Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 24.10.2018
Executado por t_sch (06-11-2018 14:17:13)
Executando a partir de C:\Users\t_sch\OneDrive\Área de Trabalho
Windows 10 Pro Versão 1803 17134.345 (X64) (2018-09-20 19:07:05)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3416868431-2886562609-177532199-500 - Administrator - Disabled)
Convidado (S-1-5-21-3416868431-2886562609-177532199-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3416868431-2886562609-177532199-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3416868431-2886562609-177532199-1000 - Limited - Disabled)
t_sch (S-1-5-21-3416868431-2886562609-177532199-1001 - Administrator - Enabled) => C:\Users\t_sch
WDAGUtilityAccount (S-1-5-21-3416868431-2886562609-177532199-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Aplicativo da área de trabalho Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.4.332 - Autodesk)
Aplicativos da Autodesk em destaque 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Atualizações da NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) Hidden
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-211 214 216 Series Printer Uninstall (HKLM\...\EPSON XP-211 214 216 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 28.1.35.1747 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
K-Lite Codec Pack 14.4.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.5 - KLCP)
Lumion 8.0 (HKLM\...\Lumion 8.0_is1) (Version: 8.0 - Act-3D B.V.)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProplusRetail - pt-br) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Project Professional 2016 - pt-br (HKLM\...\ProjectProRetail - pt-br) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Visio Professional 2016 - pt-br (HKLM\...\VisioProRetail - pt-br) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Movavi Video Suite 17 (HKLM-x32\...\Movavi Video Suite 17) (Version: 17.1.0 - Movavi)
NVIDIA Driver de áudio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Driver de gráficos 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Painel de controle da NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PDF24 Creator 8.6.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.28.615.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8522 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
SketchUp 2018 (HKLM\...\{5EAA3D58-258D-4D24-BA22-C8D8D704F515}) (Version: 18.0.16975 - Trimble Navigation Limited)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.1 - Unified Intents AB)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Web Companion (HKLM-x32\...\{e36f5b24-4a24-4e3d-996d-f19eac65165e}) (Version: 4.3.1934.3766 - Lavasoft)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3416868431-2886562609-177532199-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3416868431-2886562609-177532199-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3416868431-2886562609-177532199-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3416868431-2886562609-177532199-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => -> Nenhum Arquivo
ContextMenuHandlers4_S-1-5-21-3416868431-2886562609-177532199-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => -> Nenhum Arquivo
ContextMenuHandlers5_S-1-5-21-3416868431-2886562609-177532199-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => -> Nenhum Arquivo
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {067E4A98-87CF-4221-A8BD-3BD47C87B5AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {0B8F9F94-9B3F-4D64-9D8C-E73A68322337} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-05] (Microsoft Corporation)
Task: {0CA04550-5BEB-4EAF-88BF-E07C3E22D3DE} - System32\Tasks\EPSON XP-211 214 216 Series Update {51BC779D-B208-4555-8E5D-764E5108F763} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {15E72381-9CB9-4D5F-81C5-D6CB14C6E94A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-05] (Microsoft Corporation)
Task: {1F7C6F56-FD49-40B5-BCCD-84F5197B9A6C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation)
Task: {3A63AE60-A2C8-47DC-89C5-E9FEF6D26E00} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-05] (Microsoft Corporation)
Task: {3B567D66-C99B-4149-B1C4-C1988A378A09} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {401FDB3B-66A2-48AF-BA9E-E95FDFFFCDC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-05] (Microsoft Corporation)
Task: {4DCA2CB0-E9C3-416B-BC1C-6458C5077D47} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-27] (NVIDIA Corporation)
Task: {51B840D1-8D11-4165-B0AA-7679CF2C0845} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {561E719F-0B16-4EED-9AB1-6C90A721630E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation)
Task: {583DA752-9A16-42FC-92AC-6840BEE5071C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-05] (Microsoft Corporation)
Task: {595A6C0C-4583-4EF4-9CEB-AF68A5D8C88D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-20] (Google Inc.)
Task: {5A7212C1-A725-4095-9186-4B5B9BE9C652} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {5A8FBBBF-5A0C-469A-8348-EA18A3CC8C0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {5BC6CD22-2ADE-4929-9078-9BEDA69E6FAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {6DD32A40-A9A9-4C53-9E08-DF1DD751BFD5} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
Task: {840D594E-F26E-465F-AD26-E4A2420C9FD9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-27] (NVIDIA Corporation)
Task: {855A020D-FA02-4D58-AEA1-4D7D0529E0E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {8601C4C3-A154-41D6-B3C0-F4409C46E763} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-05] (Microsoft Corporation)
Task: {8E8A5487-4817-4B58-8000-4FC8BA77DD93} - System32\Tasks\R@1n-KMS\Office16ProjectPro => wmic [Argument = path SoftwareLicensingProduct where (ID="4f414197-0fc2-4c01-b68a-86cbb9ac254c") call Activate]
Task: {90FC0999-23B5-4FDB-9125-84E05A43EED2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-27] (NVIDIA Corporation)
Task: {9CEC21B2-BEDD-4943-98F2-7BA7B254C594} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-27] (NVIDIA Corporation)
Task: {9E003E07-02D3-4FDF-8FCD-497AF9D48C70} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {ACC16E96-3740-47F1-A394-5544EB37D3ED} - System32\Tasks\R@1n-KMS\Office16VisioPro => wmic [Argument = path SoftwareLicensingProduct where (ID="6bf301c1-b94a-43e9-ba31-d494598c47fb") call Activate]
Task: {BD8FFF78-6560-4AD3-88E9-5A9732C4E290} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {D08C5F4D-DF93-4958-8B25-B97304856683} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-27] (NVIDIA Corporation)
Task: {D2197344-AE0C-4826-A046-DE1AA7BC2910} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-27] (NVIDIA Corporation)
Task: {D6BFC289-178B-4606-975B-7B2F9CE4C75C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {E029933D-FE2F-4498-9050-28D28BE8547E} - System32\Tasks\EPSON XP-211 214 216 Series Invitation {51BC779D-B208-4555-8E5D-764E5108F763} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {E0B9A619-E277-4BF3-BCC7-94DEAD2889F1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-27] (NVIDIA Corporation)
Task: {E1F20C54-58E5-4434-B709-45CE5D87B960} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-20] (Google Inc.)
Task: {F4D330E9-5BFD-47F7-A0C2-BB19928F5EDA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-27] (NVIDIA Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {51BC779D-B208-4555-8E5D-764E5108F763}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE
Task: C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {51BC779D-B208-4555-8E5D-764E5108F763}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE:/EXE:{51BC779D-B208-4555-8E5D-764E5108F763} /F:UpdateWORKGROUP\DESKTOP-VG0036M$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2018-10-03 14:55 - 2018-10-03 14:55 - 000026112 _____ () C:\Windows\KMS-R@1n.exe
2018-09-20 19:06 - 2018-09-20 19:06 - 000025888 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2018-10-03 11:20 - 2018-04-27 11:35 - 013388800 _____ () C:\Windows\Defender.exe
2018-09-20 17:48 - 2017-10-27 14:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-11 21:34 - 2018-04-11 21:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-11-06 09:54 - 2018-10-31 11:16 - 003567352 _____ () C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefs_icui18n.dll
2018-11-06 09:54 - 2018-10-31 11:16 - 003878648 _____ () C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefs_cc_icu_data_library_core.dll
2018-11-06 09:54 - 2018-10-31 11:16 - 002548472 _____ () C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefs_common_icuuc.dll
2018-04-11 21:34 - 2018-04-11 21:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 21:34 - 2018-04-11 21:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-10 10:36 - 2018-09-20 01:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-23 18:42 - 2018-10-23 18:44 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-23 18:42 - 2018-10-23 18:44 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-10-04 14:42 - 2018-10-04 14:42 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-10-23 18:42 - 2018-10-23 18:43 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-10-23 18:42 - 2018-10-23 18:43 - 010978304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-10-23 18:42 - 2018-10-23 18:44 - 002810368 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\skypert.dll
2018-10-23 18:42 - 2018-10-23 18:43 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-11-06 13:31 - 2018-11-06 13:31 - 000113664 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_ctypes.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000080896 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\bz2.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001792512 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_hashlib.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000128512 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32api.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000137728 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\pywintypes27.dll
2018-11-06 13:31 - 2018-11-06 13:31 - 000548864 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\pythoncom27.dll
2018-11-06 13:31 - 2018-11-06 13:31 - 000689664 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\unicodedata.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000438784 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32com.shell.shell.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001489408 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._core_.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001007104 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._gdi_.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001039872 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._windows_.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001325056 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._controls_.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000916992 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._misc_.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001084416 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\pysqlite2._sqlite.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000149504 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32file.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000136192 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32security.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000007680 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\hashobjs_ext.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000020992 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\thumbnails_ext.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000118784 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\usb_ext.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000047616 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_socket.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 002224640 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_ssl.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000014848 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\common.time34.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000023040 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32event.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000034304 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows.conditional.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000020480 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows.winwrap.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000110080 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows.volumes.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000223232 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32gui.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000173568 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_elementtree.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000169472 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\pyexpat.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000048128 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32inet.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000103424 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._html2.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000046080 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_psutil_windows.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000633272 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows._cacheinvalidation.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000011776 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32crypt.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000301568 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\PIL._imaging.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000032256 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_multiprocessing.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 005752320 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\cello.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000026112 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_yappi.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000044032 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32process.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000027648 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32pipe.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000010752 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\select.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000029696 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32pdh.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000038400 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows.connectivity.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000073216 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows.device_monitor.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000020480 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32profile.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000026624 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32ts.pyd
2018-10-26 15:09 - 2018-10-23 19:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-26 15:09 - 2018-10-23 19:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2018-09-21 00:52 - 2017-01-06 03:53 - 000061944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2018-09-21 00:52 - 2017-01-06 03:53 - 000110584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2016-03-16 02:54 - 2016-03-16 02:54 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\t_sch\OneDrive\Documentos\Modelos Personalizados do Office:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\t_sch\OneDrive\Documentos\RegRun2:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
HKU\S-1-5-21-3416868431-2886562609-177532199-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2018-04-11 21:38 - 2018-10-31 11:52 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3416868431-2886562609-177532199-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\t_sch\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\15404884585bd1fd0a83575_1540488458_3x2_rt.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
Se uma entrada for incluída na fixlist, será removida.
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\StartupApproved\Run: => "Web Companion"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{A0DDE595-6DC4-4303-A73F-15E7F0F44525}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EB998449-7651-4088-B1B4-9FDD64813B26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A5B93554-A5A5-4089-BA9E-A81A4FB36C09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D86327EF-BF44-4744-8E36-5D507561CA4B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{599EE3C2-55BE-4A62-8E34-B100136E7818}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6C092942-ED08-4922-9691-3E9E32795738}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{09A700E5-04CD-4FB8-B250-E1C5707DB676}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{0010DB32-6B7A-44D9-9B73-8533DB11E75D}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ECF5353A-554A-4A32-9727-703FBA470F69}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{65FA9740-FB7E-46F3-A52F-6F2BAF92E4AD}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FEBBC5E6-D422-4EC1-A7F6-50C3FBB465A8}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C0883CDF-5CFD-45BD-9F0B-F71CB2B2E75E}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1FB3CC51-CD55-4B3F-B9F3-7F6A53777E8C}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{04540043-1062-441B-B071-C9186135EE59}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EEAF65C1-C734-41B1-98C7-9D6FF5E9CAF7}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{34153DBB-8A3D-4252-A585-BBE6C97A65EB}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe
FirewallRules: [{56635232-3DD2-4365-8AC3-A632A62B8A64}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{5B6A5494-C052-46F6-9DA6-51EC3EB9E631}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{3C354397-4CDA-4248-B962-0AF28E62FFA6}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{85DFFBEE-C835-48D1-A22F-2F5E32E8A551}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4C565D45-9A9C-420A-BBAC-01FEBEB1FE10}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{C0F44597-0D04-427B-A1E9-D0540681137D}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{CA439225-6363-4941-A368-BA0936C519E3}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{1A2F6213-CD9B-477F-9D4B-A28DF1C0CEE7}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{4C4E02B4-3C09-4082-AB1C-681C3014F388}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{0AC0F3AE-CFEA-4D7F-940F-4ECED61DE527}] => (Allow) C:\Users\t_sch\AppData\Local\Temp\EPSON XP-211 214 216 Series\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{ACFD2C9A-1948-43F7-8929-A35853761D29}] => (Allow) C:\Users\t_sch\AppData\Local\Temp\EPSON XP-211 214 216 Series\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{A4E85BD2-E35B-415B-9A20-1574AD5AF8D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (11/06/2018 01:31:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (11/06/2018 01:31:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=5
Error: (11/06/2018 09:52:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (11/06/2018 09:52:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=4
Error: (11/05/2018 01:39:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (11/05/2018 01:39:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=3
Error: (11/05/2018 10:50:04 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (11/05/2018 10:49:57 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Erros de Sistema:
=============
Error: (11/06/2018 01:52:21 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VG0036M)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
e APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
ao usuário DESKTOP-VG0036M\t_sch SID (S-1-5-21-3416868431-2886562609-177532199-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (11/06/2018 01:32:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VG0036M)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-VG0036M\t_sch SID (S-1-5-21-3416868431-2886562609-177532199-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (11/06/2018 01:31:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VG0036M)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-VG0036M\t_sch SID (S-1-5-21-3416868431-2886562609-177532199-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (11/06/2018 12:04:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VG0036M)
Description: O servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} não se registrou no DCOM dentro do tempo limite necessário.
Error: (11/06/2018 12:04:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VG0036M)
Description: O servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} não se registrou no DCOM dentro do tempo limite necessário.
Error: (11/06/2018 12:04:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VG0036M)
Description: O servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} não se registrou no DCOM dentro do tempo limite necessário.
Error: (11/06/2018 11:03:17 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VG0036M)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
e APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
ao usuário DESKTOP-VG0036M\t_sch SID (S-1-5-21-3416868431-2886562609-177532199-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (11/06/2018 10:49:14 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VG0036M)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-VG0036M\t_sch SID (S-1-5-21-3416868431-2886562609-177532199-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Windows Defender:
===================================
Date: 2018-10-29 14:19:05.685
Description:
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {E0EC8602-B2F4-40EB-B86D-78268F10049C}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2018-10-25 17:25:48.241
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0
Nome: Trojan:Win32/Skeeyah.A!rfn
ID: 2147694182
Severidade: Grave
Categoria: Cavalo de Tróia
Caminho: containerfile:_E:\Downloads\Re-Loader\Re-Loader.exe; file:_E:\Downloads\Re-Loader\Re-Loader.exe->(VFS:Re-Loader.exe#1); file:_E:\Downloads\Re-Loader\Re-Loader.exe->(ZipSfx)->Re-Loader.exe
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-VG0036M\t_sch
Nome do Processo: C:\Windows\explorer.exe
Versão da Assinatura: AV: 1.279.425.0, AS: 1.279.425.0, NIS: 1.279.425.0
Versão do Mecanismo: AM: 1.1.15400.4, NIS: 1.1.15400.4
Date: 2018-10-25 17:25:37.502
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0
Nome: Trojan:Win32/Skeeyah.A!rfn
ID: 2147694182
Severidade: Grave
Categoria: Cavalo de Tróia
Caminho: file:_E:\Downloads\Re-Loader\Re-Loader.exe->(VFS:Re-Loader.exe#1)
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-VG0036M\t_sch
Nome do Processo: C:\Windows\explorer.exe
Versão da Assinatura: AV: 1.279.425.0, AS: 1.279.425.0, NIS: 1.279.425.0
Versão do Mecanismo: AM: 1.1.15400.4, NIS: 1.1.15400.4
Date: 2018-10-22 19:27:59.160
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:ALisp/Copicad.gen!A&threatid=2147647193&enterprise=0
Nome: Worm:ALisp/Copicad.gen!A
ID: 2147647193
Severidade: Grave
Categoria: Worm
Caminho: file:_G:\acaddoc.lsp
Origem da Detecção: Computador local
Tipo de Detecção: Genérico
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-VG0036M\t_sch
Nome do Processo: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Versão da Assinatura: AV: 1.279.301.0, AS: 1.279.301.0, NIS: 1.279.301.0
Versão do Mecanismo: AM: 1.1.15400.4, NIS: 1.1.15400.4
Date: 2018-10-22 16:33:58.422
Description:
O Windows Defender Antivirus detectou um comportamento suspeito.
Nome: Informational:Behavior/ModifiedKernel
ID: 2250450827
Severidade: Baixo
Categoria: Comportamento Suspeito
Caminho Encontrado: process:_0
Origem da Detecção: Desconhecido
Tipo de Detecção: Suspeito
Origem da Detecção: Proteção em Tempo Real
Status: Executando
Usuário: Unknown\Unknown
Nome do Processo: Unknown
ID da Assinatura: 717259538435
Versão da Assinatura: AV: 1.279.301.0, AS: 1.279.301.0
Versão do Mecanismo: 1.1.15400.4
Rótulo de Fidelidade: Médio
Nome do Arquivo de Destino: c:\windows\\system32\drivers\uvhid.sys
Date: 2018-10-31 10:13:16.807
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.279.806.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15400.4
Código de erro: 0x8024402c
Descrição do erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte.
Date: 2018-10-22 14:07:56.663
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.279.102.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15400.4
Código de erro: 0x80072ee7
Descrição do erro: O nome ou o endereço do servidor não pôde ser resolvido
Date: 2018-10-22 14:07:56.663
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.279.102.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Anti-spyware
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15400.4
Código de erro: 0x80072ee7
Descrição do erro: O nome ou o endereço do servidor não pôde ser resolvido
Date: 2018-10-22 14:07:56.663
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.279.102.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15400.4
Código de erro: 0x80072ee7
Descrição do erro: O nome ou o endereço do servidor não pôde ser resolvido
Date: 2018-10-22 14:07:56.658
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.279.102.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15400.4
Código de erro: 0x80072ee7
Descrição do erro: O nome ou o endereço do servidor não pôde ser resolvido
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentagem de memória em uso: 48%
RAM física total: 8136.02 MB
RAM física disponível: 4169.53 MB
Virtual Total: 12744.02 MB
Virtual disponível: 7618.46 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.19 GB) (Free:27.33 GB) NTFS
Drive d: (Reservado pelo Sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive e: () (Fixed) (Total:148.56 GB) (Free:96.25 GB) NTFS
\\?\Volume{a9172a94-efb2-4749-b722-37db1eff471e}\ (Recuperação) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{111854d6-73db-46ad-8851-67cd161df9b7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 98EADB01)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.6 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por t_sch (06-11-2018 14:17:13)
Executando a partir de C:\Users\t_sch\OneDrive\Área de Trabalho
Windows 10 Pro Versão 1803 17134.345 (X64) (2018-09-20 19:07:05)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3416868431-2886562609-177532199-500 - Administrator - Disabled)
Convidado (S-1-5-21-3416868431-2886562609-177532199-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3416868431-2886562609-177532199-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3416868431-2886562609-177532199-1000 - Limited - Disabled)
t_sch (S-1-5-21-3416868431-2886562609-177532199-1001 - Administrator - Enabled) => C:\Users\t_sch
WDAGUtilityAccount (S-1-5-21-3416868431-2886562609-177532199-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Aplicativo da área de trabalho Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.4.332 - Autodesk)
Aplicativos da Autodesk em destaque 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Atualizações da NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) Hidden
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-211 214 216 Series Printer Uninstall (HKLM\...\EPSON XP-211 214 216 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 28.1.35.1747 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
K-Lite Codec Pack 14.4.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.5 - KLCP)
Lumion 8.0 (HKLM\...\Lumion 8.0_is1) (Version: 8.0 - Act-3D B.V.)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProplusRetail - pt-br) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Project Professional 2016 - pt-br (HKLM\...\ProjectProRetail - pt-br) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Visio Professional 2016 - pt-br (HKLM\...\VisioProRetail - pt-br) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Movavi Video Suite 17 (HKLM-x32\...\Movavi Video Suite 17) (Version: 17.1.0 - Movavi)
NVIDIA Driver de áudio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Driver de gráficos 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Painel de controle da NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PDF24 Creator 8.6.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.28.615.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8522 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
SketchUp 2018 (HKLM\...\{5EAA3D58-258D-4D24-BA22-C8D8D704F515}) (Version: 18.0.16975 - Trimble Navigation Limited)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.1 - Unified Intents AB)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Web Companion (HKLM-x32\...\{e36f5b24-4a24-4e3d-996d-f19eac65165e}) (Version: 4.3.1934.3766 - Lavasoft)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3416868431-2886562609-177532199-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3416868431-2886562609-177532199-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3416868431-2886562609-177532199-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefsext.dll [2018-10-31] (Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3416868431-2886562609-177532199-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => -> Nenhum Arquivo
ContextMenuHandlers4_S-1-5-21-3416868431-2886562609-177532199-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => -> Nenhum Arquivo
ContextMenuHandlers5_S-1-5-21-3416868431-2886562609-177532199-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => -> Nenhum Arquivo
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {067E4A98-87CF-4221-A8BD-3BD47C87B5AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {0B8F9F94-9B3F-4D64-9D8C-E73A68322337} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-05] (Microsoft Corporation)
Task: {0CA04550-5BEB-4EAF-88BF-E07C3E22D3DE} - System32\Tasks\EPSON XP-211 214 216 Series Update {51BC779D-B208-4555-8E5D-764E5108F763} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {15E72381-9CB9-4D5F-81C5-D6CB14C6E94A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-05] (Microsoft Corporation)
Task: {1F7C6F56-FD49-40B5-BCCD-84F5197B9A6C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation)
Task: {3A63AE60-A2C8-47DC-89C5-E9FEF6D26E00} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-05] (Microsoft Corporation)
Task: {3B567D66-C99B-4149-B1C4-C1988A378A09} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {401FDB3B-66A2-48AF-BA9E-E95FDFFFCDC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-05] (Microsoft Corporation)
Task: {4DCA2CB0-E9C3-416B-BC1C-6458C5077D47} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-27] (NVIDIA Corporation)
Task: {51B840D1-8D11-4165-B0AA-7679CF2C0845} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {561E719F-0B16-4EED-9AB1-6C90A721630E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation)
Task: {583DA752-9A16-42FC-92AC-6840BEE5071C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-05] (Microsoft Corporation)
Task: {595A6C0C-4583-4EF4-9CEB-AF68A5D8C88D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-20] (Google Inc.)
Task: {5A7212C1-A725-4095-9186-4B5B9BE9C652} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {5A8FBBBF-5A0C-469A-8348-EA18A3CC8C0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {5BC6CD22-2ADE-4929-9078-9BEDA69E6FAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {6DD32A40-A9A9-4C53-9E08-DF1DD751BFD5} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
Task: {840D594E-F26E-465F-AD26-E4A2420C9FD9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-27] (NVIDIA Corporation)
Task: {855A020D-FA02-4D58-AEA1-4D7D0529E0E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {8601C4C3-A154-41D6-B3C0-F4409C46E763} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-05] (Microsoft Corporation)
Task: {8E8A5487-4817-4B58-8000-4FC8BA77DD93} - System32\Tasks\R@1n-KMS\Office16ProjectPro => wmic [Argument = path SoftwareLicensingProduct where (ID="4f414197-0fc2-4c01-b68a-86cbb9ac254c") call Activate]
Task: {90FC0999-23B5-4FDB-9125-84E05A43EED2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-27] (NVIDIA Corporation)
Task: {9CEC21B2-BEDD-4943-98F2-7BA7B254C594} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-27] (NVIDIA Corporation)
Task: {9E003E07-02D3-4FDF-8FCD-497AF9D48C70} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {ACC16E96-3740-47F1-A394-5544EB37D3ED} - System32\Tasks\R@1n-KMS\Office16VisioPro => wmic [Argument = path SoftwareLicensingProduct where (ID="6bf301c1-b94a-43e9-ba31-d494598c47fb") call Activate]
Task: {BD8FFF78-6560-4AD3-88E9-5A9732C4E290} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {D08C5F4D-DF93-4958-8B25-B97304856683} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-27] (NVIDIA Corporation)
Task: {D2197344-AE0C-4826-A046-DE1AA7BC2910} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-27] (NVIDIA Corporation)
Task: {D6BFC289-178B-4606-975B-7B2F9CE4C75C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {E029933D-FE2F-4498-9050-28D28BE8547E} - System32\Tasks\EPSON XP-211 214 216 Series Invitation {51BC779D-B208-4555-8E5D-764E5108F763} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {E0B9A619-E277-4BF3-BCC7-94DEAD2889F1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-27] (NVIDIA Corporation)
Task: {E1F20C54-58E5-4434-B709-45CE5D87B960} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-20] (Google Inc.)
Task: {F4D330E9-5BFD-47F7-A0C2-BB19928F5EDA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-27] (NVIDIA Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {51BC779D-B208-4555-8E5D-764E5108F763}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE
Task: C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {51BC779D-B208-4555-8E5D-764E5108F763}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE:/EXE:{51BC779D-B208-4555-8E5D-764E5108F763} /F:UpdateWORKGROUP\DESKTOP-VG0036M$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2018-10-03 14:55 - 2018-10-03 14:55 - 000026112 _____ () C:\Windows\KMS-R@1n.exe
2018-09-20 19:06 - 2018-09-20 19:06 - 000025888 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2018-10-03 11:20 - 2018-04-27 11:35 - 013388800 _____ () C:\Windows\Defender.exe
2018-09-20 17:48 - 2017-10-27 14:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-11 21:34 - 2018-04-11 21:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-11-06 09:54 - 2018-10-31 11:16 - 003567352 _____ () C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefs_icui18n.dll
2018-11-06 09:54 - 2018-10-31 11:16 - 003878648 _____ () C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefs_cc_icu_data_library_core.dll
2018-11-06 09:54 - 2018-10-31 11:16 - 002548472 _____ () C:\Program Files\Google\Drive File Stream\28.1.35.1747\drivefs_common_icuuc.dll
2018-04-11 21:34 - 2018-04-11 21:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 21:34 - 2018-04-11 21:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-10 10:36 - 2018-09-20 01:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-23 18:42 - 2018-10-23 18:44 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-23 18:42 - 2018-10-23 18:44 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-10-04 14:42 - 2018-10-04 14:42 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-10-23 18:42 - 2018-10-23 18:43 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-10-23 18:42 - 2018-10-23 18:43 - 010978304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-10-23 18:42 - 2018-10-23 18:44 - 002810368 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\skypert.dll
2018-10-23 18:42 - 2018-10-23 18:43 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-11-06 13:31 - 2018-11-06 13:31 - 000113664 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_ctypes.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000080896 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\bz2.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001792512 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_hashlib.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000128512 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32api.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000137728 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\pywintypes27.dll
2018-11-06 13:31 - 2018-11-06 13:31 - 000548864 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\pythoncom27.dll
2018-11-06 13:31 - 2018-11-06 13:31 - 000689664 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\unicodedata.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000438784 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32com.shell.shell.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001489408 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._core_.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001007104 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._gdi_.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001039872 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._windows_.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001325056 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._controls_.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000916992 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._misc_.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 001084416 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\pysqlite2._sqlite.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000149504 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32file.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000136192 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32security.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000007680 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\hashobjs_ext.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000020992 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\thumbnails_ext.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000118784 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\usb_ext.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000047616 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_socket.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 002224640 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_ssl.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000014848 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\common.time34.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000023040 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32event.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000034304 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows.conditional.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000020480 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows.winwrap.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000110080 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows.volumes.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000223232 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32gui.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000173568 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_elementtree.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000169472 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\pyexpat.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000048128 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32inet.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000103424 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\wx._html2.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000046080 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_psutil_windows.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000633272 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows._cacheinvalidation.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000011776 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32crypt.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000301568 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\PIL._imaging.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000032256 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_multiprocessing.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 005752320 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\cello.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000026112 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\_yappi.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000044032 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32process.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000027648 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32pipe.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000010752 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\select.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000029696 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32pdh.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000038400 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows.connectivity.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000073216 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\windows.device_monitor.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000020480 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32profile.pyd
2018-11-06 13:31 - 2018-11-06 13:31 - 000026624 _____ () C:\Users\t_sch\AppData\Local\Temp\_MEI93802\win32ts.pyd
2018-10-26 15:09 - 2018-10-23 19:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-26 15:09 - 2018-10-23 19:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2018-09-21 00:52 - 2017-01-06 03:53 - 000061944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2018-09-21 00:52 - 2017-01-06 03:53 - 000110584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2016-03-16 02:54 - 2016-03-16 02:54 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\t_sch\OneDrive\Documentos\Modelos Personalizados do Office:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\t_sch\OneDrive\Documentos\RegRun2:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
HKU\S-1-5-21-3416868431-2886562609-177532199-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2018-04-11 21:38 - 2018-10-31 11:52 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3416868431-2886562609-177532199-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\t_sch\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\15404884585bd1fd0a83575_1540488458_3x2_rt.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
Se uma entrada for incluída na fixlist, será removida.
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3416868431-2886562609-177532199-1001\...\StartupApproved\Run: => "Web Companion"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{A0DDE595-6DC4-4303-A73F-15E7F0F44525}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EB998449-7651-4088-B1B4-9FDD64813B26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A5B93554-A5A5-4089-BA9E-A81A4FB36C09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D86327EF-BF44-4744-8E36-5D507561CA4B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{599EE3C2-55BE-4A62-8E34-B100136E7818}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6C092942-ED08-4922-9691-3E9E32795738}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{09A700E5-04CD-4FB8-B250-E1C5707DB676}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{0010DB32-6B7A-44D9-9B73-8533DB11E75D}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ECF5353A-554A-4A32-9727-703FBA470F69}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{65FA9740-FB7E-46F3-A52F-6F2BAF92E4AD}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FEBBC5E6-D422-4EC1-A7F6-50C3FBB465A8}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C0883CDF-5CFD-45BD-9F0B-F71CB2B2E75E}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1FB3CC51-CD55-4B3F-B9F3-7F6A53777E8C}] => (Allow) C:\Users\t_sch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{04540043-1062-441B-B071-C9186135EE59}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EEAF65C1-C734-41B1-98C7-9D6FF5E9CAF7}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{34153DBB-8A3D-4252-A585-BBE6C97A65EB}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe
FirewallRules: [{56635232-3DD2-4365-8AC3-A632A62B8A64}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{5B6A5494-C052-46F6-9DA6-51EC3EB9E631}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{3C354397-4CDA-4248-B962-0AF28E62FFA6}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{85DFFBEE-C835-48D1-A22F-2F5E32E8A551}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4C565D45-9A9C-420A-BBAC-01FEBEB1FE10}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{C0F44597-0D04-427B-A1E9-D0540681137D}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{CA439225-6363-4941-A368-BA0936C519E3}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{1A2F6213-CD9B-477F-9D4B-A28DF1C0CEE7}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{4C4E02B4-3C09-4082-AB1C-681C3014F388}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{0AC0F3AE-CFEA-4D7F-940F-4ECED61DE527}] => (Allow) C:\Users\t_sch\AppData\Local\Temp\EPSON XP-211 214 216 Series\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{ACFD2C9A-1948-43F7-8929-A35853761D29}] => (Allow) C:\Users\t_sch\AppData\Local\Temp\EPSON XP-211 214 216 Series\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{A4E85BD2-E35B-415B-9A20-1574AD5AF8D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (11/06/2018 01:31:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (11/06/2018 01:31:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=5
Error: (11/06/2018 09:52:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (11/06/2018 09:52:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=4
Error: (11/05/2018 01:39:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (11/05/2018 01:39:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=3
Error: (11/05/2018 10:50:04 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (11/05/2018 10:49:57 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Erros de Sistema:
=============
Error: (11/06/2018 01:52:21 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VG0036M)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
e APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
ao usuário DESKTOP-VG0036M\t_sch SID (S-1-5-21-3416868431-2886562609-177532199-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (11/06/2018 01:32:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VG0036M)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-VG0036M\t_sch SID (S-1-5-21-3416868431-2886562609-177532199-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (11/06/2018 01:31:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VG0036M)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-VG0036M\t_sch SID (S-1-5-21-3416868431-2886562609-177532199-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (11/06/2018 12:04:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VG0036M)
Description: O servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} não se registrou no DCOM dentro do tempo limite necessário.
Error: (11/06/2018 12:04:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VG0036M)
Description: O servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} não se registrou no DCOM dentro do tempo limite necessário.
Error: (11/06/2018 12:04:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VG0036M)
Description: O servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} não se registrou no DCOM dentro do tempo limite necessário.
Error: (11/06/2018 11:03:17 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VG0036M)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
e APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
ao usuário DESKTOP-VG0036M\t_sch SID (S-1-5-21-3416868431-2886562609-177532199-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (11/06/2018 10:49:14 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VG0036M)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-VG0036M\t_sch SID (S-1-5-21-3416868431-2886562609-177532199-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Windows Defender:
===================================
Date: 2018-10-29 14:19:05.685
Description:
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {E0EC8602-B2F4-40EB-B86D-78268F10049C}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2018-10-25 17:25:48.241
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0
Nome: Trojan:Win32/Skeeyah.A!rfn
ID: 2147694182
Severidade: Grave
Categoria: Cavalo de Tróia
Caminho: containerfile:_E:\Downloads\Re-Loader\Re-Loader.exe; file:_E:\Downloads\Re-Loader\Re-Loader.exe->(VFS:Re-Loader.exe#1); file:_E:\Downloads\Re-Loader\Re-Loader.exe->(ZipSfx)->Re-Loader.exe
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-VG0036M\t_sch
Nome do Processo: C:\Windows\explorer.exe
Versão da Assinatura: AV: 1.279.425.0, AS: 1.279.425.0, NIS: 1.279.425.0
Versão do Mecanismo: AM: 1.1.15400.4, NIS: 1.1.15400.4
Date: 2018-10-25 17:25:37.502
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0
Nome: Trojan:Win32/Skeeyah.A!rfn
ID: 2147694182
Severidade: Grave
Categoria: Cavalo de Tróia
Caminho: file:_E:\Downloads\Re-Loader\Re-Loader.exe->(VFS:Re-Loader.exe#1)
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-VG0036M\t_sch
Nome do Processo: C:\Windows\explorer.exe
Versão da Assinatura: AV: 1.279.425.0, AS: 1.279.425.0, NIS: 1.279.425.0
Versão do Mecanismo: AM: 1.1.15400.4, NIS: 1.1.15400.4
Date: 2018-10-22 19:27:59.160
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:ALisp/Copicad.gen!A&threatid=2147647193&enterprise=0
Nome: Worm:ALisp/Copicad.gen!A
ID: 2147647193
Severidade: Grave
Categoria: Worm
Caminho: file:_G:\acaddoc.lsp
Origem da Detecção: Computador local
Tipo de Detecção: Genérico
Origem da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-VG0036M\t_sch
Nome do Processo: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Versão da Assinatura: AV: 1.279.301.0, AS: 1.279.301.0, NIS: 1.279.301.0
Versão do Mecanismo: AM: 1.1.15400.4, NIS: 1.1.15400.4
Date: 2018-10-22 16:33:58.422
Description:
O Windows Defender Antivirus detectou um comportamento suspeito.
Nome: Informational:Behavior/ModifiedKernel
ID: 2250450827
Severidade: Baixo
Categoria: Comportamento Suspeito
Caminho Encontrado: process:_0
Origem da Detecção: Desconhecido
Tipo de Detecção: Suspeito
Origem da Detecção: Proteção em Tempo Real
Status: Executando
Usuário: Unknown\Unknown
Nome do Processo: Unknown
ID da Assinatura: 717259538435
Versão da Assinatura: AV: 1.279.301.0, AS: 1.279.301.0
Versão do Mecanismo: 1.1.15400.4
Rótulo de Fidelidade: Médio
Nome do Arquivo de Destino: c:\windows\\system32\drivers\uvhid.sys
Date: 2018-10-31 10:13:16.807
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.279.806.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15400.4
Código de erro: 0x8024402c
Descrição do erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte.
Date: 2018-10-22 14:07:56.663
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.279.102.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15400.4
Código de erro: 0x80072ee7
Descrição do erro: O nome ou o endereço do servidor não pôde ser resolvido
Date: 2018-10-22 14:07:56.663
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.279.102.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Anti-spyware
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15400.4
Código de erro: 0x80072ee7
Descrição do erro: O nome ou o endereço do servidor não pôde ser resolvido
Date: 2018-10-22 14:07:56.663
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.279.102.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15400.4
Código de erro: 0x80072ee7
Descrição do erro: O nome ou o endereço do servidor não pôde ser resolvido
Date: 2018-10-22 14:07:56.658
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.279.102.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15400.4
Código de erro: 0x80072ee7
Descrição do erro: O nome ou o endereço do servidor não pôde ser resolvido
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentagem de memória em uso: 48%
RAM física total: 8136.02 MB
RAM física disponível: 4169.53 MB
Virtual Total: 12744.02 MB
Virtual disponível: 7618.46 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.19 GB) (Free:27.33 GB) NTFS
Drive d: (Reservado pelo Sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive e: () (Fixed) (Total:148.56 GB) (Free:96.25 GB) NTFS
\\?\Volume{a9172a94-efb2-4749-b722-37db1eff471e}\ (Recuperação) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{111854d6-73db-46ad-8851-67cd161df9b7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 98EADB01)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.6 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================