Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 22-04-2022 Executado por Marcio (22-04-2022 20:15:04) Executando a partir de C:\Users\Marcio\Desktop Microsoft Windows 7 Home Basic Service Pack 1 (X64) (2011-12-11 02:39:59) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-2766664585-520136655-3584524175-500 - Administrator - Disabled) Convidado (S-1-5-21-2766664585-520136655-3584524175-501 - Limited - Disabled) Marcio (S-1-5-21-2766664585-520136655-3584524175-1000 - Administrator - Enabled) => C:\Users\Marcio ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516} AS: ESET Security (Enabled - Up to date) {64EA0B2F-B2F3-2E04-491D-9CF1192F8FAB} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Firewall (Disabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\uTorrent) (Version: 3.5.5.45449 - BitTorrent Inc.) 1.3M HD WebCam (HKLM-x32\...\{FC9B811E-39BC-4813-9E29-B83CCF700010}) (Version: 2.22.23.106 - Alcor) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Acer Crystal Eye Webcam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.45 - Atheros Communications) Carnê-Leão 2019 (HKLM-x32\...\LEAO2019) (Version: 1.0 - Receita Federal do Brasil) Carnê-Leão 2020 (HKLM-x32\...\LEAO2020) (Version: 1.0 - Receita Federal do Brasil) CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform) Chrome Remote Desktop Host (HKLM-x32\...\{78DF8F40-C9ED-4A18-B150-5314F42718CA}) (Version: 101.0.4951.13 - Google LLC) clear.fi (HKLM-x32\...\{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}) (Version: 1.0.1517_36458 - CyberLink Corp.) Hidden clear.fi (HKLM-x32\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.) Hidden clear.fi (HKLM-x32\...\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}) (Version: 9.0.8026 - CyberLink Corp.) Hidden clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.) clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated) Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Banco Bradesco S.A.) CrystalDiskInfo 8.3.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.3.2 - Crystal Dew World) CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Desinstalar Impressora EPSON L3150 Series (HKLM\...\EPSON L3150 Series) (Version: - Seiko Epson Corporation) Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc) Dropbox (HKLM-x32\...\Dropbox) (Version: 146.4.4836 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation) Epson Easy Photo Print 2 (HKLM-x32\...\{71038C40-8258-44D2-BBF4-B6312338172C}) (Version: 2.8.3.0 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) Epson Photo+ (HKLM-x32\...\{AB971A4E-F669-4E82-AFF0-3C34DF768553}) (Version: 3.3.0.0 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{C4D8E138-C67B-41D5-B493-F54BB72B43E0}) (Version: 3.3.0.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.) Epson ScanSmart (HKLM-x32\...\{D310BDCC-D4B4-4DC1-B9DF-D1D7367CAC4F}) (Version: 3.6.1 - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{14898485-6509-496B-8C30-D5DB8C1C8639}) (Version: 4.6.3 - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 15.1.12.0 - ESET, spol. s r.o.) ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.) Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.004 - Ezvid, inc.) Firemin 8.2.3.5332 (HKLM\...\Firemin_is1) (Version: 8.2.3.5332 - Rizonesoft) Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.6.36.116 - Foxit Software Inc.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation) Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GCAP 2020 - Ganhos de Capital 2020 (HKLM-x32\...\GCAP2020) (Version: 1.3 - Receita Federal do Brasil) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 57.0.5.0 - Google LLC) HP Deskjet 3050 J610 series Software básico do dispositivo (HKLM\...\{E6E28DE7-446E-4E27-BE37-4B6D925A385B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IRPF2020 (HKLM-x32\...\IRPF2020) (Version: 1.4 - Receita Federal do Brasil) IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.1 - Receita Federal do Brasil) IRPF2022 (HKLM-x32\...\IRPF2022) (Version: 1.3 - Receita Federal do Brasil) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.) LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes) Manual Epson L3150 (HKLM-x32\...\UsersGuideManual Epson L3150_is1) (Version: 1.0 - Epson America, Inc.) Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.44 - Microsoft Corporation) Microsoft Office Professional 2016 - pt-br (HKLM\...\ProfessionalRetail - pt-br) (Version: 16.0.12527.22121 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg) modaltrader (HKLM-x32\...\{3C401051-7776-4D22-A46F-EB6643DCBEA5}) (Version: 1.0.6277.17502 - modalmais) Hidden modaltrader (HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\{d564c39a-15ae-44ec-a207-8bffc9adbbdf}) (Version: 1.0.6277.17502 - modalmais) Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility) Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden Mozilla Firefox (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 99.0.1 (x86 pt-BR)) (Version: 99.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0.1 - Mozilla) MPC-HC 1.9.3 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.3 - MPC-HC Team) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) NextUp-ScanSoft Raquel Brazilian Portuguese Voice (HKLM-x32\...\{5FAFC823-5E8C-40FB-8238-F2C536B2FB11}) (Version: 4.0.0 - NextUp.com) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc) OpenVPN 2.4.6-I602 (HKLM\...\OpenVPN) (Version: 2.4.6-I602 - OpenVPN Technologies, Inc.) Pacote de Driver do Windows - OnePlus, Inc. (WinUSB) AndroidUsbDeviceClass (05/24/2012 6.0.0000.00000) (HKLM\...\59AFF6524BE5C0983F2711DEB8D25D511D4F4924) (Version: 05/24/2012 6.0.0000.00000 - OnePlus, Inc.) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 220302 - Kakao Corp.) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.47 - Qualcomm Atheros) Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Skype Meetings App (HKLM-x32\...\{E8E6D26B-382E-43C8-91BA-AB8DF2CD0C10}) (Version: 16.2.0.194 - Microsoft Corporation) Skype versão 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.) Software de dispositivo do Chipset Intel® (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Telegram Desktop version 3.2 (HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.2 - Telegram FZ-LLC) TZWebChart Chrome Compat versão 1.0 (HKLM-x32\...\{11B4A1FB-2794-4E0E-B96D-8E8611FED667}_is1) (Version: 1.0 - Tradezone - IT Evolution) VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN) Warsaw 2.11.1.9 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.11.1.9 - GAS Tecnologia) Web PKI (HKLM-x32\...\{50771E1A-76D8-8E77-E02F-65F82D99639D}) (Version: 2.10.3.1 - Lacuna Software) Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare) Zoom (HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.) Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2766664585-520136655-3584524175-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Marcio\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21161.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2010-11-25] (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2022-03-29] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-10] (Foxit Corporation -> Foxit Corporation) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2022-03-29] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2010-11-25] (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => -> Nenhum Arquivo ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Nenhum Arquivo ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2022-03-29] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Nenhum Arquivo ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2013-04-07] () [Arquivo não assinado] HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [110592 2003-04-16] (TechSmith Corporation) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3284480 2010-02-28] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2013-04-07] () [Arquivo não assinado] ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ShortcutWithArgument: C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\Instagram.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm ShortcutWithArgument: C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\Outlook (PWA).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=faolnafnngnfdaknnbpnkhgohbobgegn ==================== Módulos Carregados (Whitelisted) ============= 2019-08-10 09:41 - 2017-07-14 04:13 - 000184832 _____ (Acesso Negado) [Arquivo não assinado] C:\Windows\System32\E_YLMBUNE.DLL 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (Acesso Negado) [Arquivo não assinado] C:\Windows\System32\enppmon.dll 2010-11-25 20:29 - 2010-11-25 20:29 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000044704 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\BPP.DLL 2010-11-25 20:30 - 2010-11-25 20:30 - 000043680 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\BTBIP.DLL 2010-11-25 20:30 - 2010-11-25 20:30 - 000029856 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\BtFileStore.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000030368 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\BtFileStoreOpp.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000207520 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\BtObexFt.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000208544 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\BTOBEXOP.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000180896 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000072352 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\goep.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000078496 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\GOEP_bpp.DLL 2010-11-25 20:30 - 2010-11-25 20:30 - 000073376 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\GOEP_SINGLE.DLL 2010-11-25 20:30 - 2010-11-25 20:30 - 000079008 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000119456 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 002233504 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000081056 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000425632 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll 2010-11-25 20:30 - 2010-11-25 20:30 - 000066720 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\Sync.dll 2017-06-25 09:47 - 2016-10-04 11:51 - 000076800 _____ (Igor Pavlov) [Arquivo não assinado] C:\Program Files\7-Zip\7-zip.dll 2020-05-20 20:39 - 2020-05-20 20:39 - 000113664 _____ (Microsoft Corporation) [Arquivo não assinado] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL 2020-05-20 20:39 - 2020-05-20 20:39 - 001654784 _____ (Microsoft Corporation) [Arquivo não assinado] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL 2020-05-20 20:39 - 2020-05-20 20:39 - 001101824 _____ (Microsoft Corporation) [Arquivo não assinado] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL 2020-05-20 20:39 - 2020-05-20 20:39 - 001093120 _____ (Microsoft Corporation) [Arquivo não assinado] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL 2019-01-07 18:55 - 2019-01-07 18:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll 2019-01-07 18:55 - 2019-01-07 18:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll 2015-10-26 15:21 - 2011-04-18 18:03 - 000120320 _____ (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\Windows\System32\E_YLMI4E.DLL ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410] ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Versão 11) (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2766664585-520136655-3584524175-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2766664585-520136655-3584524175-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-11] (Microsoft Corporation -> Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2021-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-11-25] (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2021-07-18] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-18] (Microsoft Corporation -> Microsoft Corporation) (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\bb.com.br -> aapj.bb.com.br IE trusted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br IE trusted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\sharepoint.com -> hxxps://agenteinvest-files.sharepoint.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\1001movie.com -> 1001movie.com Existem ainda 6127 sites a mais. ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2019-04-28 08:25 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost 2018-05-30 11:59 - 2022-04-22 19:53 - 000000437 _____ C:\Windows\system32\drivers\etc\hosts.ics 192.168.0.167 Marcio-PC.mshome.net # 2027 4 3 21 22 53 26 920 ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2766664585-520136655-3584524175-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 168.196.40.23 - 168.196.40.24 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\Services: chromoting => 3 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: dbupdate => 2 MSCONFIG\Services: dbupdatem => 3 MSCONFIG\Services: DbxSvc => 2 MSCONFIG\Services: DsiWMIService => 3 MSCONFIG\Services: EgisTec Ticket Service => 3 MSCONFIG\Services: ePowerSvc => 3 MSCONFIG\Services: EpsonScanSvc => 2 MSCONFIG\Services: FLEXnet Licensing Service => 3 MSCONFIG\Services: FoxitCloudUpdateService => 3 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: GREGService => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: Live Updater Service => 3 MSCONFIG\Services: LMS => 3 MSCONFIG\Services: MBAMService => 3 MSCONFIG\Services: Motorola Device Manager => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NOBU => 2 MSCONFIG\Services: NTI IScheduleSvc => 3 MSCONFIG\Services: OpenVPNService => 3 MSCONFIG\Services: OpenVPNServiceInteractive => 2 MSCONFIG\Services: OpenVPNServiceLegacy => 3 MSCONFIG\Services: PST Service => 2 MSCONFIG\Services: rkrtservice => 2 MSCONFIG\Services: scpbradserv => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: TurboBoost => 3 MSCONFIG\Services: UNS => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk => C:\Windows\pss\Virtual Router Manager.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Marcio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitorar alertas de tinta - HP Deskjet 3050 J610 series (Rede).lnk => C:\Windows\pss\Monitorar alertas de tinta - HP Deskjet 3050 J610 series (Rede).lnk.Startup MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Diebold - Warsaw => "C:\Program Files\Diebold\Warsaw\core.exe" MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup MSCONFIG\startupreg: DSATray => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: EPLTarget => MSCONFIG\startupreg: EPPCCMON => "C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE" MSCONFIG\startupreg: EPSDNMON => "C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE" MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe" MSCONFIG\startupreg: HP Deskjet 3050 J610 series (NET) => "C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN13P3B1W105HX:NW" -scfn "HP Deskjet 3050 J610 series (NET)" -AutoStart 1 MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe" MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe" MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: S6000Mnt => \C:\Windows\SysWOW64\Rundll32.exe S6000Rmv.dll MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{F9C4F27A-6C35-4265-8224-00AE030C3A1F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B6E6D0B1-6C1C-4CCE-85AD-5D5F89E80293}] => (Allow) LPort=2869 FirewallRules: [{68FB00F1-95A8-4141-A34E-BDDFB58A29B5}] => (Allow) LPort=1900 FirewallRules: [{73B80DF3-958A-46D0-A3F3-F1EC249A26C8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{70DC368E-4BDF-4496-AAC0-AFE5238CE556}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{83178053-31C9-4BD0-BC61-3B97FE3B60BD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe (CyberLink -> Acer Incorporated) FirewallRules: [{E8DA2D0A-8165-4C2F-8A6D-0BAD4F19D6AD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink -> CyberLink Corp.) FirewallRules: [{826CB48C-4845-441E-AF13-47DEBD922899}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe (CyberLink -> CyberLink Corp.) FirewallRules: [{51E9A904-5B72-44C3-A7C1-88D4946B94FD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink -> CyberLink) FirewallRules: [{7A2A71ED-04F8-4228-9549-E5711DC88D39}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink -> CyberLink) FirewallRules: [{E8DD1378-11D2-431F-A635-9FF879FF57D8}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink -> CyberLink) FirewallRules: [{0C5CEC4A-9B58-448A-9518-90711E83F8C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{FAD9C3E0-FB2C-4C62-8ABB-B2DC2B97CDF3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{8CD51DDD-D832-414B-919E-C179A90F108A}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{A8663170-CB8D-4E3B-9ECD-E09FB3657F38}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{56E22939-1078-4C83-9235-C39D5C83E2EF}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{C27E98F2-3813-4B79-B307-7EA02D0B76F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2CBE9F83-DBF9-4CE1-A762-2E790E79C802}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A7FF1DC1-1055-4D5D-83CF-8A23F8561F8C}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) FirewallRules: [{E72A2B9D-5026-4FC5-9290-3B583F2B40BE}] => (Allow) C:\Users\Marcio\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{D4ADD65D-9E85-499D-91D0-F13E23B6824A}] => (Allow) C:\Users\Marcio\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CBB0B20D-98A5-4633-9791-FF04A5CCF05D}] => (Allow) LPort=1688 FirewallRules: [{E2E2F51A-DF0E-4010-B933-0C41E4E9D975}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CF23EE6C-63F4-4362-BEE4-9C45B185E4CE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{08A9FF22-C121-4F6D-9D3B-FC4EFC6B7746}] => (Allow) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{4D08FD15-B6FC-4B91-8BF5-DF70109E3704}] => (Allow) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{07AB5F68-AAEE-4B24-ADCD-CCB6215E81A3}C:\tryd5\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\tryd5\jre1.8.0_191\bin\javaw.exe FirewallRules: [UDP Query User{6351DB39-43D2-4514-BD09-A8A50910483B}C:\tryd5\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\tryd5\jre1.8.0_191\bin\javaw.exe FirewallRules: [TCP Query User{219D1A99-B6E2-407E-AFC0-8E6AC92F8804}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{908044DF-37BC-4E86-977A-DC51BE603DB0}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{6ED17C0E-BE8B-4703-A1EE-705CD5B4CDD5}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [Arquivo não assinado] FirewallRules: [{A9AED2E5-9413-4A8D-9E3B-41E555A0174D}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [Arquivo não assinado] FirewallRules: [{116C78A4-A176-4F6E-9068-CCE72D8A13FD}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [Arquivo não assinado] FirewallRules: [{C780760B-65A0-4607-808A-5B971C59ED4A}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [Arquivo não assinado] FirewallRules: [{79345157-C5FC-4007-8FBB-11633BC4F430}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{909D0720-BC63-4CED-BA40-11C80651865C}] => (Allow) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{BF44E0C8-C387-4BA6-AA99-CF16BA0605E8}] => (Allow) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{59B76918-5541-454C-BC50-0016661C80F1}] => (Allow) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{115B5CDF-1DF3-4526-962B-56FEC7A814F0}] => (Allow) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{B1EB3B87-8153-4149-A405-8FEC01962277}] => (Allow) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{19FA2043-81B4-4C12-ADA9-CD948939D331}] => (Allow) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{22224B86-9A44-4851-8A98-1DB6C6CE01CB}C:\tryd5\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\tryd5\jre1.8.0_191\bin\javaw.exe FirewallRules: [UDP Query User{E3DF098E-66D0-466E-AF5C-F56D993FAADE}C:\tryd5\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\tryd5\jre1.8.0_191\bin\javaw.exe FirewallRules: [TCP Query User{547AC30F-F1E7-4E98-92FA-5C871FB93EAB}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{5C990B40-B9D3-480D-83BE-1F5B5D2700DF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{9D3ADECD-574C-48C6-BCCF-ED05E4C21862}] => (Allow) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{2318BC28-7DDD-4E6A-B155-77D5AB288843}] => (Allow) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{923F041B-478E-4E57-9FFA-5375EFCE2415}] => (Allow) C:\Users\Marcio\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [TCP Query User{8639E45E-0FC5-4252-ACF0-289451803B5F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{B3A82080-DD03-406F-A366-CBB131F4B164}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{74E4047D-9040-4EFB-A71C-4C55DE665658}] => (Allow) C:\Users\Marcio\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{5C5F84FE-9DAE-4FB0-8E92-E771FF5774C6}] => (Allow) C:\Users\Marcio\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{B121C73E-3D2E-4180-8264-049538C2DC03}] => (Allow) C:\Users\Marcio\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{7DAA125A-5ACB-4183-9C3B-85FDAE377805}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{099C02D6-9422-4CD9-86C5-08FD81FCBD1C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1D30EBB3-5C41-4717-AE44-30F77396FD39}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\101.0.4951.13\remoting_host.exe (Google LLC -> Google LLC) FirewallRules: [{6354F000-49A0-45CC-90E2-B88359E9007B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{85399249-FBBF-4331-8CED-CF3319CF7E02}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Pontos de Restauração ========================= ==================== Dispositivos Apresentando Falhas No Gerenciador ============ Name: Deskjet 3050 J610 series Description: Deskjet 3050 J610 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (04/22/2022 06:15:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/22/2022 05:36:56 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/21/2022 05:20:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/21/2022 10:52:58 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/21/2022 06:17:54 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/20/2022 07:03:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/20/2022 08:06:37 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/20/2022 05:20:56 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Erros de Sistema: ============= Error: (04/22/2022 08:18:42 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: O servidor {BB6DF56B-CACE-11DC-9992-0019B93A3A84} não se registrou com o DCOM dentro do tempo limite requerido. Error: (04/22/2022 08:17:14 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 40. Error: (04/22/2022 08:17:13 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 70. Error: (04/22/2022 08:13:13 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 40. Error: (04/22/2022 08:13:13 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 70. Error: (04/22/2022 08:09:12 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 40. Error: (04/22/2022 08:09:12 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 70. Error: (04/22/2022 08:07:11 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: O agente proxy DNS não pôde alocar 0 byte(s) de memória. Talvez isso indique que o sistema esteja com memória virtual insuficiente ou que o gerenciador de memória encontrou um erro interno. Windows Defender: ================ Date: 2021-08-12 06:26:30.470 Description: Digitalização de Windows Defender interrompida antes da conclusão. ID da Digitalização:{38F83E05-5CE1-4FE5-A4E9-514EB8DACB6A} Tipo da Digitalização:Anti-spyware Parâmetros da Digitalização:Verificação Rápida Usuário:AUTORIDADE NT\SERVIÇO DE REDE Date: 2019-02-16 05:55:47.342 Description: Digitalização de Windows Defender interrompida antes da conclusão. ID da Digitalização:{D2A3DFED-D00F-46E7-8289-8241A00D3956} Tipo da Digitalização:Anti-spyware Parâmetros da Digitalização:Verificação Rápida Usuário:AUTORIDADE NT\SERVIÇO DE REDE Date: 2018-09-16 06:07:25.303 Description: Digitalização de Windows Defender interrompida antes da conclusão. ID da Digitalização:{A6D1A3D3-3569-40F2-B546-C442C3EA1D9D} Tipo da Digitalização:Anti-spyware Parâmetros da Digitalização:Verificação Rápida Usuário:AUTORIDADE NT\SERVIÇO DE REDE Event[0]: Date: 2021-06-29 06:11:04.048 Description: Windows Defender encontrou um erro ao atualizar assinaturas. Versão da Nova Assinatura:1.343.25.0 Versão da Assinatura Anterior:1.341.1435.0 Origem da Atualização:Usuário Tipo de Assinatura:Anti-spyware Tipo de Atualização:Delta Usuário:AUTORIDADE NT\SISTEMA Versão do Mecanismo Atual:1.1.18300.4 Versão do Mecanismo Anterior:1.1.18200.4 Código de erro:0x80070666 Descrição do erro:Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. Date: 2021-06-29 06:11:04.048 Description: Windows Defender encontrou um erro ao tentar atualizar o mecanismo. Versão do Mecanismo Novo:1.1.18300.4 Versão do Mecanismo Anterior:1.1.18200.4 Origem da Atualização:Usuário Usuário:AUTORIDADE NT\SISTEMA Código de Erro:0x80070666 Descrição do erro:Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. Date: 2021-06-04 06:34:13.030 Description: Windows Defender encontrou um erro ao atualizar assinaturas. Versão da Nova Assinatura:1.341.8.0 Versão da Assinatura Anterior:1.339.1767.0 Origem da Atualização:Usuário Tipo de Assinatura:Anti-spyware Tipo de Atualização:Delta Usuário:AUTORIDADE NT\SISTEMA Versão do Mecanismo Atual:1.1.18200.4 Versão do Mecanismo Anterior:1.1.18100.6 Código de erro:0x80070666 Descrição do erro:Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. Date: 2021-06-04 06:34:13.028 Description: Windows Defender encontrou um erro ao tentar atualizar o mecanismo. Versão do Mecanismo Novo:1.1.18200.4 Versão do Mecanismo Anterior:1.1.18100.6 Origem da Atualização:Usuário Usuário:AUTORIDADE NT\SISTEMA Código de Erro:0x80070666 Descrição do erro:Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. Date: 2021-05-06 09:36:31.797 Description: Windows Defender encontrou um erro ao atualizar assinaturas. Versão da Nova Assinatura:1.339.21.0 Versão da Assinatura Anterior:1.337.491.0 Origem da Atualização:Usuário Tipo de Assinatura:Anti-spyware Tipo de Atualização:Delta Usuário:AUTORIDADE NT\SISTEMA Versão do Mecanismo Atual:1.1.18100.6 Versão do Mecanismo Anterior:1.1.18100.5 Código de erro:0x80070666 Descrição do erro:Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. ==================== Informações da Memória =========================== BIOS: Acer V1.21 08/09/2012 placa-mãe: Acer JE50_HR Processador: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz Percentagem de memória em uso: 90% RAM física total: 5995.86 MB RAM física disponível: 547.61 MB Virtual Total: 11989.86 MB Virtual disponível: 3878.6 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:191.83 GB) (Free:94.89 GB) NTFS Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive e: () (Fixed) (Total:250.15 GB) (Free:182.05 GB) NTFS Drive f: () (Fixed) (Total:390.64 GB) (Free:52.36 GB) NTFS Drive g: (Acer) (Fixed) (Total:187.43 GB) (Free:61.73 GB) NTFS Drive h: (Google Drive) (Fixed) (Total:17 GB) (Free:10.53 GB) FAT32 \\?\Volume{d15a2b58-ffe5-11e0-a987-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.07 GB) (Free:0.04 GB) NTFS \\?\Volume{d15a2b57-ffe5-11e0-a987-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:22.68 GB) (Free:8.19 GB) NTFS \\?\Volume{0ac9f46c-2c1b-11ea-a5df-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:18 GB) (Free:3.51 GB) NTFS ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5E0B80F9) Partition 1: (Not Active) - (Size=22.7 GB) - (Type=27) Partition 2: (Active) - (Size=71 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=191.8 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=250.1 GB) - (Type=0F Extended) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: A971498C) Partition 1: (Not Active) - (Size=18 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=187.4 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=390.6 GB) - (Type=0F Extended) ==================== Fim de Addition.txt =======================