KakaSantos

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 14-11-2021 Executado por Kaka (23-11-2021 00:27:30) Run:1 Executando a partir de C:\Users\Kaka\Desktop Perfis Carregados: Kaka Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [] => [X] Task: {01C6B36D-0D60-4B62-B78D-ABA9EBC3F035} - System32\Tasks\CCleanerSkipUAC - Kaka => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {070330DE-FAFE-4F2D-873C-5B4D2ACF4843} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Nenhum Arquivo) Task: {087FE0D1-2E27-437D-872A-4E2A4514F337} - System32\Tasks\{2B271AD6-2CDB-46D2-9857-7D1C30B79606} => C:\Windows\system32\pcalua.exe -a C:\Users\Kaka\Desktop\Atheros\setup.exe -d C:\Users\Kaka\Desktop\Atheros Task: {0C3C4557-6D20-4E89-B5A0-10B45DA4349E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Nenhum Arquivo) Task: {10CC58BF-46AE-4C78-B5EB-F1C072047FF5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {16A92A74-5047-43EA-A9D0-EAC4A2B6A468} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Nenhum Arquivo) Task: {16C311BD-0160-49BB-B159-8F414F3696B3} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {1725E09A-8745-4716-97C4-D58163ECF2D8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Nenhum Arquivo) Task: {1D8FF228-A7B3-4623-8D33-B4DD0890D810} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Nenhum Arquivo) Task: {2370E69F-2A76-414F-A068-012265B0653E} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [Arquivo não assinado] Task: {2BE2BEA5-B214-407D-990F-676B52FA5ACD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Nenhum Arquivo) Task: {392B3EAA-79C3-4618-8A3A-04BE77A66629} - System32\Tasks\{80381077-9AE3-49C0-9AAF-3BB1682AE9FD} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}\setup.exe" -c -runfromtemp -l0x0416 -removeonly Task: {418DC5F2-1B8B-44BF-A677-2F1E089D996A} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB} Task: {4F0BE499-9CE6-484D-A590-3B0AA802BB52} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} Task: {5187B438-0A8D-48C9-9AFF-8042F46ABFF1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Nenhum Arquivo) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {62226D0B-DB59-40AE-87DC-C33920102327} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-10-14] () [Arquivo não assinado] Task: {62E0EB2F-1D59-474C-97F1-F36DDCC50FD5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Nenhum Arquivo) Task: {6744419E-6075-4160-A2BC-A9DF037118A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {68D6F227-C9C8-408C-A35D-0590F9A9D1AE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Nenhum Arquivo) Task: {6A0B7A24-B0F3-4066-B299-A90103BADBD0} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {7158BE07-2C75-4CAA-9353-018447B08331} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {777B6E4D-F85A-4697-BC7F-DCE078D730D0} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} Task: {87B85FE1-D6B9-48C7-BEAB-F3223F1280DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Nenhum Arquivo) Task: {8D3B8A5E-366A-4DA1-B493-B8F7151AB219} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Nenhum Arquivo) Task: {8F22CC8A-DBA6-477B-9C90-7D9149FDE29C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {96B4F296-3AF2-4734-8C88-32C9D8E32665} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Nenhum Arquivo) Task: {99C3E9F1-514D-4213-80A7-B64AEC8DEF29} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {9B364E99-BFED-4504-8A92-87AEBA232A85} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Nenhum Arquivo) Task: {A7451315-F0DF-4C00-9CC8-3046E8F00B55} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Nenhum Arquivo) Task: {AD8F1369-6019-437D-9EF6-C3AEF71926DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC) Task: {AE926E5C-73F0-4875-8A26-AF4464EA2380} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Nenhum Arquivo) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371} Task: {B0DB17F9-C3FC-4C37-91F4-BEA29DBAB83B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B6E07F63-6822-402B-ACA1-A4DDC5906233} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {C1376B8C-A19E-4C5B-A779-16F082008D82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC) Task: {C657111D-DB4E-4080-B2A2-D074236C900D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Nenhum Arquivo) Task: {C8099BF5-3246-432E-8C16-731BBE10A5E8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform) Task: {C851D3C6-1F80-41A3-BAC1-E49484AF1266} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Nenhum Arquivo) Task: {C94CE6AE-BC92-4072-B923-A1B7D906AC11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D3BCD7FE-C2AA-4352-90F1-605DD1878ABD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Nenhum Arquivo) Task: {D45E0B19-0475-4001-B63D-105962763D4B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Nenhum Arquivo) Task: {E0CFCF8A-94F9-40B1-BB84-B3EC2AD80D03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {E3796FFF-39CE-426E-BEE5-966C18C1FC50} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Nenhum Arquivo) Task: {E6DCE9B2-5069-4F36-982B-58B5E254F22E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Nenhum Arquivo) Task: {E6F1B631-9D96-4B10-ADF8-593E9E606A98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E7FC3818-BB30-47B4-A5C9-EF57F7B712E1} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [Arquivo não assinado] Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] File: C:\WINDOWS\SYSTEM32\prntvpt.dll CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: CreateRestorePoint: ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01C6B36D-0D60-4B62-B78D-ABA9EBC3F035}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01C6B36D-0D60-4B62-B78D-ABA9EBC3F035}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CCleanerSkipUAC - Kaka => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC - Kaka" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{070330DE-FAFE-4F2D-873C-5B4D2ACF4843}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{070330DE-FAFE-4F2D-873C-5B4D2ACF4843}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{087FE0D1-2E27-437D-872A-4E2A4514F337}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{087FE0D1-2E27-437D-872A-4E2A4514F337}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\{2B271AD6-2CDB-46D2-9857-7D1C30B79606} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2B271AD6-2CDB-46D2-9857-7D1C30B79606}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C3C4557-6D20-4E89-B5A0-10B45DA4349E}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C3C4557-6D20-4E89-B5A0-10B45DA4349E}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10CC58BF-46AE-4C78-B5EB-F1C072047FF5}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10CC58BF-46AE-4C78-B5EB-F1C072047FF5}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates 2.0" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16A92A74-5047-43EA-A9D0-EAC4A2B6A468}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16A92A74-5047-43EA-A9D0-EAC4A2B6A468}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16C311BD-0160-49BB-B159-8F414F3696B3}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16C311BD-0160-49BB-B159-8F414F3696B3}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\AutoWake => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1725E09A-8745-4716-97C4-D58163ECF2D8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1725E09A-8745-4716-97C4-D58163ECF2D8}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D8FF228-A7B3-4623-8D33-B4DD0890D810}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D8FF228-A7B3-4623-8D33-B4DD0890D810}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2370E69F-2A76-414F-A068-012265B0653E}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2370E69F-2A76-414F-A068-012265B0653E}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify2" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BE2BEA5-B214-407D-990F-676B52FA5ACD}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BE2BEA5-B214-407D-990F-676B52FA5ACD}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{392B3EAA-79C3-4618-8A3A-04BE77A66629}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{392B3EAA-79C3-4618-8A3A-04BE77A66629}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\{80381077-9AE3-49C0-9AAF-3BB1682AE9FD} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{80381077-9AE3-49C0-9AAF-3BB1682AE9FD}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{418DC5F2-1B8B-44BF-A677-2F1E089D996A}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{418DC5F2-1B8B-44BF-A677-2F1E089D996A}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\MobilePC\HotStart => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControlsMigration" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F0BE499-9CE6-484D-A590-3B0AA802BB52}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F0BE499-9CE6-484D-A590-3B0AA802BB52}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5187B438-0A8D-48C9-9AFF-8042F46ABFF1}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5187B438-0A8D-48C9-9AFF-8042F46ABFF1}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControls" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62226D0B-DB59-40AE-87DC-C33920102327}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62226D0B-DB59-40AE-87DC-C33920102327}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\klcp_update => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62E0EB2F-1D59-474C-97F1-F36DDCC50FD5}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62E0EB2F-1D59-474C-97F1-F36DDCC50FD5}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6744419E-6075-4160-A2BC-A9DF037118A8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6744419E-6075-4160-A2BC-A9DF037118A8}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68D6F227-C9C8-408C-A35D-0590F9A9D1AE}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68D6F227-C9C8-408C-A35D-0590F9A9D1AE}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A0B7A24-B0F3-4066-B299-A90103BADBD0}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A0B7A24-B0F3-4066-B299-A90103BADBD0}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7158BE07-2C75-4CAA-9353-018447B08331}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7158BE07-2C75-4CAA-9353-018447B08331}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentFallBack2016" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{777B6E4D-F85A-4697-BC7F-DCE078D730D0}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{777B6E4D-F85A-4697-BC7F-DCE078D730D0}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87B85FE1-D6B9-48C7-BEAB-F3223F1280DA}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87B85FE1-D6B9-48C7-BEAB-F3223F1280DA}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D3B8A5E-366A-4DA1-B493-B8F7151AB219}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D3B8A5E-366A-4DA1-B493-B8F7151AB219}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F22CC8A-DBA6-477B-9C90-7D9149FDE29C}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F22CC8A-DBA6-477B-9C90-7D9149FDE29C}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96B4F296-3AF2-4734-8C88-32C9D8E32665}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96B4F296-3AF2-4734-8C88-32C9D8E32665}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{99C3E9F1-514D-4213-80A7-B64AEC8DEF29}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99C3E9F1-514D-4213-80A7-B64AEC8DEF29}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates Logon => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates Logon" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B364E99-BFED-4504-8A92-87AEBA232A85}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B364E99-BFED-4504-8A92-87AEBA232A85}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7451315-F0DF-4C00-9CC8-3046E8F00B55}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7451315-F0DF-4C00-9CC8-3046E8F00B55}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD8F1369-6019-437D-9EF6-C3AEF71926DC}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD8F1369-6019-437D-9EF6-C3AEF71926DC}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE926E5C-73F0-4875-8A26-AF4464EA2380}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE926E5C-73F0-4875-8A26-AF4464EA2380}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0DB17F9-C3FC-4C37-91F4-BEA29DBAB83B}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0DB17F9-C3FC-4C37-91F4-BEA29DBAB83B}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6E07F63-6822-402B-ACA1-A4DDC5906233}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6E07F63-6822-402B-ACA1-A4DDC5906233}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1376B8C-A19E-4C5B-A779-16F082008D82}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1376B8C-A19E-4C5B-A779-16F082008D82}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C657111D-DB4E-4080-B2A2-D074236C900D}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C657111D-DB4E-4080-B2A2-D074236C900D}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{C8099BF5-3246-432E-8C16-731BBE10A5E8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8099BF5-3246-432E-8C16-731BBE10A5E8}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CCleaner Update => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C851D3C6-1F80-41A3-BAC1-E49484AF1266}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C851D3C6-1F80-41A3-BAC1-E49484AF1266}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C94CE6AE-BC92-4072-B923-A1B7D906AC11}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C94CE6AE-BC92-4072-B923-A1B7D906AC11}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Verification" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D3BCD7FE-C2AA-4352-90F1-605DD1878ABD}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3BCD7FE-C2AA-4352-90F1-605DD1878ABD}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D45E0B19-0475-4001-B63D-105962763D4B}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D45E0B19-0475-4001-B63D-105962763D4B}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E0CFCF8A-94F9-40B1-BB84-B3EC2AD80D03}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0CFCF8A-94F9-40B1-BB84-B3EC2AD80D03}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentLogOn2016" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3796FFF-39CE-426E-BEE5-966C18C1FC50}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3796FFF-39CE-426E-BEE5-966C18C1FC50}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6DCE9B2-5069-4F36-982B-58B5E254F22E}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6DCE9B2-5069-4F36-982B-58B5E254F22E}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6F1B631-9D96-4B10-ADF8-593E9E606A98}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6F1B631-9D96-4B10-ADF8-593E9E606A98}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E7FC3818-BB30-47B4-A5C9-EF57F7B712E1}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7FC3818-BB30-47B4-A5C9-EF57F7B712E1}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify1" => removido (a) com sucesso. C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => movido com sucesso "CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removido (a) com sucesso. "BVTFilter" => removido (a) com sucesso. "BVTConsumer" => removido (a) com sucesso. ========================= File: C:\WINDOWS\SYSTEM32\prntvpt.dll ======================== C:\WINDOWS\SYSTEM32\prntvpt.dll Arquivo não assinado MD5: ADDE39A0B25859FF2DA6629E71E33A11 Data de criação e modificação: 2021-02-15 10:57 - 2021-02-15 10:57 Tamanho: 000182272 Atributos: ----A Nome Da Empresa: Microsoft Corporation Interno Nome: prntvpt.dll Original Nome: prntvpt.dll Produto: Microsoft® Windows® Operating System Descrição: Print Ticket Services Module Arquivo Versão: 10.0.19041.746 (WinBuild.160101.0800) Produto Versão: 10.0.19041.746 Copyright: © Microsoft Corporation. All rights reserved. VirusTotal: 0 ====== Fim de File: ====== ========= ipconfig /flushdns ========= Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-21-3439908664-1470252025-331894347-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-21-3439908664-1470252025-331894347-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. ========= Fim de RemoveProxy: ========= Ponto de Restauração criado com sucesso. =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21134862 B Java, Flash, Steam htmlcache => 1156 B Windows/system/drivers => 462210853 B Edge => 0 B Chrome => 459249651 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 349967072 B Kaka => 435918961 B RecycleBin => 2386871 B EmptyTemp: => 1.6 GB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 00:44:36 ====

. Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 14-11-2021 Executado por Kaka (administrador) em KAKA-PC (16-11-2021 19:09:24) Executando a partir de C:\Users\Kaka\Desktop Perfis Carregados: Kaka Plataforma: Microsoft Windows 10 Pro Versão 21H1 19043.1348 (X64) Idioma: Português (Brasil) Navegador padrão: Chrome Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\52.0.6.0\crashpad_handler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.ACRONYM\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2> ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-06-03] (Adobe Inc. -> ) HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1820568 2020-10-19] (LG Electronics Inc. -> LG Electronics Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49952424 2021-10-19] (Google LLC -> ) HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\Run: [uTorrent] => C:\Users\Kaka\AppData\Roaming\uTorrent\uTorrent.exe [2132520 2021-05-10] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\hpfpp083: C:\Windows\System32\spool\prtprocs\x64\hpfpp083.dll [254464 2008-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Datecs Language Monitor: C:\WINDOWS\system32\prnlm_dt.dll [92160 2016-04-11] (Datecs -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-02] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-03-30] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {01C6B36D-0D60-4B62-B78D-ABA9EBC3F035} - System32\Tasks\CCleanerSkipUAC - Kaka => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {070330DE-FAFE-4F2D-873C-5B4D2ACF4843} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Nenhum Arquivo) Task: {087FE0D1-2E27-437D-872A-4E2A4514F337} - System32\Tasks\{2B271AD6-2CDB-46D2-9857-7D1C30B79606} => C:\Windows\system32\pcalua.exe -a C:\Users\Kaka\Desktop\Atheros\setup.exe -d C:\Users\Kaka\Desktop\Atheros Task: {0C3C4557-6D20-4E89-B5A0-10B45DA4349E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Nenhum Arquivo) Task: {10CC58BF-46AE-4C78-B5EB-F1C072047FF5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {16A92A74-5047-43EA-A9D0-EAC4A2B6A468} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Nenhum Arquivo) Task: {16C311BD-0160-49BB-B159-8F414F3696B3} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {1725E09A-8745-4716-97C4-D58163ECF2D8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Nenhum Arquivo) Task: {1D8FF228-A7B3-4623-8D33-B4DD0890D810} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Nenhum Arquivo) Task: {2370E69F-2A76-414F-A068-012265B0653E} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [Arquivo não assinado] Task: {2BE2BEA5-B214-407D-990F-676B52FA5ACD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Nenhum Arquivo) Task: {392B3EAA-79C3-4618-8A3A-04BE77A66629} - System32\Tasks\{80381077-9AE3-49C0-9AAF-3BB1682AE9FD} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}\setup.exe" -c -runfromtemp -l0x0416 -removeonly Task: {418DC5F2-1B8B-44BF-A677-2F1E089D996A} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB} Task: {4F0BE499-9CE6-484D-A590-3B0AA802BB52} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} Task: {5187B438-0A8D-48C9-9AFF-8042F46ABFF1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Nenhum Arquivo) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {62226D0B-DB59-40AE-87DC-C33920102327} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-10-14] () [Arquivo não assinado] Task: {62E0EB2F-1D59-474C-97F1-F36DDCC50FD5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Nenhum Arquivo) Task: {6744419E-6075-4160-A2BC-A9DF037118A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {68D6F227-C9C8-408C-A35D-0590F9A9D1AE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Nenhum Arquivo) Task: {6A0B7A24-B0F3-4066-B299-A90103BADBD0} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {7158BE07-2C75-4CAA-9353-018447B08331} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {777B6E4D-F85A-4697-BC7F-DCE078D730D0} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} Task: {87B85FE1-D6B9-48C7-BEAB-F3223F1280DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Nenhum Arquivo) Task: {8D3B8A5E-366A-4DA1-B493-B8F7151AB219} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Nenhum Arquivo) Task: {8F22CC8A-DBA6-477B-9C90-7D9149FDE29C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {96B4F296-3AF2-4734-8C88-32C9D8E32665} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Nenhum Arquivo) Task: {99C3E9F1-514D-4213-80A7-B64AEC8DEF29} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {9B364E99-BFED-4504-8A92-87AEBA232A85} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Nenhum Arquivo) Task: {A7451315-F0DF-4C00-9CC8-3046E8F00B55} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Nenhum Arquivo) Task: {AD8F1369-6019-437D-9EF6-C3AEF71926DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC) Task: {AE926E5C-73F0-4875-8A26-AF4464EA2380} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Nenhum Arquivo) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371} Task: {B0DB17F9-C3FC-4C37-91F4-BEA29DBAB83B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B6E07F63-6822-402B-ACA1-A4DDC5906233} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {C1376B8C-A19E-4C5B-A779-16F082008D82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC) Task: {C657111D-DB4E-4080-B2A2-D074236C900D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Nenhum Arquivo) Task: {C8099BF5-3246-432E-8C16-731BBE10A5E8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform) Task: {C851D3C6-1F80-41A3-BAC1-E49484AF1266} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Nenhum Arquivo) Task: {C94CE6AE-BC92-4072-B923-A1B7D906AC11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D3BCD7FE-C2AA-4352-90F1-605DD1878ABD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Nenhum Arquivo) Task: {D45E0B19-0475-4001-B63D-105962763D4B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Nenhum Arquivo) Task: {E0CFCF8A-94F9-40B1-BB84-B3EC2AD80D03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {E3796FFF-39CE-426E-BEE5-966C18C1FC50} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Nenhum Arquivo) Task: {E6DCE9B2-5069-4F36-982B-58B5E254F22E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Nenhum Arquivo) Task: {E6F1B631-9D96-4B10-ADF8-593E9E606A98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E7FC3818-BB30-47B4-A5C9-EF57F7B712E1} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [Arquivo não assinado] (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{55830F45-3F62-4462-8BAF-EDC8FF0391FB}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Kaka\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-16] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Kaka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-10-23] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-10-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-10-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default [2021-11-16] CHR Extension: (Apresentações) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-09] CHR Extension: (Safe Torrent Scanner) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-06-30] CHR Extension: (Documentos) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-09] CHR Extension: (Google Drive) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-09] CHR Extension: (YouTube) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-09] CHR Extension: (Planilhas) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-09] CHR Extension: (Documentos Google off-line) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-16] CHR Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-04-15] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-09] CHR Extension: (Gmail) - C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-09] CHR HKU\S-1-5-21-3439908664-1470252025-331894347-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) S4 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2356800 2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-14] (HP Inc. -> HP Inc.) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7826104 2021-10-27] (Malwarebytes Inc -> Malwarebytes) R2 MSSQL$ACRONYM; c:\Program Files\Microsoft SQL Server\MSSQL11.ACRONYM\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado] S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado] S4 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [2269056 2021-02-16] (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-12] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SQLAgent$ACRONYM; c:\Program Files\Microsoft SQL Server\MSSQL11.ACRONYM\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-10-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-10-27] (Malwarebytes Inc -> Malwarebytes) S4 RsFx0200; C:\WINDOWS\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-04] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-04] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; não ImagePath S3 MpKsla256b193; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5B45C3CE-D802-4AE5-B250-1729B7DED6F8}\MpKslDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-11-16 19:09 - 2021-11-16 19:44 - 000023719 _____ C:\Users\Kaka\Desktop\FRST.txt 2021-11-14 12:56 - 2021-11-14 12:56 - 000035441 _____ C:\Users\Kaka\Downloads\FRST (1).txt 2021-11-14 12:55 - 2021-11-14 12:56 - 000035441 _____ C:\Users\Kaka\Downloads\FRST.txt 2021-11-12 17:20 - 2021-11-12 17:20 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-12 17:19 - 2021-11-12 17:19 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-11-12 17:19 - 2021-11-12 17:19 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-12 17:18 - 2021-11-12 17:18 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-11-12 12:53 - 2021-11-12 12:53 - 000000000 ___HD C:\$WinREAgent 2021-11-09 10:18 - 2021-11-16 19:25 - 000000000 ____D C:\FRST 2021-11-09 10:10 - 2021-11-15 21:54 - 002311680 _____ (Farbar) C:\Users\Kaka\Desktop\FRST64.exe 2021-11-07 11:49 - 2021-11-07 11:49 - 000002419 _____ C:\Users\Kaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-11-02 08:24 - 2021-11-02 08:26 - 000000000 ____D C:\Users\Kaka\Desktop\wal 2021-11-01 11:55 - 2021-11-01 13:34 - 000000000 ____D C:\Users\Kaka\AppData\Roaming\ZHP 2021-11-01 11:55 - 2021-11-01 11:55 - 000000000 ____D C:\Users\Kaka\AppData\Local\ZHP 2021-10-31 15:38 - 2021-10-31 15:45 - 000000000 ____D C:\Program Files\Defraggler 2021-10-31 15:38 - 2021-10-31 15:38 - 000001765 _____ C:\Users\Public\Desktop\Defraggler.lnk 2021-10-31 15:38 - 2021-10-31 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2021-10-31 14:28 - 2021-11-16 17:41 - 000000000 ____D C:\Program Files\CCleaner 2021-10-31 14:28 - 2021-10-31 14:28 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-10-31 14:28 - 2021-10-31 14:28 - 000002884 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Kaka 2021-10-31 14:28 - 2021-10-31 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-10-31 12:41 - 2021-10-31 12:41 - 000751253 _____ C:\Users\Kaka\Documents\Vigory Suplementos.xlsm 2021-10-28 20:16 - 2021-10-28 20:16 - 000000000 ____D C:\Users\Kaka\Desktop\MEI outros 2021-10-28 19:55 - 2021-10-28 20:16 - 000000000 ____D C:\Users\Kaka\Desktop\area de trabalho 2021-10-28 19:53 - 2021-10-28 20:03 - 000000000 ____D C:\AdwCleaner 2021-10-27 21:07 - 2021-10-27 21:07 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-10-27 21:07 - 2021-10-27 21:07 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-10-27 21:07 - 2021-10-27 21:06 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-10-27 21:07 - 2021-10-27 21:06 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-10-27 21:06 - 2021-10-27 21:06 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-10-27 21:05 - 2021-10-27 21:06 - 000000000 ____D C:\Program Files\Malwarebytes 2021-10-26 18:40 - 2021-10-26 18:48 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe 2021-10-26 18:37 - 2021-10-26 18:37 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2021-10-26 18:37 - 2021-10-26 18:37 - 000000000 ____D C:\Program Files\Reference Assemblies 2021-10-26 18:37 - 2021-10-26 18:37 - 000000000 ____D C:\Program Files\MSBuild 2021-10-26 18:37 - 2021-10-26 18:37 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2021-10-26 18:37 - 2021-10-26 18:37 - 000000000 ____D C:\Program Files (x86)\MSBuild 2021-10-24 13:44 - 2021-11-12 11:09 - 000000000 ____D C:\WINDOWS\Panther 2021-10-24 13:29 - 2021-10-24 13:29 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update 2021-10-24 13:28 - 2021-10-24 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2021-10-24 13:28 - 2021-10-24 13:28 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2021-10-24 13:09 - 2021-10-24 13:09 - 000000000 ____D C:\Users\Kaka\AppData\Local\Apple Computer 2021-10-24 11:11 - 2021-10-24 11:11 - 000000382 _____ C:\Users\Kaka\Documents\appmon.reg 2021-10-24 11:02 - 2021-10-24 11:02 - 000000000 ___HD C:\$SysReset 2021-10-24 10:24 - 2021-10-24 10:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-10-23 13:58 - 2021-10-23 13:58 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-10-23 13:58 - 2021-10-23 13:58 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-10-23 13:58 - 2021-10-23 13:58 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-10-23 13:58 - 2021-10-23 13:58 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll 2021-10-23 13:58 - 2021-10-23 13:58 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-10-23 13:58 - 2021-10-23 13:58 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2021-10-23 13:57 - 2021-10-23 13:57 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2021-10-23 13:57 - 2021-10-23 13:57 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-10-23 13:57 - 2021-10-23 13:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-10-23 13:57 - 2021-10-23 13:57 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-10-23 13:57 - 2021-10-23 13:57 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-10-23 13:56 - 2021-10-23 13:56 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-10-23 13:55 - 2021-10-23 13:55 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2021-10-23 13:55 - 2021-10-23 13:55 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-10-23 13:55 - 2021-10-23 13:55 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-10-23 13:55 - 2021-10-23 13:55 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2021-10-23 13:55 - 2021-10-23 13:55 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-10-23 13:55 - 2021-10-23 13:55 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-10-23 13:54 - 2021-10-23 13:54 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-10-23 13:54 - 2021-10-23 13:54 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-10-23 13:54 - 2021-10-23 13:54 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-10-23 13:20 - 2021-10-23 13:20 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-10-23 13:20 - 2021-10-23 13:20 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-10-22 17:19 - 2021-10-22 17:19 - 000001377 _____ C:\Users\Kaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-10-22 17:19 - 2021-10-22 17:19 - 000000000 ____D C:\Users\Kaka\AppData\Local\PCHealthCheck 2021-10-19 20:52 - 2021-10-19 20:52 - 000000000 ____D C:\Users\Kaka\AppData\LocalLow\Oracle ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-11-16 20:07 - 2021-02-09 17:05 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-16 18:53 - 2021-03-14 12:18 - 000000000 ____D C:\Program Files\Microsoft Office 2021-11-16 18:35 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-16 18:28 - 2020-11-18 23:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-16 17:43 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-16 17:40 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-15 22:36 - 2021-02-14 19:22 - 000000000 ____D C:\Users\Kaka 2021-11-15 22:21 - 2021-02-14 19:16 - 000008192 ___SH C:\DumpStack.log.tmp 2021-11-15 22:21 - 2020-11-18 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-11-15 21:58 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-11-14 12:44 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-11-14 11:11 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2021-11-14 09:33 - 2020-11-18 23:48 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-11-13 14:20 - 2021-02-14 19:22 - 002181608 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-11-13 14:20 - 2019-12-07 11:53 - 000905964 _____ C:\WINDOWS\system32\prfh0416.dat 2021-11-13 14:20 - 2019-12-07 11:53 - 000211886 _____ C:\WINDOWS\system32\prfc0416.dat 2021-11-13 13:17 - 2021-02-10 19:40 - 000000000 ____D C:\ProgramData\NVIDIA 2021-11-13 12:33 - 2021-05-02 12:54 - 000000000 ____D C:\Users\Kaka\AppData\Local\CrashDumps 2021-11-12 17:45 - 2021-02-09 17:06 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-11-12 17:42 - 2020-11-18 23:45 - 000308528 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-12 17:32 - 2019-12-07 11:56 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-11-12 17:32 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-11-12 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-12 17:32 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-12 17:31 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-12 11:54 - 2021-02-14 19:36 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-08 16:37 - 2021-04-16 13:23 - 000000000 ____D C:\Users\Kaka\Desktop\vigory 2021-11-07 12:01 - 2021-02-14 19:35 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3439908664-1470252025-331894347-1000 2021-11-04 10:53 - 2020-11-18 23:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-11-02 08:30 - 2021-10-04 18:56 - 000000000 ____D C:\Users\Kaka\Desktop\Aula Motion 2021-10-31 15:22 - 2021-05-02 12:43 - 000000000 ____D C:\Users\Kaka\AppData\Roaming\uTorrent 2021-10-31 14:18 - 2021-06-18 15:21 - 000000000 ____D C:\Users\Kaka\AppData\LocalLow\IGDump 2021-10-31 12:01 - 2021-02-14 19:29 - 000000000 ____D C:\Users\Kaka\AppData\Local\Packages 2021-10-29 21:02 - 2021-02-15 11:28 - 000000000 ____D C:\Users\Kaka\AppData\Local\D3DSCache 2021-10-27 21:07 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-10-26 18:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2021-10-26 18:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\MUI 2021-10-26 12:59 - 2021-09-25 15:05 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-10-26 12:59 - 2021-09-25 15:05 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk 2021-10-26 12:59 - 2021-09-25 15:05 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2021-10-26 12:59 - 2021-09-25 15:05 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk 2021-10-24 09:51 - 2021-10-04 19:23 - 000000000 ____D C:\Program Files\KMPlayer 64X 2021-10-23 20:32 - 2021-06-20 11:56 - 000000000 ____D C:\Users\Kaka\AppData\Local\ElevatedDiagnostics 2021-10-23 16:31 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-10-23 15:15 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\spool 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-10-23 14:18 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-10-23 13:20 - 2021-02-26 16:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-10-23 13:07 - 2010-11-21 00:27 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-10-22 17:10 - 2021-04-15 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-10-20 06:02 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old 2021-10-20 05:52 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-10-19 20:54 - 2021-04-25 18:02 - 000000000 ____D C:\Program Files\Java 2021-10-19 20:53 - 2021-04-25 18:02 - 000191832 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2021-10-19 20:53 - 2021-04-25 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ======================== Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 14-11-2021 Executado por Kaka (16-11-2021 20:48:34) Executando a partir de C:\Users\Kaka\Desktop Microsoft Windows 10 Pro Versão 21H1 19043.1348 (X64) (2021-02-14 22:28:14) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-3439908664-1470252025-331894347-500 - Administrator - Disabled) Convidado (S-1-5-21-3439908664-1470252025-331894347-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3439908664-1470252025-331894347-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3439908664-1470252025-331894347-1002 - Limited - Enabled) Kaka (S-1-5-21-3439908664-1470252025-331894347-1000 - Administrator - Enabled) => C:\Users\Kaka WDAGUtilityAccount (S-1-5-21-3439908664-1470252025-331894347-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\uTorrent) (Version: 3.5.5.46010 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_5_1) (Version: 17.5.1 - Adobe Inc.) Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_2_1) (Version: 25.2.1 - Adobe Inc.) Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_3_1) (Version: 14.3.1 - Adobe Inc.) Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_4) (Version: 14.4 - Adobe Systems Incorporated) Backup and Sync from Google (HKLM\...\{685BAD50-A3AA-4B91-A15B-77F9DC7346D4}) (Version: 3.57.4043.4118 - Google, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.86 - Piriform) Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Banco Bradesco S.A.) Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.3.37598 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 52.0.6.0 - Google LLC) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (HKLM\...\{82D96D11-AF74-4449-8811-4D6CE66FEF63}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Instalação (HKLM-x32\...\{EDCFF0E5-A992-4C2C-A8B9-286867A143D4}) (Version: 1.0.0 - Configurando Windows) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.2 - Receita Federal do Brasil) Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation) K-Lite Codec Pack 16.4.9 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.4.9 - KLCP) Malwarebytes version 4.4.9.142 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.9.142 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.53 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProPlus2019Retail - pt-br) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation) Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft Project - pt-br (HKLM\...\ProjectPro2019Retail - pt-br) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft Visio - pt-br (HKLM\...\VisioPro2019Retail - pt-br) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) NVIDIA Driver de áudio HD 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation) NVIDIA Driver de gráficos 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 6.82 - LG Electronics Inc) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SQL Server 2012 Common Files (HKLM\...\{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Common Files (HKLM\...\{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (HKLM\...\{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (HKLM\...\{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (HKLM\...\{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (HKLM\...\{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden Verificação de integridade do PC Windows (HKLM\...\{7B8625FE-28B8-4926-B150-AB5EDC01AB3E}) (Version: 3.1.2109.29003 - Microsoft Corporation) Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation) Windows Driver Package - Datecs Ltd (usbser) Ports (10/28/2015 2.0.5.0) (HKLM\...\DB69C63965A8FEFF35670752784E87162B6F7609) (Version: 10/28/2015 2.0.5.0 - Datecs Ltd) WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) Packages: ========= HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_132.2.261.0_x64__v10z8vjag6ke6 [2021-11-12] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-23] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-23] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0 [2021-11-13] (Spotify AB) [Startup Task] ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-3439908664-1470252025-331894347-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-03] (Adobe Inc. -> ) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-10-27] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-03] (Adobe Inc. -> ) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-10-27] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Módulos Carregados (Whitelisted) ============= 2021-02-15 10:57 - 2021-02-15 10:57 - 000182272 _____ (Microsoft Corporation) [Arquivo não assinado] C:\WINDOWS\SYSTEM32\prntvpt.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKU\S-1-5-21-3439908664-1470252025-331894347-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-3439908664-1470252025-331894347-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll [2021-10-19] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-10-19] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2021-04-25 14:14 - 000000935 ____R C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 activation.easeus.com 0.0.0.0 track.easeus.com 0.0.0.0 easeus.com 0.0.0.0 update.easeus.com ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\;c:\Program Files\Microsoft SQL Server\110\Tools\Binn\;c:\Program Files\Microsoft SQL Server\110\DTS\Binn\ HKU\S-1-5-21-3439908664-1470252025-331894347-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kaka\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{c570512c-5f34-4b5f-b5f2-8c25b5e78db1}.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Nenhum Arquivo) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) MSCONFIG\Services: FoxitReaderUpdateService => 2 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HPPrintScanDoctorService => 2 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: rkrtservice => 2 MSCONFIG\Services: scpbradserv => 2 HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "OnScreen Control" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\StartupApproved\Run: => "GoogleDriveFS" HKU\S-1-5-21-3439908664-1470252025-331894347-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\WINDOWS\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{2E936FB9-F1B0-4AE5-B916-BBC110475E8D}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{AAAFC81F-FAD5-4387-8BD7-FED87E222CDE}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{882D42A0-4359-47BC-910E-B0275B25ACAA}C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe FirewallRules: [UDP Query User{7AB45F9F-B65D-4129-8117-90EC8C7642FC}C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe FirewallRules: [{88459DA8-B9C7-45C0-8EEE-A6E86632CA0F}] => (Allow) C:\Users\Kaka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{7F3A20F2-A5E7-4D2A-8FC3-58991570446E}] => (Allow) C:\Users\Kaka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{82AECD36-8E59-4967-9169-21B058444AB9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{79630C1D-C8B0-4412-8518-531CBD30AA28}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9FA6CB2C-E0D8-4AF1-B6DD-82EE22591F4F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5067841A-26C1-4EDB-9AB6-2123E856B432}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B3EB1505-5F7F-4270-9621-BB6F9EC185ED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D7A3B4B6-738B-4942-8FD4-218675B53666}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{87414145-B755-42DF-B4FB-4667467D72B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{51FB5318-D4AE-4BEC-950C-6DBE759FB2FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{22F10A09-0E62-402C-95E8-3B24FEE12D97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{377EA868-DD3E-4927-945B-44A7A9F41CAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{50665C73-D273-4A25-A3CA-FAE302167306}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A60ED942-8E9B-4CD8-BE3C-5420DBF476E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{581BA072-C681-48A9-893D-A5298CF156E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) ==================== Pontos de Restauração ========================= 26-10-2021 18:17:32 Instalador de Módulos do Windows 26-10-2021 18:29:15 Instalador de Módulos do Windows 26-10-2021 18:32:32 Instalador de Módulos do Windows 01-11-2021 13:18:17 ZHPcleaner 04-11-2021 11:53:03 Removed Apple Software Update 04-11-2021 12:18:14 Removed QuickTime 7 12-11-2021 11:30:00 Removed QuickTime 7 12-11-2021 11:47:53 Removed QuickTime 7 12-11-2021 12:51:05 Instalador de Módulos do Windows 12-11-2021 14:17:04 Instalador de Módulos do Windows 13-11-2021 12:44:44 Restauracao1 13/11/21 13-11-2021 13:09:55 Restauraçao 13/11/21 13-11-2021 14:00:24 Removed Suporte para Aplicativos Apple ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (11/16/2021 09:26:46 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: O Windows não pode acessar o arquivo C:\Windows\System32\prntvpt.dll por um destes motivos: há um problema de conexão com a rede, o disco no qual o arquivo está armazenado ou nos drivers de armazenamento instalados neste computador, ou o disco está ausente. O Windows fechou o programa Spooler SubSystem App por causa desse erro. Programa: Spooler SubSystem App Arquivo: C:\Windows\System32\prntvpt.dll O valor do erro está listado na seção Dados Adicionais. Ação do Usuário 1. Abra o arquivo novamente. Esta situação pode ser um problema temporário corrigida quando o programa é executado novamente. 2. Se o arquivo ainda não puder ser acessado e - não estiver na rede, o administrador da rede deverá verificar se não há um problema com a rede e se o servidor puder ser contatado. - Está em um disco removível, por exemplo, um disquete ou CD-ROM, verifique se o disco está completamente inserido no computador. 3. Verifique e repare o sistema de arquivos ao executar CHKDSK. Para executar CHKDSK, clique em Iniciar, clique em Executar, digite CMD e clique em OK. No prompt de comando, digite CHKDSK /F e pressione ENTER. 4. Se o problema persistir, restaure o arquivo de uma cópia de backup. 5. Determine se outros arquivos no mesmo disco podem ser abertos. Em caso negativo, o disco pode estar danificado. Se for um disco rígido, contate o administrador ou o fornecedor de hardware do computador para obter assistência adicional. Dados Adicionais Valor do erro: C000009C Tipo de disco: 3 Error: (11/16/2021 09:26:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: spoolsv.exe, versão: 10.0.19041.1288, carimbo de data/hora: 0x025024ad Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1288, carimbo de data/hora: 0xa280d1d6 Código de exceção: 0xc0000006 Deslocamento da falha: 0x0000000000017a0b ID do processo com falha: 0x2138 Hora de início do aplicativo com falha: 0x01d7db49be616fad Caminho do aplicativo com falha: C:\WINDOWS\System32\spoolsv.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: e10cc5b2-ec5c-4070-8db9-04ef4ea7a287 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (11/16/2021 09:26:16 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: O Windows não pode acessar o arquivo C:\Windows\System32\prntvpt.dll por um destes motivos: há um problema de conexão com a rede, o disco no qual o arquivo está armazenado ou nos drivers de armazenamento instalados neste computador, ou o disco está ausente. O Windows fechou o programa Spooler SubSystem App por causa desse erro. Programa: Spooler SubSystem App Arquivo: C:\Windows\System32\prntvpt.dll O valor do erro está listado na seção Dados Adicionais. Ação do Usuário 1. Abra o arquivo novamente. Esta situação pode ser um problema temporário corrigida quando o programa é executado novamente. 2. Se o arquivo ainda não puder ser acessado e - não estiver na rede, o administrador da rede deverá verificar se não há um problema com a rede e se o servidor puder ser contatado. - Está em um disco removível, por exemplo, um disquete ou CD-ROM, verifique se o disco está completamente inserido no computador. 3. Verifique e repare o sistema de arquivos ao executar CHKDSK. Para executar CHKDSK, clique em Iniciar, clique em Executar, digite CMD e clique em OK. No prompt de comando, digite CHKDSK /F e pressione ENTER. 4. Se o problema persistir, restaure o arquivo de uma cópia de backup. 5. Determine se outros arquivos no mesmo disco podem ser abertos. Em caso negativo, o disco pode estar danificado. Se for um disco rígido, contate o administrador ou o fornecedor de hardware do computador para obter assistência adicional. Dados Adicionais Valor do erro: C000009C Tipo de disco: 3 Error: (11/16/2021 09:26:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: spoolsv.exe, versão: 10.0.19041.1288, carimbo de data/hora: 0x025024ad Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1288, carimbo de data/hora: 0xa280d1d6 Código de exceção: 0xc0000006 Deslocamento da falha: 0x0000000000017a0b ID do processo com falha: 0xf70 Hora de início do aplicativo com falha: 0x01d7db49aa5f2845 Caminho do aplicativo com falha: C:\WINDOWS\System32\spoolsv.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: 5593ab80-0454-4bfb-8186-1b1fae2ccfbf Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (11/16/2021 09:25:41 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: O Windows não pode acessar o arquivo C:\Windows\System32\prntvpt.dll por um destes motivos: há um problema de conexão com a rede, o disco no qual o arquivo está armazenado ou nos drivers de armazenamento instalados neste computador, ou o disco está ausente. O Windows fechou o programa Spooler SubSystem App por causa desse erro. Programa: Spooler SubSystem App Arquivo: C:\Windows\System32\prntvpt.dll O valor do erro está listado na seção Dados Adicionais. Ação do Usuário 1. Abra o arquivo novamente. Esta situação pode ser um problema temporário corrigida quando o programa é executado novamente. 2. Se o arquivo ainda não puder ser acessado e - não estiver na rede, o administrador da rede deverá verificar se não há um problema com a rede e se o servidor puder ser contatado. - Está em um disco removível, por exemplo, um disquete ou CD-ROM, verifique se o disco está completamente inserido no computador. 3. Verifique e repare o sistema de arquivos ao executar CHKDSK. Para executar CHKDSK, clique em Iniciar, clique em Executar, digite CMD e clique em OK. No prompt de comando, digite CHKDSK /F e pressione ENTER. 4. Se o problema persistir, restaure o arquivo de uma cópia de backup. 5. Determine se outros arquivos no mesmo disco podem ser abertos. Em caso negativo, o disco pode estar danificado. Se for um disco rígido, contate o administrador ou o fornecedor de hardware do computador para obter assistência adicional. Dados Adicionais Valor do erro: C000009C Tipo de disco: 3 Error: (11/16/2021 09:25:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: spoolsv.exe, versão: 10.0.19041.1288, carimbo de data/hora: 0x025024ad Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1288, carimbo de data/hora: 0xa280d1d6 Código de exceção: 0xc0000006 Deslocamento da falha: 0x0000000000017a0b ID do processo com falha: 0x45c Hora de início do aplicativo com falha: 0x01d7db4997f54423 Caminho do aplicativo com falha: C:\WINDOWS\System32\spoolsv.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: 31536dd3-5910-43b4-923b-e95eaf4fb15b Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (11/16/2021 09:25:09 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: O Windows não pode acessar o arquivo C:\Windows\System32\prntvpt.dll por um destes motivos: há um problema de conexão com a rede, o disco no qual o arquivo está armazenado ou nos drivers de armazenamento instalados neste computador, ou o disco está ausente. O Windows fechou o programa Spooler SubSystem App por causa desse erro. Programa: Spooler SubSystem App Arquivo: C:\Windows\System32\prntvpt.dll O valor do erro está listado na seção Dados Adicionais. Ação do Usuário 1. Abra o arquivo novamente. Esta situação pode ser um problema temporário corrigida quando o programa é executado novamente. 2. Se o arquivo ainda não puder ser acessado e - não estiver na rede, o administrador da rede deverá verificar se não há um problema com a rede e se o servidor puder ser contatado. - Está em um disco removível, por exemplo, um disquete ou CD-ROM, verifique se o disco está completamente inserido no computador. 3. Verifique e repare o sistema de arquivos ao executar CHKDSK. Para executar CHKDSK, clique em Iniciar, clique em Executar, digite CMD e clique em OK. No prompt de comando, digite CHKDSK /F e pressione ENTER. 4. Se o problema persistir, restaure o arquivo de uma cópia de backup. 5. Determine se outros arquivos no mesmo disco podem ser abertos. Em caso negativo, o disco pode estar danificado. Se for um disco rígido, contate o administrador ou o fornecedor de hardware do computador para obter assistência adicional. Dados Adicionais Valor do erro: C000009C Tipo de disco: 3 Error: (11/16/2021 09:25:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: spoolsv.exe, versão: 10.0.19041.1288, carimbo de data/hora: 0x025024ad Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1288, carimbo de data/hora: 0xa280d1d6 Código de exceção: 0xc0000006 Deslocamento da falha: 0x0000000000017a0b ID do processo com falha: 0xeb4 Hora de início do aplicativo com falha: 0x01d7db4987214bc2 Caminho do aplicativo com falha: C:\WINDOWS\System32\spoolsv.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: 4d3e3be5-bbd1-429b-b09e-220c517ff9bf Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (11/16/2021 09:26:44 PM) (Source: disk) (EventID: 7) (User: ) Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso. Error: (11/16/2021 09:26:42 PM) (Source: disk) (EventID: 7) (User: ) Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso. Error: (11/16/2021 09:26:40 PM) (Source: disk) (EventID: 7) (User: ) Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso. Error: (11/16/2021 09:26:38 PM) (Source: disk) (EventID: 7) (User: ) Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso. Error: (11/16/2021 09:26:36 PM) (Source: disk) (EventID: 7) (User: ) Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso. Error: (11/16/2021 09:26:34 PM) (Source: disk) (EventID: 7) (User: ) Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso. Error: (11/16/2021 09:26:32 PM) (Source: disk) (EventID: 7) (User: ) Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso. Error: (11/16/2021 09:26:30 PM) (Source: disk) (EventID: 7) (User: ) Description: O dispositivo, \Device\Harddisk0\DR0, possui um setor defeituoso. Windows Defender: ================ Date: 2021-10-31 15:24:15 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {EE6BB954-AA44-4425-84D8-7DE8288DA9A0} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2021-10-26 20:52:42 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Emotet!ml&threatid=2147748173&enterprise=0 Nome: Trojan:Win32/Emotet!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: containerfile:_C:\Users\Kaka\insólito\qq.zip; file:_C:\Users\Kaka\insólito\qq.zip->nvImage.dll Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Usuário Usuário: Kaka-PC\Kaka Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.351.1123.0, AS: 1.351.1123.0, NIS: 1.351.1123.0 Versão do Mecanismo: AM: 1.1.18600.4, NIS: 1.1.18600.4 Date: 2021-10-26 17:41:56 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {D0449389-B027-4366-A95A-3418A9DEF88F} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SERVIÇO DE REDE Date: 2021-10-23 20:52:40 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {F084E128-8858-41EF-9491-13439A48FCCE} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2021-10-22 17:31:00 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {71B56C2B-B7E9-4A4B-ABEB-5243F91FBBBB} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SERVIÇO DE REDE Event[0]: Date: 2021-11-16 17:54:01 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.353.986.0 Fonte da Atualização: Centro de Proteção contra Malware da Microsoft Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.18700.4 Código de Erro: 0x80070020 Descrição do Erro: O arquivo já está sendo usado por outro processo. Date: 2021-11-16 17:54:01 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.353.986.0 Fonte da Atualização: Centro de Proteção contra Malware da Microsoft Tipo da Inteligência de Segurança: Anti-spyware Tipo da atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.18700.4 Código de Erro: 0x80070020 Descrição do Erro: O arquivo já está sendo usado por outro processo. Date: 2021-11-16 17:54:01 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.353.986.0 Fonte da Atualização: Centro de Proteção contra Malware da Microsoft Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.18700.4 Código de Erro: 0x80070020 Descrição do Erro: O arquivo já está sendo usado por outro processo. Date: 2021-11-16 17:13:09 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.353.986.0 Fonte da Atualização: Centro de Proteção contra Malware da Microsoft Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.18700.4 Código de Erro: 0x80070102 Descrição do Erro: O tempo limite de espera foi atingido. Date: 2021-11-11 19:58:11 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.353.652.0 Fonte da Atualização: Centro de Proteção contra Malware da Microsoft Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.18700.4 Código de Erro: 0x80070102 Descrição do Erro: O tempo limite de espera foi atingido. CodeIntegrity: =============== Date: 2021-11-13 16:00:27 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. F14 04/17/2013 placa-mãe: Gigabyte Technology Co., Ltd. B75M-D3H Processador: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz Percentagem de memória em uso: 43% RAM física total: 8137.74 MB RAM física disponível: 4606.08 MB Virtual Total: 16329.74 MB Virtual disponível: 11969.49 MB ==================== Drives ================================ Drive () (Fixed) (Total:465.6 GB) (Free:306.11 GB) NTFS Drive z: () (Fixed) (Total:0.16 GB) (Free:0.13 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 6029638E) Partition: GPT. ==================== Fim de Addition.txt =======================

Feito o processo com tranquilidade! Após reiniciar e fazer alguns testes observei que o travamento constante diminuiu mas ainda existe, a lentidão é constante. A inicialização do sistema ate o menu iniciar e barras de ferramentas estar visível levaram 7 minutos, daí para abrir algum aplicativo por exemplo explorador de arquivos ou Chrome por exemplo que travou 6 vezes ate conseguir concluir essa reposta levaram 25 minutos. Ainda não consegui êxito no uso da impressora retirei as atualizações do Win10 mas sem sucesso, parece ainda ter haver com esse problema de lentidão.

Farbar Recovery Scan Tool (x64) Versão: 09-11-2021 Executado por Kaka (11-11-2021 19:53:13) Executando a partir de C:\Users\Kaka\Desktop Modo da Inicialização: Normal ================== Pesquisar Arquivos: "MpSigtub.exe" ============= ====== Fim de Pesquisar ======

Programa informou pontecial virus a ser removido: MpSigtub.exe Program : RogueKiller Anti-Malware Version : 15.1.2.0 x64 : Yes Program Date : Nov 3 2021 Location : C:\Program Files\RogueKiller\RogueKiller64.exe Premium : No Company : Adlice Software Website : https://www.adlice.com/ Contact : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.19042) 64-bit 64-bit OS : Yes Startup : 0 WindowsPE : No User : Kaka User is Admin : Yes Date : 2021/11/07 16:47:24 Type : Scan Aborted : No Scan Mode : Standard Duration : 10777 Found items : 1 Total scanned : 64497 Signatures Version : 20211102_094554 Truesight Driver : Yes Updates Count : 4 ************************* Warnings ************************* (42:4545) C:\Windows\System32, LONG_FOLDER_SCAN [+] path : C:\Windows\System32 [+] message : LONG_FOLDER_SCAN [+] int1 : 42 [+] int2 : 4545 (24:2851) C:\Windows\SysWOW64, LONG_FOLDER_SCAN [+] path : C:\Windows\SysWOW64 [+] message : LONG_FOLDER_SCAN [+] int1 : 24 [+] int2 : 2851 ************************* Updates ************************* WinRAR 6.00 (64-bit) (64-bit), version 6.00.0 [+] Available Version : 6.02 [+] Size : 9,95 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\WinRAR\ Malwarebytes version 4.4.9.142 (64-bit), version 4.4.9.142 [+] Available Version : 4.4.10 [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\Malwarebytes\Anti-Malware K-Lite Codec Pack 16.4.9 Basic (32-bit), version 16.4.9 [+] Available Version : 16.5.3 [+] Size : 79,6 MB [+] Wow6432 : Yes [+] Portable : No [+] update_location : C:\Program Files (x86)\K-Lite Codec Pack\ µTorrent (64-bit), version 3.5.5.46010 [+] Available Version : 3.5.5.46074 [+] Size : 20,8 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Users\Kaka\AppData\Roaming\uTorrent ************************* Processes ************************* ************************* Modules ************************* ************************* Services ************************* ************************* Scheduled Tasks ************************* ************************* Registry ************************* ************************* WMI ************************* ************************* Hosts File ************************* is_too_big : No hosts_file_path : C:\Windows\System32\drivers\etc\hosts ************************* Filesystem ************************* ************************* Web Browsers ************************* ************************* Antirootkit *************************

# ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-10-26.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 11-01-2021 # Duration: 00:00:37 # OS: Windows 10 Pro # Cleaned: 0 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1405 octets] - [01/11/2021 11:30:16] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## ~ ZHPCleaner v2021.10.27.335 by Nicolas Coolman (2021/10/27) ~ Run by Kaka (Administrator) (01/11/2021 11:56:22) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scan ~ Report : C:\Users\Kaka\Desktop\ZHPCleaner (S).txt ~ Quarantine : C:\Users\Kaka\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 19042) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (1) FOUND data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;localhost;] =>Hijacker.Proxy ---\\ Hosts file (1) ~ The hosts file is legitimate (26) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (5) FOUND file: C:\Users\Kaka\AppData\Local\Google\Chrome\User Data\Default\Preferences =>ChromiumPreference FOUND file: C:\Users\Kaka\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>ChromiumPreference FOUND file: C:\Windows\Prefetch\ERROS_0X000006BE-OUTBYTE-PC-R-49A8F666.pf =>SUP.Optional.Outbyte FOUND folder: C:\Program Files (x86)\QuickTime =>Riskware.QuickTime FOUND folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime ---\\ Registry ( Key, Value, Data) (1) FOUND key: HKLM\SOFTWARE\POLICIES\Mozilla\Firefox [AdditionalScan 573] =>.SUP.FirefoxRestriction ---\\ Summary of the elements found (5) https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/ =>ChromiumPreference https://nicolascoolman.eu/forum/Topic/-logiciel-potentiellement-superflu-lps/ =>SUP.Optional.Outbyte https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.FirefoxRestriction ---\\ Result of repair ~ Any repair made ~ Google Chrome OK ~ Internet Explorer OK ---\\ Statistics ~ Items scanned : 113395 ~ Items found : 9 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of search in 00h44mn04s ---\\ Reports (0) ZHPCleaner-[S]-01112021-12_40_26.txt

Encontrei alguns vírus, mas, PC continua ruim e lento. Impressora também não reinstala programa. Já reiniciei spooler mas sem sucesso.