Meu notebook tá lento demais

soulblack · 21 de maio de 2023

Meu Pc ultimamente anda muito lento, e recentemente eu percebi um processo estranho no gerenciador de tarefas, se chama: "WlanAniControl.exe"

Eu não sei se isso é um vírus ou malware, mas toda vez que vou finalizar o processo, ele simplesmente some, e aparece outro no lugar, que pelo que eu entendi, tem a ver com algum driver da Samsung.

Recentemente eu baixei o malware bytes e fiz a remoção de 2 malwares no meu Pc, mas não sei se resolveu.

Outra coisa estranha, é que meu windows defender recomenda ações recomendadas, mas quando eu abro o Windows Defender, ele diz que tá tudo bem.

Eu vou mandar algumas fotos para vcs verem como está, e se puderem me ajudar, eu ficaria extremamente agradecido.

Elias Pereira · 21 de maio de 2023

Por favor, atente para o seguinte:

Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento to44ent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
Respeite a ordem das instruções passadas;
Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Regras da Área de Remoção de Malware << IMPORTANTE A LEITURA

Regras Gerais do Forum Clube do Hardware << IMPORTANTE A LEITURA

Siga os passos abaixo:

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

ETAPA 1

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em

Clique em VERIFICAR AGORA/SCAN NOW. Após o termino clique em LIMPAR/CLEAN e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

ETAPA 2

Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html

Execute o arquivo ZHPCleaner.exe Como Administrador

Clique no botão Scanner.
A ferramenta começara o exame do seu sistema.
Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
Em seguida clique no botão Reparar.
Será gerado um log chamado ZHPCleaner.txt

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

soulblack · 24 de maio de 2023

Segue os LOGS:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2023
# Duration: 00:00:26
# OS: Windows 11 (Build 22621.1702)
# Cleaned: 2
# Awaiting reboot:1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.SamsungSettings Folder C:\Windows\System32\Tasks\SAMSUNG\SETTINGS
Needs Reboot Preinstalled.SamsungColorEngine Folder C:\Program Files\SAMSUNG\COLORENGINE

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****

***** [ Folders ] *****

Cleaning failed C:\Program Files\SAMSUNG\COLORENGINE

*************************

AdwCleaner[S00].txt - [1554 octets] - [23/05/2023 20:53:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

~ ZHPCleaner v2023.5.19.20 by Nicolas Coolman (2023/05/20)
~ Run by black (Administrator) (23/05/2023 22:40:32)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\black\OneDrive\Área de Trabalho\ZHPCleaner (R).txt
~ Quarantine : C:\Users\black\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit (Build 22621)

---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.

---\\ Services (0)
~ No malicious or unnecessary items found.

---\\ Browser internet (0)
~ No malicious or unnecessary items found.

---\\ Hosts file (1)
~ The hosts file is legitimate (21)

---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\ Explorer ( File, Folder) (5)
MOVED file: C:\Users\black\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium
MOVED file: C:\Users\black\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences =>Préférences Chromium
MOVED file: C:\Users\black\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium
MOVED file: C:\Users\black\Downloads\DiscordSetup.exe [Discord Inc. - Discord - https://discord.com/] =>.SUP.Discord
MOVED folder: C:\Users\black\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.SUP.Discord

---\\ Registry ( Key, Value, Data) (6)
DELETED key*: HKEY_USERS\S-1-5-21-3836000981-1062990447-1966762079-1001\SOFTWARE\Discord [] =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-3836000981-1062990447-1966762079-1001\SOFTWARE\Classes\AppXq0pwa73vfcn2qdexp8cexcc6qk87xh1r [] =>Adware.Navipromo
DELETED key*: HKEY_USERS\S-1-5-21-3836000981-1062990447-1966762079-1001\SOFTWARE\Classes\Discord [URL:Discord Protocol] =>.SUP.Discord
DELETED key**: HKCU\Software\Discord [] =>.SUP.Discord
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Discord [Discord Inc.] =>.SUP.Discord
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Discord ["C:\Users\black\AppData\Local\Discord\Update.exe" ] =>.SUP.Discord

---\\ Summary of the elements found (3)
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium
https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/ =>.SUP.Discord
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Adware.Navipromo

---\\ Other deletions. (2)
~ Registry Keys Tracing deleted (2)
~ Remove the old reports ZHPCleaner. (0)

---\\ Result of repair
~ Repair carried out successfully
~ Google Chrome OK
~ Internet Explorer OK

---\\ Statistics
~ Items scanned : 1038
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17

---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of clean in 00h00mn26s

---\\ Reports (3)
ZHPCleaner-[S]-23052023-21_43_44.txt
ZHPCleaner-[S]-23052023-22_36_28.txt
ZHPCleaner-[R]-23052023-22_40_58.txt

Elias Pereira · 24 de maio de 2023

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Clique com o direito sobre o arquivo FRST64.EXE, depois clique em http://i.imgur.com/VRIfczU.png .

Aceite o contrato e depois clique no botão Scan/Examinar.Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

soulblack · 25 de maio de 2023

Olá, fui continuar o passo a passo e quando fui abrir o executável como administrador, acusou como arquivo malicioso, posso executá-lo mesmo assim?

Elias Pereira · 1 de junho de 2023

Pode executar sim.

soulblack · 1 de junho de 2023

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-05-2023
Executado por black (administrador) em ERICK (SAMSUNG ELECTRONICS CO., LTD. 550XBE/350XBE) (31-05-2023 23:36:18)
Executando a partir de C:\Users\black\OneDrive\Área de Trabalho\FRST64.exe
Perfis Carregados: black
Plataforma: Microsoft Windows 11 Home Single Language Versão 22H2 22621.1702 (X64) Idioma: Português (Brasil)
Navegador padrão: Chrome
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avpui.exe
(C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityCmdServer.exe
(C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityEventHandler.exe
(C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpansionPack.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpansionUI.exe
(C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpansionPack.exe ->) (Samsung Electronics CO., LTD. -> Samsung) C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe
(C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpansionPack.exe
(C:\Program Files\Samsung\SamsungUpdate\SUService.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungUpdate\SUEngine.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\black\AppData\Roaming\Telegram Desktop\Telegram.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\SecurityAppChecker.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3f902faa7a5da85d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_d392adf622e242f6\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d3bdee8c45641e36\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d3bdee8c45641e36\IntelCpHeciSvc.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Recovery\BulletService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungUpdate\SUService.exe
(svchost.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe
(svchost.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\ColorEngine\ColorEngine.exe
(svchost.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungUpdate\SUUserModeWorker.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (Nenhum Arquivo)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Nenhum Arquivo)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2604464 2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\Run: [MicrosoftEdgeAutoLaunch_32C7413498D45B691AF6E54C6F9ACC5E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152208 2023-05-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe [3379096 2017-06-27] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe [3379096 2017-06-27] (Samsung Electronics CO., LTD. -> Samsung)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.90\Installer\chrmstp.exe [2023-05-31] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0005F073-43F5-49AC-83F5-7C6849AEFD3A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {0870F47C-DF65-4B98-975C-A433FD50307F} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [1629424 2018-06-12] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {0F71158E-9902-4FB5-918F-971ACDF733B5} - System32\Tasks\Samsung\SamsungUpdate\UserModeWorker => C:\Program Files\Samsung\SamsungUpdate\SUUserModeWorker.exe [28832 2019-04-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {1AA23C51-15D3-4FF7-9926-9D925DAF6938} - System32\Tasks\Samsung\SamsungSecurity\SecurityAppMoniter => C:\Program Files (x86)\Samsung\SamsungSecurity\SecurityAppChecker.exe [454384 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {1DEFC34B-9A57-4CCB-B79C-9A8D55C271D5} - System32\Tasks\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-23] (Google LLC -> Google LLC)
Task: {20966A91-0728-41AE-944C-7646A5A016E1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Nenhum Arquivo)
Task: {29D41907-5DE4-40BA-9981-62E9C08636F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {2D2A5AC2-B3E0-400E-B516-F311C0241D03} - System32\Tasks\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-23] (Google LLC -> Google LLC)
Task: {306BA4C6-9C9E-4886-AA8E-2BF62F8B015D} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499952 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {32CEB178-A09D-4A96-ACFE-7E577BB852BA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {39BA2835-7D88-4621-9227-58E5F4966B78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3BDF1C4C-44C3-4C0F-A863-605E66DF1399} - System32\Tasks\ColorEngine => C:\Program Files\Samsung\ColorEngine\ColorEngine.exe [545440 2018-09-27] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {53F468DA-F0ED-460E-A37B-87BB118A768D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {561F55A2-9AC8-45DF-85F3-628B15C4B11F} - System32\Tasks\HPCustParticipation HP DeskJet 2300 series => C:\Program Files\HP\HP DeskJet 2300 series\Bin\HPCustPartic.exe [6733472 2021-11-06] (HP Inc. -> HP Inc.)
Task: {60204B5A-B610-45AD-A9B8-CE847637B688} - System32\Tasks\RtkAudUService64_BG => C:\windows\system32\RtkAudUService64.exe [1080552 2020-02-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {66814970-3FFF-4210-AB1F-52BC1C7F8201} - System32\Tasks\DPICustomized => C:\ProgramData\Samsung\DPICustomizing\FontCustomizing.exe [24736 2018-01-16] (Samsung Electronics CO., LTD. -> )
Task: {710E989A-5348-4442-8981-1A6511B10C4D} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499952 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {71B7E78C-D939-4EFE-9307-5CF8E526B533} - \Samsung\Settings\SettingsHibernateMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {830B5DC2-5AB5-48A3-ABA4-621C372E2936} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {92EB0FBC-3EAF-40B9-A442-910979BF5021} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6D63C54-F63F-4E46-AC98-063441F5927C} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2760552 2017-05-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {B276F4B8-B317-4858-B264-89870391D08F} - System32\Tasks\Samsung\Recovery8\BulletUserModeWorker => C:\Program Files\Samsung\Recovery\BulletUserModeWorker.exe [347368 2019-03-20] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {CA9E80C0-B37E-48A1-BB37-6B4E679358E1} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB389587-6DF1-4CA8-9B72-D7739F566B3A} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Nenhum Arquivo)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{a0780a34-6e89-45bc-81e0-1ea76649e80b}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge Profile: C:\Users\black\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-31]
Edge Extension: (Kaspersky Protection) - C:\Users\black\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-05-28]
Edge Extension: (Edge relevant text changes) - C:\Users\black\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-27]
Edge HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-02-09] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\black\AppData\Local\Google\Chrome\User Data\Default [2023-05-31]
CHR Extension: (Documentos Google off-line) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-23]
CHR Extension: (Adblock - No More Ads) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbcmmhijbfhblohmfjopjjlagmkgem [2023-01-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-23]
CHR Profile: C:\Users\black\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-10]
CHR Profile: C:\Users\black\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-05-23]
CHR Extension: (Kaspersky Protection) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-01-23]
CHR Extension: (Documentos Google off-line) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-23]
CHR Profile: C:\Users\black\AppData\Local\Google\Chrome\User Data\System Profile [2023-05-30]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AVP21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncHelper.exe [3445680 2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
S3 klvssbridge64_21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\vssbridge64.exe [501008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.101.0514.0001\OneDriveUpdaterService.exe [3781512 2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
S3 Samsung PC Cleaner 2 Service; C:\Program Files\Samsung\Samsung PC Cleaner 2 Service\PCCleaner2Service.exe [1119000 2019-04-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 Samsung Settings Expansion Launcher; C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe [226576 2019-02-20] (Samsung Electronics CO., LTD. -> )
R2 SamsungRecoveryService; C:\Program Files\Samsung\Recovery\BulletService.exe [522992 2019-03-20] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 SamsungSecurity Launcher; C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe [2013424 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 SamsungUpdateService; C:\Program Files\Samsung\SamsungUpdate\SUService.exe [423584 2019-04-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 SecPowerCtrlService; C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe [1652584 2017-05-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [240264 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 klbackupdisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klbackupdisk.sys [112936 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 klbackupdisk.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klbackupdisk.sys [122768 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S1 klbackupflt.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klbackupflt.sys [234216 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 klbackupflt.Kaspersky4Win-21-9; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-9\klbackupflt.sys [233320 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S1 kldisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kldisk.sys [125736 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 kldisk.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\kldisk.sys [135032 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [53576 2023-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 KLFLT.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klflt.sys [548072 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 KLFLT.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klflt.sys [553096 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klgse.sys [713264 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 klgse.Kaspersky4Win-21-9; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-9\klgse.sys [713264 2023-05-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLHK.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klhk.sys [1826328 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 KLHK.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klhk.sys [1826328 2023-05-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klif.sys [1163544 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 KLIF.Kaspersky4Win-21-9; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-9\klif.sys [1140880 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98552 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klkbdflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klkbdflt.sys [115960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 klkbdflt.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klkbdflt.sys [125336 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klmouflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klmouflt.sys [113448 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 klmouflt.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klmouflt.sys [124280 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klpd.sys [80672 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 klpd.Kaspersky4Win-21-9; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-9\klpd.sys [90472 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klpnpflt.sys [98040 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 klpnpflt.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klpnpflt.sys [107928 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U0 klupd_Kaspersky4Win-21-13_arkmon; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_arkmon.sys [353896 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_Kaspersky4Win-21-13_arkmon_884A2DE3; C:\ProgramData\Kaspersky Lab\AVP21.13\Temp\884A2DE375AE76CB792BE5F52BE82064\klupd_Kaspersky4Win-21-13_arkmon.sys [353896 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_Kaspersky4Win-21-13_klark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klark.sys [350848 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U0 klupd_Kaspersky4Win-21-13_klbg; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klbg.sys [179864 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_Kaspersky4Win-21-13_mark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_mark.sys [259440 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwfp.sys [179960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 klwfp.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klwfp.sys [187768 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwtp.sys [415480 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kneps.sys [340264 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R4 kneps.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\kneps.sys [351640 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 mxtBootBridge; C:\WINDOWS\System32\drivers\mxtBootBridge.sys [66560 2018-06-26] (Solomon Systech Limited -> Atmel Corporation)
R3 SamsungEventController; C:\WINDOWS\System32\drivers\SamsungEventController.sys [28456 2019-06-13] (WDKTestCert dotol,132048634660548123 -> Samsung)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-05-31 23:34 - 2023-05-31 23:37 - 000000000 ____D C:\FRST
2023-05-29 16:30 - 2023-05-29 16:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\Kaspersky4Win-21-13
2023-05-28 14:34 - 2023-05-28 14:35 - 006921625 _____ C:\Users\black\Downloads\76843485-conceitos-basicos-e1664229528.pdf
2023-05-28 13:31 - 2023-05-28 13:31 - 000000000 ____D C:\Users\black\AppData\Roaming\com.adobe.dunamis
2023-05-28 13:31 - 2023-05-28 13:31 - 000000000 ____D C:\Users\black\AppData\LocalLow\Adobe
2023-05-28 13:31 - 2023-05-28 13:31 - 000000000 ____D C:\Users\black\AppData\Local\SolidDocuments
2023-05-28 13:31 - 2023-05-28 13:31 - 000000000 ____D C:\Users\black\.ms-ad
2023-05-28 13:17 - 2023-05-30 00:51 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-05-28 13:15 - 2023-05-30 00:50 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-28 13:13 - 2023-05-28 13:13 - 000000000 ____D C:\Program Files\Adobe
2023-05-28 13:10 - 2023-05-28 13:13 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-05-28 13:09 - 2023-05-28 13:31 - 000000000 ____D C:\ProgramData\Adobe
2023-05-28 13:06 - 2023-05-28 13:31 - 000000000 ____D C:\Users\black\AppData\Local\Adobe
2023-05-25 20:33 - 2023-05-25 20:33 - 000000000 ____D C:\ProgramData\Honeygain
2023-05-25 20:28 - 2023-05-25 20:28 - 000000000 ____D C:\Users\black\AppData\Local\Honeygain
2023-05-25 20:27 - 2023-05-25 20:27 - 000000000 ____D C:\Users\black\AppData\Local\Sentry
2023-05-25 20:27 - 2023-05-25 20:27 - 000000000 ____D C:\Users\black\AppData\Local\IsolatedStorage
2023-05-25 20:23 - 2023-05-25 20:23 - 019106784 _____ (Honeygain) C:\Users\black\Downloads\Honeygain_install.exe
2023-05-23 21:15 - 2023-05-23 22:40 - 000000000 ____D C:\Users\black\AppData\Roaming\ZHP
2023-05-23 21:15 - 2023-05-23 21:15 - 000000000 ____D C:\Users\black\AppData\Local\ZHP
2023-05-23 20:52 - 2023-05-23 20:56 - 000000000 ____D C:\AdwCleaner
2023-05-23 20:50 - 2023-05-23 20:51 - 008791352 _____ (Malwarebytes) C:\Users\black\Downloads\adwcleaner_8.4.0.exe
2023-05-23 16:20 - 2023-05-23 16:20 - 000000000 ____D C:\Users\black\OneDrive\Documentos\Originals
2023-05-23 16:19 - 2023-05-31 00:33 - 000027648 ____H C:\Users\black\OneDrive\Documentos\photothumb.db
2023-05-20 14:43 - 2023-05-20 14:43 - 000769822 _____ C:\WINDOWS\system32\prfh0416.dat
2023-05-20 14:43 - 2023-05-20 14:43 - 000154934 _____ C:\WINDOWS\system32\prfc0416.dat
2023-05-20 14:42 - 2023-05-31 06:43 - 000000000 ____D C:\Users\black\AppData\Local\CrashDumps
2023-05-20 13:55 - 2023-05-20 13:55 - 000000000 ____D C:\Users\black\AppData\Local\mbam
2023-05-20 13:50 - 2023-05-20 13:50 - 002638680 _____ (Malwarebytes) C:\Users\black\Downloads\MBSetup-D8A2919F.exe
2023-05-11 17:08 - 2023-05-30 12:08 - 000000000 ____D C:\Users\black\OneDrive\Documentos\Backup pendrive
2023-05-11 13:39 - 2023-05-11 13:40 - 120246083 _____ C:\Users\black\Downloads\KineMaster_PREMIUM - v7.0.0.29940.GP_Tekmods.com.apk
2023-05-09 21:08 - 2023-05-09 21:08 - 000000000 ___HD C:\$WinREAgent
2023-05-09 09:44 - 2023-05-09 09:44 - 000000000 ____D C:\Users\black\AppData\Roaming\Microsoft\QuickStyles
2023-05-07 17:16 - 2023-05-07 17:16 - 000000000 ____D C:\Users\black\Downloads\rompackByByakkoKa
2023-05-07 17:14 - 2023-05-07 17:14 - 000132764 _____ C:\Users\black\Downloads\rompackByByakkoKa.zip
2023-05-06 16:47 - 2023-05-20 13:35 - 000000000 ____D C:\Users\black\AppData\Roaming\obs-studio
2023-05-06 16:47 - 2023-05-06 16:47 - 000000000 ____D C:\ProgramData\obs-studio-hook
2023-05-06 16:47 - 2023-05-06 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-05-06 16:45 - 2023-05-06 16:47 - 000000000 ____D C:\Program Files\obs-studio
2023-05-06 16:21 - 2023-05-11 17:49 - 000000000 ____D C:\Users\black\AppData\Roaming\fightcade-nativefier-b096d2
2023-05-05 23:16 - 2023-05-05 23:16 - 000001066 _____ C:\Users\black\AppData\Roaming\Microsoft\Windows\Start Menu\Fightcade2.lnk
2023-05-05 23:05 - 2023-05-05 23:16 - 000000000 ____D C:\Users\black\OneDrive\Documentos\Fightcade
2023-05-04 23:12 - 2023-05-04 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2023-05-04 23:12 - 2023-05-04 23:18 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2023-05-03 14:00 - 2023-05-03 14:02 - 028137595 _____ C:\Users\black\Downloads\Balanço-P-GF.jpg.zip
2023-05-01 12:34 - 2023-05-01 12:35 - 000000000 ____D C:\Users\black\AppData\Roaming\Microsoft\MMC

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-05-31 23:30 - 2023-01-21 15:55 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-31 22:58 - 2023-01-23 13:48 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-31 20:07 - 2023-01-23 13:49 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-31 19:59 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-05-31 15:47 - 2023-01-26 15:37 - 000000000 ____D C:\Users\black\AppData\Roaming\Telegram Desktop
2023-05-30 22:43 - 2023-01-21 15:55 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-30 22:43 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-30 16:35 - 2023-01-22 14:29 - 000000000 ____D C:\Program Files\Common Files\AV
2023-05-30 12:07 - 2023-01-26 15:40 - 000000000 ____D C:\Users\black\Downloads\Telegram Desktop
2023-05-29 16:39 - 2023-04-01 19:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\Kaspersky4Win-21-9
2023-05-29 16:39 - 2023-01-22 15:08 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2023-05-29 16:39 - 2023-01-22 14:00 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2023-05-29 16:32 - 2023-01-22 15:09 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky.lnk
2023-05-29 16:31 - 2023-01-21 15:53 - 000000000 ____D C:\WINDOWS\INF
2023-05-29 16:29 - 2023-01-21 15:55 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-05-29 01:15 - 2023-02-13 11:49 - 000000000 ____D C:\Users\black\AppData\Roaming\Microsoft\Word
2023-05-29 01:14 - 2023-01-21 22:05 - 000000000 ____D C:\Users\black\AppData\Local\Packages
2023-05-28 13:31 - 2023-01-21 22:05 - 000000000 ____D C:\Users\black\AppData\Roaming\Adobe
2023-05-28 13:31 - 2023-01-21 22:01 - 000000000 ____D C:\Users\black
2023-05-27 06:58 - 2023-01-21 06:15 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-25 09:06 - 2023-01-21 06:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-24 22:38 - 2023-01-21 22:09 - 000000000 ___RD C:\Users\black\OneDrive
2023-05-24 22:37 - 2023-02-09 13:56 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-05-24 22:37 - 2023-02-09 13:56 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-24 22:37 - 2023-01-21 22:09 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001
2023-05-24 22:36 - 2023-02-09 20:58 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-05-24 11:55 - 2023-01-21 15:33 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-05-23 21:08 - 2023-01-21 22:05 - 000000000 __SHD C:\Users\black\IntelGraphicsProfiles
2023-05-23 20:59 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\ServiceState
2023-05-23 20:59 - 2023-01-21 06:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-23 20:59 - 2023-01-21 06:14 - 000000000 ____D C:\Intel
2023-05-23 20:58 - 2023-01-22 15:17 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-05-23 20:58 - 2023-01-21 15:33 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-05-23 20:58 - 2023-01-21 06:12 - 000012288 ___SH C:\DumpStack.log.tmp
2023-05-23 20:56 - 2023-01-21 06:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Samsung
2023-05-23 16:07 - 2023-02-10 13:37 - 000000000 ____D C:\Users\black\AppData\Roaming\Microsoft\Office
2023-05-22 08:37 - 2023-01-21 22:06 - 000000000 ____D C:\Users\black\AppData\Local\D3DSCache
2023-05-20 14:43 - 2023-01-21 06:39 - 001773112 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-18 17:05 - 2023-01-23 13:48 - 000003960 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA}
2023-05-18 17:05 - 2023-01-23 13:48 - 000003836 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA}
2023-05-14 10:44 - 2023-02-09 13:27 - 000000000 ____D C:\Program Files\Microsoft Office
2023-05-13 01:50 - 2023-01-21 21:22 - 000003750 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{012A788F-BEEA-4DBB-9752-BF03D09A474C}
2023-05-13 01:50 - 2023-01-21 21:21 - 000003626 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{1CFB11E8-0C24-4470-A441-23296C43F2E1}
2023-05-10 23:27 - 2023-01-24 04:09 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-10 09:18 - 2023-01-21 06:12 - 000480120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-10 05:57 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\UUS
2023-05-10 05:57 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-05-10 05:57 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-05-10 05:57 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\setup
2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\Provisioning
2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-09 22:07 - 2023-01-21 15:41 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-09 22:05 - 2023-01-21 15:56 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2023-05-09 22:05 - 2023-01-21 15:55 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2023-05-09 22:05 - 2023-01-21 15:55 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-05-09 22:05 - 2023-01-21 15:55 - 000023775 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-05-09 21:39 - 2023-01-21 06:17 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-09 20:55 - 2023-01-23 13:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-09 20:45 - 2023-01-23 13:12 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-05 23:16 - 2019-05-15 00:23 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-05 22:53 - 2023-02-09 20:57 - 000000000 ____D C:\Users\black\AppData\Roaming\Microsoft\Teams
2023-05-04 00:15 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-05-03 00:05 - 2019-05-15 11:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-05-02 12:23 - 2023-01-21 06:38 - 000000000 ____D C:\ProgramData\Packages
2023-05-01 23:06 - 2023-04-01 19:13 - 000000000 ____D C:\WINDOWS\Minidump
2023-05-01 23:00 - 2023-04-04 17:33 - 000000000 ____D C:\Users\black\AppData\Roaming\discord
2023-05-01 18:31 - 2023-04-04 17:32 - 000000000 ____D C:\Users\black\AppData\Local\Discord

==================== Arquivos na raiz de alguns diretórios ========

2019-05-15 00:25 - 2016-07-10 08:08 - 001834672 _____ (Samsung Electronics Co., Ltd.) C:\ProgramData\GammaLUTPatch.exe
2019-05-15 00:26 - 2018-06-12 06:26 - 000514048 _____ (Samsung Electronics Co., Ltd.) C:\ProgramData\Restore3DLUT.exe

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 29-05-2023
Executado por black (31-05-2023 23:42:01)
Executando a partir de C:\Users\black\OneDrive\Área de Trabalho
Microsoft Windows 11 Home Single Language Versão 22H2 22621.1702 (X64) (2023-01-21 09:37:16)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-3836000981-1062990447-1966762079-500 - Administrator - Disabled)
black (S-1-5-21-3836000981-1062990447-1966762079-1001 - Administrator - Enabled) => C:\Users\black
Convidado (S-1-5-21-3836000981-1062990447-1966762079-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3836000981-1062990447-1966762079-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3836000981-1062990447-1966762079-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1046-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ColorEngine (HKLM\...\{0B48E952-494A-408B-8D9D-5F3331F96659}) (Version: 4.7 - Samsung Electronics Co., Ltd.)
Estudo de aprimoramento de produto para HP DeskJet 2300 series (HKLM\...\{0D3EBE65-13BB-4D2E-9292-16A27FBB70CB}) (Version: 51.3.4843.21310 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.90 - Google LLC)
HP DeskJet 2300 series Software básico do dispositivo (HKLM\...\{3DDA44A3-BD9E-41D3-A78C-048E9F2C2B5F}) (Version: 51.3.4843.21310 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{75B02B98-E7C8-470E-8DF9-7D1C97B9AE48}) (Version: 56.0.472.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{0B17F225-E80B-4D8A-9E42-7FDF2AE10FD2}) (Version: 56.0.472.0 - HP)
HP FTP Plugin (HKLM-x32\...\{28A0FAD3-A157-4B14-9DBC-D8BD4EC1D523}) (Version: 56.0.472.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{00D1BCEE-6931-46C3-AF7D-0E16722C16E9}) (Version: 56.0.472.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{8C92FED7-4D28-4473-A3ED-31E96996C755}) (Version: 56.0.472.0 - HP Inc.)
HP SharePoint Plugin (HKLM-x32\...\{5218A0C5-BDE8-4574-AB40-775891F84296}) (Version: 56.0.472.0 - HP)
Intel(R) Chipset Device Software (HKLM\...\{C04E10F1-EDE0-4CFF-88E6-6267A8C45EE0}) (Version: 10.1.17854.8100 - Intel Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3479FCE3-F7D2-4980-819A-767941440932}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.0.1072 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{AB0A64ED-7DD5-4524-A157-ED7051AB4F21}) (Version: 17.0.0.1072 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{7217727B-65E1-4E28-A315-122E8AB2B267}) (Version: 30.100.1841.2 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1841.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Kaspersky (HKLM-x32\...\{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky)
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.10 (x86) (HKLM-x32\...\{3B28977C-9163-48A5-A08C-C01327E18AE2}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x86) (HKLM-x32\...\{EBD44C5E-F1AF-4955-AEDF-F15D06384A9C}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x86) (HKLM-x32\...\{98CA5A6B-4ECC-4E6D-BF18-6B20CBB6E5F4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft 365 Apps para Grandes Empresas - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.57 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.57 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.101.0514.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft você++ redistributables repacked. (HKLM\...\{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft você++ redistributables repacked. (HKLM-x32\...\{62678770-F459-4903-83E3-A2968F6CC242}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{0F3E4057-E2BB-4114-A646-F143DB5CE4C9}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{9dd24b73-88e0-4f0f-882a-500e00d2bdef}) (Version: 6.0.10.31726 - Microsoft Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Peak Time Power Manager (HKLM-x32\...\{64D42C63-02D5-4129-A546-42BEC0D5AA77}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10487 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.714 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8673 - Realtek Semiconductor Corp.)
Samsung DPI Configuration (HKLM-x32\...\{E76A4AA2-A91E-4887-BF4F-47A763CE1203}) (Version: 1.0.16 - Samsung Electronics Co., Ltd.)
Samsung PC Cleaner 2 Service (HKLM\...\{F0AD4757-E8D6-4651-8ED5-C114C2E9EBC0}) (Version: 2.0.4 - Samsung Electronics Co., Ltd.)
Samsung Recovery Service (HKLM\...\{A942FE64-54BE-4787-A336-C0674F50A118}) (Version: 8.1.13 - Samsung Electronics Co., Ltd.)
Samsung Security (HKLM-x32\...\{2903042E-401D-4E66-9E44-E67FAD87A315}) (Version: 1.00.31 - Samsung Electronics Co., Ltd.)
Samsung Settings Expansion Pack (HKLM\...\{681B0715-1C17-4B7B-A82B-2590A734AB99}) (Version: 1.0.45 - Samsung Electronics Co., Ltd.)
Samsung Update Service (HKLM\...\{09A7E0ED-CD87-4C2A-B75D-0BD0C9BAA99E}) (Version: 3.0.36 - Samsung Electronics Co., Ltd.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{32a1f79d-5643-4cfe-92a4-f7a82adf1b78}) (Version: 10.1.17854.8100 - Intel(R) Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.30767 - Microsoft Corporation)
Telegram Desktop (HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.8.1 - Telegram FZ-LLC)
WinRAR 6.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.20.0 - win.rar GmbH)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.3.1086.0_x64__v10z8vjag6ke6 [2023-05-19] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\appup.intelgraphicscontrolpanel_3.3.0.0_x64__8j3eq9eme6ctt [2023-01-21] (INTEL CORP)
Link Sharing -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.1412377A9806A_1.2.14.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2023-05-23] (LinkedIn)
Little Artist -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.LittleArtist_1.1.13.0_neutral__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.)
Live Message -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.LiveMessage_1.2.2.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.)
ms-resource:AppDisplayName -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.873506AC0B4C_2.1.9.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-01-21] (Microsoft Corporation)
ms-resource:DisplayName -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.9.704.0_x64__wyx1vj98g3asy [2023-05-27] (Samsung Electronics Co, Ltd.)
ms-resource:PC_APP_DISPLAY_NAME -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.141238E141E93_2.1.34.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4979.0_x64__8j3eq9eme6ctt [2023-05-26] (INTEL CORP) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2023-01-21] (Netflix, Inc.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.6613.0_x64__8wekyb3d8bbwe [2023-05-17] (Microsoft Corporation) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.178.0_x64__dt26b99r8h8gj [2023-04-20] (Realtek Semiconductor Corp)
Samsung Notes -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungNotes_4.3.150.0_x64__wyx1vj98g3asy [2023-01-23] (Samsung Electronics Co, Ltd.)
Samsung Recovery -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungRecovery_8.1.46.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.)
Samsung Settings -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungSettings_1.0.49.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.)
Samsung Update -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungUpdate_3.0.91.0_x64__3c1yjt4zspk6g [2023-05-09] (Samsung Electronics Co. Ltd.)
SamsungDeviceCare -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPCCleaner_3.1.11.0_x64__3c1yjt4zspk6g [2023-05-30] (Samsung Electronics Co. Ltd.)
ShellEx Package -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64 [2023-05-29] (0)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad]
Studio Plus -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.StudioPlus_5.0.8.0_x64__3c1yjt4zspk6g [2023-02-15] (Samsung Electronics Co. Ltd.)
WinRAR -> C:\Program Files\WinRAR [2023-02-09] (0)

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-29] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-29] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-29] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-29] (Kaspersky Lab JSC -> AO Kaspersky Lab)

==================== Codecs (Whitelisted) ====================

==================== Atalhos & WMI ========================

==================== Módulos Carregados (Whitelisted) =============

2017-10-18 07:09 - 2017-10-18 07:09 - 001809920 _____ (SAMSUNG Electronics CO., LTD.) [Arquivo não assinado] C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\HookDllUSB.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung17win10.msn.com/?pc=SMTE
HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung17win10.msn.com/?pc=SMTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-02-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\sharepoint.com -> hxxps://23tyy7-files.sharepoint.com

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2018-09-15 04:31 - 2018-09-15 04:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\black\Downloads\stretched-1366-768-681016.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_32C7413498D45B691AF6E54C6F9ACC5E"
HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\StartupApproved\Run: => "Discord"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{4C9FC3AE-69A2-4387-A714-A777F8F192C3}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{178B0794-6D5C-4BF7-9FFC-F1F376F533A2}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78F79913-73BA-4707-9759-EB83B63444A4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Nenhum Arquivo
FirewallRules: [{909D4713-D03E-45FE-9827-4B8C035CCD0C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Nenhum Arquivo
FirewallRules: [{8569CB20-6DA0-4304-A677-3E43E043CE9B}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe => Nenhum Arquivo
FirewallRules: [{CCB6362C-819D-494E-9EA1-E9EFD8FF01B7}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe => Nenhum Arquivo
FirewallRules: [{E5ECB5EB-0504-470E-9DDA-AC9FA6C44E84}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6E1D8C7-6D51-433E-AE20-83817D11489A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F03A1EEE-51F5-4884-BD42-CAF426547913}] => (Allow) C:\Program Files\HP\HP DeskJet 2300 series\Bin\USBSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{CC5C22D6-C77E-487B-80F2-51A9193E50AC}] => (Allow) C:\Program Files\HP\HP DeskJet 2300 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{187ABAA9-ECA6-40B7-BCC6-4B605FA10567}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{786B114C-0E2D-4377-89B5-28646AC219BA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DD52037-E6F5-4FB5-AC2E-4D6208744209}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D39D7B93-C0A1-4D07-AB88-66CDCF4FA64E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EFBD6C97-A1F2-4080-A40A-B3E20D51A6D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E34F964E-9D65-435A-B117-4D166CDBD621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB048195-2FCF-49AC-80E4-69F03C892187}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2A600CC-1681-4296-8AA7-3D0A6834C5BF}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.9.704.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> )
FirewallRules: [{D5AB9872-78BA-4A03-981D-793AA9567A05}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.9.704.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> )
FirewallRules: [{F24667FF-B9FD-4544-801C-7CC0C0FD7D63}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.9.704.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> )
FirewallRules: [{CC700757-5A5A-4DDA-89CB-401C14634B46}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.9.704.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> )
FirewallRules: [{5BD274B8-A06F-4FD1-9446-592F74058234}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{60EE9F2C-89E6-466C-9917-A5F0ADF1F7E0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Pontos de Restauração =========================

23-05-2023 22:38:15 ZHPcleaner
25-05-2023 20:24:33 Installed Honeygain

==================== Dispositivos Apresentando Falhas No Gerenciador ============

==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (05/31/2023 06:43:08 AM) (Source: Application Error) (EventID: 1000) (User: ERICK)
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 10.0.22621.1, carimbo de data/hora: 0x004687c2
Nome do módulo com falha: biwinrt.dll, versão: 10.0.22621.1635, carimbo de data/hora: 0xa3e75401
Código de exceção: 0xc000027b
Deslocamento da falha: 0x000000000001e9a7
ID do processo com falha: 0x0x6444
Hora de início do aplicativo com falha: 0x0x1d993a44a02b018
Caminho do aplicativo com falha: C:\WINDOWS\system32\backgroundTaskHost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 41054975-dd9e-4385-b703-ee31f29a05bf
Nome completo do pacote com falha: SAMSUNGELECTRONICSCO.LTD.StudioPlus_5.0.8.0_x64__3c1yjt4zspk6g
ID do aplicativo relativo ao pacote com falha: App

Error: (05/29/2023 07:03:14 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando.
.

Operação:
Executando Operação Assíncrona

Contexto:
Estado Atual: DoSnapshotSet

Error: (05/29/2023 01:14:52 AM) (Source: Application Error) (EventID: 1000) (User: ERICK)
Description: Nome do aplicativo com falha: WINWORD.EXE, versão: 16.0.16327.20248, carimbo de data/hora: 0x644c7ce4
Nome do módulo com falha: wwlib.dll, versão: 16.0.16327.20248, carimbo de data/hora: 0x644ce399
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000a469a1
ID do processo com falha: 0x0x3fa4
Hora de início do aplicativo com falha: 0x0x1d991a15eaa066a
Caminho do aplicativo com falha: C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
Caminho do módulo com falha: C:\Program Files\Microsoft Office\Root\Office16\wwlib.dll
ID do Relatório: b39886ad-2d0b-409e-b528-9fe1b0179293
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (05/24/2023 06:43:47 AM) (Source: Application Error) (EventID: 1000) (User: ERICK)
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 10.0.22621.1, carimbo de data/hora: 0x004687c2
Nome do módulo com falha: biwinrt.dll, versão: 10.0.22621.1635, carimbo de data/hora: 0xa3e75401
Código de exceção: 0xc000027b
Deslocamento da falha: 0x000000000001e9a7
ID do processo com falha: 0x0x15f0
Hora de início do aplicativo com falha: 0x0x1d98e2438ea56de
Caminho do aplicativo com falha: C:\WINDOWS\system32\backgroundTaskHost.exe
Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll
ID do Relatório: 1db517ad-087e-4261-9855-be8b4dcc1cb1
Nome completo do pacote com falha: SAMSUNGELECTRONICSCO.LTD.StudioPlus_5.0.8.0_x64__3c1yjt4zspk6g
ID do aplicativo relativo ao pacote com falha: App

Error: (05/23/2023 08:57:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.

Error: (05/23/2023 08:57:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]

Error: (05/23/2023 08:57:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.

Error: (05/23/2023 08:57:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]

Erros de Sistema:
=============
Error: (05/30/2023 10:42:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80073d02: 9WZDNCRFJBMP-MICROSOFT.WINDOWSSTORE.

Error: (05/29/2023 04:31:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro:
Acesso negado.

Error: (05/23/2023 09:14:05 PM) (Source: ACPI) (EventID: 4) (User: )
Description: AMLI: o BIOS da ACPI está tentando ler um endereço de porta de E/S (0x75) inválido, que está no intervalo de endereços protegido 0x74 - 0x76. Isso pode causar instabilidade no sistema. Contate o fornecedor do sistema para obter assistência técnica.

Error: (05/23/2023 09:14:05 PM) (Source: ACPI) (EventID: 5) (User: )
Description: AMLI: o BIOS da ACPI está tentando gravar em um endereço de porta de E/S (0x74) inválido, que está no intervalo de endereços protegido 0x74 - 0x76. Isso pode causar instabilidade no sistema. Contate o fornecedor do sistema para obter assistência técnica.

Error: (05/23/2023 08:59:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço SecPowerCtrlService.

Error: (05/23/2023 08:56:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Microsoft Office Click-to-Run Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (05/23/2023 08:56:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Graphics Command Center Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (05/23/2023 08:56:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Samsung Update Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.

Windows Defender:
================
Date: 2023-05-29 00:33:20
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {68625080-108D-475B-AF28-2D36DD7855A7}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-05-28 00:28:27
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {07FAB2E9-7137-4944-9A39-91C364F571A4}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-05-27 00:45:21
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {7E35A06F-F995-4002-AE5A-7FCCD68FAB07}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-05-26 00:59:08
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {8ACD06E8-B0C6-4479-BAC7-6E21C8538ACE}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-05-25 00:59:05
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {6A000139-2D12-4570-BB6D-4576D07224FA}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Event[0]

Date: 2023-02-18 19:14:41
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança:
Versão da Inteligência de Segurança anterior: 1.383.160.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo:
Versão Anterior do Mecanismo: 1.1.20000.2
Código de Erro: 0x8024402c
Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte.

Date: 2023-02-13 03:49:55
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança:
Versão da Inteligência de Segurança anterior: 1.381.3495.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo:
Versão Anterior do Mecanismo: 1.1.19900.2
Código de Erro: 0x80240438
Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte.

Date: 2023-01-22 15:12:49
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança: 1.381.2553.0
Versão da Inteligência de Segurança anterior: 1.381.2548.0
Fonte da Atualização: Usuário
Tipo da Inteligência de Segurança: Anti-spyware
Tipo da atualização: Delta
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo: 1.1.19900.2
Versão Anterior do Mecanismo: 1.1.19900.2
Código de Erro: 0x80004004
Descrição do Erro: Operação anulada

Date: 2023-01-22 15:12:49
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança: 1.381.2553.0
Versão da Inteligência de Segurança anterior: 1.381.2548.0
Fonte da Atualização: Usuário
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Delta
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo: 1.1.19900.2
Versão Anterior do Mecanismo: 1.1.19900.2
Código de Erro: 0x80004004
Descrição do Erro: Operação anulada

Date: 2023-01-22 13:41:11
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança:
Versão da Inteligência de Segurança anterior:
Fonte da Atualização: Usuário
Tipo da Inteligência de Segurança: Anti-spyware
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo:
Versão Anterior do Mecanismo:
Código de Erro: 0x80070002
Descrição do Erro: O sistema não pode encontrar o arquivo especificado.

CodeIntegrity:
===============
Date: 2023-05-31 08:59:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements.

Date: 2023-05-31 07:24:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements.

==================== Informações da Memória ===========================

BIOS: American Megatrends Inc. P13REU.091.220223.JJ 02/23/2022
placa-mãe: SAMSUNG ELECTRONICS CO., LTD. NP350XBE-KDABR
Processador: Intel(R) Celeron(R) CPU 4205U @ 1.80GHz
Percentagem de memória em uso: 85%
RAM física total: 3989.34 MB
RAM física disponível: 595.23 MB
Virtual Total: 14880.41 MB
Virtual disponível: 2431.23 MB

==================== Drives ================================

Drive () (Fixed) (Total:450.19 GB) (Free:384.55 GB) (Model: SAMSUNG MZMLN128HCGR-000) NTFS

\\?\Volume{b14fd758-04ae-452e-b90f-8da40d2c34c4}\ (Windows RE tools) (Fixed) (Total:0.83 GB) (Free:0.11 GB) NTFS
\\?\Volume{9078874e-bae7-41ce-8c8a-026ed38abf15}\ (SAMSUNG_REC2) (Fixed) (Total:13.47 GB) (Free:1.69 GB) NTFS
\\?\Volume{1ba4d1ef-9855-4dc3-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.43 GB) FAT32
\\?\Volume{983d71b3-6fff-4ae9-8520-01f6337172a2}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 26EA9241)

Partition: GPT.

==================== Fim de Addition.txt =======================

Elias Pereira · 4 de junho de 2023

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
Task: {0005F073-43F5-49AC-83F5-7C6849AEFD3A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {0870F47C-DF65-4B98-975C-A433FD50307F} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [1629424 2018-06-12] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {0F71158E-9902-4FB5-918F-971ACDF733B5} - System32\Tasks\Samsung\SamsungUpdate\UserModeWorker => C:\Program Files\Samsung\SamsungUpdate\SUUserModeWorker.exe [28832 2019-04-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {1AA23C51-15D3-4FF7-9926-9D925DAF6938} - System32\Tasks\Samsung\SamsungSecurity\SecurityAppMoniter => C:\Program Files (x86)\Samsung\SamsungSecurity\SecurityAppChecker.exe [454384 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {1DEFC34B-9A57-4CCB-B79C-9A8D55C271D5} - System32\Tasks\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-23] (Google LLC -> Google LLC)
Task: {20966A91-0728-41AE-944C-7646A5A016E1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Nenhum Arquivo)
Task: {29D41907-5DE4-40BA-9981-62E9C08636F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {2D2A5AC2-B3E0-400E-B516-F311C0241D03} - System32\Tasks\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-23] (Google LLC -> Google LLC)
Task: {306BA4C6-9C9E-4886-AA8E-2BF62F8B015D} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499952 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {32CEB178-A09D-4A96-ACFE-7E577BB852BA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {39BA2835-7D88-4621-9227-58E5F4966B78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3BDF1C4C-44C3-4C0F-A863-605E66DF1399} - System32\Tasks\ColorEngine => C:\Program Files\Samsung\ColorEngine\ColorEngine.exe [545440 2018-09-27] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {53F468DA-F0ED-460E-A37B-87BB118A768D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {561F55A2-9AC8-45DF-85F3-628B15C4B11F} - System32\Tasks\HPCustParticipation HP DeskJet 2300 series => C:\Program Files\HP\HP DeskJet 2300 series\Bin\HPCustPartic.exe [6733472 2021-11-06] (HP Inc. -> HP Inc.)
Task: {60204B5A-B610-45AD-A9B8-CE847637B688} - System32\Tasks\RtkAudUService64_BG => C:\windows\system32\RtkAudUService64.exe [1080552 2020-02-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {66814970-3FFF-4210-AB1F-52BC1C7F8201} - System32\Tasks\DPICustomized => C:\ProgramData\Samsung\DPICustomizing\FontCustomizing.exe [24736 2018-01-16] (Samsung Electronics CO., LTD. -> )
Task: {710E989A-5348-4442-8981-1A6511B10C4D} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499952 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {71B7E78C-D939-4EFE-9307-5CF8E526B533} - \Samsung\Settings\SettingsHibernateMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {830B5DC2-5AB5-48A3-ABA4-621C372E2936} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {92EB0FBC-3EAF-40B9-A442-910979BF5021} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6D63C54-F63F-4E46-AC98-063441F5927C} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2760552 2017-05-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {B276F4B8-B317-4858-B264-89870391D08F} - System32\Tasks\Samsung\Recovery8\BulletUserModeWorker => C:\Program Files\Samsung\Recovery\BulletUserModeWorker.exe [347368 2019-03-20] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {CA9E80C0-B37E-48A1-BB37-6B4E679358E1} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB389587-6DF1-4CA8-9B72-D7739F566B3A} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Nenhum Arquivo)
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:Clique com o direito sobre o arquivo FRST.EXE, depois clique em http://i.imgur.com/VRIfczU.png

Clique no botão

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

soulblack · 5 de junho de 2023

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 29-05-2023
Executado por black (05-06-2023 00:32:09) Run:1
Executando a partir de C:\Users\black\OneDrive\Área de Trabalho
Perfis Carregados: black
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
Task: {0005F073-43F5-49AC-83F5-7C6849AEFD3A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {0870F47C-DF65-4B98-975C-A433FD50307F} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [1629424 2018-06-12] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {0F71158E-9902-4FB5-918F-971ACDF733B5} - System32\Tasks\Samsung\SamsungUpdate\UserModeWorker => C:\Program Files\Samsung\SamsungUpdate\SUUserModeWorker.exe [28832 2019-04-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {1AA23C51-15D3-4FF7-9926-9D925DAF6938} - System32\Tasks\Samsung\SamsungSecurity\SecurityAppMoniter => C:\Program Files (x86)\Samsung\SamsungSecurity\SecurityAppChecker.exe [454384 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {1DEFC34B-9A57-4CCB-B79C-9A8D55C271D5} - System32\Tasks\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-23] (Google LLC -> Google LLC)
Task: {20966A91-0728-41AE-944C-7646A5A016E1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Nenhum Arquivo)
Task: {29D41907-5DE4-40BA-9981-62E9C08636F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {2D2A5AC2-B3E0-400E-B516-F311C0241D03} - System32\Tasks\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-23] (Google LLC -> Google LLC)
Task: {306BA4C6-9C9E-4886-AA8E-2BF62F8B015D} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499952 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {32CEB178-A09D-4A96-ACFE-7E577BB852BA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {39BA2835-7D88-4621-9227-58E5F4966B78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3BDF1C4C-44C3-4C0F-A863-605E66DF1399} - System32\Tasks\ColorEngine => C:\Program Files\Samsung\ColorEngine\ColorEngine.exe [545440 2018-09-27] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {53F468DA-F0ED-460E-A37B-87BB118A768D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {561F55A2-9AC8-45DF-85F3-628B15C4B11F} - System32\Tasks\HPCustParticipation HP DeskJet 2300 series => C:\Program Files\HP\HP DeskJet 2300 series\Bin\HPCustPartic.exe [6733472 2021-11-06] (HP Inc. -> HP Inc.)
Task: {60204B5A-B610-45AD-A9B8-CE847637B688} - System32\Tasks\RtkAudUService64_BG => C:\windows\system32\RtkAudUService64.exe [1080552 2020-02-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {66814970-3FFF-4210-AB1F-52BC1C7F8201} - System32\Tasks\DPICustomized => C:\ProgramData\Samsung\DPICustomizing\FontCustomizing.exe [24736 2018-01-16] (Samsung Electronics CO., LTD. -> )
Task: {710E989A-5348-4442-8981-1A6511B10C4D} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499952 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {71B7E78C-D939-4EFE-9307-5CF8E526B533} - \Samsung\Settings\SettingsHibernateMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {830B5DC2-5AB5-48A3-ABA4-621C372E2936} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {92EB0FBC-3EAF-40B9-A442-910979BF5021} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6D63C54-F63F-4E46-AC98-063441F5927C} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2760552 2017-05-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {B276F4B8-B317-4858-B264-89870391D08F} - System32\Tasks\Samsung\Recovery8\BulletUserModeWorker => C:\Program Files\Samsung\Recovery\BulletUserModeWorker.exe [347368 2019-03-20] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {CA9E80C0-B37E-48A1-BB37-6B4E679358E1} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0005F073-43F5-49AC-83F5-7C6849AEFD3A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0005F073-43F5-49AC-83F5-7C6849AEFD3A}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0870F47C-DF65-4B98-975C-A433FD50307F}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0870F47C-DF65-4B98-975C-A433FD50307F}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\SecTimeSync\TimeSyncInit => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SecTimeSync\TimeSyncInit" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0F71158E-9902-4FB5-918F-971ACDF733B5}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F71158E-9902-4FB5-918F-971ACDF733B5}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Samsung\SamsungUpdate\UserModeWorker => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\SamsungUpdate\UserModeWorker" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1AA23C51-15D3-4FF7-9926-9D925DAF6938}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AA23C51-15D3-4FF7-9926-9D925DAF6938}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Samsung\SamsungSecurity\SecurityAppMoniter => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\SamsungSecurity\SecurityAppMoniter" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DEFC34B-9A57-4CCB-B79C-9A8D55C271D5}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DEFC34B-9A57-4CCB-B79C-9A8D55C271D5}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20966A91-0728-41AE-944C-7646A5A016E1}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20966A91-0728-41AE-944C-7646A5A016E1}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{29D41907-5DE4-40BA-9981-62E9C08636F8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29D41907-5DE4-40BA-9981-62E9C08636F8}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2D2A5AC2-B3E0-400E-B516-F311C0241D03}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D2A5AC2-B3E0-400E-B516-F311C0241D03}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{306BA4C6-9C9E-4886-AA8E-2BF62F8B015D}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{306BA4C6-9C9E-4886-AA8E-2BF62F8B015D}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginAccountMonitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\SamsungSecurity\SamsungSecurityPatternLoginAccountMonitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32CEB178-A09D-4A96-ACFE-7E577BB852BA}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32CEB178-A09D-4A96-ACFE-7E577BB852BA}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates 2.0" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39BA2835-7D88-4621-9227-58E5F4966B78}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39BA2835-7D88-4621-9227-58E5F4966B78}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3BDF1C4C-44C3-4C0F-A863-605E66DF1399}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BDF1C4C-44C3-4C0F-A863-605E66DF1399}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\ColorEngine => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ColorEngine" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53F468DA-F0ED-460E-A37B-87BB118A768D}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53F468DA-F0ED-460E-A37B-87BB118A768D}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Performance Monitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Performance Monitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{561F55A2-9AC8-45DF-85F3-628B15C4B11F}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{561F55A2-9AC8-45DF-85F3-628B15C4B11F}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\HPCustParticipation HP DeskJet 2300 series => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCustParticipation HP DeskJet 2300 series" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{60204B5A-B610-45AD-A9B8-CE847637B688}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60204B5A-B610-45AD-A9B8-CE847637B688}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\RtkAudUService64_BG => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RtkAudUService64_BG" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{66814970-3FFF-4210-AB1F-52BC1C7F8201}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66814970-3FFF-4210-AB1F-52BC1C7F8201}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\DPICustomized => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DPICustomized" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{710E989A-5348-4442-8981-1A6511B10C4D}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{710E989A-5348-4442-8981-1A6511B10C4D}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginMonitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\SamsungSecurity\SamsungSecurityPatternLoginMonitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71B7E78C-D939-4EFE-9307-5CF8E526B533}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71B7E78C-D939-4EFE-9307-5CF8E526B533}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\Settings\SettingsHibernateMonitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{830B5DC2-5AB5-48A3-ABA4-621C372E2936}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{830B5DC2-5AB5-48A3-ABA4-621C372E2936}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates Logon => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates Logon" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92EB0FBC-3EAF-40B9-A442-910979BF5021}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92EB0FBC-3EAF-40B9-A442-910979BF5021}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6D63C54-F63F-4E46-AC98-063441F5927C}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6D63C54-F63F-4E46-AC98-063441F5927C}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\PowerManagement => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PowerManagement" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B276F4B8-B317-4858-B264-89870391D08F}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B276F4B8-B317-4858-B264-89870391D08F}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Samsung\Recovery8\BulletUserModeWorker => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\Recovery8\BulletUserModeWorker" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA9E80C0-B37E-48A1-BB37-6B4E679358E1}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\OneDrive Per-Machine Standalone Update Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Per-Machine Standalone Update Task" => removido (a) com sucesso.

O sistema precisou ser reiniciado.

==== Fim de Fixlog 00:34:03 ====

Elias Pereira · 8 de junho de 2023

Como está seu computador?

soulblack · 10 de junho de 2023

Ele deu uma melhorada, mas ainda sinto uma certa lentidão para abrir pastas e programas, acredito que pode ser porque ele é bem fraquinho, só serve pra coisas básicas mesmo.

Elias Pereira · 11 de junho de 2023

Hoje em dia com 4GB de memória e sem SSD, acaba ficando lento.

Em relação a malwares, não temos mais problemas.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Lusitano · 21 de junho de 2023

Problema resolvido!

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.