cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 30-06-2020
Executado por rugge (02-07-2020 17:38:40)
Executando a partir de C:\Users\rugge\Downloads
Windows 10 Home Single Language Versão 1903 18362.900 (X64) (2019-11-06 02:23:48)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2683201028-4290939092-352206562-500 - Administrator - Disabled)
Convidado (S-1-5-21-2683201028-4290939092-352206562-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2683201028-4290939092-352206562-503 - Limited - Disabled)
rugge (S-1-5-21-2683201028-4290939092-352206562-1001 - Administrator - Enabled) => C:\Users\rugge
WDAGUtilityAccount (S-1-5-21-2683201028-4290939092-352206562-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
ColorEngine (HKLM\...\{0B48E952-494A-408B-8D9D-5F3331F96659}) (Version: 4.4 - Samsung Electronics Co., Ltd.)
ELAN Touchpad driver X64 15.7.11.1_WHQL (HKLM\...\Elantech) (Version: 15.7.11.1 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6472 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.4.1041 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R25 - McAfee, LLC.)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.12827.20336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2683201028-4290939092-352206562-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 77.0.1 (x64 pt-BR)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Online Support(S Service) Agent (HKLM\...\{11F387C2-0BE2-489A-A9C1-8FB1FEE475B9}) (Version: 2.2.1 - Samsung Electronics Co., Ltd.)
Peak Time Power Manager (HKLM-x32\...\{64D42C63-02D5-4129-A546-42BEC0D5AA77}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10427 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.825 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.)
Recorder Plus (HKLM\...\{4BB006D8-F513-4184-956D-1DC334D580A9}) (Version: 1.0.12 - Samsung Electronics Co., Ltd.)
Samsung PC Cleaner Service (HKLM-x32\...\{BB5A755C-9D0A-40A8-BB4C-A63BEB5C9FA0}) (Version: 1.0.16 - Samsung Electronics Co., Ltd.)
Samsung Recovery Service (HKLM\...\{A942FE64-54BE-4787-A336-C0674F50A118}) (Version: 8.0.23 - Samsung Electronics Co., Ltd.)
Samsung S Service Notification (HKLM\...\{DA145588-7B19-43DD-BC08-90E7E6F60CF2}) (Version: 1.0.3 - Samsung Electronics Co., Ltd.)
Samsung Security (HKLM-x32\...\{95502E91-9674-4941-989D-AB098128F345}) (Version: 1.00.24 - Samsung Electronics Co., Ltd.)
Samsung Settings Expansion Pack (HKLM\...\{25621FF2-343E-49BF-97C7-DDFBEB14D17F}) (Version: 1.0.14 - Samsung Electronics Co., Ltd.)
Samsung Update Service (HKLM\...\{045C606B-78BD-4984-9931-4124E9E5F86F}) (Version: 3.0.54 - Samsung Electronics Co., Ltd.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
teamPL (HKLM\...\{09B0CD9C-5058-4D17-AC2C-6B4737900A08}) (Version: 1.0.15 - Samsung Electronics Co., Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manual (HKLM-x32\...\{DA11CC4A-5E90-4EA9-8E7B-29D5328E35F0}) (Version: 3.1.00 - Samsung Electronics Co., Ltd.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.)
Warsaw 2.13.0.72 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.13.0.72 - Diebold Nixdorf)
Wi-Fi Camera (HKLM\...\{EF3E6EB4-DCD9-4EBC-9889-17AF4DDB0A50}) (Version: 1.0 - Samsung Electronics Co., Ltd)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-07-01] (Amazon.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1800.1.0_x86__kgqvnymyfvs32 [2020-07-01] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.171.500.0_x86__kgqvnymyfvs32 [2020-07-02] (king.com)
Compartilhamento de link -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.1412377A9806A_1.1.39.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-07-01] (Dolby Laboratories)
Extensão de Vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation)
Galeria Samsung -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.PCGallery_4.1.23.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
Hidden City: Aventura de Objetos Ocultos -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.35.3503.0_x86__ytsefhwckbdv6 [2020-07-01] (G5 Entertainment AB)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-07-01] (Instagram)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa [2020-07-01] (Apple Inc.) [Startup Task]
Little Artist -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.LittleArtist_1.1.13.0_neutral__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.9.0.7_x86__h6adky7gbf63m [2020-07-01] (Gameloft SE)
Mensagem Samsung -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.PCMessage_1.0.61.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12827.20336.0_x86__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12827.20336.0_x86__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12827.20336.0_x86__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12827.20336.0_x86__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12827.20336.0_x86__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12827.20336.0_x86__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12827.20336.0_x86__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation)
MSN Clima -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-07-01] (Netflix, Inc.)
O Reino Mágico da Disney -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.1.2.2_x86__h6adky7gbf63m [2020-07-01] (Gameloft SE)
Online Support(S Service) -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.OnlineSupportSService_2.4.32.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-07-01] (Realtek Semiconductor Corp)
Samsung PC Cleaner -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPCCleaner_2.0.18.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
Samsung Recovery -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungRecovery_8.1.24.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
Samsung Settings -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungSettings_1.0.47.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
Samsung Update -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungUpdate_3.0.54.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
Studio Plus -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.StudioPlus_3.2.3.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
teamPL -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.873506AC0B4C_2.1.7.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
unzip-open RAR,ZIP,7Z,Gzip,BZ for free -> C:\Program Files\WindowsApps\38184CDCTech.unzip-openRARZIP7ZGzipBZforfree_1.2.42.0_x64__vwv5vk6p12k08 [2020-07-01] (Trend Micro Inc.)
Wi-Fi Transfer -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.Wi-FiTransfer_2.0.26.0_x64__3c1yjt4zspk6g [2020-07-01] (Samsung Electronics Co. Ltd.)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2020-07-01] (WildTangent Games)

==================== Exame Personalizado CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2683201028-4290939092-352206562-1001_Classes\CLSID\{e0d836c8-9ae5-4c36-b2ee-4bab5c2a6637}\localserver32 -> C:\Program Files\Samsung\SServiceNotification\SServiceToast.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-04-18] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d2c8d700ceae61da\igfxDTCM.dll [2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-04-18] (McAfee, LLC -> McAfee, LLC)

==================== Codecs (Whitelisted) ====================

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\rugge\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Módulos Carregados (Whitelisted) =============

2020-04-28 22:07 - 2020-04-28 22:07 - 000165376 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\DAXRPCClient.dll
2020-04-28 22:07 - 2020-04-28 22:07 - 037219328 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\DolbyAccess.dll
2020-04-13 22:59 - 2020-04-13 22:59 - 001165824 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\e_sqlite3.dll
2016-07-05 11:11 - 2016-07-05 11:11 - 001124352 _____ (Robert Simpson, et al.) [Arquivo não assinado] C:\Program Files (x86)\Samsung\SamsungPCCleaner\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de Aplicativos:chnpbmzkyg [274]

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Associação (Whitelisted) =================

==================== Internet Explorer confiável/restrito ==========

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2017-09-29 10:46 - 2019-01-04 09:35 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-2683201028-4290939092-352206562-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rugge\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\samsung_wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.

Network Binding:
=============
Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled)
Wi-Fi: Diebold Network Monitor -> nt_wsddntf (enabled)

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: 0309181547488503mcinstcleanup => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 2
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RtkAudioUniversalService => 2
MSCONFIG\Services: Samsung Settings Expansion Launcher => 2
MSCONFIG\Services: SamsungRecoveryService => 2
MSCONFIG\Services: SamsungSecurity Launcher => 2
MSCONFIG\Services: SamsungUpdateService => 2
MSCONFIG\Services: SecPowerCtrlService => 2
MSCONFIG\Services: sService Agent Launcher => 2
MSCONFIG\Services: sServiceLoopBack => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2683201028-4290939092-352206562-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2683201028-4290939092-352206562-1001\...\StartupApproved\Run: => "Spotify"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{1E68B3B2-B140-4931-94AA-F784C718BDDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{56C6BC56-9718-4D09-9101-8BE8CE87CB92}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9EB3F6B7-B41D-4001-B55B-7EE943895B67}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2888E414-AD8C-4B6B-8583-289BFAA0CCD6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FDA8A4F7-9391-4F51-8399-385C89F8C18B}] => (Allow) C:\Program Files\Samsung\WiFiCamera\WiFiCameraAgent.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
FirewallRules: [{FB1342E4-5B36-4BB6-9AC7-0761B61AFFA9}] => (Allow) C:\Program Files\Samsung\WiFiCamera\WiFiCameraAgent.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
FirewallRules: [{69E861CE-C0C6-46BE-A4D8-3DE2188EFF6A}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{7C3AED13-AF0A-41B5-B378-D4E47C1F7682}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{63670D9F-E6EF-46C3-BE90-9A7810C664CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4016F1F3-1E15-42BA-BA17-882185CD3F59}C:\users\rugge\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rugge\appdata\roaming\spotify\spotify.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{71FDEAC7-BF43-4617-8F8B-BA3F73A1BB4C}C:\users\rugge\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rugge\appdata\roaming\spotify\spotify.exe => Nenhum Arquivo
FirewallRules: [{43702E22-F95E-44EE-83F6-85387447B7E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{57209C90-831B-4068-9021-4A1D67653DB8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ACE1AC09-29A9-4B7E-B302-22105E86188B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{764408C4-F3AF-4E6F-BE69-1A35E5B2FBB6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA0ED34A-EA2C-4238-A052-C323F937CB02}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6641589D-104F-4E64-8AEE-713A64ED9A82}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B43D5825-56A9-4428-89AA-3DD018FA1299}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{47C21807-AA92-4A28-BDF9-8F45F3EFDA69}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C161428-5A6D-413A-ADA6-B5C9267FB346}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B7ACBEFA-EF9A-4694-9316-C25679B87C22}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0FC77602-EBA2-4CCF-8F8D-6166E0C5B997}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [UDP Query User{E8941D18-9C2A-4D2E-B05F-A3CC3F9CC083}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [TCP Query User{27056CD6-CA92-4F9F-A4CF-69B5D2785A80}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{B7925FCD-B1C6-45A0-9A41-3E198E3E168E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{04E5B7EF-279A-4BF4-858E-D66355C7FE49}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12827.20336.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1F1AE35A-7277-4C2D-88F1-54FEA5F8D7E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2AF9BAFE-74B5-4A5C-80CC-7BE0D5B328DF}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Nenhum Arquivo

==================== Pontos de Restauração =========================

02-07-2020 17:08:29 Removed Java 8 Update 251

==================== Dispositivos Apresentando Falhas No Gerenciador ============


==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (07/02/2020 05:22:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.18362.815 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 1be8

Hora de Início: 01d650ad8b3e181e

Hora de Término: 0

Caminho do Aplicativo: C:\Windows\explorer.exe

ID do Relatório: a7336e6a-ce75-4932-bba3-5a2a6f887512

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Tipo com falha: Cross-process

Error: (07/02/2020 05:20:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: AvastUI.exe, versão: 20.4.5312.0, carimbo de data/hora: 0x5ed4bc9d
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.18362.815, carimbo de data/hora: 0xb89efff3
Código de exceção: 0xe06d7363
Deslocamento da falha: 0x000000000003a799
ID do processo com falha: 0x754
Hora de início do aplicativo com falha: 0x01d650ae152d4288
Caminho do aplicativo com falha: C:\Program Files\AVAST Software\Avast\AvastUI.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: a3f1d8f0-a81e-4b6c-b3dd-14a52f0f7921
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (07/02/2020 05:17:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: DllHost.exe, versão: 10.0.18362.1, carimbo de data/hora: 0x4250d5de
Nome do módulo com falha: IMM32.DLL, versão: 10.0.18362.387, carimbo de data/hora: 0x60562aa5
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000044f9
ID do processo com falha: 0x2880
Hora de início do aplicativo com falha: 0x01d650add389f10d
Caminho do aplicativo com falha: C:\WINDOWS\SysWOW64\DllHost.exe
Caminho do módulo com falha: C:\WINDOWS\System32\IMM32.DLL
ID do Relatório: ceffa76e-5f21-49b2-bb37-597c741e7a8d
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (07/02/2020 05:14:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.

Error: (07/02/2020 05:14:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]

Error: (07/02/2020 05:13:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.18362.815 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 1bb8

Hora de Início: 01d650abe60469bd

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Windows\explorer.exe

ID do Relatório: 71883c3c-0f91-4ac5-8883-66ef5ec51939

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Tipo com falha: Cross-process

Error: (07/02/2020 05:00:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.18362.815 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 2ff8

Hora de Início: 01d65027ebe4ed70

Hora de Término: 0

Caminho do Aplicativo: C:\Windows\explorer.exe

ID do Relatório: 371934a8-2b0e-4d56-beff-306efa1e5e30

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Tipo com falha: Cross-process

Error: (07/02/2020 03:31:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: YourPhone.exe, versão: 1.20061.110.0, carimbo de data/hora: 0x5ef18bef
Nome do módulo com falha: combase.dll, versão: 10.0.18362.900, carimbo de data/hora: 0x90957831
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000003e03c
ID do processo com falha: 0x164c
Hora de início do aplicativo com falha: 0x01d65035405dada7
Caminho do aplicativo com falha: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20061.110.0_x64__8wekyb3d8bbwe\YourPhone.exe
Caminho do módulo com falha: C:\WINDOWS\System32\combase.dll
ID do Relatório: 5a9c97be-da12-4c0a-b2a6-8a313a74a40c
Nome completo do pacote com falha: Microsoft.YourPhone_1.20061.110.0_x64__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: App


Erros de Sistema:
=============
Error: (07/02/2020 05:13:57 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5DK3S783)
Description: O servidor {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/02/2020 05:13:56 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5DK3S783)
Description: O servidor {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/02/2020 05:13:49 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5DK3S783)
Description: O servidor {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/02/2020 04:50:37 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5DK3S783)
Description: O servidor Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX8z5q44mt1b9k6x2nkjj0bkr2e1ac0dxy.mca não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/02/2020 03:46:09 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5DK3S783)
Description: O servidor Microsoft.OneConnect_5.2006.1691.0_x64__8wekyb3d8bbwe!App.AppXe8pdgw5syxe8pgccbk3mcn5hanwamr0e.mca não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/02/2020 08:39:15 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5DK3S783)
Description: O servidor {209500FC-6B45-4693-8871-6296C4843751} não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/02/2020 08:38:44 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5DK3S783)
Description: O servidor {209500FC-6B45-4693-8871-6296C4843751} não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/02/2020 01:35:48 AM) (Source: volsnap) (EventID: 36) (User: )
Description: As cópias de sombra do volume C: foram anuladas porque o armazenamento de cópia de sombra não pôde crescer devido a um limite imposto pelo usuário.


Windows Defender:
===================================
Date: 2020-07-02 17:38:22.129
Description:
Windows Defender Antivirus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS!rfn&threatid=2147692752&enterprise=0
Nome: HackTool:Win32/AutoKMS!rfn
ID: 2147692752
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Users\rugge\Downloads\Ativador Office 2010 (2).rar
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: LAPTOP-5DK3S783\rugge
Nome do Processo: C:\Users\rugge\Downloads\FRST64.exe
Versão da Inteligência de Segurança: AV: 1.319.660.0, AS: 1.319.660.0, NIS: 1.319.660.0
Versão do Mecanismo: AM: 1.1.17200.2, NIS: 1.1.17200.2

Date: 2020-07-02 17:38:21.800
Description:
Windows Defender Antivirus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:BAT/AutoKMS&threatid=2147739951&enterprise=0
Nome: HackTool:BAT/AutoKMS
ID: 2147739951
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Users\rugge\Downloads\1click.cmd
Origem da Detecção: Computador local
Tipo da Detecção: FastPath
Fonte da Detecção: Proteção em Tempo Real
Usuário: LAPTOP-5DK3S783\rugge
Nome do Processo: C:\Users\rugge\Downloads\FRST64.exe
Versão da Inteligência de Segurança: AV: 1.319.660.0, AS: 1.319.660.0, NIS: 1.319.660.0
Versão do Mecanismo: AM: 1.1.17200.2, NIS: 1.1.17200.2

Date: 2020-07-02 17:38:19.978
Description:
Windows Defender Antivirus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:BAT/AutoKMS!MSR&threatid=2147754451&enterprise=0
Nome: HackTool:BAT/AutoKMS!MSR
ID: 2147754451
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Users\rugge\Desktop\activador.cmd
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: LAPTOP-5DK3S783\rugge
Nome do Processo: C:\Users\rugge\Downloads\FRST64.exe
Versão da Inteligência de Segurança: AV: 1.319.660.0, AS: 1.319.660.0, NIS: 1.319.660.0
Versão do Mecanismo: AM: 1.1.17200.2, NIS: 1.1.17200.2

Date: 2020-07-02 17:35:47.262
Description:
Windows Defender Antivirus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nome: HackTool:Win64/AutoKMS
ID: 2147723334
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: LAPTOP-5DK3S783\rugge
Nome do Processo: C:\Users\rugge\Downloads\FRST64.exe
Versão da Inteligência de Segurança: AV: 1.319.660.0, AS: 1.319.660.0, NIS: 1.319.660.0
Versão do Mecanismo: AM: 1.1.17200.2, NIS: 1.1.17200.2

Date: 2020-07-02 17:35:47.205
Description:
Windows Defender Antivirus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nome: HackTool:Win64/AutoKMS
ID: 2147723334
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Windows\SECOH-QAD.dll
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: LAPTOP-5DK3S783\rugge
Nome do Processo: C:\Users\rugge\Downloads\FRST64.exe
Versão da Inteligência de Segurança: AV: 1.319.660.0, AS: 1.319.660.0, NIS: 1.319.660.0
Versão do Mecanismo: AM: 1.1.17200.2, NIS: 1.1.17200.2

Date: 2020-06-30 08:50:16.949
Description:
Windows Defender Antivirus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança:
Versão da Inteligência de Segurança anterior: 1.313.2099.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo:
Versão Anterior do Mecanismo: 1.1.16900.4
Código de Erro: 0x80240022
Descrição do Erro: O programa não pode verificar se há atualizações de definições.

Date: 2019-11-06 21:13:53.209
Description:
O recurso de Proteção em Tempo Real do Windows Defender Antivirus encontrou um erro e falhou.
Recurso: Em Tempo de Acesso
Código do Erro: 0x80004005
Descrição do erro: Erro não especificado
Motivo: O driver de filtro ignorou o exame de itens e está no modo de passagem. Isso pode ter acontecido por causa de condições de poucos recursos.

CodeIntegrity:
===================================

Date: 2020-07-02 17:43:31.293
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbhte64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-02 17:43:31.254
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-02 17:43:31.192
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbhte64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-02 17:43:31.184
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbhte64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-02 17:43:31.104
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-02 17:43:31.100
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-02 17:43:30.673
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbhte64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-02 17:43:30.657
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.

==================== Informações da Memória ===========================

BIOS: American Megatrends Inc. P08RED.021.181123.ZW 11/23/2018
placa-mãe: SAMSUNG ELECTRONICS CO., LTD. NP300E5L-KF1BR
Processador: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentagem de memória em uso: 81%
RAM física total: 4009.79 MB
RAM física disponível: 722.97 MB
Virtual Total: 6825.79 MB
Virtual disponível: 1982.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:917.25 GB) (Free:854.25 GB) NTFS

\\?\Volume{9376d99a-a281-4fe9-a3fd-513c7be14690}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS
\\?\Volume{9d6102f7-06b1-46cb-b861-6efabcf03665}\ (SAMSUNG_REC2) (Fixed) (Total:12.48 GB) (Free:1.69 GB) NTFS
\\?\Volume{18f11034-b487-43f9-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.47 GB) FAT32
\\?\Volume{c8f825d5-002c-427d-8371-13761e434260}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 26EA9241)

Partition: GPT.

==================== Fim de Addition.txt =======================

Publicité


Signaler le contenu de ce document

Publicité