\PDF Architect 8\context-menu.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [Arquivo não assinado] [O arquivo está em uso] ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-02-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-03-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-03-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-03-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-02-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32-x32: [VIDC.XVID] => xvidvfw.dll HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [Arquivo não assinado] ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2021-04-22 08:31 - 2021-04-22 08:31 - 005745664 _____ () [Arquivo não assinado] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module.dll 2021-05-25 21:30 - 2021-05-25 21:30 - 000116736 _____ (pdfforge GmbH) [Arquivo não assinado] C:\Windows\System32\pdfcmon.dll 2021-05-12 20:07 - 2021-05-12 20:07 - 001638912 _____ (Robert Simpson, et al.) [Arquivo não assinado] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll 2021-05-21 08:12 - 2021-05-21 08:12 - 000130048 _____ (Sam Grogan) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll 2021-05-12 20:07 - 2021-05-12 20:07 - 002122240 _____ (SQLite Development Team) [Arquivo não assinado] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2021-03-25 00:50 - 2021-04-04 13:12 - 000759296 _____ (Tabibito Technology) [Arquivo não assinado] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\IcarosPropertyHandler.dll 2020-06-30 13:37 - 2020-06-30 13:37 - 000460288 _____ (The curl library, hxxps://curl.haxx.se/) [Arquivo não assinado] C:\Program Files\PDF Architect 8\libcurl.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274] AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [14514] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410] AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274] AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [14514] AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274] AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [14514] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [14514] ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-25] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-03-24] (Oracle America, Inc. -> Oracle Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2021-03-25] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-03-24] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-25] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2021-03-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-25] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2021-03-24 23:41 - 000000826 _____ C:\Windows\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2542081707-378966687-2905941670-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 192.168.8.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. Network Binding: ============= Wi-Fi: Diebold Network Monitor -> nt_wsddntf (enabled) Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled) Conexão Local: Diebold Network Monitor -> nt_wsddntf (enabled) ==================== MSCONFIG/TASK MANAGER ítens desabilitados == ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{96A380E3-C213-4B61-8CEA-BBBCBD4E9A5C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Arquivo não assinado] FirewallRules: [{9664865B-D3CD-4F90-B168-96A827E4E53A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Arquivo não assinado] FirewallRules: [{8E95BA21-1CE9-4AAD-A9FE-E8A35304B975}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F5859BB5-B4CD-491B-A340-94DCB683E3EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{15D84E83-7A1E-4C38-83E0-4455ADAD17B7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6F90D5EB-1253-4224-B80D-DD2852A36222}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0F7E3394-FD01-4B9E-8D75-E321C2027F3A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9B365C2C-E904-48E8-81CA-1E4966DEE9CD}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) FirewallRules: [{AEB95C64-04B7-406C-A069-E82E663EAF7C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{04F7EE12-CE34-4309-BBF6-9DEEE76D19BA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{495CBC9E-257A-4C31-B2FA-BC2DE039ABC5}C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe FirewallRules: [UDP Query User{0C1054F1-80A6-4CD0-B159-B19CD4FCF952}C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe FirewallRules: [{213C1C54-2D3D-4F0D-B460-D5259DDE6E96}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{0A8AB5BD-AFD7-4BEC-9EBB-FCA933E4A120}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{353D549D-40EC-4156-B6F3-3B1343959A7D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{2673DC3E-CD53-4845-994E-9C504F2A25C4}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{C3FF412B-8A11-4B2B-8794-D3B16770E27E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C3B91A90-CF82-452B-BC09-CC2C3EECCBCC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DF49A79F-EA6B-452D-A936-7E8F2DB27948}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{31FC0DAD-6E8D-4F50-BE12-493B0D0B7B9E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{36076B22-5D9A-419A-9373-37983EAC2C0D}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{ECC32111-FFAD-43DE-912B-AC082175967B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{F8DE71F5-DD45-4C7A-990C-77E090DBEA08}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{52810A96-9B0E-452C-8CA4-C641F2A114E7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D3648EBA-77A2-4592-BD6D-248D374966D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{10759821-6FFB-4856-B245-3C52910EB928}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{AC8AF78F-CFB8-417B-BCE9-5FE2B366878C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A1E38B44-5FBE-4332-BDE2-6A86A8FDD508}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{954C2091-3892-4A85-B1C6-B8DF307034B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{42E6609F-0026-4247-8304-0BF5492857EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A3B2113E-39BC-4AF8-976A-2FE269CA5CFC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6B5AE38E-F4E1-4483-935D-9DCA24232A1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) ==================== Pontos de Restauração ========================= 03-07-2021 21:33:28 ZHPcleaner ==================== Dispositivos Apresentando Falhas No Gerenciador ============ Name: Controlador de barramento SM Description: Controlador de barramento SM Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: DeskJet 3700 series Description: DeskJet 3700 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (07/04/2021 10:37:40 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORIDADE NT) Description: O Windows não pode carregar a DLL de contador extensível "C:\Windows\system32\sysmain.dll" (código de erro do Win32 126). Error: (07/03/2021 08:22:32 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1. Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado. A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Use o arquivo sxstrace.exe para obter um dignóstico detalhado. Error: (07/02/2021 07:22:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em Unidade D (E:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Error: (07/01/2021 05:08:20 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORIDADE NT) Description: O Windows não pode carregar a DLL de contador extensível "C:\Windows\system32\sysmain.dll" (código de erro do Win32 126). Error: (06/27/2021 01:59:19 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORIDADE NT) Description: O Windows não pode carregar a DLL de contador extensível "C:\Windows\system32\sysmain.dll" (código de erro do Win32 126). Error: (06/25/2021 07:50:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Let's Sing 2019.exe, versão: 2017.4.18.9071, carimbo de data/hora: 0x5c1a626c Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.19041.1023, carimbo de data/hora: 0x924f9cdb Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000034b89 ID do processo com falha: 0x2cdc Hora de início do aplicativo com falha: 0x01d76a110dce4c93 Caminho do aplicativo com falha: C:\Lets Sing 2019\Let's Sing 2019.exe Caminho do módulo com falha: C:\Windows\System32\KERNELBASE.dll ID do Relatório: 06b820d3-0978-4b25-a532-6b2ee8751aeb Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/25/2021 04:48:16 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em Unidade D (E:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Error: (06/19/2021 04:41:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: KaraokeVideoCreator.exe, versão: 2.5.5.8, carimbo de data/hora: 0x609d3767 Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1023, carimbo de data/hora: 0xf739c3a5 Código de exceção: 0xc0150010 Deslocamento da falha: 0x00098e8b ID do processo com falha: 0x154c Hora de início do aplicativo com falha: 0x01d7654305712ccd Caminho do aplicativo com falha: C:\Program Files (x86)\Doblon\Karaoke Video Creator\KaraokeVideoCreator.exe Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll ID do Relatório: 1bcd5c40-c3bc-459c-986a-6f79189178a2 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (07/04/2021 01:05:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço User Energy Server Service queencreek terminou com o erro: O driver %2 retornou um ID inválido para um dispositivo filho (%3). Error: (07/03/2021 05:28:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UBM4B7P) Description: O servidor {3EB3C877-1F16-487C-9050-104DBCD66683} não se registrou no DCOM dentro do tempo limite necessário. Error: (07/03/2021 05:28:16 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UBM4B7P) Description: O servidor Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca não se registrou no DCOM dentro do tempo limite necessário. Error: (06/27/2021 01:50:56 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento do sistema que ocorreu às 13:21:41 do dia ‎27/‎06/‎2021 não era esperado. Error: (06/27/2021 01:31:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro: O carregamento deste driver foi bloqueado Error: (06/27/2021 01:31:19 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\SAMUEL~1\AppData\Local\Temp\ehdrv.sys Error: (06/27/2021 01:31:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro: O carregamento deste driver foi bloqueado Error: (06/27/2021 01:31:18 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\SAMUEL~1\AppData\Local\Temp\ehdrv.sys Windows Defender: ================ Date: 2021-06-27 13:31:47 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Dynamer!rfn&threatid=2147721515&enterprise=0 Nome: Trojan:Win32/Dynamer!rfn Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Lets Sing 2019\DARKSiDERSTRO01.EXE Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: DESKTOP-UBM4B7P\Samuel e Letícia Nome do Processo: C:\Users\Samuel e Letícia\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe Versão da Inteligência de Segurança: AV: 1.341.1556.0, AS: 1.341.1556.0, NIS: 1.341.1556.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-27 13:22:19 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=App:XMRigMiner&threatid=268622&enterprise=0 Nome: App:XMRigMiner Gravidade: Baixo Categoria: Software Potencialmente Indesejado Caminho: file:_C:\Program Files (x86)\Install\xmrig.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: DESKTOP-UBM4B7P\Samuel e Letícia Nome do Processo: C:\Windows\System32\cmd.exe Versão da Inteligência de Segurança: AV: 1.341.1556.0, AS: 1.341.1556.0, NIS: 1.341.1556.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-25 20:07:29 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C54&threatid=2147756041&enterprise=0 Nome: Trojan:Win32/Occamy.C54 Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\Samuel e Letícia\Desktop\Instalar_PcKaraoke\Instalar_PcKaraoke.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: DESKTOP-UBM4B7P\Samuel e Letícia Nome do Processo: C:\Windows\explorer.exe Versão da Inteligência de Segurança: AV: 1.341.1413.0, AS: 1.341.1413.0, NIS: 1.341.1413.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-25 19:20:24 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Dynamer!rfn&threatid=2147721515&enterprise=0 Nome: Trojan:Win32/Dynamer!rfn Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_F:\DARKSiDERS\DARKSiDERSTRO01.EXE Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: DESKTOP-UBM4B7P\Samuel e Letícia Nome do Processo: C:\Windows\explorer.exe Versão da Inteligência de Segurança: AV: 1.341.1413.0, AS: 1.341.1413.0, NIS: 1.341.1413.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-25 11:58:33 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {EA3B47A5-0D16-41E2-81D2-B4A5C632B3CA} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2021-06-09 22:11:37 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.341.401.0 Fonte da Atualização: Servidor do Microsoft Update Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.18200.4 Código de Erro: 0x80246007 Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte. Date: 2021-06-03 23:12:45 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.339.1957.0 Fonte da Atualização: Servidor do Microsoft Update Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.18100.6 Código de Erro: 0x80070643 Descrição do Erro: Erro fatal durante a instalação. Date: 2021-06-03 23:12:42 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: 1.341.8.0 Versão da Inteligência de Segurança anterior: 1.339.1957.0 Fonte da Atualização: Usuário Tipo da Inteligência de Segurança: Anti-spyware Tipo da atualização: Delta Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: 1.1.18200.4 Versão Anterior do Mecanismo: 1.1.18100.6 Código de Erro: 0x80070666 Descrição do Erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. Date: 2021-06-03 23:12:42 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: 1.341.8.0 Versão da Inteligência de Segurança anterior: 1.339.1957.0 Fonte da Atualização: Usuário Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Delta Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: 1.1.18200.4 Versão Anterior do Mecanismo: 1.1.18100.6 Código de Erro: 0x80070666 Descrição do Erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. Date: 2021-06-03 23:12:42 Description: O Microsoft Defender Antivírus encontrou um erro ao tentar atualizar o mecanismo. Nova Versão do Mecanismo: 1.1.18200.4 Versão Anterior do Mecanismo: 1.1.18100.6 Usuário: AUTORIDADE NT\SISTEMA Código do Erro: 0x80070666 Descrição do erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. CodeIntegrity: =============== Date: 2021-07-02 22:42:55 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. V6.6 07/22/2014 placa-mãe: MSI H81M-E33 (MS-7817) Processador: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz Percentagem de memória em uso: 67% RAM física total: 8069.7 MB RAM física disponível: 2601.16 MB Virtual Total: 9349.7 MB Virtual disponível: 2944.77 MB ==================== Drives ================================ Drive () (Fixed) (Total:111.24 GB) (Free:60.85 GB) NTFS Drive d: (ELMIRA) (Removable) (Total:14.43 GB) (Free:13.22 GB) FAT32 Drive e: (Unidade D) (Fixed) (Total:931.51 GB) (Free:384 GB) NTFS \\?\Volume{e58384ac-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 2 (MBR Code: Windows XP) (Size: 14.4 GB) (Disk ID: 5BA40118) Partition 1: (Active) - (Size=14.4 GB) - (Type=0C) ==================== Fim de Addition.txt =======================

ETAPA 1 # ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-06-29.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 07-03-2021 # Duration: 00:00:07 # OS: Windows 10 Pro # Scanned: 31977 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## --------------- ETAPA 2 ~ ZHPCleaner v2021.7.3.308 by Nicolas Coolman (2021/07/03) ~ Run by Samuel e Letícia (Administrator) (03/07/2021 21:33:53) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\Samuel e Letícia\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Samuel e Letícia\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : OK ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 19042) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (22) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (2) MOVED file: C:\Users\Samuel e Letícia\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\Samuel e Letícia\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium ---\\ Registry ( Key, Value, Data) (0) ~ No malicious or unnecessary items found. ---\\ Summary of the elements found (1) https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium ---\\ Other deletions. (28) ~ Registry Keys Tracing deleted (28) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Mozilla Firefox OK ~ Internet Explorer OK ---\\ Statistics ~ Items scanned : 1472 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h00mn12s ---\\ Reports (2) ZHPCleaner-[S]-03072021-21_30_30.txt ZHPCleaner-[R]-03072021-21_34_05.txt ----------- ETAPA 3 Farbar Recovery Scan Tool (x64) Versão: 03-07-2021 Executado por Samuel e Letícia (03-07-2021 21:39:53) Executando a partir de C:\Users\Samuel e Letícia\Downloads Modo da Inicialização: Normal ================== Pesquisar Arquivos: "XMRIG.EXE" ============= ====== Fim de Pesquisar ======

Olá, Quando inicializo meu computador sempre aparece uma tela do DOS tentando instalar o XMRIG.EXE. Já tentei passar antivirus e pesquisar no windows e não localizo este arquivo/programa para removê-lo. Gostaria de auxílio para eliminar ele. Desde já agradeço!