Ir ao conteúdo
  • Cadastre-se
Felipe Uri

Não consigo executar o ZOEK para fazer o LOG e criar meu topico

Posts recomendados

Boa tarde, 
baixei e executei como informa o topico, porém a tela DOS surgiu e desapareceu rapidamente. A pasta zoek foi criada na unidade raiz porém esta vazia, assim como nao foi criado o "log"
Desde ja agradeço a resposta e analise.

Possuo um Windows 8.1 S.L x64

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Felipe Uri

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento p2p, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Você pode seguir os passos do link abaixo

https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/

OU seguir os passos abaixo:

ETAPA 1

Copie o comando abaixo:

chrome://settings/syncSetup

Cole na barra de URL do navegador e pressione <ENTER>

Na pagina que se abriu, clique em Desativar

Qp8vLPC.png

Quando solicitado, clique em Limpar e Continuar

L6uIGMW.png

Clique no link https://chrome.google.com/sync

Após isso, clique em REDEFINIR SINCRONIZAÇÃO

ORzpFxo.png

Aguarde o processo terminar e feche o Google Chrome.

Execute o Malwarebytes

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive C:;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho.


ATENÇÃO: Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

ETAPA 2

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.


ETAPA 3


Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.


Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html


Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

ETAPA 4

Habilite novamente a sincronização do Google Chrome

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira Eu estava usando o Opera. 
Boa noite Elias, obrigado desde ja.
Eu gostaria de finalizar os processos desnecessarios que estão no computador, ja consegui desinstalar o mcaafe, porém ainda tem um processo do bluetooth inicializando junto com o pc mesmo depois de eu desativar no "services.msc" e desinstalar o drive.
Baixei o Chrome e ele ja estava com serviço de sincronização desativado.
O link do Malwarebits aprensenta a seguinte informação mesmo depois de eu logar:
"Sorry, there is a problem

We could not locate the item you are trying to view.

Error code: 2F173/O


Segue os logs:

ZHPCleaner (R).txt ZHPCleaner (S).txt AdwCleaner[C00].txt AdwCleaner[S00].txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Felipe Uri

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
  • Clique em SCAN
  • Clique no primeiro START "Standard Scan (recommended)" e aguarde o scan...
  • Clique no botão RESULTS
  • Clique na opção REPORT e em EXPORT e selecione a opção Text file...
  • Salve o arquivo na area de trabalho com o nome roguekiller_report


Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira Segue o log abaixo:

 

RogueKiller Anti-Malware V14.4.0.0 (x64) [Apr  1 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 8.1 (6.3.9600) 64 bits
Started in : Normal mode
User : Trancoso [Administrator]
Started from : C:\Users\Felipe\Desktop\RogueKiller_portable64.exe
Signatures : 20200427_095401, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/04/27 13:20:01 (Duration : 00:28:57)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] 0299951476665702mcinstcleanup (0) -- C:\WINDOWS\TEMP\029995~1.EXE -cleanup -nolog -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.HackTool (Potentially Malicious)] \AutoKMS -- C:\WINDOWS\AutoKMS\AutoKMS.exe -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> O23 - Services
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\0299951476665702mcinstcleanup -- C:\WINDOWS\TEMP\029995~1.EXE (missing) -> Found
>>>>>> R5 - Proxy
  [PUM.Proxy (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-3566055303-50115251-4238067311-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer -- 127.0.0.1:8080 -> Found
>>>>>> O87 - Firewall
  [PUP.HackTool (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CD1E8079-85FA-4EEE-AA7E-84CACDC94A42} -- v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\WINDOWS\AutoKMS\AutoKMS.exe|Name=AutoKMS| (C:\WINDOWS\AutoKMS\AutoKMS.exe) (missing) -> Found
  [PUP.HackTool (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{45CD01D5-F52E-42EE-BCD6-14AFD58FFF31} -- v2.22|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\WINDOWS\AutoKMS\AutoKMS.exe|Name=AutoKMS| (C:\WINDOWS\AutoKMS\AutoKMS.exe) (missing) -> Found
>>>>>> XX - System Policies
  [PUM.Policies (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.InstallCore (Potentially Malicious)] (folder) DsNET Corp -- C:\Program Files (x86)\DsNET Corp -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Felipe Uri

 

Feche todos os programas

  • Execute RogueKiller.exe.
    ** Usuários do Windows Vista, 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png
  • Quando a Eula aparecer, clique em Accept.
  • Selecione a aba SCAN e clique em START SCAN
  • Aguarde ate que o scan termine.
  • Clique em RESULTS e verifique se todas os checkboxs
  • >>>>>>> Navegue entre as abas e marque todas as entradas encontradas <<<<<<<
  • Clique em REMOVAL
  • Aguarde ate que o programa termine de deletar as infecções.
  • Clique em RESULTS
  • Clique no botão REPORT e depois em EXPORT > TXT FILE
  • Salve como report.txt na sua Área de Trabalho

Abra o arquivo report.txt salvo no sua Área de Trabalho, copie e cole todo o conteudo na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira Segue log do RogueKiller

 

RogueKiller Anti-Malware V14.4.2.0 (x64) [Apr 30 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 8.1 (6.3.9600) 64 bits
Started in : Normal mode
User : Trancoso [Administrator]
Started from : C:\Users\Felipe\Desktop\RogueKiller_portable64.exe
Signatures : 20200430_054922, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2020/05/01 18:00:48 (Duration : 00:25:26)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] 0299951476665702mcinstcleanup -- %SystemRoot%\TEMP\029995~1.EXE -> Stopped
[PUP.HackTool (Potentially Malicious)] \AutoKMS -- C:\WINDOWS\AutoKMS\AutoKMS.exe -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\0299951476665702mcinstcleanup -- [%SystemRoot%\TEMP\029995~1.EXE] -> Deleted
[PUM.Proxy (Potentially Malicious)] HKEY_USERS\S-1-5-21-3566055303-50115251-4238067311-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer --  -> Deleted
[PUP.HackTool (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{45CD01D5-F52E-42EE-BCD6-14AFD58FFF31} -- [%SystemRoot%\AutoKMS\AutoKMS.exe] -> Deleted
[PUP.HackTool (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CD1E8079-85FA-4EEE-AA7E-84CACDC94A42} -- [%SystemRoot%\AutoKMS\AutoKMS.exe] -> Deleted
[PUM.Policies (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin --  -> Replaced (2)
[Root.ZeroAccess (Malicious)] @ -- %SystemDrive%\$Recycle.Bin\S-1-5-21-3566055303-50115251-4238067311-1001\$R2NMZXJ\playerinfo\@ -> Deleted
[Root.ZeroAccess (Malicious)] L -- %SystemDrive%\$Recycle.Bin\S-1-5-21-3566055303-50115251-4238067311-1001\$R2NMZXJ\playerinfo\L -> Deleted
[Root.ZeroAccess (Malicious)] U -- %SystemDrive%\$Recycle.Bin\S-1-5-21-3566055303-50115251-4238067311-1001\$R2NMZXJ\playerinfo\U -> Deleted
[PUP.InstallCore (Potentially Malicious)] DsNET Corp -- %programfiles(x86)%\DsNET Corp -> Deleted
=> aTube Catcher 2.0 -- C:\PROGRA~2\DSNETC~1\ATUBEC~1.0 [1]
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Felipe Uri

 

  1. Clique no menu Iniciar, e após isso clique com o botão direito do mouse sob Este computador e selecione a opção Propriedades. .

  2. Em Propriedades, selecione a opção Configurações avançadas do sistema.

  3. Vá na aba Proteção do Sistema, e em Restauração do Sistema, vá na opção Criar.

    fce2f587-5556-456b-93d4-00966ae7f59d

  4. Depois basta seguir as instruções em tela, para criar seu ponto de restauração.

    OBS: Lembre-se de colocar um nome de fácil entendimento para uma posterior restauração a partir deste ponto.

Pressione as teclas Windows conheca-atalhos-de-teclado-para-dominar- + R e digite: msconfig
 
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Abrir Gerenciador de Tarefas
- Clique com o botão direito em cada entrada da inicialização e clique em Desabilitar/Desativar.

Volte para a tela de Configurações do Sistema e clique em Aplicar e depois em OK.
 
Siga as mensagens ate que seja solicitado a reiniciar.

Após isso me informe se os problemas em relação a malwares ainda persistem.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira
O procedimento foi realizado, acredito que não há malware no computador. O que ainda me incomoda é um serviço descrito como "Bluetooth Stack Server" abrindo automaticamente ao inicializar o pc. Ja tentei desativar o driver de Bluetooth e ele continua la.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Felipe Uri

 

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST64.EXE, depois clique em VRIfczU.png .
Aceite o contrato e depois clique no botão Scan/Examinar.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira

Segue logs abaixo:

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 09-05-2020
Executado por Trancoso (administrador) em TRANCOSO (Acer Aspire E1-572) (09-05-2020 15:31:45)
Executando a partir de C:\Users\Felipe\Desktop
Perfis Carregados: Trancoso (Perfis Disponíveis: Trancoso & Administrador & Convidado)
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Navegador padrão: Opera
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Qualcomm Atheros -> Atheros Communications) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation) [Arquivo não assinado]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [777392 2016-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3024408 2020-02-24] (Opera Software AS -> Opera Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm Atheros -> Atheros Communications) [Arquivo não assinado]
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2014-12-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\Run: [] => [X]
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {2b01f372-d0d8-11e9-833d-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {2f98c4e5-6508-11e8-8305-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {370be402-8b45-11e7-82dd-201a0656fe5a} - "G:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {3d4cd0af-5c26-11e7-82cd-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {cd4fd630-cc7d-11e7-82e4-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {d5546858-bfc4-11e6-829e-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {e4aba209-500a-11e6-8275-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {eca2a8a6-7790-11e6-828a-201a0656fe5a} - "F:\Setup.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-05] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado]
Startup: C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IQTray.lnk [2019-09-06]
ShortcutTarget: IQTray.lnk -> C:\Program Files (x86)\IQ Option\iqtray.exe (IQ OPTION EUROPE LTD -> )

==================== Tarefas Agendadas (Whitelisted) ============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0123BF33-CFEA-404B-9E33-C8B89795A09A} - System32\Tasks\EPSON XP-211 214 216 Series Update {B1E297FE-1C15-4EAE-B97F-4EADB031F318} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [679488 2014-12-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {0E615592-E938-4592-94CC-DC222BD20712} - System32\Tasks\EPSON XP-211 214 216 Series Invitation {B1E297FE-1C15-4EAE-B97F-4EADB031F318} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [679488 2014-12-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {2A267306-6C59-4A83-A874-045B8EA69480} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-25] (Google LLC -> Google LLC)
Task: {2C9B4806-D01A-47D4-AFC2-8AD68B695950} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Trancoso-Trancoso Trancoso => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {357B0969-27A6-4D9B-A3DC-832737AF2C41} - System32\Tasks\AdobeGCInvoker-1.0-Trancoso-Trancoso => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {4C4FAB85-D968-49BF-A63D-0F9C6527E76A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FB86606-82DE-4EA4-BCF5-D6305875F910} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation) [Arquivo não assinado]
Task: {670CB292-976A-40F6-AF4B-B7104A891961} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [437288 2013-08-02] (Acer Incorporated -> Acer Incorporate)
Task: {740F742F-0324-497B-9086-DCF0C1F042BB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {910009D8-1AEA-4198-80C9-6D7E4B75F7C0} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [282152 2013-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {9CCA93CF-A315-428A-B0FE-F6C7FD1719C6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-27] (Apple Inc. -> Apple Inc.)
Task: {B8273852-02B3-4427-9B6F-ACA452379BC3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-08-28] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C3F63361-FC42-420A-9C71-CB787BDA3FBF} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {C69A6239-1E91-4958-9C70-19CA571B2922} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7E6FC16-B540-4001-A59F-66EE12B606DD} - System32\Tasks\IQOptionUpdateTask => C:\Program Files (x86)\IQ Option\\IQOptionUpdateTask.exe [564352 2020-03-13] (IQ OPTION EUROPE LTD -> )
Task: {D27F9941-7813-42FD-A7DB-00768D194273} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBFA315A-CACF-4A32-8D07-F170F6FFBC77} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5306408 2013-07-05] (Acer Incorporated -> Acer Incorporated)
Task: {EE60870C-6EE6-42E6-A1A4-EDD1D880058D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-25] (Google LLC -> Google LLC)
Task: {F56FEDC6-B956-42B0-90E3-F8C760B63A72} - System32\Tasks\Opera scheduled Autoupdate 1512398281 => C:\Program Files\Opera\launcher.exe [1517592 2020-04-29] (Opera Software AS -> Opera Software)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\EPSON XP-211 214 216 Series Invitation {B1E297FE-1C15-4EAE-B97F-4EADB031F318}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-211 214 216 Series Update {B1E297FE-1C15-4EAE-B97F-4EADB031F318}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE:/EXE:{B1E297FE-1C15-4EAE-B97F-4EADB031F318} /F:UpdateWORKGROUP\TRANCOSO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Opera scheduled assistant Autoupdate 1582805236.job => C:\Program Files\Opera\launcher.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 131.0.88.8 1.1.1.1
Tcpip\..\Interfaces\{6EAD6B45-24EA-43AE-884E-83A61BEB38C0}: [DhcpNameServer] 131.0.88.8 1.1.1.1
Tcpip\..\Interfaces\{7CDFCD44-A2C3-466F-A385-703F200EBA74}: [DhcpNameServer] 131.0.88.8 1.1.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3566055303-50115251-4238067311-1001 -> DefaultScope {BA506EC4-4870-4E2A-B201-9A1C1D3E564D} URL = 
SearchScopes: HKU\S-1-5-21-3566055303-50115251-4238067311-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3566055303-50115251-4238067311-1001 -> {BA506EC4-4870-4E2A-B201-9A1C1D3E564D} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ll4glcl2.default
FF ProfilePath: C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\ll4glcl2.default [2020-04-18]
FF Extension: (Video DownloadHelper) - C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\ll4glcl2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-10-21]
FF Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\ll4glcl2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-12-23]
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] (Apple Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3566055303-50115251-4238067311-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Felipe\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-10-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2019-05-07]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-03]

Chrome: 
=======
CHR Profile: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default [2020-05-01]
CHR Extension: (Apresentações) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-25]
CHR Extension: (Documentos) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-25]
CHR Extension: (Google Drive) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-25]
CHR Extension: (YouTube) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-25]
CHR Extension: (Planilhas) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-25]
CHR Extension: (Documentos Google off-line) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-25]
CHR Extension: (Gmail) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-25]

Opera: 
=======
OPR DownloadDir: C:\Users\Felipe\Downloads

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AntiVirFirewallService; C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [1053968 2016-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [871584 2016-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [465832 2016-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [465832 2016-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1047744 2016-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc. -> Apple Inc.)
S4 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2018-02-20] (BattlEye Innovations e.K. -> )
S4 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (Shanghai Comet Network Technology -> www.BitComet.com)
S4 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated -> Acer Incorporated)
S4 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [674768 2018-03-02] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Arquivo não assinado]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S4 IQOptionUpdater; C:\Program Files (x86)\IQ Option\\IQOptionUpdater.exe [2866304 2019-08-28] (IQ OPTION EUROPE LTD -> )
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S4 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporated -> Acer Incorporate)
S4 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [1283880 2018-11-21] (Rsupport Co., Ltd. ->  Rsupport Corporation)
S4 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel(R) iCDG WINS WSS CCF -> Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare software CO., LIMITED -> Wondershare)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2016-11-03] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 avfwim; C:\WINDOWS\system32\DRIVERS\avfwim.sys [114608 2014-10-23] (Avira Operations GmbH & Co. KG -> Avira GmbH)
R1 avfwot; C:\WINDOWS\system32\DRIVERS\avfwot.sys [141376 2014-10-23] (Avira Operations GmbH & Co. KG -> Avira GmbH)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [43576 2016-10-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2016-10-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um mês (criados) ===================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2020-05-09 15:31 - 2020-05-09 15:37 - 000028276 _____ C:\Users\Felipe\Desktop\FRST.txt
2020-05-09 15:30 - 2020-05-09 15:36 - 000000000 ____D C:\FRST
2020-05-09 15:29 - 2020-05-09 15:29 - 002283520 _____ (Farbar) C:\Users\Felipe\Desktop\FRST64.exe
2020-05-07 21:44 - 2020-05-07 21:48 - 000000000 ____D C:\Comp TRANCOSO
2020-05-06 18:38 - 2020-05-06 18:38 - 000095465 _____ C:\Users\Felipe\Downloads\FASA06-2020.pdf
2020-05-06 18:37 - 2020-05-06 18:37 - 000095747 _____ C:\Users\Felipe\Downloads\FASA05-2020pdf.pdf
2020-05-04 15:31 - 2020-05-08 11:12 - 000004218 _____ C:\WINDOWS\system32\Tasks\IQOptionUpdateTask
2020-05-01 17:28 - 2020-05-01 17:28 - 030078008 _____ C:\Users\Felipe\Desktop\RogueKiller_portable64.exe
2020-05-01 16:59 - 2020-05-01 16:59 - 003300224 _____ (Nicolas Coolman) C:\Users\Felipe\ZHPCleaner.exe
2020-04-29 15:05 - 2020-04-29 15:25 - 000000000 ____D C:\Users\Felipe\AppData\Local\CrashDumps
2020-04-29 14:35 - 2020-04-29 14:35 - 000000000 ____D C:\Users\Felipe\AppData\Local\mbamtray
2020-04-29 14:34 - 2020-04-29 14:34 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2020-04-29 14:34 - 2020-04-29 14:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-28 15:29 - 2020-05-01 17:23 - 000000000 ____D C:\Users\Felipe\Downloads\Clube hard
2020-04-27 13:19 - 2020-05-01 17:31 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller
2020-04-27 13:19 - 2020-05-01 17:31 - 000000000 ____D C:\ProgramData\RogueKiller
2020-04-25 21:48 - 2020-05-01 17:17 - 000000000 ____D C:\Users\Felipe\AppData\Roaming\ZHP
2020-04-25 21:48 - 2020-04-25 21:48 - 000000000 ____D C:\Users\Felipe\AppData\Local\ZHP
2020-04-25 20:25 - 2020-05-05 17:38 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-25 20:23 - 2020-04-25 20:23 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-25 20:23 - 2020-04-25 20:23 - 000003376 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-20 16:59 - 2020-04-20 16:59 - 000000000 ____D C:\zoek_backup
2020-04-12 21:40 - 2020-02-13 03:03 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-12 21:40 - 2020-02-13 02:06 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-09 21:04 - 2020-05-05 16:34 - 000005014 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for Trancoso-Trancoso Trancoso
2020-04-09 18:55 - 2020-03-04 23:30 - 001542920 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-09 18:55 - 2020-03-04 21:50 - 001479680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-09 18:55 - 2020-03-04 21:23 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-09 18:55 - 2020-03-04 03:58 - 001335808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-09 18:55 - 2020-03-04 03:43 - 001377792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-09 18:55 - 2020-03-04 03:40 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-09 18:55 - 2020-03-03 21:40 - 007362288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-09 18:55 - 2020-03-03 21:39 - 002013936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-04-09 18:55 - 2020-02-24 23:25 - 003329536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-09 18:55 - 2020-02-24 23:22 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-09 18:55 - 2020-02-15 13:45 - 001728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-04-09 18:55 - 2020-02-15 13:41 - 001546240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-04-09 18:55 - 2020-02-13 15:22 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-04-09 18:55 - 2020-02-13 15:20 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-04-09 18:55 - 2020-02-13 15:03 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-04-09 18:55 - 2020-02-13 14:42 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-04-09 18:55 - 2020-02-13 14:39 - 000905728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-04-09 18:55 - 2020-02-13 14:38 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-04-09 18:55 - 2020-02-13 14:25 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-04-09 18:55 - 2020-02-13 14:25 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-04-09 18:55 - 2020-02-13 14:17 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-04-09 18:55 - 2020-02-13 13:59 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-04-09 18:55 - 2020-02-13 13:58 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-04-09 18:55 - 2020-02-13 07:35 - 001765064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-09 18:55 - 2020-02-13 03:23 - 001489512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-09 18:55 - 2020-02-13 02:26 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-04-09 18:55 - 2020-02-13 02:06 - 000861184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-09 18:55 - 2020-02-13 01:42 - 000459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-04-09 18:55 - 2020-02-13 01:41 - 002780160 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2020-04-09 18:55 - 2020-02-13 01:11 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-04-09 18:55 - 2020-02-13 01:06 - 002464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2020-04-09 18:55 - 2020-02-11 20:09 - 001368288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-04-09 18:55 - 2020-02-11 11:15 - 025753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-09 18:55 - 2020-02-11 11:01 - 004168192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-09 18:55 - 2020-02-11 10:58 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-09 18:55 - 2020-02-11 10:50 - 002911232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-04-09 18:55 - 2020-02-11 10:48 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-09 18:55 - 2020-02-11 10:48 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-04-09 18:55 - 2020-02-11 10:39 - 020290048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-09 18:55 - 2020-02-11 10:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2020-04-09 18:55 - 2020-02-11 10:37 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-04-09 18:55 - 2020-02-11 10:37 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-09 18:55 - 2020-02-11 10:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-09 18:55 - 2020-02-11 10:23 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-09 18:55 - 2020-02-11 10:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-04-09 18:55 - 2020-02-11 10:20 - 002304000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-04-09 18:55 - 2020-02-11 10:16 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-04-09 18:55 - 2020-02-11 10:15 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-04-09 18:55 - 2020-02-11 10:14 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2020-04-09 18:55 - 2020-02-11 10:13 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-09 18:55 - 2020-02-11 10:13 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-04-09 18:55 - 2020-02-11 10:09 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-04-09 18:55 - 2020-02-11 10:03 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2020-04-09 18:55 - 2020-02-11 10:02 - 015468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-04-09 18:55 - 2020-02-11 10:01 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-04-09 18:55 - 2020-02-11 10:01 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-04-09 18:55 - 2020-02-11 09:58 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-04-09 18:55 - 2020-02-11 09:57 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-04-09 18:55 - 2020-02-11 09:55 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-04-09 18:55 - 2020-02-11 09:55 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2020-04-09 18:55 - 2020-02-11 09:52 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-04-09 18:55 - 2020-02-11 09:50 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-04-09 18:55 - 2020-02-11 09:50 - 001756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-09 18:55 - 2020-02-11 09:49 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-04-09 18:55 - 2020-02-11 09:48 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2020-04-09 18:55 - 2020-02-11 09:47 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-04-09 18:55 - 2020-02-11 09:47 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-04-09 18:55 - 2020-02-11 09:47 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-04-09 18:55 - 2020-02-11 09:46 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-09 18:55 - 2020-02-11 09:44 - 013854208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-04-09 18:55 - 2020-02-11 09:40 - 001493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-09 18:55 - 2020-02-11 09:35 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-04-09 18:55 - 2020-02-11 09:29 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-09 18:55 - 2020-02-11 09:25 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-04-09 18:55 - 2020-02-11 09:24 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-04-09 18:55 - 2020-02-11 09:24 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-04-09 18:55 - 2020-02-08 17:05 - 000537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-04-09 18:55 - 2020-02-08 17:04 - 000140128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-04-09 18:55 - 2020-02-08 15:32 - 000450536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-04-09 18:55 - 2020-02-08 15:32 - 000136744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-04-09 18:55 - 2020-02-08 14:55 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-04-09 18:55 - 2020-02-08 14:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-04-09 18:55 - 2020-02-08 14:10 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-04-09 18:55 - 2020-02-08 14:09 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-04-09 18:55 - 2020-02-08 14:04 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-04-09 18:55 - 2020-02-08 13:52 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-04-09 18:55 - 2020-02-08 13:52 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-04-09 18:55 - 2020-02-08 13:50 - 000550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-04-09 18:55 - 2020-02-08 13:50 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-04-09 18:55 - 2020-02-08 13:35 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-04-09 18:55 - 2020-02-08 13:35 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-04-09 18:55 - 2020-02-08 13:28 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-04-09 18:55 - 2020-02-07 15:46 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-04-09 18:55 - 2020-02-07 15:15 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-09 18:55 - 2020-02-07 15:02 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-04-09 18:55 - 2020-02-07 14:32 - 001680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-09 18:55 - 2020-02-05 11:38 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-04-09 18:55 - 2020-02-05 11:38 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-04-09 18:55 - 2020-02-05 11:20 - 001544888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-09 18:55 - 2020-02-01 14:36 - 000377344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2020-04-09 18:55 - 2020-02-01 14:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2020-04-09 18:55 - 2020-02-01 13:57 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2020-04-09 18:55 - 2020-02-01 13:56 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2020-04-09 18:55 - 2020-02-01 13:48 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2020-04-09 18:55 - 2020-02-01 13:44 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-04-09 18:55 - 2020-02-01 13:36 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-09 18:55 - 2020-02-01 13:34 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2020-04-09 18:55 - 2020-02-01 13:33 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-04-09 18:55 - 2020-02-01 13:24 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-04-09 18:55 - 2020-01-28 16:53 - 001349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-09 18:55 - 2020-01-28 16:47 - 000955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2020-04-09 18:55 - 2020-01-14 18:05 - 000101832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2020-04-09 18:55 - 2019-12-01 04:07 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2020-04-09 18:55 - 2019-12-01 03:59 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-04-09 18:55 - 2019-12-01 03:35 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2021-10-21 10:36 - 2014-01-27 08:23 - 000000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 04:34 - 2014-01-27 08:23 - 000000712 _____ C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2020-05-09 15:26 - 2015-02-15 20:27 - 000000000 ____D C:\Users\Felipe\Downloads\Inst Programas
2020-05-08 18:15 - 2019-10-05 09:57 - 000000000 ____D C:\Users\Felipe\AppData\Roaming\vlc
2020-05-08 11:17 - 2019-01-30 13:23 - 000000000 ____D C:\Users\Felipe\Downloads\Seleçao
2020-05-08 11:03 - 2018-11-26 15:03 - 000000937 _____ C:\WINDOWS\Tasks\EPSON XP-211 214 216 Series Update {B1E297FE-1C15-4EAE-B97F-4EADB031F318}.job
2020-05-08 11:03 - 2018-11-26 15:03 - 000000751 _____ C:\WINDOWS\Tasks\EPSON XP-211 214 216 Series Invitation {B1E297FE-1C15-4EAE-B97F-4EADB031F318}.job
2020-05-07 21:42 - 2017-12-04 11:34 - 000000000 ____D C:\Program Files\Opera
2020-05-05 21:27 - 2016-10-16 22:04 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3566055303-50115251-4238067311-1001
2020-05-05 17:17 - 2016-10-17 14:00 - 000000000 ____D C:\Users\Felipe\AppData\Local\Deployment
2020-05-05 16:32 - 2013-08-22 11:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-05 16:26 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-05 13:04 - 2019-09-06 14:52 - 000000000 ____D C:\Program Files (x86)\IQ Option
2020-05-04 22:57 - 2016-10-20 22:53 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-05-03 17:38 - 2019-01-25 15:38 - 000000000 ____D C:\Users\Felipe\AppData\Roaming\obs-studio
2020-05-01 17:17 - 2015-06-17 18:35 - 000000000 ____D C:\Users\Felipe\Downloads\inst op
2020-05-01 17:00 - 2017-12-04 11:41 - 000003826 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1512398281
2020-05-01 17:00 - 2017-12-04 11:39 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2020-05-01 16:59 - 2016-10-16 20:38 - 000000000 ____D C:\Users\Felipe
2020-05-01 16:44 - 2018-02-21 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElfBot NG
2020-05-01 16:43 - 2019-09-06 14:54 - 000000000 ____D C:\Users\Felipe\AppData\Roaming\IQ Option
2020-05-01 16:43 - 2018-12-04 15:17 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-05-01 16:43 - 2018-02-21 22:36 - 000000000 ____D C:\Program Files (x86)\ElfBot NG
2020-05-01 16:43 - 2018-02-20 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia
2020-05-01 16:43 - 2018-02-20 20:26 - 000000000 ____D C:\Program Files (x86)\Tibia
2020-05-01 16:43 - 2018-02-20 20:11 - 000000000 ____D C:\Users\Felipe\AppData\Local\Tibia
2020-05-01 16:43 - 2016-10-16 20:38 - 000000000 ____D C:\Users\Thomas
2020-05-01 16:43 - 2016-10-16 20:38 - 000000000 ____D C:\Users\Convidado
2020-05-01 16:43 - 2014-01-27 08:31 - 000000000 ____D C:\Users\Todos os Usuários\Atheros
2020-05-01 16:43 - 2014-01-27 08:31 - 000000000 ____D C:\ProgramData\Atheros
2020-05-01 16:43 - 2013-09-09 07:20 - 000000000 ____D C:\Users\Administrator
2020-05-01 16:43 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\security
2020-05-01 16:43 - 2013-08-22 12:36 - 000000000 ____D C:\Program Files\Windows Defender
2020-05-01 16:43 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\Inf
2020-05-01 16:40 - 2013-08-22 12:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-01 16:28 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\registration
2020-05-01 16:26 - 2014-01-27 08:25 - 000000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2020-05-01 11:22 - 2017-09-10 11:54 - 000000000 ____D C:\Users\Felipe\AppData\Local\ElevatedDiagnostics
2020-04-29 15:27 - 2013-08-22 10:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2020-04-29 15:08 - 2014-01-27 08:41 - 000000000 ____D C:\Program Files (x86)\Amazon
2020-04-27 22:42 - 2017-05-21 15:12 - 000000000 ____D C:\Users\Felipe\AppData\Roaming\BitComet
2020-04-25 21:37 - 2015-02-05 16:13 - 000000000 ____D C:\Users\Felipe\AppData\LocalLow\IObit
2020-04-25 21:31 - 2014-11-30 16:24 - 000000000 ____D C:\AdwCleaner
2020-04-25 20:25 - 2016-10-20 23:31 - 000000000 ____D C:\Users\Felipe\AppData\Local\Google
2020-04-25 20:24 - 2016-10-20 23:32 - 000000000 ____D C:\Program Files (x86)\Google
2020-04-21 22:21 - 2013-08-22 12:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-12 22:26 - 2017-01-05 12:05 - 000000000 ____D C:\Users\Felipe\AppData\Local\Adobe
2020-04-12 22:23 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-12 22:22 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-12 21:50 - 2013-08-22 12:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-09 21:18 - 2016-10-16 20:59 - 000000000 ____D C:\WINDOWS\Minidump
2020-04-09 21:11 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\rescache
2020-04-09 19:28 - 2013-08-22 11:44 - 000563544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-09 19:22 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\setup
2020-04-09 19:09 - 2016-11-21 22:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-04-09 18:59 - 2016-11-21 22:04 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Arquivos na raiz de alguns diretórios ========

2020-05-01 16:59 - 2020-05-01 16:59 - 003300224 _____ (Nicolas Coolman) C:\Users\Felipe\ZHPCleaner.exe
2016-12-19 20:02 - 2016-12-19 20:02 - 000000132 _____ () C:\Users\Felipe\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2017-08-02 23:29 - 2017-08-02 23:36 - 000540672 _____ () C:\Users\Felipe\AppData\Local\K4t9xo.zip
2019-01-29 22:19 - 2019-01-29 22:19 - 000000000 _____ () C:\Users\Felipe\AppData\Local\oobelibMkey.log
2017-01-08 10:57 - 2017-01-08 10:57 - 000000000 _____ () C:\Users\Felipe\AppData\Local\{473AFCBD-C3FA-41A6-A2D7-D0814236F833}
2017-12-04 11:24 - 2017-12-04 11:24 - 000000000 _____ () C:\Users\Felipe\AppData\Local\{C89FE2EF-8A4B-4021-9491-7B20D4D95846}

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)


LastRegBack: 2020-05-01 12:38
==================== Fim de FRST.txt ========================




 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 09-05-2020
Executado por Trancoso (09-05-2020 15:38:15)
Executando a partir de C:\Users\Felipe\Desktop
Windows 8.1 Single Language (Update) (X64) (2016-10-16 23:42:35)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-3566055303-50115251-4238067311-500 - Administrator - Disabled) => C:\Users\Administrator
Convidado (S-1-5-21-3566055303-50115251-4238067311-501 - Limited - Disabled) => C:\Users\Convidado
HomeGroupUser$ (S-1-5-21-3566055303-50115251-4238067311-1008 - Limited - Enabled)
Trancoso (S-1-5-21-3566055303-50115251-4238067311-1001 - Administrator - Enabled) => C:\Users\Felipe

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)


==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

4K Video Downloader 4.11.2.3400 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.11.2.3400 - Open Media LLC)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_0) (Version: 22.0.0 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASUS Share Link (HKLM-x32\...\{c3bcc1e3-f950-439c-bcae-f01283e9f2a4}_is1) (Version: 1.0.27.0911 - ASUSTEK)
Avira Internet Security (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.24.37 - Avira Operations GmbH & Co. KG)
BitComet 1.45 (HKLM-x32\...\BitComet_x64) (Version: 1.45 - CometNetwork)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C8730B1A-133D-4546-8E21-9EC186341F20}) (Version: 18.0.448 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.10.442 - Corel corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (HKLM\...\{67D57366-EFCC-46DA-BB1F-BBE89B377177}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (HKLM\...\{300DB480-7301-436A-A312-B695B2BC6D71}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (HKLM\...\{43C4A17D-93D9-41C6-8ACA-370EA390ED2A}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (HKLM\...\{A67AEE14-0435-4B8C-A367-F5EDE6CAF9F6}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (HKLM\...\{4AA43BE3-D21B-44D7-B9CD-86692DEF3706}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (HKLM\...\{A0845CAD-ED13-46A4-A050-5ACE4631FDEC}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (HKLM\...\{B1452C41-DC90-4B58-8320-ABB515E87FFB}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (HKLM\...\{0A182180-3BAF-4B94-BFD0-CF082CC5FF0D}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (HKLM\...\{8285FEBA-D373-493F-BC78-934F84A0A298}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (HKLM\...\{F5A1D3E4-416E-4723-AD35-86A372B99174}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (HKLM\...\{A7922CC8-0EBD-497B-B381-5B3992905327}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (HKLM\...\{6F03D92C-48DB-4182-8A51-BEF8FE64B72C}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (HKLM\...\{B83D220A-33AB-4AF5-963A-887BD971270E}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.448 - Corel Corporation)
CorelDRAW Graphics Suite X8 (HKLM\...\{ECFAF1D6-342D-4AE2-B6BF-82B22F9FE8DE}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (HKLM\...\{ACC8C1B0-E560-4B42-AA52-9CAD14883B29}) (Version: 18.0 - Corel Corporation) Hidden
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATENÇÃO
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Editor de Vídeo da Apowersoft V1.1.9 (HKLM-x32\...\{3089CCCD-BC5F-4309-A3C1-45B5ACA7A5E7}_is1) (Version: 1.1.9 - APOWERSOFT LIMITED)
ElfBot NG 4.5.9 (HKLM-x32\...\ElfBot NG_is1) (Version:  - NGSoft, LLC)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-211 214 216 Series Printer Uninstall (HKLM\...\EPSON XP-211 214 216 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Ferramentas do Visual Studio 2005 para Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Illustrator CC 2018 (HKLM\...\{E4FF37B0-888D-4D5A-9072-BBCD1EBD15A0}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Intel® CCF Manager (HKLM-x32\...\{0f3d8dd5-54af-4404-a01c-4967e485a065}) (Version: 3.0.13.2211 - Intel Corporation)
IQ Option (HKLM-x32\...\{14D7E71E-ADA6-47B5-9164-36DCA8B4CEB7}) (Version: 1.0.15348 - IQ Option Ltd)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.21.13.1 - RSUPPORT)
Mozilla Firefox 71.0 (x64 pt-BR) (HKLM\...\Mozilla Firefox 71.0 (x64 pt-BR)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Opera Stable 58.0.3135.107 (HKLM-x32\...\Opera 58.0.3135.107) (Version: 58.0.3135.107 - Opera Software)
Opera Stable 58.0.3135.68 (HKLM-x32\...\Opera 58.0.3135.68) (Version: 58.0.3135.68 - Opera Software)
Opera Stable 67.0.3575.137 (HKLM-x32\...\Opera 67.0.3575.137) (Version: 67.0.3575.137 - Opera Software)
Opera Stable 68.0.3618.63 (HKLM-x32\...\Opera 68.0.3618.63) (Version: 68.0.3618.63 - Opera Software)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
STCServ (HKLM\...\{A954D353-9DAF-4916-8E71-F1E959EBCD1E}) (Version: 3.0.0.1783 - Intel Corporation) Hidden
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated)
Tibia (HKLM-x32\...\Tibia_is1) (Version: 8.60 - CipSoft GmbH)
Tibia (HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\Tibia) (Version:  - CipSoft GmbH)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wondershare Filmora(Build 8.5.9) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Zoom (HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\ZoomUMX) (Version: 4.5 - Zoom Video Communications, Inc.)

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.1.68_x86__qt5r5pa5dyg8m [2020-05-01] (WildTangent Games)
7digital Music Store -> C:\Program Files\WindowsApps\7digitalLtd.7digitalMusicStore_2.1.1.0_neutral__qv1vc61z2t2b4 [2020-05-01] (7digital Ltd)
AccuWeather for Windows 8 -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_2.3.0.0_x64__8zz2pj9h1h1d8 [2020-05-01] (AccuWeather)
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3012_neutral__48frkmn4z8aw4 [2020-05-01] (Acer Incorporated)
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_3.0.1.2_x64__343d40qqvtj1t [2020-05-01] (Amazon.com)
Booking.com Partner Edition -> C:\Program Files\WindowsApps\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr [2020-05-01] (Booking.com B.V.)
Doodle God Free Plus -> C:\Program Files\WindowsApps\JoyBits-Ltd.DoodleGodFreePlus_2.0.0.50_x64__km6tbgagk2b4w [2020-05-01] (JoyBits-Ltd)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_2.0.1.9_x86__q4d96b2w5wcc2 [2020-05-01] (Evernote)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.0.0.0_neutral__stfe6vwa9jnbp [2020-05-01] (AMZN Mobile LLC)
Monsters Love Candy -> C:\Program Files\WindowsApps\Microsoft.MonstersLoveCandy_5.0.0.0_x86__8wekyb3d8bbwe [2020-05-01] (Microsoft Studios)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_1.6.1013.3_x64__a2t3txkz9j1jw [2020-05-01] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_1.10.0.52_x64__mcm4njqhnhss8 [2020-05-01] (Netflix, Inc.)
newsXpresso -> C:\Program Files\WindowsApps\esobiIncorporated.newsXpressoMetro_2.0.2.208_neutral__sngswjb5h6fyg [2020-05-01] (Yisoubi Co. Ltd.)
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.4.0.486_x86__8wekyb3d8bbwe [2020-05-01] (Microsoft Studios)
Shark Dash -> C:\Program Files\WindowsApps\GAMELOFTSA.SharkDash_1.3.6.9_x64__0pp20fcewvvtj [2020-05-01] (GAMELOFT  SA)
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_1.1.0.0_neutral__6bhtb546zcxnj [2020-05-01] (TuneIn)
Wordament -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_1.0.1.41_x86__8wekyb3d8bbwe [2020-05-01] (Microsoft Studios) [MS Ad]

==================== Exame Personalizado CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-3566055303-50115251-4238067311-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Arquivo não assinado]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2016-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2016-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Arquivo não assinado]

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\Felipe\Desktop\ip.bat.lnk -> C:\Users\Felipe\Documents\PC\ip.bat (Nenhum Arquivo)

==================== Módulos Carregados (Whitelisted) =============

2016-10-22 22:06 - 2014-10-23 17:12 - 000169040 _____ (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) [Arquivo não assinado] C:\Program Files (x86)\Avira\AntiVir Desktop\apcfile.dll
2013-09-07 00:52 - 2013-09-07 00:52 - 000107648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll
2013-09-07 00:52 - 2013-09-07 00:52 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CommApi.dll
2013-09-07 00:52 - 2013-09-07 00:52 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll
2013-09-07 00:52 - 2013-09-07 00:52 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll
2013-09-07 00:53 - 2013-09-07 00:53 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll
2013-09-07 00:53 - 2013-09-07 00:53 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutLookLib.dll
2013-09-07 00:53 - 2013-09-07 00:53 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll
2013-09-07 00:53 - 2013-09-07 00:53 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll
2013-09-07 00:53 - 2013-09-07 00:53 - 000115328 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData\Temp:6BE50C2B [464]
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6BE50C2B [464]

==================== Modo de Segurança (Whitelisted) ==================

==================== Associação (Whitelisted) =================

==================== Internet Explorer confiável/restrito ==========

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2013-08-22 10:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%C_EM64T_REDIST11%bin\Intel64;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Acer\Remote Files\;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Felipe\Desktop\ROSA.jpg
DNS Servers: 131.0.88.8 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
mpsdrv => O Serviço Firewall não está sendo executado.
MpsSvc => O Serviço Firewall não está sendo executado.

Network Binding:
=============
Wi-Fi: AvFw Packet Filter Driver -> av_fltdev9 (enabled) 
Ethernet: AvFw Packet Filter Driver -> av_fltdev9 (enabled) 

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 3
MSCONFIG\Services: AGMService => 3
MSCONFIG\Services: AGSService => 3
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AtherosSvc => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: BITCOMET_HELPER_SERVICE => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: ePowerSvc => 3
MSCONFIG\Services: EpsonCustomerResearchParticipation => 3
MSCONFIG\Services: EpsonScanSvc => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: IQOptionUpdater => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: LMSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PlugPlay => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: STCServ => 2
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "IntelConnectCenter"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\StartupApproved\StartupFolder: => "IQTray.lnk"
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{DF6AE7B0-97E2-4C90-A485-684AA1D67EF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => Nenhum Arquivo
FirewallRules: [{E1216489-D659-4A94-A1B2-22C95C7AA78C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => Nenhum Arquivo
FirewallRules: [{42DA5CE8-239E-4C70-AE58-B2F933C3F073}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{1317C34D-F1BA-4B79-98D8-E93E41E8784F}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{43C69971-1FD5-4C59-9711-3430CC3AE8E9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{34F8D132-6309-412C-A269-F854D70CA605}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => Nenhum Arquivo
FirewallRules: [{5605EF25-EB32-46AD-B3C7-323CF263991C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe => Nenhum Arquivo
FirewallRules: [{5B071486-AE6F-4A06-8B87-FCDD7DC81758}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => Nenhum Arquivo
FirewallRules: [{127EB515-F934-4927-B9F9-E73051C0E70B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{20C8910A-BE1C-4763-9FDA-A540C8E3D78C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{DF354223-BACF-412F-B196-E1D86D04EDEF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9CF2749-7552-4044-9BA9-05486750056E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F071E11F-5D8F-43B6-9E05-CA67DDBDC721}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\DIM.EXE (Corel Corporation -> Corel Corporation)
FirewallRules: [{6B27CE0C-D38D-4E0A-B2B6-40A3F989E975}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\FontService.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{491AF8B2-BF26-4268-85DB-0CE40F9B687E}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CrlUISvr.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{B68A7EC5-014C-4050-BDE9-9F2949DEF75E}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{7317BDE8-A61F-45DB-A265-6DAB2FC63970}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CdrConv.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{C25A8B30-56A0-4D77-9B7F-20687880D3B3}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\BarCode.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{9E5F4544-F68B-49E8-92B1-1E181D36CA3D}] => (Block) C:\Program Files\Common Files\Corel\Shared\Shell Extension\x64\PropSchemaReg.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{CA082B42-F5EF-4372-8D40-6B7773B0F120}] => (Block) C:\Program Files\Common Files\Corel\Shared\Shell Extension\x64\ShellUninst.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{DC76A5FA-077C-4415-BE6B-B74EC491D959}] => (Block) C:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\PropSchemaReg.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{8FF20D40-2B74-4CDA-8B8D-09C4E7155DDD}] => (Block) C:\Program Files (x86)\Corel\CUH\v2\DIM.EXE (Corel Corporation -> Corel Corporation)
FirewallRules: [{5D192345-5D56-4446-8B84-3CB48218AFD3}] => (Block) C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE (Corel Corporation -> Corel Corporation)
FirewallRules: [{DD75C15D-25D1-4032-BC71-2F397D6EC0F8}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe (Intel(R) iCDG WINS WSS CCF -> Intel Corporation)
FirewallRules: [{41EF5CF0-52E9-4B3C-BB57-D0364433DB6D}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe (Intel(R) iCDG WINS WSS CCF -> Intel Corporation)
FirewallRules: [{92CE3339-1327-4A16-B5C0-F7FAAA665717}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{EF25EC46-CB0C-4B66-98E3-2E61559B6B10}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{F3B6830B-857E-4B71-82C0-BEA0DB812539}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe (Xing Wang -> www.BitComet.com)
FirewallRules: [UDP Query User{F443C022-20DD-48E6-8C60-B1BA13E49F39}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe (Xing Wang -> www.BitComet.com)
FirewallRules: [{8E2A066C-109B-4B73-AF18-F0E9250A950E}] => (Block) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5C02410D-6FFC-4FAC-8F15-A7411F3023ED}] => (Block) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65F083D0-9C0B-4325-BD8D-2873FF6D84CC}] => (Block) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros -> Atheros Communications) [Arquivo não assinado]
FirewallRules: [{8B9AC22D-BA90-43CB-B896-B9221F3055F7}] => (Block) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros -> Atheros Communications) [Arquivo não assinado]
FirewallRules: [{3136E3DC-D00A-416C-8F9C-401027F9EE27}] => (Block) %SystemRoot%\System32\mfevtps.exe => Nenhum Arquivo
FirewallRules: [{9242F849-AC3C-491B-B997-6FA60C590FE3}] => (Block) %SystemRoot%\System32\mfevtps.exe => Nenhum Arquivo
FirewallRules: [{61D8364A-546D-43DD-8993-EDBB5456103D}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems)
FirewallRules: [{FC7728B2-7F9F-4610-90FF-24F8694EC518}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems)
FirewallRules: [{87BF8668-C761-4C10-9506-98A0DA08D6CF}] => (Allow) C:\Program Files\Opera\63.0.3368.94\opera.exe => Nenhum Arquivo
FirewallRules: [{D98DDCD6-88BF-4353-ABBF-057422429FA0}] => (Allow) C:\Users\Felipe\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1B9F58DE-735A-4E88-A05F-B0A2FD789C69}] => (Allow) C:\Users\Felipe\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [{0F101F8B-D377-4FFE-90CB-C53B29F7FD3B}] => (Allow) C:\Program Files\Opera\63.0.3368.107\opera.exe => Nenhum Arquivo
FirewallRules: [{177DDC63-3D6A-4D01-A0D1-F807785B7F9D}] => (Allow) C:\Program Files\Opera\67.0.3575.137\opera.exe => Nenhum Arquivo

==================== Pontos de Restauração =========================

Cheque o serviço "VSS"


==================== Dispositivos Apresentando Falhas No Gerenciador ============

Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (05/09/2020 03:22:04 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/08/2020 11:12:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/07/2020 09:49:31 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/06/2020 06:45:56 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/05/2020 04:23:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Application Installer Cleanup (0299951476665702) since QueryServiceConfig API failed

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (05/05/2020 11:39:10 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/05/2020 01:02:53 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: O processo de logon do Windows foi encerrado inesperadamente.

Error: (05/04/2020 10:59:33 PM) (Source: MsiInstaller) (EventID: 1024) (User: AUTORIDADE NT)
Description: Produto: Adobe Acrobat Reader DC - Português - A atualização 'Adobe Acrobat Reader DC
 (19.010.20098)' não pôde ser instalada. Código de erro 1603. O Windows Installer pode criar logs para ajudar a solucionar problemas na instalação de pacotes de software. Use o link a seguir para obter informações sobre ativação do suporte a registro em log: http://go.microsoft.com/fwlink/?LinkId=23127


Erros de Sistema:
=============
Error: (05/05/2020 10:37:29 PM) (Source: volsnap) (EventID: 36) (User: )
Description: As cópias de sombra do volume 😄 foram anuladas porque o armazenamento de cópia de sombra não pôde crescer devido a um limite imposto pelo usuário.

Error: (05/05/2020 04:30:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro: 
Acesso negado.

Error: (05/05/2020 04:30:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro: 
Acesso negado.

Error: (05/05/2020 04:30:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro: 
Acesso negado.

Error: (05/05/2020 04:30:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro: 
Acesso negado.

Error: (05/05/2020 04:30:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro: 
Acesso negado.

Error: (05/05/2020 02:23:49 PM) (Source: DCOM) (EventID: 10010) (User: Trancoso)
Description: O servidor {1B1F472E-3221-4826-97DB-2C2324D389AE} não se registrou no DCOM dentro do tempo limite necessário.

Error: (05/05/2020 02:23:19 PM) (Source: DCOM) (EventID: 10010) (User: Trancoso)
Description: O servidor {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} não se registrou no DCOM dentro do tempo limite necessário.


Windows Defender:
===================================
Date: 2020-05-01 12:47:53.128
Description: 
O exame do Windows Defender foi interrompido antes da conclusão.
ID do Exame: {7ABECB87-C5C7-4FDF-92C3-C0B09221CCE8}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2020-04-30 14:08:55.277
Description: 
O exame do Windows Defender foi interrompido antes da conclusão.
ID do Exame: {1B6F5D1C-A16D-4260-A757-7D95FEC26BC8}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2020-04-30 14:01:26.672
Description: 
O exame do Windows Defender foi interrompido antes da conclusão.
ID do Exame: {BFE5E807-3467-4A2C-B473-DD73596E7070}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2020-04-29 15:47:06.278
Description: 
O Windows Defender detectou malware ou outros programas potencialmente indesejados.
Para obter mais informações, consulte:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nome: HackTool:Win32/AutoKMS
ID: 2147685180
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Office\Microsoft Toolkit 2.5.2\Microsoft Toolkit 2.5.2.exe;file:_C:\Office\Microsoft Toolkit 2.5.2\Microsoft Toolkit 2.5.2.exe->[SAResource]->[MSILRES:?.?.resources]
Origem da Detecção: Computador local
Tipo de Detecção: FastPath
Origem da Detecção: Proteção em Tempo Real
Usuário: Trancoso\Trancoso
Nome do Processo: C:\Users\Felipe\Desktop\esetonlinescanner.exe
Versão da Assinatura: AV: 1.313.2582.0, AS: 1.313.2582.0, NIS: 119.0.0.0
Versão do Mecanismo: AM: 1.1.16900.4, NIS: 2.1.14600.4

Date: 2020-04-29 15:46:47.731
Description: 
O Windows Defender detectou malware ou outros programas potencialmente indesejados.
Para obter mais informações, consulte:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nome: HackTool:Win32/AutoKMS
ID: 2147685180
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Office\Microsoft Toolkit 2.5.2\Microsoft Toolkit 2.5.2.exe->[SAResource]->[MSILRES:?.?.resources]
Origem da Detecção: Computador local
Tipo de Detecção: FastPath
Origem da Detecção: Proteção em Tempo Real
Usuário: Trancoso\Trancoso
Nome do Processo: C:\Users\Felipe\Desktop\esetonlinescanner.exe
Versão da Assinatura: AV: 1.313.2582.0, AS: 1.313.2582.0, NIS: 119.0.0.0
Versão do Mecanismo: AM: 1.1.16900.4, NIS: 2.1.14600.4

Date: 2020-04-29 15:28:12.050
Description: 
O recurso de Proteção em Tempo Real do Windows Defender encontrou um erro e falhou.
Recurso: Sistema de Inspeção de Rede
Código do Erro: 0x80070002
Descrição do erro: O sistema não pode encontrar o arquivo especificado. 
Motivo: O sistema não possui atualizações que são necessárias para executar o Sistema de Inspeção de Rede.  Instale as atualizações necessárias e reinicie o computador.

Date: 2020-04-29 15:26:37.439
Description: 
O Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 0.0.0.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 0.0.0.0
Código de erro: 0x80070422
Descrição do erro: O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados. 

Date: 2020-04-29 15:08:13.928
Description: 
O Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 0.0.0.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 0.0.0.0
Código de erro: 0x80070422
Descrição do erro: O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados. 

Date: 2020-04-29 15:03:13.291
Description: 
O Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 0.0.0.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 0.0.0.0
Código de erro: 0x80072ee2
Descrição do erro: O tempo limite da operação foi atingido 

Date: 2020-04-29 15:03:13.290
Description: 
O Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 0.0.0.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Sistema de Inspeção de Rede
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 0.0.0.0
Código de erro: 0x80072ee2
Descrição do erro: O tempo limite da operação foi atingido 

CodeIntegrity:
===================================

Date: 2020-05-01 12:45:28.789
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-30 13:50:30.392
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-05-07 16:34:23.991
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

Date: 2019-05-07 16:34:23.975
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

Date: 2019-05-07 16:34:23.866
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

Date: 2019-05-02 16:13:25.011
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Windows signing level requirements.

Date: 2019-05-02 16:13:23.497
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

Date: 2019-05-02 16:13:15.603
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

==================== Informações da Memória =========================== 

BIOS: Insyde Corp. V2.13 11/21/2013
placa-mãe: Acer EA50_HW
Processador: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz
Percentagem de memória em uso: 45%
RAM física total: 1922.27 MB
RAM física disponível: 1052.67 MB
Virtual Total: 3842.27 MB
Virtual disponível: 2703.17 MB

==================== Drives ================================

Drive 😄 (DicoLocal) (Fixed) (Total:397.69 GB) (Free:56.92 GB) NTFS
Drive x: (Backup) (Fixed) (Total:50 GB) (Free:25.07 GB) NTFS

\\?\Volume{f71eb450-4c8e-4abc-b33a-8882224be47c}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.12 GB) NTFS
\\?\Volume{6cc1e747-fe2e-46dd-b4fb-04c7910c7d9d}\ (Push Button Reset) (Fixed) (Total:17.26 GB) (Free:2.73 GB) NTFS

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3670A910)

Partition: GPT.

==================== Fim de Addition.txt =======================

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Felipe Uri

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm Atheros -> Atheros Communications) [Arquivo não assinado]
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite
S4 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado]
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\Run: [] => [X]
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {2b01f372-d0d8-11e9-833d-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {2f98c4e5-6508-11e8-8305-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {370be402-8b45-11e7-82dd-201a0656fe5a} - "G:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {3d4cd0af-5c26-11e7-82cd-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {cd4fd630-cc7d-11e7-82e4-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {d5546858-bfc4-11e6-829e-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {e4aba209-500a-11e6-8275-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {eca2a8a6-7790-11e6-828a-201a0656fe5a} - "F:\Setup.exe"
Task: {0123BF33-CFEA-404B-9E33-C8B89795A09A} - System32\Tasks\EPSON XP-211 214 216 Series Update {B1E297FE-1C15-4EAE-B97F-4EADB031F318} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [679488 2014-12-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {0E615592-E938-4592-94CC-DC222BD20712} - System32\Tasks\EPSON XP-211 214 216 Series Invitation {B1E297FE-1C15-4EAE-B97F-4EADB031F318} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [679488 2014-12-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {2A267306-6C59-4A83-A874-045B8EA69480} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-25] (Google LLC -> Google LLC)
Task: {2C9B4806-D01A-47D4-AFC2-8AD68B695950} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Trancoso-Trancoso Trancoso => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {357B0969-27A6-4D9B-A3DC-832737AF2C41} - System32\Tasks\AdobeGCInvoker-1.0-Trancoso-Trancoso => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {4C4FAB85-D968-49BF-A63D-0F9C6527E76A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FB86606-82DE-4EA4-BCF5-D6305875F910} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation) [Arquivo não assinado]
Task: {670CB292-976A-40F6-AF4B-B7104A891961} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [437288 2013-08-02] (Acer Incorporated -> Acer Incorporate)
Task: {740F742F-0324-497B-9086-DCF0C1F042BB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {910009D8-1AEA-4198-80C9-6D7E4B75F7C0} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [282152 2013-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {9CCA93CF-A315-428A-B0FE-F6C7FD1719C6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-27] (Apple Inc. -> Apple Inc.)
Task: {B8273852-02B3-4427-9B6F-ACA452379BC3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-08-28] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C3F63361-FC42-420A-9C71-CB787BDA3FBF} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {C69A6239-1E91-4958-9C70-19CA571B2922} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7E6FC16-B540-4001-A59F-66EE12B606DD} - System32\Tasks\IQOptionUpdateTask => C:\Program Files (x86)\IQ Option\\IQOptionUpdateTask.exe [564352 2020-03-13] (IQ OPTION EUROPE LTD -> )
Task: {D27F9941-7813-42FD-A7DB-00768D194273} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBFA315A-CACF-4A32-8D07-F170F6FFBC77} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5306408 2013-07-05] (Acer Incorporated -> Acer Incorporated)
Task: {EE60870C-6EE6-42E6-A1A4-EDD1D880058D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-25] (Google LLC -> Google LLC)
Task: {F56FEDC6-B956-42B0-90E3-F8C760B63A72} - System32\Tasks\Opera scheduled Autoupdate 1512398281 => C:\Program Files\Opera\launcher.exe [1517592 2020-04-29] (Opera Software AS -> Opera Software)
Task: C:\WINDOWS\Tasks\EPSON XP-211 214 216 Series Invitation {B1E297FE-1C15-4EAE-B97F-4EADB031F318}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-211 214 216 Series Update {B1E297FE-1C15-4EAE-B97F-4EADB031F318}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE:/EXE:{B1E297FE-1C15-4EAE-B97F-4EADB031F318} /F:UpdateWORKGROUP\TRANCOSO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Opera scheduled assistant Autoupdate 1582805236.job => C:\Program Files\Opera\launcher.exe
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 131.0.88.8 1.1.1.1
Tcpip\..\Interfaces\{6EAD6B45-24EA-43AE-884E-83A61BEB38C0}: [DhcpNameServer] 131.0.88.8 1.1.1.1
Tcpip\..\Interfaces\{7CDFCD44-A2C3-466F-A385-703F200EBA74}: [DhcpNameServer] 131.0.88.8 1.1.1.1
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado]
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado]
FirewallRules: [{65F083D0-9C0B-4325-BD8D-2873FF6D84CC}] => (Block) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros -> Atheros Communications) [Arquivo não assinado]
FirewallRules: [{8B9AC22D-BA90-43CB-B896-B9221F3055F7}] => (Block) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros -> Atheros Communications) [Arquivo não assinado]
StartPowershell:
$app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "Qualcomm Atheros Bluetooth Suite (64)"}
$app.Uninstall()
$app1 = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "Qualcomm Atheros WLAN and Bluetooth Client Installation Program"}
$app1.Uninstall()
EndPowershell:
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST.EXE, depois clique em VRIfczU.png.

Clique no botão 0h0YlDEzRbKP9R7xLrUlzA.png

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira Boa noite! 

Executei a correção, ele reniciou e nao executou o bluetooth stack server, o unico programa estranho executado foi a atualização do adobe.

Segue o log abaixo:

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 09-05-2020
Executado por Trancoso (14-05-2020 21:07:41) Run:1
Executando a partir de C:\Users\Felipe\Desktop
Perfis Carregados: Trancoso (Perfis Disponíveis: Trancoso & Administrador & Convidado)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm Atheros -> Atheros Communications) [Arquivo n�o assinado]
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite
S4 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo n�o assinado]
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\Run: [] => [X]
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {2b01f372-d0d8-11e9-833d-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {2f98c4e5-6508-11e8-8305-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {370be402-8b45-11e7-82dd-201a0656fe5a} - "G:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {3d4cd0af-5c26-11e7-82cd-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {cd4fd630-cc7d-11e7-82e4-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {d5546858-bfc4-11e6-829e-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {e4aba209-500a-11e6-8275-201a0656fe5a} - "F:\Setup.exe" 
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\...\MountPoints2: {eca2a8a6-7790-11e6-828a-201a0656fe5a} - "F:\Setup.exe"
Task: {0123BF33-CFEA-404B-9E33-C8B89795A09A} - System32\Tasks\EPSON XP-211 214 216 Series Update {B1E297FE-1C15-4EAE-B97F-4EADB031F318} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [679488 2014-12-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {0E615592-E938-4592-94CC-DC222BD20712} - System32\Tasks\EPSON XP-211 214 216 Series Invitation {B1E297FE-1C15-4EAE-B97F-4EADB031F318} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [679488 2014-12-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {2A267306-6C59-4A83-A874-045B8EA69480} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-25] (Google LLC -> Google LLC)
Task: {2C9B4806-D01A-47D4-AFC2-8AD68B695950} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Trancoso-Trancoso Trancoso => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {357B0969-27A6-4D9B-A3DC-832737AF2C41} - System32\Tasks\AdobeGCInvoker-1.0-Trancoso-Trancoso => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {4C4FAB85-D968-49BF-A63D-0F9C6527E76A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FB86606-82DE-4EA4-BCF5-D6305875F910} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel� Corporation) [Arquivo n�o assinado]
Task: {670CB292-976A-40F6-AF4B-B7104A891961} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [437288 2013-08-02] (Acer Incorporated -> Acer Incorporate)
Task: {740F742F-0324-497B-9086-DCF0C1F042BB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {910009D8-1AEA-4198-80C9-6D7E4B75F7C0} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [282152 2013-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {9CCA93CF-A315-428A-B0FE-F6C7FD1719C6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-27] (Apple Inc. -> Apple Inc.)
Task: {B8273852-02B3-4427-9B6F-ACA452379BC3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-08-28] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C3F63361-FC42-420A-9C71-CB787BDA3FBF} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {C69A6239-1E91-4958-9C70-19CA571B2922} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7E6FC16-B540-4001-A59F-66EE12B606DD} - System32\Tasks\IQOptionUpdateTask => C:\Program Files (x86)\IQ Option\\IQOptionUpdateTask.exe [564352 2020-03-13] (IQ OPTION EUROPE LTD -> )
Task: {D27F9941-7813-42FD-A7DB-00768D194273} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBFA315A-CACF-4A32-8D07-F170F6FFBC77} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5306408 2013-07-05] (Acer Incorporated -> Acer Incorporated)
Task: {EE60870C-6EE6-42E6-A1A4-EDD1D880058D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-25] (Google LLC -> Google LLC)
Task: {F56FEDC6-B956-42B0-90E3-F8C760B63A72} - System32\Tasks\Opera scheduled Autoupdate 1512398281 => C:\Program Files\Opera\launcher.exe [1517592 2020-04-29] (Opera Software AS -> Opera Software)
Task: C:\WINDOWS\Tasks\EPSON XP-211 214 216 Series Invitation {B1E297FE-1C15-4EAE-B97F-4EADB031F318}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-211 214 216 Series Update {B1E297FE-1C15-4EAE-B97F-4EADB031F318}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE:/EXE:{B1E297FE-1C15-4EAE-B97F-4EADB031F318} /F:UpdateWORKGROUP\TRANCOSO$CSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Opera scheduled assistant Autoupdate 1582805236.job => C:\Program Files\Opera\launcher.exe
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 131.0.88.8 1.1.1.1
Tcpip\..\Interfaces\{6EAD6B45-24EA-43AE-884E-83A61BEB38C0}: [DhcpNameServer] 131.0.88.8 1.1.1.1
Tcpip\..\Interfaces\{7CDFCD44-A2C3-466F-A385-703F200EBA74}: [DhcpNameServer] 131.0.88.8 1.1.1.1
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm�Atheros�) [Arquivo n�o assinado]
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm�Atheros�) [Arquivo n�o assinado]
FirewallRules: [{65F083D0-9C0B-4325-BD8D-2873FF6D84CC}] => (Block) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros -> Atheros Communications) [Arquivo n�o assinado]
FirewallRules: [{8B9AC22D-BA90-43CB-B896-B9221F3055F7}] => (Block) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros -> Atheros Communications) [Arquivo n�o assinado]
StartPowershell:
$app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "Qualcomm Atheros Bluetooth Suite (64)"}
$app.Uninstall()
$app1 = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "Qualcomm Atheros WLAN and Bluetooth Client Installation Program"}
$app1.Uninstall()
EndPowershell:
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\BtvStack" => removido (a) com sucesso.
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe => movido com sucesso

"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite" pasta mover:

Não pode ser movido "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite" => Agendado para ser movido na reinicialização.

HKLM\System\CurrentControlSet\Services\AtherosSvc => removido (a) com sucesso.
AtherosSvc => serviço removido (a) com sucesso.
"HKU\S-1-5-21-3566055303-50115251-4238067311-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removido (a) com sucesso.
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b01f372-d0d8-11e9-833d-201a0656fe5a} => removido (a) com sucesso.
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f98c4e5-6508-11e8-8305-201a0656fe5a} => removido (a) com sucesso.
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{370be402-8b45-11e7-82dd-201a0656fe5a} => removido (a) com sucesso.
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d4cd0af-5c26-11e7-82cd-201a0656fe5a} => removido (a) com sucesso.
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cd4fd630-cc7d-11e7-82e4-201a0656fe5a} => removido (a) com sucesso.
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5546858-bfc4-11e6-829e-201a0656fe5a} => removido (a) com sucesso.
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4aba209-500a-11e6-8275-201a0656fe5a} => removido (a) com sucesso.
HKU\S-1-5-21-3566055303-50115251-4238067311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eca2a8a6-7790-11e6-828a-201a0656fe5a} => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0123BF33-CFEA-404B-9E33-C8B89795A09A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0123BF33-CFEA-404B-9E33-C8B89795A09A}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\EPSON XP-211 214 216 Series Update {B1E297FE-1C15-4EAE-B97F-4EADB031F318} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPSON XP-211 214 216 Series Update {B1E297FE-1C15-4EAE-B97F-4EADB031F318}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E615592-E938-4592-94CC-DC222BD20712}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E615592-E938-4592-94CC-DC222BD20712}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\EPSON XP-211 214 216 Series Invitation {B1E297FE-1C15-4EAE-B97F-4EADB031F318} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPSON XP-211 214 216 Series Invitation {B1E297FE-1C15-4EAE-B97F-4EADB031F318}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A267306-6C59-4A83-A874-045B8EA69480}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A267306-6C59-4A83-A874-045B8EA69480}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2C9B4806-D01A-47D4-AFC2-8AD68B695950}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9B4806-D01A-47D4-AFC2-8AD68B695950}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Trancoso-Trancoso Trancoso => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft Office 15 Sync Maintenance for Trancoso-Trancoso Trancoso" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{357B0969-27A6-4D9B-A3DC-832737AF2C41}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{357B0969-27A6-4D9B-A3DC-832737AF2C41}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-Trancoso-Trancoso => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCInvoker-1.0-Trancoso-Trancoso" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C4FAB85-D968-49BF-A63D-0F9C6527E76A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C4FAB85-D968-49BF-A63D-0F9C6527E76A}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentFallBack" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FB86606-82DE-4EA4-BCF5-D6305875F910}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FB86606-82DE-4EA4-BCF5-D6305875F910}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\IntelBootstrapCCDashExe => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IntelBootstrapCCDashExe" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{670CB292-976A-40F6-AF4B-B7104A891961}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{670CB292-976A-40F6-AF4B-B7104A891961}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Launch Manager => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Launch Manager" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{740F742F-0324-497B-9086-DCF0C1F042BB}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{910009D8-1AEA-4198-80C9-6D7E4B75F7C0}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{910009D8-1AEA-4198-80C9-6D7E4B75F7C0}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Recovery Management\Notification => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Recovery Management\Notification" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CCA93CF-A315-428A-B0FE-F6C7FD1719C6}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CCA93CF-A315-428A-B0FE-F6C7FD1719C6}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Apple\AppleSoftwareUpdate => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B8273852-02B3-4427-9B6F-ACA452379BC3}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8273852-02B3-4427-9B6F-ACA452379BC3}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Synaptics TouchPad Enhancements" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3F63361-FC42-420A-9C71-CB787BDA3FBF}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3F63361-FC42-420A-9C71-CB787BDA3FBF}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CorelUpdateHelperTaskCore => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CorelUpdateHelperTaskCore" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C69A6239-1E91-4958-9C70-19CA571B2922}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C69A6239-1E91-4958-9C70-19CA571B2922}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office 15 Subscription Heartbeat" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7E6FC16-B540-4001-A59F-66EE12B606DD}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7E6FC16-B540-4001-A59F-66EE12B606DD}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\IQOptionUpdateTask => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IQOptionUpdateTask" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D27F9941-7813-42FD-A7DB-00768D194273}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D27F9941-7813-42FD-A7DB-00768D194273}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentLogOn" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DBFA315A-CACF-4A32-8D07-F170F6FFBC77}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBFA315A-CACF-4A32-8D07-F170F6FFBC77}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Power Management => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE60870C-6EE6-42E6-A1A4-EDD1D880058D}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE60870C-6EE6-42E6-A1A4-EDD1D880058D}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F56FEDC6-B956-42B0-90E3-F8C760B63A72}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1512398281 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1512398281" => removido (a) com sucesso.
C:\WINDOWS\Tasks\EPSON XP-211 214 216 Series Invitation {B1E297FE-1C15-4EAE-B97F-4EADB031F318}.job => movido com sucesso
C:\WINDOWS\Tasks\EPSON XP-211 214 216 Series Update {B1E297FE-1C15-4EAE-B97F-4EADB031F318}.job => movido com sucesso
C:\WINDOWS\Tasks\Opera scheduled assistant Autoupdate 1582805236.job => movido com sucesso
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 => removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000007 => removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer" => removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6EAD6B45-24EA-43AE-884E-83A61BEB38C0}\\DhcpNameServer" => removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7CDFCD44-A2C3-466F-A385-703F200EBA74}\\DhcpNameServer" => removido (a) com sucesso.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Atheros => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{B8952421-0E55-400B-94A6-FA858FC0A39F} => removido (a) com sucesso.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\FTShellContext => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{65F083D0-9C0B-4325-BD8D-2873FF6D84CC}" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B9AC22D-BA90-43CB-B896-B9221F3055F7}" => removido (a) com sucesso.

========= Powershell: =========

Não é possível chamar um método em uma expressão de valor nulo.
No C:\FRST\tmp000.ps1:2 caractere:1
+ $app.Uninstall()
+ ~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull
 
Não é possível chamar um método em uma expressão de valor nulo.
No C:\FRST\tmp000.ps1:4 caractere:1
+ $app1.Uninstall()
+ ~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull
 

========= Fim de Powershell: =========


========= ipconfig /flushdns =========


Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-3566055303-50115251-4238067311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-3566055303-50115251-4238067311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.


========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9722705 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2653157 B
Edge => 0 B
Chrome => 16958328 B
Firefox => 523583467 B
Opera => 436177534 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 750447 B
LocalService => 14211870 B
NetworkService => 14282076 B
Felipe => 319318152 B
Thomas => 319318152 B
Administrator => 319337489 B
Convidado => 319337489 B

RecycleBin => 122354 B
EmptyTemp: => 2.1 GB de dados temporários Removidos.

================================

Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 14-05-2020 21:23:57)

C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite => movido com sucesso

==== Fim de Fixlog 21:24:02 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Felipe Uri

 

Em relação a malwares, não temos mais problemas.

MANTENHA O SO ATUALIZADO:
Mantenha como "automatica" as atualizações do windows. Novas brechas de segurança são descobertas com freqüência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações. Por isso é fundamental manter o seu sistema atualizado.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Problema resolvido!

 

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Aprenda a ler resistores e capacitores

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!