Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 21.07.2018
Executado por Maple Bear (25-07-2018 11:44:48)
Executando a partir de C:\Users\Maple Bear\Desktop
Windows 10 Home Single Language Versão 1803 17134.81 (X64) (2018-06-05 14:47:42)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-4216877997-3920459586-2356809368-500 - Administrator - Disabled)
Convidado (S-1-5-21-4216877997-3920459586-2356809368-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-4216877997-3920459586-2356809368-503 - Limited - Disabled)
Maple Bear (S-1-5-21-4216877997-3920459586-2356809368-1001 - Administrator - Enabled) => C:\Users\Maple Bear
WDAGUtilityAccount (S-1-5-21-4216877997-3920459586-2356809368-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\uTorrent) (Version: 3.5.4.44488 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.23) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation)
Backup and Sync from Google (HKLM\...\{AEFBDB5B-899F-4AE6-B789-BA56A652A476}) (Version: 3.42.9858.3671 - Google, Inc.)
ColorEngine (HKLM-x32\...\{BE075478-C2A9-4F37-AB91-205C966D9848}) (Version: 3.0 - Samsung Electronics CO., LTD.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 2.30.00 - Seiko Epson Corporation)
EPSON L655 Series Printer Uninstall (HKLM\...\EPSON L655 Series) (Version: - SEIKO EPSON Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{29F4F2C2-CB73-418D-BA99-7BB5ECD9F7BF}) (Version: 4.4.6 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
K-Lite Codec Pack 14.2.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.2.0 - KLCP)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0a2 - Mozilla)
MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
Multitimer version 1.0 (HKLM-x32\...\Multitimer_is1) (Version: 1.0 - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Peak Time Power Manager (HKLM-x32\...\{64D42C63-02D5-4129-A546-42BEC0D5AA77}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
Powzip (HKLM-x32\...\{B26B3E84-2716-4db6-BFB6-7FBDFE26C69C}) (Version: - )
publicHotsp version 1.0 (HKLM-x32\...\publicHotsp_is1) (Version: 1.0 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.5 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Reg Organizer versão 8.16 (HKLM-x32\...\Reg Organizer_is1) (Version: 8.16 - ChemTable Software)
S Agent (HKLM\...\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}) (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery (HKLM\...\{D21EED26-59C0-4315-BDCC-D682496465E9}) (Version: 7.3.0 - Samsung Electronics Co., Ltd.)
Samsung Settings (HKLM-x32\...\{906320D6-3C1E-4C56-9B11-F17089D232F4}) (Version: 2.5.0 - Samsung Electronics Co., Ltd.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.5.0.86_2 - Samsung Electronics Co., Ltd.)
Samsung Update (HKLM-x32\...\{0CFED20F-F964-412C-9EC1-6990B5FB8322}) (Version: 2.2.39 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Warsaw 2.3.0.83 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.3.0.83 - GAS Tecnologia)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ !!!smico] -> {C6E713CA-A7FD-4C73-9E34-AD7676CB957F} => C:\Program Files (x86)\Powzip\smshellext.dll [2018-06-29] ()
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers1: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => C:\Program Files (x86)\Powzip\smshellext.dll [2018-06-29] ()
ContextMenuHandlers1: [SMShellExts] -> {3871F95B-BF7A-4c17-950B-3ECBCA765A45} => C:\Program Files (x86)\Powzip\smshellext.dll [2018-06-29] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers2: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => C:\Program Files (x86)\Powzip\smshellext.dll [2018-06-29] ()
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers4: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => C:\Program Files (x86)\Powzip\smshellext.dll [2018-06-29] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-25] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {13C0935F-202F-4D31-BB41-63C32AC80F92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {2C45B6A6-094F-4EC3-9E16-2D67BF592AAB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-25] (Microsoft Corporation)
Task: {2E5DA6B3-85F3-4437-B305-954CC6B92C08} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-08-10] ()
Task: {31703BCD-A042-492B-9627-A4CC79D1E095} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {43F4C1C7-81CB-40ED-9756-C68379B0FA78} - System32\Tasks\Samsung\Settings\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [2016-07-20] (Samsung Electronics Co., Ltd.)
Task: {4BC94CEA-7C3E-4918-A9EA-B9B8F12A99C1} - System32\Tasks\Samsung\Settings\SettingsPatternLoginMonitor => C:\Program Files (x86)\Samsung\Settings\SMessage.exe [2016-07-20] (Samsung Electronics Co., Ltd.)
Task: {525BCD81-26EA-468E-ADF7-D9DDA53BFF6E} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [2013-08-23] (Samsung Electronics CO., LTD.)
Task: {52BD6110-2059-425B-920D-528ED5DE3589} - System32\Tasks\{FF6B6294-00AF-3858-5866-5500412C12CF} => C:\Program Files (x86)\Common Files\OQAjU.exe [1601-01-03] (Microsoft Corporation)
Task: {54140D3A-7241-4499-92F1-562EE1920C34} - System32\Tasks\ColorEngine => C:\Program Files (x86)\Samsung\ColorEngine\ColorEngine.exe [2015-07-28] (Samsung Electronics Co., Ltd.)
Task: {5495AC19-E33B-4E33-8BA0-72237D44FB7B} - System32\Tasks\Samsung\Settings\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2016-07-20] (Samsung Electronics Co., Ltd.)
Task: {5C88DEA3-C168-4BFC-A223-5E4BC94EC2A2} - System32\Tasks\Samsung\Settings\SettingsEventHandlerMonitor => C:\Program Files (x86)\Samsung\Settings\CmdServer\RSSettingEventHandler.exe [2016-07-20] (Samsung Electronics Co., Ltd.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {6B374E88-B012-4905-9A00-C39D8AC8B9B0} - System32\Tasks\psv_ZerSonlab => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\Transron.reg" & del "C:\ProgramData\Voyasollam\Transron.reg" & SCHTASKS /Delete /TN "psv_ZerSonlab" /F <==== ATENÇÃO
Task: {6BCDDB2B-466D-4310-A659-766ED7336B2D} - System32\Tasks\psv_EcoDontex => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\Lamlab.reg" & del "C:\ProgramData\Voyasollam\Lamlab.reg" & SCHTASKS /Delete /TN "psv_EcoDontex" /F <==== ATENÇÃO
Task: {6C0F2EAA-6D34-467D-9CD4-0FB45182CF45} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2016-02-23] (Samsung Electronics Co., Ltd.)
Task: {74CFB0E1-1ABC-445C-B7E2-64B06CB5B781} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-25] (Microsoft Corporation)
Task: {7B4B4C1B-20DB-43F7-94B5-2B25400D9BF5} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
Task: {7DE1B5FB-792F-4877-BF7F-22F4BBAEC3C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-03] (Google Inc.)
Task: {8F3D5023-C402-4054-B689-EEB122137C16} - System32\Tasks\Samsung\SRS\SRS Logon => C:\Program Files\Samsung\Recovery\SRSMessages.exe [2016-07-14] (Samsung Electronics)
Task: {916B3E00-7EE2-495E-B991-E8E9BA60AEC2} - System32\Tasks\EPSON L655 Series Update {826E20B9-D2D7-457A-9612-058376992581} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMRE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {A8B4E55F-28A1-4263-B62A-37F1FFB5F931} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-25] (Microsoft Corporation)
Task: {A96E661C-CE77-41E9-A96C-3891236BCFD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-03] (Google Inc.)
Task: {AEF935AC-63EC-404F-B3C1-960583B8F72C} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-25] (Microsoft Corporation)
Task: {B059A7A3-F42F-40AE-814C-4E2A6D46E2EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-25] (Microsoft Corporation)
Task: {B2CFC389-6160-4236-8A37-529662C02C4E} - System32\Tasks\psv_Lightron => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\VilaQuosoft.reg" & del "C:\ProgramData\Voyasollam\VilaQuosoft.reg" & SCHTASKS /Delete /TN "psv_Lightron" /F <==== ATENÇÃO
Task: {C08F09B6-E277-40DB-9748-7B13E0DF556A} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {C7BCBA8D-CF7C-4044-8C81-B387DBC5D375} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-25] (Microsoft Corporation)
Task: {CC52CCA6-B9A9-4FA6-B097-667E33847423} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-25] (Microsoft Corporation)
Task: {D1947FC5-0629-433C-A2A5-86976AE3FD7E} - System32\Tasks\Samsung\Settings\SettingsPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\Settings\SMessage.exe [2016-07-20] (Samsung Electronics Co., Ltd.)
Task: {D341713F-9832-4062-96B2-A5BCC91BA39F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {DD4EA8FA-DF71-4DA4-941A-757FF467BC45} - System32\Tasks\psv_Dentophase => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\KonRunla.reg" & del "C:\ProgramData\Voyasollam\KonRunla.reg" & SCHTASKS /Delete /TN "psv_Dentophase" /F <==== ATENÇÃO
Task: {E4CBAD91-CA8E-4C7F-99BB-6E0E73CA87CE} - System32\Tasks\{FBD16DD0-EB44-7F4E-2BEA-1FF08A4F1139} => C:\WINDOWS\SysWOW64\ULgEu.exe [1601-01-03] (Microsoft Corporation)
Task: {E6D37D37-19DA-48B8-9667-EB085450E590} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-25] (Microsoft Corporation)
Task: {E83C5859-E7B6-4B16-924C-8A48FC7FB894} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-18] (Realtek Semiconductor)
Task: {EC03836E-57F7-474B-8587-222FBBE7BD38} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2018-05-31] ()
Task: {F5EA7532-9AC4-4681-BD57-D75925450389} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2016-07-17] (Samsung Electronics Co., Ltd.)
Task: {FA3E1221-3080-428C-8F36-322C41F2D4A8} - System32\Tasks\psv_Toughdox => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\Hottax.reg" & del "C:\ProgramData\Voyasollam\Hottax.reg" & SCHTASKS /Delete /TN "psv_Toughdox" /F <==== ATENÇÃO
Task: {FF36A9BF-BAE4-40F5-AE48-582BC3FD4A81} - System32\Tasks\EPSON L655 Series Update {A6755372-A046-41AE-8100-8E50EDFB5BDD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMRE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {FF8CB98F-9979-48F3-9551-39A4C5145B0A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-25] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\EPSON L655 Series Update {826E20B9-D2D7-457A-9612-058376992581}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMRE.EXE:/EXE:{826E20B9-D2D7-457A-9612-058376992581} /F:UpdateWORKGROUP\DESKTOP-4L82HJ4$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L655 Series Update {A6755372-A046-41AE-8100-8E50EDFB5BDD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMRE.EXE:/EXE:{A6755372-A046-41AE-8100-8E50EDFB5BDD} /F:UpdateWORKGROUP\DESKTOP-4L82HJ4$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2018-07-25 10:35 - 2018-07-24 22:09 - 003780096 _____ () C:\ProgramData\Logic Cramble\set.exe
2018-07-25 10:30 - 2018-07-25 15:07 - 000043520 _____ () C:\ProgramData\PrefsSecure\Nettrans.exe
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-07-25 10:16 - 2018-07-25 10:16 - 027126784 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-07-25 10:16 - 2018-07-25 10:16 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-25 10:16 - 2018-07-25 10:16 - 006735872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 06:36 - 2017-09-26 06:37 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-25 10:16 - 2018-07-25 10:16 - 009360384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-07-25 10:50 - 2018-07-25 10:50 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-TR7N1.tmp\q3xcuyv5arf.tmp
2018-05-30 11:03 - 2018-05-30 11:03 - 046281248 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-NEHDJ.tmp\0gxe04bloba.tmp
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-6B0Q2.tmp\tzja4yvdwjd.tmp
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-39QHF.tmp\2ftovy5o1l2.tmp
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-EB7CN.tmp\2ri0gursg3e.tmp
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-L7G6H.tmp\q3xcuyv5arf.tmp
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-V581P.tmp\5vc1e2cenqa.tmp
2018-07-25 10:35 - 2017-12-12 11:35 - 000281600 _____ () C:\Program Files (x86)\Multitimer\Multitimer.exe
2018-07-25 10:51 - 2018-07-25 10:51 - 000113152 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_ctypes.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000080896 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\bz2.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001585152 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_hashlib.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000128512 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32api.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000137728 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pywintypes27.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000548864 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pythoncom27.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000689664 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\unicodedata.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000438784 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32com.shell.shell.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001489408 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._core_.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001007104 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._gdi_.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001039872 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._windows_.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001325056 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._controls_.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000916992 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._misc_.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001084416 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pysqlite2._sqlite.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000149504 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32file.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000136192 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32security.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000007680 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\hashobjs_ext.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000020992 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\thumbnails_ext.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000118784 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\usb_ext.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000047616 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_socket.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 002224640 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_ssl.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000014848 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\common.time34.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000023040 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32event.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000034304 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.conditional.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000020480 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.winwrap.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000110080 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.volumes.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000223232 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32gui.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000173568 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_elementtree.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000169472 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pyexpat.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000048128 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32inet.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000103424 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._html2.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000046080 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_psutil_windows.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000633272 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows._cacheinvalidation.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000011776 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32crypt.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000301568 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\PIL._imaging.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000032256 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_multiprocessing.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 005458944 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\cello.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000026112 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_yappi.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000044032 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32process.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000027648 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32pipe.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000010752 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\select.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000029696 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32pdh.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000038400 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.connectivity.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000073216 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.device_monitor.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000020480 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32profile.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000026624 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32ts.pyd
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-29 05:12 - 2018-06-29 05:12 - 000254464 _____ () C:\Program Files (x86)\Powzip\smshellext.dll
2018-04-11 20:35 - 2018-04-12 13:45 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-25 06:48 - 2018-07-25 06:49 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-25 06:48 - 2018-07-25 06:49 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-25 06:48 - 2018-07-25 06:49 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-25 06:48 - 2018-07-25 06:49 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-05 11:07 - 2018-06-05 11:07 - 003913112 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2018-04-11 20:35 - 2018-04-12 13:45 - 002506648 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2016-07-17 22:26 - 2016-07-17 22:26 - 000023360 _____ () C:\Program Files (x86)\Samsung\PowerCtrlManager\WSABI.dll
2018-07-25 10:26 - 2018-07-25 10:26 - 000828928 _____ () C:\WINDOWS\ijfiwwindwrxeliq.ijfiw
2015-07-28 03:42 - 2015-07-28 03:42 - 000211064 _____ () C:\Program Files (x86)\Samsung\ColorEngine\WinMove.dll
2014-10-07 07:47 - 2014-10-07 07:47 - 000023360 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll
2014-10-07 07:48 - 2014-10-07 07:48 - 000211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2018-07-25 10:50 - 2018-07-25 10:50 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-U5I04.tmp\_isetup\_isdecmp.dll
2018-07-25 10:50 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-U5I04.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-M13M9.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-M13M9.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-MNF76.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-MNF76.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-IQCUC.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-IQCUC.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-VF9I0.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-VF9I0.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-77EC1.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-77EC1.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-GDIF4.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-GDIF4.tmp\itdownload.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-30 04:24 - 2018-07-25 10:26 - 002097675 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 mydownloaddomain.com
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 360devtraking.website
127.0.0.1 dscdn.pw
127.0.0.1 bcnmonetize.go2affise.com
127.0.0.1 beautifllink.xyz
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Maple Bear\Pictures\ws_Create_Something_1280x1024.jpg
DNS Servers: 179.232.0.31 - 179.232.0.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\StartupApproved\Run: => "Spotify"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{61F2D792-0C2F-4B61-B44B-B235B6D9882E}] => (Allow) C:\Users\Maple Bear\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F54D3E4F-827A-488C-8885-79574DC72346}] => (Allow) C:\Users\Maple Bear\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{1A70DDF5-7842-4531-9406-FD147AFF808F}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{5613CC20-1E56-47BF-8DA2-C1318D5FEAED}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{E2329AD8-C84F-4874-88EF-2D897BF6D914}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8F84C9A5-CA55-47C1-A8F9-C30F1EC560CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{348D50CE-2DB6-41AD-A03E-50C511E2E568}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{7E89EAB2-5499-4ACA-8ADC-9EC5344342C1}C:\users\maple bear\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maple bear\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0EAF63F4-AA7C-4A4E-A5CC-17EFA787EE7F}C:\users\maple bear\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maple bear\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9BDF897C-CB0A-44C0-AD4E-9860EF71B00A}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{0F13702A-EEE0-4CDD-B78E-FC69607B6442}] => (Allow) C:\Users\Maple Bear\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{EFCC463E-7D2E-4C2F-9BAF-A53C39EE605E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C8404AE3-9F50-4DF6-BDC4-0F181CFE51CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{34073BF4-4A43-4F3D-A988-D5AFB8AD6A42}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{8CFEDB58-8A59-4F65-9005-988116F193BD}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{B28F450C-7C41-410B-80D2-27B1F2F1C97A}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe
FirewallRules: [{646B5B29-5388-4945-BE96-F2C3D3AFE387}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A63C707-9F79-470C-92C7-0303FBBFAE28}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{77806E10-DB8E-4E60-937A-AE98B4898631}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{95DE654D-0159-464F-A5AA-2E52D15C6168}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AE72B96C-E289-4A58-AF53-87598CD9B0DE}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B415E502-13A4-4828-93E8-2E0BA0D41779}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{40829A1D-802B-4F3F-AD6D-DD9F04C46D3C}] => (Allow) LPort=1688
FirewallRules: [{1338A6C7-A485-4EA9-855D-85074A69484E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0B9A49F3-23D8-4344-BD60-150854C44788}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe
FirewallRules: [{C4FE3019-6D4A-4987-B2EB-1B64175A971F}] => (Allow) C:\WINDOWS\SysWOW64\ULgEu.exe
FirewallRules: [{1B55D6A1-D702-498A-BE35-6A16E54426AD}] => (Allow) C:\Program Files (x86)\Common Files\OQAjU.exe
==================== Pontos de Restauração =========================
06-06-2018 07:00:34 Windows Update
12-06-2018 11:41:26 Remoção do Pacote de Idioma
15-06-2018 06:57:33 Removed Razer Synapse.
25-07-2018 06:36:52 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (07/25/2018 11:03:32 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_b4b229fe3cb4cfa3.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_fc5f60d55130f8a9.manifest.
Error: (07/25/2018 11:00:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_b4b229fe3cb4cfa3.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_fc5f60d55130f8a9.manifest.
Error: (07/25/2018 11:00:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\Root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\Root\Office16\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Error: (07/25/2018 10:56:18 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_b4b229fe3cb4cfa3.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_fc5f60d55130f8a9.manifest.
Error: (07/25/2018 10:38:56 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL rdyboost do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.
Error: (07/25/2018 10:38:49 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.
Error: (07/25/2018 10:33:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_MapsBroker, versão: 10.0.17134.1, carimbo de data/hora: 0xa38b9ab2
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x8400000e
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x52a8
Hora de início do aplicativo com falha: 0x01d4241be5c380ea
Caminho do aplicativo com falha: C:\WINDOWS\System32\svchost.exe
Caminho do módulo com falha: unknown
ID do Relatório: 8ee7f309-4497-43cc-8339-68aef11602d6
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (07/25/2018 10:33:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa MicrosoftEdgeCP.exe versão 11.0.17134.48 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 4d50
Hora de Início: 01d4241a831b5ba0
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
ID do Relatório: d31e77e8-cfb2-4d6b-b15c-52e78e61d8fc
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: ContentProcess
Erros de Sistema:
=============
Error: (07/25/2018 11:44:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:42:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:40:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:38:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:36:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:34:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:32:31 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:30:31 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Windows Defender:
===================================
Date: 2018-07-25 11:44:51.429
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nome: HackTool:MSIL/AutoKMS
ID: 2147711767
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe->[MSILRES:KMSAuto_Net.Resources.resources]#9->(VFS:TunMirror.exe)
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-4L82HJ4\Maple Bear
Nome do Processo: C:\Users\Maple Bear\Desktop\FRST64.exe
Versão da Assinatura: AV: 1.273.330.0, AS: 1.273.330.0, NIS: 1.273.330.0
Versão do Mecanismo: AM: 1.1.15100.1, NIS: 1.1.15100.1
Date: 2018-07-25 11:40:03.416
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nome: HackTool:MSIL/AutoKMS
ID: 2147711767
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe->[MSILRES:KMSAuto_Net.Resources.resources]#9->(VFS:TunMirror.exe)
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-4L82HJ4\Maple Bear
Nome do Processo: C:\Users\Maple Bear\Desktop\FRST64.exe
Versão da Assinatura: AV: 1.273.330.0, AS: 1.273.330.0, NIS: 1.273.330.0
Versão do Mecanismo: AM: 1.1.15100.1, NIS: 1.1.15100.1
Date: 2018-07-25 10:54:58.893
Description:
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {41C3803C-E6F9-4093-92A0-524859E37B92}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Date: 2018-07-25 06:15:43.439
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nome: HackTool:MSIL/AutoKMS
ID: 2147711767
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe->[MSILRES:KMSAuto_Net.Resources.resources]#9->(VFS:TunMirror.exe)
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-4L82HJ4\Maple Bear
Nome do Processo: C:\Windows\System32\svchost.exe
Versão da Assinatura: AV: 1.269.1577.0, AS: 1.269.1577.0, NIS: 1.269.1577.0
Versão do Mecanismo: AM: 1.1.14901.4, NIS: 1.1.14901.4
Date: 2018-07-25 06:13:22.655
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nome: HackTool:MSIL/AutoKMS
ID: 2147711767
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe->[MSILRES:KMSAuto_Net.Resources.resources]#9->(VFS:TunMirror.exe)
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-4L82HJ4\Maple Bear
Nome do Processo: C:\Windows\System32\svchost.exe
Versão da Assinatura: AV: 1.269.1577.0, AS: 1.269.1577.0, NIS: 1.269.1577.0
Versão do Mecanismo: AM: 1.1.14901.4, NIS: 1.1.14901.4
Date: 2018-07-25 10:14:08.300
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.273.315.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15100.1
Código de erro: 0x80004005
Descrição do erro: Erro não especificado
Date: 2018-07-25 10:14:08.299
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.273.315.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Anti-spyware
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15100.1
Código de erro: 0x80004005
Descrição do erro: Erro não especificado
Date: 2018-07-25 10:14:08.299
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.273.315.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15100.1
Código de erro: 0x80004005
Descrição do erro: Erro não especificado
Date: 2018-07-25 06:31:43.277
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 1.273.315.0
Versão da Assinatura Anterior: 1.269.1577.0
Origem da Atualização: Usuário
Tipo de Assinatura: Anti-spyware
Tipo de Atualização: Delta
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: 1.1.14901.4
Versão do Mecanismo Anterior: 1.1.14901.4
Código de erro: 0x80070666
Descrição do erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle.
Date: 2018-07-25 06:31:43.276
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 1.273.315.0
Versão da Assinatura Anterior: 1.269.1577.0
Origem da Atualização: Usuário
Tipo de Assinatura: Antivírus
Tipo de Atualização: Delta
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: 1.1.14901.4
Versão do Mecanismo Anterior: 1.1.14901.4
Código de erro: 0x80070666
Descrição do erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle.
CodeIntegrity:
===================================
Date: 2018-07-25 11:44:59.866
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:44:02.199
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:43:56.464
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:43:21.436
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:43:21.180
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:42:21.527
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:42:06.074
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:42:04.756
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Celeron(R) CPU 3215U @ 1.70GHz
Percentagem de memória em uso: 68%
RAM física total: 3995.22 MB
RAM física disponível: 1273.17 MB
Virtual Total: 5851.22 MB
Virtual disponível: 2491.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:452.94 GB) (Free:394.18 GB) NTFS
\\?\Volume{bfb666de-9ec0-4323-a248-98dd988c04bd}\ () (Fixed) (Total:0.91 GB) (Free:0.45 GB) NTFS
\\?\Volume{82310998-4b62-45ef-83e1-a565b61a58ff}\ (SAMSUNG_REC2) (Fixed) (Total:10.68 GB) (Free:1.7 GB) NTFS
\\?\Volume{d5f5551d-5d6a-4bb3-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.27 GB) FAT32
\\?\Volume{bbd608c0-ce34-4e3d-9667-4d2e2c38743f}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 26EA9241)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por Maple Bear (25-07-2018 11:44:48)
Executando a partir de C:\Users\Maple Bear\Desktop
Windows 10 Home Single Language Versão 1803 17134.81 (X64) (2018-06-05 14:47:42)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-4216877997-3920459586-2356809368-500 - Administrator - Disabled)
Convidado (S-1-5-21-4216877997-3920459586-2356809368-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-4216877997-3920459586-2356809368-503 - Limited - Disabled)
Maple Bear (S-1-5-21-4216877997-3920459586-2356809368-1001 - Administrator - Enabled) => C:\Users\Maple Bear
WDAGUtilityAccount (S-1-5-21-4216877997-3920459586-2356809368-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\uTorrent) (Version: 3.5.4.44488 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.23) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation)
Backup and Sync from Google (HKLM\...\{AEFBDB5B-899F-4AE6-B789-BA56A652A476}) (Version: 3.42.9858.3671 - Google, Inc.)
ColorEngine (HKLM-x32\...\{BE075478-C2A9-4F37-AB91-205C966D9848}) (Version: 3.0 - Samsung Electronics CO., LTD.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 2.30.00 - Seiko Epson Corporation)
EPSON L655 Series Printer Uninstall (HKLM\...\EPSON L655 Series) (Version: - SEIKO EPSON Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{29F4F2C2-CB73-418D-BA99-7BB5ECD9F7BF}) (Version: 4.4.6 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
K-Lite Codec Pack 14.2.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.2.0 - KLCP)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0a2 - Mozilla)
MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
Multitimer version 1.0 (HKLM-x32\...\Multitimer_is1) (Version: 1.0 - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Peak Time Power Manager (HKLM-x32\...\{64D42C63-02D5-4129-A546-42BEC0D5AA77}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
Powzip (HKLM-x32\...\{B26B3E84-2716-4db6-BFB6-7FBDFE26C69C}) (Version: - )
publicHotsp version 1.0 (HKLM-x32\...\publicHotsp_is1) (Version: 1.0 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.5 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Reg Organizer versão 8.16 (HKLM-x32\...\Reg Organizer_is1) (Version: 8.16 - ChemTable Software)
S Agent (HKLM\...\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}) (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery (HKLM\...\{D21EED26-59C0-4315-BDCC-D682496465E9}) (Version: 7.3.0 - Samsung Electronics Co., Ltd.)
Samsung Settings (HKLM-x32\...\{906320D6-3C1E-4C56-9B11-F17089D232F4}) (Version: 2.5.0 - Samsung Electronics Co., Ltd.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.5.0.86_2 - Samsung Electronics Co., Ltd.)
Samsung Update (HKLM-x32\...\{0CFED20F-F964-412C-9EC1-6990B5FB8322}) (Version: 2.2.39 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Warsaw 2.3.0.83 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.3.0.83 - GAS Tecnologia)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ !!!smico] -> {C6E713CA-A7FD-4C73-9E34-AD7676CB957F} => C:\Program Files (x86)\Powzip\smshellext.dll [2018-06-29] ()
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers1: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => C:\Program Files (x86)\Powzip\smshellext.dll [2018-06-29] ()
ContextMenuHandlers1: [SMShellExts] -> {3871F95B-BF7A-4c17-950B-3ECBCA765A45} => C:\Program Files (x86)\Powzip\smshellext.dll [2018-06-29] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers2: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => C:\Program Files (x86)\Powzip\smshellext.dll [2018-06-29] ()
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers4: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => C:\Program Files (x86)\Powzip\smshellext.dll [2018-06-29] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-25] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {13C0935F-202F-4D31-BB41-63C32AC80F92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {2C45B6A6-094F-4EC3-9E16-2D67BF592AAB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-25] (Microsoft Corporation)
Task: {2E5DA6B3-85F3-4437-B305-954CC6B92C08} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-08-10] ()
Task: {31703BCD-A042-492B-9627-A4CC79D1E095} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {43F4C1C7-81CB-40ED-9756-C68379B0FA78} - System32\Tasks\Samsung\Settings\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [2016-07-20] (Samsung Electronics Co., Ltd.)
Task: {4BC94CEA-7C3E-4918-A9EA-B9B8F12A99C1} - System32\Tasks\Samsung\Settings\SettingsPatternLoginMonitor => C:\Program Files (x86)\Samsung\Settings\SMessage.exe [2016-07-20] (Samsung Electronics Co., Ltd.)
Task: {525BCD81-26EA-468E-ADF7-D9DDA53BFF6E} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [2013-08-23] (Samsung Electronics CO., LTD.)
Task: {52BD6110-2059-425B-920D-528ED5DE3589} - System32\Tasks\{FF6B6294-00AF-3858-5866-5500412C12CF} => C:\Program Files (x86)\Common Files\OQAjU.exe [1601-01-03] (Microsoft Corporation)
Task: {54140D3A-7241-4499-92F1-562EE1920C34} - System32\Tasks\ColorEngine => C:\Program Files (x86)\Samsung\ColorEngine\ColorEngine.exe [2015-07-28] (Samsung Electronics Co., Ltd.)
Task: {5495AC19-E33B-4E33-8BA0-72237D44FB7B} - System32\Tasks\Samsung\Settings\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2016-07-20] (Samsung Electronics Co., Ltd.)
Task: {5C88DEA3-C168-4BFC-A223-5E4BC94EC2A2} - System32\Tasks\Samsung\Settings\SettingsEventHandlerMonitor => C:\Program Files (x86)\Samsung\Settings\CmdServer\RSSettingEventHandler.exe [2016-07-20] (Samsung Electronics Co., Ltd.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {6B374E88-B012-4905-9A00-C39D8AC8B9B0} - System32\Tasks\psv_ZerSonlab => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\Transron.reg" & del "C:\ProgramData\Voyasollam\Transron.reg" & SCHTASKS /Delete /TN "psv_ZerSonlab" /F <==== ATENÇÃO
Task: {6BCDDB2B-466D-4310-A659-766ED7336B2D} - System32\Tasks\psv_EcoDontex => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\Lamlab.reg" & del "C:\ProgramData\Voyasollam\Lamlab.reg" & SCHTASKS /Delete /TN "psv_EcoDontex" /F <==== ATENÇÃO
Task: {6C0F2EAA-6D34-467D-9CD4-0FB45182CF45} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2016-02-23] (Samsung Electronics Co., Ltd.)
Task: {74CFB0E1-1ABC-445C-B7E2-64B06CB5B781} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-25] (Microsoft Corporation)
Task: {7B4B4C1B-20DB-43F7-94B5-2B25400D9BF5} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
Task: {7DE1B5FB-792F-4877-BF7F-22F4BBAEC3C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-03] (Google Inc.)
Task: {8F3D5023-C402-4054-B689-EEB122137C16} - System32\Tasks\Samsung\SRS\SRS Logon => C:\Program Files\Samsung\Recovery\SRSMessages.exe [2016-07-14] (Samsung Electronics)
Task: {916B3E00-7EE2-495E-B991-E8E9BA60AEC2} - System32\Tasks\EPSON L655 Series Update {826E20B9-D2D7-457A-9612-058376992581} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMRE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {A8B4E55F-28A1-4263-B62A-37F1FFB5F931} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-25] (Microsoft Corporation)
Task: {A96E661C-CE77-41E9-A96C-3891236BCFD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-03] (Google Inc.)
Task: {AEF935AC-63EC-404F-B3C1-960583B8F72C} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-25] (Microsoft Corporation)
Task: {B059A7A3-F42F-40AE-814C-4E2A6D46E2EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-25] (Microsoft Corporation)
Task: {B2CFC389-6160-4236-8A37-529662C02C4E} - System32\Tasks\psv_Lightron => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\VilaQuosoft.reg" & del "C:\ProgramData\Voyasollam\VilaQuosoft.reg" & SCHTASKS /Delete /TN "psv_Lightron" /F <==== ATENÇÃO
Task: {C08F09B6-E277-40DB-9748-7B13E0DF556A} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {C7BCBA8D-CF7C-4044-8C81-B387DBC5D375} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-25] (Microsoft Corporation)
Task: {CC52CCA6-B9A9-4FA6-B097-667E33847423} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-25] (Microsoft Corporation)
Task: {D1947FC5-0629-433C-A2A5-86976AE3FD7E} - System32\Tasks\Samsung\Settings\SettingsPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\Settings\SMessage.exe [2016-07-20] (Samsung Electronics Co., Ltd.)
Task: {D341713F-9832-4062-96B2-A5BCC91BA39F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {DD4EA8FA-DF71-4DA4-941A-757FF467BC45} - System32\Tasks\psv_Dentophase => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\KonRunla.reg" & del "C:\ProgramData\Voyasollam\KonRunla.reg" & SCHTASKS /Delete /TN "psv_Dentophase" /F <==== ATENÇÃO
Task: {E4CBAD91-CA8E-4C7F-99BB-6E0E73CA87CE} - System32\Tasks\{FBD16DD0-EB44-7F4E-2BEA-1FF08A4F1139} => C:\WINDOWS\SysWOW64\ULgEu.exe [1601-01-03] (Microsoft Corporation)
Task: {E6D37D37-19DA-48B8-9667-EB085450E590} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-25] (Microsoft Corporation)
Task: {E83C5859-E7B6-4B16-924C-8A48FC7FB894} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-18] (Realtek Semiconductor)
Task: {EC03836E-57F7-474B-8587-222FBBE7BD38} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2018-05-31] ()
Task: {F5EA7532-9AC4-4681-BD57-D75925450389} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2016-07-17] (Samsung Electronics Co., Ltd.)
Task: {FA3E1221-3080-428C-8F36-322C41F2D4A8} - System32\Tasks\psv_Toughdox => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\Hottax.reg" & del "C:\ProgramData\Voyasollam\Hottax.reg" & SCHTASKS /Delete /TN "psv_Toughdox" /F <==== ATENÇÃO
Task: {FF36A9BF-BAE4-40F5-AE48-582BC3FD4A81} - System32\Tasks\EPSON L655 Series Update {A6755372-A046-41AE-8100-8E50EDFB5BDD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMRE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {FF8CB98F-9979-48F3-9551-39A4C5145B0A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-25] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\EPSON L655 Series Update {826E20B9-D2D7-457A-9612-058376992581}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMRE.EXE:/EXE:{826E20B9-D2D7-457A-9612-058376992581} /F:UpdateWORKGROUP\DESKTOP-4L82HJ4$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L655 Series Update {A6755372-A046-41AE-8100-8E50EDFB5BDD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMRE.EXE:/EXE:{A6755372-A046-41AE-8100-8E50EDFB5BDD} /F:UpdateWORKGROUP\DESKTOP-4L82HJ4$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2018-07-25 10:35 - 2018-07-24 22:09 - 003780096 _____ () C:\ProgramData\Logic Cramble\set.exe
2018-07-25 10:30 - 2018-07-25 15:07 - 000043520 _____ () C:\ProgramData\PrefsSecure\Nettrans.exe
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-07-25 10:16 - 2018-07-25 10:16 - 027126784 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-07-25 10:16 - 2018-07-25 10:16 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-25 10:16 - 2018-07-25 10:16 - 006735872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 06:36 - 2017-09-26 06:37 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-25 10:16 - 2018-07-25 10:16 - 009360384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-07-25 10:50 - 2018-07-25 10:50 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-TR7N1.tmp\q3xcuyv5arf.tmp
2018-05-30 11:03 - 2018-05-30 11:03 - 046281248 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-NEHDJ.tmp\0gxe04bloba.tmp
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-6B0Q2.tmp\tzja4yvdwjd.tmp
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-39QHF.tmp\2ftovy5o1l2.tmp
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-EB7CN.tmp\2ri0gursg3e.tmp
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-L7G6H.tmp\q3xcuyv5arf.tmp
2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-V581P.tmp\5vc1e2cenqa.tmp
2018-07-25 10:35 - 2017-12-12 11:35 - 000281600 _____ () C:\Program Files (x86)\Multitimer\Multitimer.exe
2018-07-25 10:51 - 2018-07-25 10:51 - 000113152 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_ctypes.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000080896 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\bz2.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001585152 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_hashlib.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000128512 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32api.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000137728 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pywintypes27.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000548864 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pythoncom27.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000689664 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\unicodedata.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000438784 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32com.shell.shell.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001489408 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._core_.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001007104 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._gdi_.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001039872 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._windows_.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001325056 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._controls_.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000916992 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._misc_.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 001084416 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pysqlite2._sqlite.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000149504 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32file.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000136192 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32security.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000007680 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\hashobjs_ext.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000020992 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\thumbnails_ext.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000118784 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\usb_ext.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000047616 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_socket.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 002224640 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_ssl.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000014848 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\common.time34.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000023040 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32event.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000034304 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.conditional.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000020480 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.winwrap.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000110080 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.volumes.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000223232 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32gui.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000173568 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_elementtree.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000169472 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pyexpat.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000048128 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32inet.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000103424 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._html2.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000046080 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_psutil_windows.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000633272 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows._cacheinvalidation.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000011776 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32crypt.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000301568 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\PIL._imaging.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000032256 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_multiprocessing.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 005458944 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\cello.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000026112 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_yappi.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000044032 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32process.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000027648 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32pipe.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000010752 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\select.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000029696 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32pdh.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000038400 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.connectivity.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000073216 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.device_monitor.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000020480 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32profile.pyd
2018-07-25 10:51 - 2018-07-25 10:51 - 000026624 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32ts.pyd
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-29 05:12 - 2018-06-29 05:12 - 000254464 _____ () C:\Program Files (x86)\Powzip\smshellext.dll
2018-04-11 20:35 - 2018-04-12 13:45 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-25 06:48 - 2018-07-25 06:49 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-25 06:48 - 2018-07-25 06:49 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-25 06:48 - 2018-07-25 06:49 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-25 06:48 - 2018-07-25 06:49 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-05 11:07 - 2018-06-05 11:07 - 003913112 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2018-04-11 20:35 - 2018-04-12 13:45 - 002506648 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2016-07-17 22:26 - 2016-07-17 22:26 - 000023360 _____ () C:\Program Files (x86)\Samsung\PowerCtrlManager\WSABI.dll
2018-07-25 10:26 - 2018-07-25 10:26 - 000828928 _____ () C:\WINDOWS\ijfiwwindwrxeliq.ijfiw
2015-07-28 03:42 - 2015-07-28 03:42 - 000211064 _____ () C:\Program Files (x86)\Samsung\ColorEngine\WinMove.dll
2014-10-07 07:47 - 2014-10-07 07:47 - 000023360 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll
2014-10-07 07:48 - 2014-10-07 07:48 - 000211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2018-07-25 10:50 - 2018-07-25 10:50 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-U5I04.tmp\_isetup\_isdecmp.dll
2018-07-25 10:50 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-U5I04.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-M13M9.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-M13M9.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-MNF76.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-MNF76.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-IQCUC.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-IQCUC.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-VF9I0.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-VF9I0.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-77EC1.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-77EC1.tmp\itdownload.dll
2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-GDIF4.tmp\_isetup\_isdecmp.dll
2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-GDIF4.tmp\itdownload.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-30 04:24 - 2018-07-25 10:26 - 002097675 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 mydownloaddomain.com
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 360devtraking.website
127.0.0.1 dscdn.pw
127.0.0.1 bcnmonetize.go2affise.com
127.0.0.1 beautifllink.xyz
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Maple Bear\Pictures\ws_Create_Something_1280x1024.jpg
DNS Servers: 179.232.0.31 - 179.232.0.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\StartupApproved\Run: => "Spotify"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{61F2D792-0C2F-4B61-B44B-B235B6D9882E}] => (Allow) C:\Users\Maple Bear\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F54D3E4F-827A-488C-8885-79574DC72346}] => (Allow) C:\Users\Maple Bear\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{1A70DDF5-7842-4531-9406-FD147AFF808F}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{5613CC20-1E56-47BF-8DA2-C1318D5FEAED}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{E2329AD8-C84F-4874-88EF-2D897BF6D914}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8F84C9A5-CA55-47C1-A8F9-C30F1EC560CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{348D50CE-2DB6-41AD-A03E-50C511E2E568}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{7E89EAB2-5499-4ACA-8ADC-9EC5344342C1}C:\users\maple bear\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maple bear\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0EAF63F4-AA7C-4A4E-A5CC-17EFA787EE7F}C:\users\maple bear\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maple bear\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9BDF897C-CB0A-44C0-AD4E-9860EF71B00A}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{0F13702A-EEE0-4CDD-B78E-FC69607B6442}] => (Allow) C:\Users\Maple Bear\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{EFCC463E-7D2E-4C2F-9BAF-A53C39EE605E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C8404AE3-9F50-4DF6-BDC4-0F181CFE51CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{34073BF4-4A43-4F3D-A988-D5AFB8AD6A42}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{8CFEDB58-8A59-4F65-9005-988116F193BD}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{B28F450C-7C41-410B-80D2-27B1F2F1C97A}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe
FirewallRules: [{646B5B29-5388-4945-BE96-F2C3D3AFE387}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A63C707-9F79-470C-92C7-0303FBBFAE28}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{77806E10-DB8E-4E60-937A-AE98B4898631}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{95DE654D-0159-464F-A5AA-2E52D15C6168}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AE72B96C-E289-4A58-AF53-87598CD9B0DE}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B415E502-13A4-4828-93E8-2E0BA0D41779}] => (Allow) C:\Users\Maple Bear\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{40829A1D-802B-4F3F-AD6D-DD9F04C46D3C}] => (Allow) LPort=1688
FirewallRules: [{1338A6C7-A485-4EA9-855D-85074A69484E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0B9A49F3-23D8-4344-BD60-150854C44788}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe
FirewallRules: [{C4FE3019-6D4A-4987-B2EB-1B64175A971F}] => (Allow) C:\WINDOWS\SysWOW64\ULgEu.exe
FirewallRules: [{1B55D6A1-D702-498A-BE35-6A16E54426AD}] => (Allow) C:\Program Files (x86)\Common Files\OQAjU.exe
==================== Pontos de Restauração =========================
06-06-2018 07:00:34 Windows Update
12-06-2018 11:41:26 Remoção do Pacote de Idioma
15-06-2018 06:57:33 Removed Razer Synapse.
25-07-2018 06:36:52 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (07/25/2018 11:03:32 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_b4b229fe3cb4cfa3.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_fc5f60d55130f8a9.manifest.
Error: (07/25/2018 11:00:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_b4b229fe3cb4cfa3.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_fc5f60d55130f8a9.manifest.
Error: (07/25/2018 11:00:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\Root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\Root\Office16\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Error: (07/25/2018 10:56:18 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_b4b229fe3cb4cfa3.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.81_none_fc5f60d55130f8a9.manifest.
Error: (07/25/2018 10:38:56 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL rdyboost do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.
Error: (07/25/2018 10:38:49 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.
Error: (07/25/2018 10:33:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_MapsBroker, versão: 10.0.17134.1, carimbo de data/hora: 0xa38b9ab2
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x8400000e
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x52a8
Hora de início do aplicativo com falha: 0x01d4241be5c380ea
Caminho do aplicativo com falha: C:\WINDOWS\System32\svchost.exe
Caminho do módulo com falha: unknown
ID do Relatório: 8ee7f309-4497-43cc-8339-68aef11602d6
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (07/25/2018 10:33:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa MicrosoftEdgeCP.exe versão 11.0.17134.48 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 4d50
Hora de Início: 01d4241a831b5ba0
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
ID do Relatório: d31e77e8-cfb2-4d6b-b15c-52e78e61d8fc
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: ContentProcess
Erros de Sistema:
=============
Error: (07/25/2018 11:44:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:42:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:40:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:38:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:36:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:34:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:32:31 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Error: (07/25/2018 11:30:31 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4L82HJ4)
Description: O servidor {9E175B6D-F52A-11D8-B9A5-505054503030} não se registrou no DCOM dentro do tempo limite necessário.
Windows Defender:
===================================
Date: 2018-07-25 11:44:51.429
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nome: HackTool:MSIL/AutoKMS
ID: 2147711767
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe->[MSILRES:KMSAuto_Net.Resources.resources]#9->(VFS:TunMirror.exe)
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-4L82HJ4\Maple Bear
Nome do Processo: C:\Users\Maple Bear\Desktop\FRST64.exe
Versão da Assinatura: AV: 1.273.330.0, AS: 1.273.330.0, NIS: 1.273.330.0
Versão do Mecanismo: AM: 1.1.15100.1, NIS: 1.1.15100.1
Date: 2018-07-25 11:40:03.416
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nome: HackTool:MSIL/AutoKMS
ID: 2147711767
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe->[MSILRES:KMSAuto_Net.Resources.resources]#9->(VFS:TunMirror.exe)
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-4L82HJ4\Maple Bear
Nome do Processo: C:\Users\Maple Bear\Desktop\FRST64.exe
Versão da Assinatura: AV: 1.273.330.0, AS: 1.273.330.0, NIS: 1.273.330.0
Versão do Mecanismo: AM: 1.1.15100.1, NIS: 1.1.15100.1
Date: 2018-07-25 10:54:58.893
Description:
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {41C3803C-E6F9-4093-92A0-524859E37B92}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Date: 2018-07-25 06:15:43.439
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nome: HackTool:MSIL/AutoKMS
ID: 2147711767
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe->[MSILRES:KMSAuto_Net.Resources.resources]#9->(VFS:TunMirror.exe)
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-4L82HJ4\Maple Bear
Nome do Processo: C:\Windows\System32\svchost.exe
Versão da Assinatura: AV: 1.269.1577.0, AS: 1.269.1577.0, NIS: 1.269.1577.0
Versão do Mecanismo: AM: 1.1.14901.4, NIS: 1.1.14901.4
Date: 2018-07-25 06:13:22.655
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nome: HackTool:MSIL/AutoKMS
ID: 2147711767
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe->[MSILRES:KMSAuto_Net.Resources.resources]#9->(VFS:TunMirror.exe)
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-4L82HJ4\Maple Bear
Nome do Processo: C:\Windows\System32\svchost.exe
Versão da Assinatura: AV: 1.269.1577.0, AS: 1.269.1577.0, NIS: 1.269.1577.0
Versão do Mecanismo: AM: 1.1.14901.4, NIS: 1.1.14901.4
Date: 2018-07-25 10:14:08.300
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.273.315.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15100.1
Código de erro: 0x80004005
Descrição do erro: Erro não especificado
Date: 2018-07-25 10:14:08.299
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.273.315.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Anti-spyware
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15100.1
Código de erro: 0x80004005
Descrição do erro: Erro não especificado
Date: 2018-07-25 10:14:08.299
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.273.315.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15100.1
Código de erro: 0x80004005
Descrição do erro: Erro não especificado
Date: 2018-07-25 06:31:43.277
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 1.273.315.0
Versão da Assinatura Anterior: 1.269.1577.0
Origem da Atualização: Usuário
Tipo de Assinatura: Anti-spyware
Tipo de Atualização: Delta
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: 1.1.14901.4
Versão do Mecanismo Anterior: 1.1.14901.4
Código de erro: 0x80070666
Descrição do erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle.
Date: 2018-07-25 06:31:43.276
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 1.273.315.0
Versão da Assinatura Anterior: 1.269.1577.0
Origem da Atualização: Usuário
Tipo de Assinatura: Antivírus
Tipo de Atualização: Delta
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: 1.1.14901.4
Versão do Mecanismo Anterior: 1.1.14901.4
Código de erro: 0x80070666
Descrição do erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle.
CodeIntegrity:
===================================
Date: 2018-07-25 11:44:59.866
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:44:02.199
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:43:56.464
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:43:21.436
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:43:21.180
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:42:21.527
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:42:06.074
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2018-07-25 11:42:04.756
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Celeron(R) CPU 3215U @ 1.70GHz
Percentagem de memória em uso: 68%
RAM física total: 3995.22 MB
RAM física disponível: 1273.17 MB
Virtual Total: 5851.22 MB
Virtual disponível: 2491.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:452.94 GB) (Free:394.18 GB) NTFS
\\?\Volume{bfb666de-9ec0-4323-a248-98dd988c04bd}\ () (Fixed) (Total:0.91 GB) (Free:0.45 GB) NTFS
\\?\Volume{82310998-4b62-45ef-83e1-a565b61a58ff}\ (SAMSUNG_REC2) (Fixed) (Total:10.68 GB) (Free:1.7 GB) NTFS
\\?\Volume{d5f5551d-5d6a-4bb3-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.27 GB) FAT32
\\?\Volume{bbd608c0-ce34-4e3d-9667-4d2e2c38743f}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 26EA9241)
Partition: GPT.
==================== Fim de Addition.txt ============================