Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 14-11-2021
Executado por H2 Marketing (17-11-2021 15:53:21)
Executando a partir de D:\Downloads
Microsoft Windows 10 Pro Versão 21H1 19043.1348 (X64) (2020-07-20 15:30:51)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
(Se uma entrada for incluída na fixlist, será removida.)
Administrador (S-1-5-21-321270744-2600619408-4275616409-500 - Administrator - Disabled)
Convidado (S-1-5-21-321270744-2600619408-4275616409-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-321270744-2600619408-4275616409-503 - Limited - Disabled)
H2 Marketing (S-1-5-21-321270744-2600619408-4275616409-1001 - Administrator - Enabled) => C:\Users\H2 Marketing
WDAGUtilityAccount (S-1-5-21-321270744-2600619408-4275616409-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
AD File Deleter version 7.07 (HKLM-x32\...\AD File Deleter_7_is1) (Version: 7.07 - DYROBP)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.)
Adobe Dreamweaver 2020 (HKLM-x32\...\DRWV_20_2) (Version: 20.2 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_0) (Version: 9.0 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0_4) (Version: 14.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.)
ApowerEdit V1.7.6.12 (HKLM-x32\...\{3089CCCD-BC5F-4309-A3C1-45B5ACA7A5E7}_is1) (Version: 1.7.6.12 - Apowersoft LIMITED)
Apowersoft Online Launcher version 1.8.1 (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.1 - APOWERSOFT LIMITED)
Assistente Pimaco (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\fd1d3bb00ed77146) (Version: 3.0.0.39 - Bic Amazonia SA)
Blackmagic RAW Common Components (HKLM\...\{94C42023-ECF5-46E6-ACB4-2AED536B205D}) (Version: 2.2 - Blackmagic Design)
Combat Arms (HKLM-x32\...\Combat Arms) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{4F36AC9B-954C-4C49-8573-D2A9EF8079B4}) (Version: 22.0.0.411 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4F36AC9B-954C-4C49-8573-D2A9EF8079B4}) (Version: 22.0.411 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C28C908E-0E70-470C-B556-DFDDE9973766}) (Version: 22.0.411 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM (x64) (HKLM\...\{0E0F6EBF-E2BA-4B1A-ADEC-CAF4612B2AC7}) (Version: 22.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content BR (x64) (HKLM\...\{AE21B6DA-78D3-4772-81EF-9A0163BDB0C6}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content DE (x64) (HKLM\...\{9A7ABF9B-1CF1-452F-B6A9-1FD425AD12D9}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content EN (x64) (HKLM\...\{C796DB48-473A-4F12-998D-0D690570D633}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content ES (x64) (HKLM\...\{38B83748-7D9B-48DB-94EE-004D49E84BD3}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content FR (x64) (HKLM\...\{E2E7B6E9-3A6F-4421-8D1F-24ED7647B00A}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content IT (x64) (HKLM\...\{EEC60482-484C-4B29-BB56-0C04F086B372}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content NL (x64) (HKLM\...\{0A404310-BE95-47B5-BE1C-5C664490EE17}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - Writing Tools (x64) (HKLM\...\{F404C086-454C-4485-B5F1-F3C11B8DF452}) (Version: 22.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 (64-Bit) (HKLM\...\_{7FA269F4-59E4-4399-A239-E9A134D40BED}) (Version: 22.1.0.517 - Corel Corporation)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DaVinci Resolve (HKLM\...\{6E40D3ED-077B-45C4-90FF-222CC65C199C}) (Version: 17.4.10004 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7667C543-084F-47F7-BC60-175FC25E9D6F}) (Version: 2.0.1.0 - Blackmagic Design)
digiCamControl (HKLM-x32\...\{19D12628-7654-4354-A305-9AB0B33A1677}) (Version: 2.1.2.0 - Duka Istvan)
digiCamControl (HKLM-x32\...\{2dd048a1-b9fb-4e4f-a8f3-1eceafce538c}) (Version: 2.1.2.0 - ) Hidden
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.0.1 - IObit)
Easy Photo Scan (HKLM-x32\...\{99364024-626C-4BE1-89C8-2F207023497B}) (Version: 1.00.0018 - Seiko Epson Corporation)
EPS Viewer (HKLM-x32\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version: - IdeaMK)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{71038C40-8258-44D2-BBF4-B6312338172C}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L3150 Series Printer Uninstall (HKLM\...\EPSON L3150 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{D2D9559D-359A-4C61-B93A-FE01AE2BFB75}) (Version: 4.5.4 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
Instalação (HKLM-x32\...\{66134A9C-2221-4BBB-AD13-44EB81A809F1}) (Version: 1.0.0 - Configurando Windows)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5161 - Intel Corporation)
LibreOffice 7.2.2.2 (HKLM\...\{51F1B587-D4A5-41C0-A4E8-A64BBD343F23}) (Version: 7.2.2.2 - The Document Foundation)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.53 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProPlus2019Retail - pt-br) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 94.0.1 (x64 pt-BR)) (Version: 94.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0 - Mozilla)
Nelogica ProfitPro (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\Profit) (Version: 5.0.0.229 - Nelogica)
Nelogica Rico Trader (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\RicoTrader) (Version: 5.0.0.174 - Nelogica)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== ATENÇÃO
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Suporte para Aplicativos Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Windows Installer (HKLM-x32\...\{13499434-9821-4E2D-B7DF-7C0867EB1504}) (Version: 5.0.3 - AdvancedWindowsManager)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\ZoomUMX) (Version: 5.7.8 (1247) - Zoom Video Communications, Inc.)
Packages:
=========
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-21] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0 [2021-11-12] (Spotify AB) [Startup Task]
TouchVPN -> C:\Program Files\WindowsApps\6F71D7A7.TouchVPN_1.1.14.0_x64__nsbqstbb9qxb6 [2020-12-17] (Pango Inc.)
==================== Análise Personalizada CLSID (Whitelisted): ==============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{272D2E65-05FB-4500-BD7B-5905D5B0A1B8}\localserver32 -> C:\Users\H2 Marketing\AppData\Roaming\Nelogica\Profit\profitchart.exe (Nelogica Sistemas de Software Ltda. -> Nelogica)
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{91B96A80-A1E8-DB69-3D91-B838B0AF5BDE}\InprocServer32 -> não caminho do arquivo
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{def0be8c-1027-41d3-bcc6-c6235d93ab09}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2021-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
==================== Módulos Carregados (Whitelisted) =============
2021-11-08 11:55 - 2021-11-08 11:55 - 350039835 _____ () [Arquivo não assinado] C:\Users\H2 Marketing\aspecto\nvImage.dll
2021-11-17 15:05 - 2021-11-17 15:23 - 001195008 _____ (ESET) [Arquivo não assinado] C:\Users\H2 Marketing\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [Arquivo não assinado] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\Windows\System32\enppmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Modo de Segurança (Whitelisted) ==================
==================== Associação (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGyjt9ihJPpQjuEBSEdMFBI3ratl9Brg6YveHEIRs31WwckJSpooJXJiYxChlKnQwmzQmF0DQVTnLoJFHpdLjKKSt2BWnrTr04eBCtmoWBZcxTAbs_IV5aoKyZMKgr69-MfQ1Nl8sYvJv0Irps2v4IhXRhqs0edT8b8HzV8vZHlp&q={searchTerms}
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGyjt9ihJPpQjuEBSEdMFBI3ratl9Brg6YveHEIRs31WwckJSpooJXJiYxChlKnQwmzQmF0DQVTnLoJJK2c1SIlY1d9rGi9ZUcmEngFBYZqLjLPWcj739lQT6uGfrmrxYtsS1pEIsqwYPpHNLPQTOnSQLY3lYjWkkkgBoBtaHAC6
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGyjt9ihJPpQjuEBSEdMFBI3ratl9Brg6YveHEIRs31WwckJSpooJXJiYxChlKnQwmzQmF0DQVTnLoJFHpdLjKKSt2BWnrTr04eBCtmoWBZcxTAbs_IV5aoKyZMKgr69-MfQ1Nl8sYvJv0Irps2v4IhXRhqs0edT8b8HzV8vZHlp&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-321270744-2600619408-4275616409-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-321270744-2600619408-4275616409-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-321270744-2600619408-4275616409-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGyjt9ihJPpQjuEBSEdMFBI3ratl9Brg6YveHEIRs31WwckJSpooJXJiYxChlKnQwmzQmF0DQVTnLoJFHpdLjKKSt2BWnrTr04eBCtmoWBZcxTAbs_IV5aoKyZMKgr69-MfQ1Nl8sYvJv0Irps2v4IhXRhqs0edT8b8HzV8vZHlp&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Conteúdo: =========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2019-12-07 06:14 - 2020-07-21 09:22 - 000000922 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com
==================== Outras Áreas ===========================
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Se uma entrada for incluída na fixlist, será removida.)
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "kissq"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\StartupApproved\Run: => "CCXProcess"
==================== Regras do Firewall (Whitelisted) ================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{5F058B99-7701-4702-A8AF-F1E880EE4806}] => (Block) C:\windows\system32\CompatTelRunner.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{11F8A25C-C5D6-4B17-B78D-E85ECED2B2F1}] => (Block) C:\windows\system32\CompatTelRunner.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CA10A44E-181D-46B5-A449-B4E659463850}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Programs\Opera\68.0.3618.173\opera.exe => Nenhum Arquivo
FirewallRules: [{01CD807D-BF9D-4CFA-8E56-F2AFE97F2D84}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\DRPSu\Alice\cloud.exe => Nenhum Arquivo
FirewallRules: [{7BB46E3C-6A23-44E4-90AA-EF26E80F1F64}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{49334AF6-92E8-464D-B5E2-A578B0F41F79}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{AB897490-4BBF-441A-95AC-7CBBAE154F06}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{945F39AB-6B58-4C55-B823-300B78319A5E}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{82046A1B-318E-486D-9B46-15C5EB5F5C49}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Temp\L3150\Network\EpsonNetSetup\ENEasyApp.exe => Nenhum Arquivo
FirewallRules: [{F553CEEE-276F-4417-A012-27E0DD81121D}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Temp\L3150\Network\EpsonNetSetup\ENEasyApp.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{C4DEBAE6-7842-4A76-A433-794E7EC4152E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{5F8FB89C-318C-4FF4-AC97-4A2A47CB31DE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{E8457A8E-A811-4FF9-BAEB-3DFF2477DB92}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8FE4C6D5-3666-4EAD-9A08-75DAA48F1864}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{9F985ADD-0B8D-4677-81AA-79F714D64295}C:\program files\adobe\adobe dreamweaver 2020\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver 2020\node\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [UDP Query User{8732A7ED-0269-4A4A-B3CE-CD96B393AF42}C:\program files\adobe\adobe dreamweaver 2020\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver 2020\node\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [{28D2C4D6-56AA-4B09-BACF-52F3415AA037}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Temp\DriverPack-2020091090450\tools\aria2c.exe => Nenhum Arquivo
FirewallRules: [{F22267C0-B6AD-4200-B666-42C45708175F}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe => Nenhum Arquivo
FirewallRules: [{17FA03A7-36D4-443E-8ED9-FBEC7E1EABC5}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\DRPSu\Alice\cloud.exe => Nenhum Arquivo
FirewallRules: [{960690B0-0703-416A-ACA4-9459DA8ACE65}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Programs\Opera\70.0.3728.178\opera.exe => Nenhum Arquivo
FirewallRules: [{BBADF04F-6A4C-45A9-82F2-7558D0D5980A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EFCCA196-03A9-4509-AAB9-7E3B9A5654DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{061D548A-4932-47C6-9210-EDBD8A1A025C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{95247CED-BFC4-4021-8E3D-34CDB2A33271}] => (Allow) C:\Level Up\Combat Arms\NMService.exe => Nenhum Arquivo
FirewallRules: [{1703CAE8-0B54-4F91-BDB8-524B92763D64}] => (Allow) C:\Level Up\Combat Arms\NMService.exe => Nenhum Arquivo
FirewallRules: [{D629A089-791B-442D-B406-42F4998A2F11}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{9893265C-E358-4C7F-A079-C5CC637CC620}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{8FF9D385-6FCA-4F3A-8D25-3DA1310F8A0D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CCD6ED5E-1541-43BC-959A-D2B617A6AF6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1F12F659-C09A-4030-9337-5F90B39DB5EB}] => (Allow) LPort=1688
FirewallRules: [{BD344112-B61C-46B2-B0A9-DBC30611908D}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{5903F66D-9837-4203-9B85-ABED80EC214D}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{280605DB-88FB-458A-8C29-6A338D797D6C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{B5B42997-CFA3-4BB1-9D07-C24D216B3499}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{00DC442B-F496-4DE8-B584-01DFE4712B78}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{AE7DBD7D-4C6E-4913-BE22-81BB103B0ECD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{D7802E74-09A6-4E3D-B157-96D6C2271F5E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4831D53-21C8-431D-96F9-6BA0B36648F5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ECE7ACC5-9997-4898-8D9E-57D6FB9482FD}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{39FB1811-38C5-4AE6-9498-01F70139055E}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [{63FF5B4D-CB1E-4CAE-B676-6752F13C6127}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [{CB2DCCF3-04EE-4902-824D-00946CFC892B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{24EA7353-81C6-4A1B-93E8-F142CF0F62F1}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{CD02637D-6329-492D-B57B-46B6D7EB9F72}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86CE2665-8B67-491F-BCFF-BF95A18CB966}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8939D4FA-CB4F-490C-884E-C8BF8EF03F2C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F235D51-983C-42D8-AE72-B0FFCFA97DA6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7997028C-3FA8-4752-BF23-130A386253B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8F4BD63-BA22-46B3-8009-72BB4DB3F7AD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A5EA41C-0712-429C-B1E4-A74D73CF733E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39A1AC8F-3231-487D-908A-CD6C59092DDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{167F520C-DDBA-4648-BEC5-D5F1073581B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C86C33A4-6B6E-4F6B-9D3B-80E52E71CFFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{42A53E57-7BD5-4AB7-95AE-4A9472A73109}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A253A0A3-9F43-49E0-86B9-4B2CDCACE20F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4EBB5C39-7683-4AEE-8904-863AC4F8BC88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{34E24916-2820-4CEB-997F-6ECD09ACDBA0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{50B6D051-AD60-4C50-B251-7FDA06CCD494}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{FC173FEC-28F7-4D07-95CE-6E4BC697BDDD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{1BBBE60B-CD1B-440F-89E0-CEE2283C76D9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{8814D17D-5726-47E9-8556-0A94A77395A6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{56475DF1-4D57-4A50-959F-251D47ECE2F7}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{625E0944-DA8E-4C34-B470-6E1614DE181E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2F2431FD-6461-4774-AFEB-EFAF563BCF5A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Nenhum Arquivo
FirewallRules: [{60D5574D-DB33-4DE5-985E-A322DE629899}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
==================== Pontos de Restauração =========================
16-11-2021 14:14:43 Installed DaVinci Resolve
==================== Dispositivos Apresentando Falhas No Gerenciador ============
==================== Erros no Log de eventos: ========================
Erros em Aplicativos:
==================
Error: (11/17/2021 03:22:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe, versão: 10.0.19041.546, carimbo de data/hora: 0x058e175a
Nome do módulo com falha: SyncController.dll, versão: 10.0.19041.746, carimbo de data/hora: 0x2aa6ba67
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000003d3bc
ID do processo com falha: 0x3cf4
Hora de início do aplicativo com falha: 0x01d7dbdd98581b9a
Caminho do aplicativo com falha: C:\Windows\system32\svchost.exe
Caminho do módulo com falha: C:\Windows\System32\SyncController.dll
ID do Relatório: e8a2ebbb-6dc6-4823-8801-a872972db03b
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (11/17/2021 09:24:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.19041.1348 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 28dc
Hora de Início: 01d7dbadc0b2642f
Hora de Término: 0
Caminho do Aplicativo: C:\Windows\explorer.exe
ID do Relatório: bcca2927-af91-40b6-8efb-324d719d080f
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Tipo com falha: Unknown
Error: (11/16/2021 01:00:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em Backup (D:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A)
Error: (11/16/2021 09:59:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.19041.1348 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 4cc8
Hora de Início: 01d7dae97a04b616
Hora de Término: 0
Caminho do Aplicativo: C:\Windows\explorer.exe
ID do Relatório: ced82f0a-bd72-452c-9a30-dffc131307a6
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Tipo com falha: Unknown
Error: (11/16/2021 09:59:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.19041.1348 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 4448
Hora de Início: 01d7dae995c6195a
Hora de Término: 0
Caminho do Aplicativo: C:\Windows\explorer.exe
ID do Relatório: acf9bd33-fcdd-4515-adfe-cc2868782ce7
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Tipo com falha: Unknown
Error: (11/09/2021 01:32:39 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em Backup (D:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A)
Error: (11/09/2021 09:28:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.19041.1266 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 49c4
Hora de Início: 01d7d564dbfde345
Hora de Término: 0
Caminho do Aplicativo: C:\Windows\explorer.exe
ID do Relatório: e7c9a51f-c374-4bda-bf2e-eeb6a79081d7
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Tipo com falha: Unknown
Error: (11/08/2021 06:26:39 PM) (Source: MsiInstaller) (EventID: 11500) (User: DESKTOP-QBNRO2F)
Description: Produto: Instalação -- Erro 1500. Existe outra instalação em progresso. É necessário completar essa instalação antes de poder continuar esta.
Erros de Sistema:
=============
Error: (11/17/2021 03:23:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (11/17/2021 03:23:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\H2MARK~1\AppData\Local\Temp\ehdrv.sys
Error: (11/17/2021 03:23:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (11/17/2021 03:23:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\H2MARK~1\AppData\Local\Temp\ehdrv.sys
Error: (11/17/2021 03:23:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (11/17/2021 03:23:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\H2MARK~1\AppData\Local\Temp\ehdrv.sys
Error: (11/17/2021 03:23:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (11/17/2021 03:23:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\H2MARK~1\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2021-11-17 15:47:55
Description:
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/DriverPack&threatid=311940&enterprise=0
Nome: PUABundler:Win32/DriverPack
Gravidade: Baixo
Categoria: Software Potencialmente Indesejado
Caminho: file:_C:\Users\H2 Marketing\AppData\Roaming\DRPSu\Alice\DriverPackAssistant.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Sistema
Usuário: DESKTOP-QBNRO2F\H2 Marketing
Nome do Processo: Unknown
Versão da Inteligência de Segurança: AV: 1.353.1142.0, AS: 1.353.1142.0, NIS: 1.353.1142.0
Versão do Mecanismo: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-17 15:47:07
Description:
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Linkury.RS!MTB&threatid=270307&enterprise=0
Nome: Adware:Win32/Linkury.RS!MTB
Gravidade: Alto
Categoria: Adware
Caminho: file:_C:\Program Files (x86)\Common Files\Plustip\uninstall.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-QBNRO2F\H2 Marketing
Nome do Processo: C:\Users\H2 Marketing\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Versão da Inteligência de Segurança: AV: 1.353.1142.0, AS: 1.353.1142.0, NIS: 1.353.1142.0
Versão do Mecanismo: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-17 11:04:14
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {5964F380-A85B-4444-A782-DD36C54C1388}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2021-11-16 12:30:13
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {39CDE6F2-54B4-43F1-9F5F-1ACB50CFD0C0}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2021-11-14 18:16:06
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {521F3A9E-51FF-4F7F-9835-97E830F60397}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
==================== Informações da Memória ===========================
BIOS: American Megatrends Inc. V18.3 03/14/2013
placa-mãe: MSI H61M-E22/W8 (MS-7788)
Processador: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Percentagem de memória em uso: 59%
RAM física total: 8077.4 MB
RAM física disponível: 3273.89 MB
Virtual Total: 9357.4 MB
Virtual disponível: 3919.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.14 GB) (Free:8.43 GB) NTFS
Drive d: (Backup) (Fixed) (Total:931.51 GB) (Free:438.96 GB) NTFS
\\?\Volume{721dd1d2-5d13-4307-9ddd-9728d358a588}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{b129e0fd-d3b4-42da-8aa3-6144f94303c5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabela de Partições ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 20A36536)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt =======================
Executado por H2 Marketing (17-11-2021 15:53:21)
Executando a partir de D:\Downloads
Microsoft Windows 10 Pro Versão 21H1 19043.1348 (X64) (2020-07-20 15:30:51)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
(Se uma entrada for incluída na fixlist, será removida.)
Administrador (S-1-5-21-321270744-2600619408-4275616409-500 - Administrator - Disabled)
Convidado (S-1-5-21-321270744-2600619408-4275616409-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-321270744-2600619408-4275616409-503 - Limited - Disabled)
H2 Marketing (S-1-5-21-321270744-2600619408-4275616409-1001 - Administrator - Enabled) => C:\Users\H2 Marketing
WDAGUtilityAccount (S-1-5-21-321270744-2600619408-4275616409-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
AD File Deleter version 7.07 (HKLM-x32\...\AD File Deleter_7_is1) (Version: 7.07 - DYROBP)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.)
Adobe Dreamweaver 2020 (HKLM-x32\...\DRWV_20_2) (Version: 20.2 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_0) (Version: 9.0 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0_4) (Version: 14.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.)
ApowerEdit V1.7.6.12 (HKLM-x32\...\{3089CCCD-BC5F-4309-A3C1-45B5ACA7A5E7}_is1) (Version: 1.7.6.12 - Apowersoft LIMITED)
Apowersoft Online Launcher version 1.8.1 (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.1 - APOWERSOFT LIMITED)
Assistente Pimaco (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\fd1d3bb00ed77146) (Version: 3.0.0.39 - Bic Amazonia SA)
Blackmagic RAW Common Components (HKLM\...\{94C42023-ECF5-46E6-ACB4-2AED536B205D}) (Version: 2.2 - Blackmagic Design)
Combat Arms (HKLM-x32\...\Combat Arms) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{4F36AC9B-954C-4C49-8573-D2A9EF8079B4}) (Version: 22.0.0.411 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4F36AC9B-954C-4C49-8573-D2A9EF8079B4}) (Version: 22.0.411 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C28C908E-0E70-470C-B556-DFDDE9973766}) (Version: 22.0.411 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM (x64) (HKLM\...\{0E0F6EBF-E2BA-4B1A-ADEC-CAF4612B2AC7}) (Version: 22.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content BR (x64) (HKLM\...\{AE21B6DA-78D3-4772-81EF-9A0163BDB0C6}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content DE (x64) (HKLM\...\{9A7ABF9B-1CF1-452F-B6A9-1FD425AD12D9}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content EN (x64) (HKLM\...\{C796DB48-473A-4F12-998D-0D690570D633}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content ES (x64) (HKLM\...\{38B83748-7D9B-48DB-94EE-004D49E84BD3}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content FR (x64) (HKLM\...\{E2E7B6E9-3A6F-4421-8D1F-24ED7647B00A}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content IT (x64) (HKLM\...\{EEC60482-484C-4B29-BB56-0C04F086B372}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content NL (x64) (HKLM\...\{0A404310-BE95-47B5-BE1C-5C664490EE17}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - Writing Tools (x64) (HKLM\...\{F404C086-454C-4485-B5F1-F3C11B8DF452}) (Version: 22.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 (64-Bit) (HKLM\...\_{7FA269F4-59E4-4399-A239-E9A134D40BED}) (Version: 22.1.0.517 - Corel Corporation)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DaVinci Resolve (HKLM\...\{6E40D3ED-077B-45C4-90FF-222CC65C199C}) (Version: 17.4.10004 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7667C543-084F-47F7-BC60-175FC25E9D6F}) (Version: 2.0.1.0 - Blackmagic Design)
digiCamControl (HKLM-x32\...\{19D12628-7654-4354-A305-9AB0B33A1677}) (Version: 2.1.2.0 - Duka Istvan)
digiCamControl (HKLM-x32\...\{2dd048a1-b9fb-4e4f-a8f3-1eceafce538c}) (Version: 2.1.2.0 - ) Hidden
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.0.1 - IObit)
Easy Photo Scan (HKLM-x32\...\{99364024-626C-4BE1-89C8-2F207023497B}) (Version: 1.00.0018 - Seiko Epson Corporation)
EPS Viewer (HKLM-x32\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version: - IdeaMK)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{71038C40-8258-44D2-BBF4-B6312338172C}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L3150 Series Printer Uninstall (HKLM\...\EPSON L3150 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{D2D9559D-359A-4C61-B93A-FE01AE2BFB75}) (Version: 4.5.4 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
Instalação (HKLM-x32\...\{66134A9C-2221-4BBB-AD13-44EB81A809F1}) (Version: 1.0.0 - Configurando Windows)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5161 - Intel Corporation)
LibreOffice 7.2.2.2 (HKLM\...\{51F1B587-D4A5-41C0-A4E8-A64BBD343F23}) (Version: 7.2.2.2 - The Document Foundation)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.53 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProPlus2019Retail - pt-br) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 94.0.1 (x64 pt-BR)) (Version: 94.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0 - Mozilla)
Nelogica ProfitPro (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\Profit) (Version: 5.0.0.229 - Nelogica)
Nelogica Rico Trader (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\RicoTrader) (Version: 5.0.0.174 - Nelogica)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== ATENÇÃO
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Suporte para Aplicativos Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Windows Installer (HKLM-x32\...\{13499434-9821-4E2D-B7DF-7C0867EB1504}) (Version: 5.0.3 - AdvancedWindowsManager)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\ZoomUMX) (Version: 5.7.8 (1247) - Zoom Video Communications, Inc.)
Packages:
=========
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-21] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0 [2021-11-12] (Spotify AB) [Startup Task]
TouchVPN -> C:\Program Files\WindowsApps\6F71D7A7.TouchVPN_1.1.14.0_x64__nsbqstbb9qxb6 [2020-12-17] (Pango Inc.)
==================== Análise Personalizada CLSID (Whitelisted): ==============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{272D2E65-05FB-4500-BD7B-5905D5B0A1B8}\localserver32 -> C:\Users\H2 Marketing\AppData\Roaming\Nelogica\Profit\profitchart.exe (Nelogica Sistemas de Software Ltda. -> Nelogica)
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{91B96A80-A1E8-DB69-3D91-B838B0AF5BDE}\InprocServer32 -> não caminho do arquivo
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{def0be8c-1027-41d3-bcc6-c6235d93ab09}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-321270744-2600619408-4275616409-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2021-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
==================== Módulos Carregados (Whitelisted) =============
2021-11-08 11:55 - 2021-11-08 11:55 - 350039835 _____ () [Arquivo não assinado] C:\Users\H2 Marketing\aspecto\nvImage.dll
2021-11-17 15:05 - 2021-11-17 15:23 - 001195008 _____ (ESET) [Arquivo não assinado] C:\Users\H2 Marketing\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [Arquivo não assinado] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\Windows\System32\enppmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Modo de Segurança (Whitelisted) ==================
==================== Associação (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGyjt9ihJPpQjuEBSEdMFBI3ratl9Brg6YveHEIRs31WwckJSpooJXJiYxChlKnQwmzQmF0DQVTnLoJFHpdLjKKSt2BWnrTr04eBCtmoWBZcxTAbs_IV5aoKyZMKgr69-MfQ1Nl8sYvJv0Irps2v4IhXRhqs0edT8b8HzV8vZHlp&q={searchTerms}
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGyjt9ihJPpQjuEBSEdMFBI3ratl9Brg6YveHEIRs31WwckJSpooJXJiYxChlKnQwmzQmF0DQVTnLoJJK2c1SIlY1d9rGi9ZUcmEngFBYZqLjLPWcj739lQT6uGfrmrxYtsS1pEIsqwYPpHNLPQTOnSQLY3lYjWkkkgBoBtaHAC6
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGyjt9ihJPpQjuEBSEdMFBI3ratl9Brg6YveHEIRs31WwckJSpooJXJiYxChlKnQwmzQmF0DQVTnLoJFHpdLjKKSt2BWnrTr04eBCtmoWBZcxTAbs_IV5aoKyZMKgr69-MfQ1Nl8sYvJv0Irps2v4IhXRhqs0edT8b8HzV8vZHlp&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-321270744-2600619408-4275616409-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-321270744-2600619408-4275616409-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-321270744-2600619408-4275616409-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGyjt9ihJPpQjuEBSEdMFBI3ratl9Brg6YveHEIRs31WwckJSpooJXJiYxChlKnQwmzQmF0DQVTnLoJFHpdLjKKSt2BWnrTr04eBCtmoWBZcxTAbs_IV5aoKyZMKgr69-MfQ1Nl8sYvJv0Irps2v4IhXRhqs0edT8b8HzV8vZHlp&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Conteúdo: =========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2019-12-07 06:14 - 2020-07-21 09:22 - 000000922 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com
==================== Outras Áreas ===========================
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Se uma entrada for incluída na fixlist, será removida.)
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "kissq"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\StartupApproved\Run: => "CCXProcess"
==================== Regras do Firewall (Whitelisted) ================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{5F058B99-7701-4702-A8AF-F1E880EE4806}] => (Block) C:\windows\system32\CompatTelRunner.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{11F8A25C-C5D6-4B17-B78D-E85ECED2B2F1}] => (Block) C:\windows\system32\CompatTelRunner.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CA10A44E-181D-46B5-A449-B4E659463850}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Programs\Opera\68.0.3618.173\opera.exe => Nenhum Arquivo
FirewallRules: [{01CD807D-BF9D-4CFA-8E56-F2AFE97F2D84}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\DRPSu\Alice\cloud.exe => Nenhum Arquivo
FirewallRules: [{7BB46E3C-6A23-44E4-90AA-EF26E80F1F64}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{49334AF6-92E8-464D-B5E2-A578B0F41F79}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{AB897490-4BBF-441A-95AC-7CBBAE154F06}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{945F39AB-6B58-4C55-B823-300B78319A5E}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{82046A1B-318E-486D-9B46-15C5EB5F5C49}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Temp\L3150\Network\EpsonNetSetup\ENEasyApp.exe => Nenhum Arquivo
FirewallRules: [{F553CEEE-276F-4417-A012-27E0DD81121D}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Temp\L3150\Network\EpsonNetSetup\ENEasyApp.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{C4DEBAE6-7842-4A76-A433-794E7EC4152E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{5F8FB89C-318C-4FF4-AC97-4A2A47CB31DE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{E8457A8E-A811-4FF9-BAEB-3DFF2477DB92}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8FE4C6D5-3666-4EAD-9A08-75DAA48F1864}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{9F985ADD-0B8D-4677-81AA-79F714D64295}C:\program files\adobe\adobe dreamweaver 2020\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver 2020\node\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [UDP Query User{8732A7ED-0269-4A4A-B3CE-CD96B393AF42}C:\program files\adobe\adobe dreamweaver 2020\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver 2020\node\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [{28D2C4D6-56AA-4B09-BACF-52F3415AA037}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Temp\DriverPack-2020091090450\tools\aria2c.exe => Nenhum Arquivo
FirewallRules: [{F22267C0-B6AD-4200-B666-42C45708175F}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe => Nenhum Arquivo
FirewallRules: [{17FA03A7-36D4-443E-8ED9-FBEC7E1EABC5}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\DRPSu\Alice\cloud.exe => Nenhum Arquivo
FirewallRules: [{960690B0-0703-416A-ACA4-9459DA8ACE65}] => (Allow) C:\Users\H2 Marketing\AppData\Local\Programs\Opera\70.0.3728.178\opera.exe => Nenhum Arquivo
FirewallRules: [{BBADF04F-6A4C-45A9-82F2-7558D0D5980A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EFCCA196-03A9-4509-AAB9-7E3B9A5654DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{061D548A-4932-47C6-9210-EDBD8A1A025C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{95247CED-BFC4-4021-8E3D-34CDB2A33271}] => (Allow) C:\Level Up\Combat Arms\NMService.exe => Nenhum Arquivo
FirewallRules: [{1703CAE8-0B54-4F91-BDB8-524B92763D64}] => (Allow) C:\Level Up\Combat Arms\NMService.exe => Nenhum Arquivo
FirewallRules: [{D629A089-791B-442D-B406-42F4998A2F11}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{9893265C-E358-4C7F-A079-C5CC637CC620}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{8FF9D385-6FCA-4F3A-8D25-3DA1310F8A0D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CCD6ED5E-1541-43BC-959A-D2B617A6AF6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1F12F659-C09A-4030-9337-5F90B39DB5EB}] => (Allow) LPort=1688
FirewallRules: [{BD344112-B61C-46B2-B0A9-DBC30611908D}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{5903F66D-9837-4203-9B85-ABED80EC214D}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{280605DB-88FB-458A-8C29-6A338D797D6C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{B5B42997-CFA3-4BB1-9D07-C24D216B3499}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{00DC442B-F496-4DE8-B584-01DFE4712B78}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{AE7DBD7D-4C6E-4913-BE22-81BB103B0ECD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{D7802E74-09A6-4E3D-B157-96D6C2271F5E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4831D53-21C8-431D-96F9-6BA0B36648F5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ECE7ACC5-9997-4898-8D9E-57D6FB9482FD}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{39FB1811-38C5-4AE6-9498-01F70139055E}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [{63FF5B4D-CB1E-4CAE-B676-6752F13C6127}] => (Allow) C:\Users\H2 Marketing\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [{CB2DCCF3-04EE-4902-824D-00946CFC892B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{24EA7353-81C6-4A1B-93E8-F142CF0F62F1}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{CD02637D-6329-492D-B57B-46B6D7EB9F72}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86CE2665-8B67-491F-BCFF-BF95A18CB966}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8939D4FA-CB4F-490C-884E-C8BF8EF03F2C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F235D51-983C-42D8-AE72-B0FFCFA97DA6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7997028C-3FA8-4752-BF23-130A386253B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8F4BD63-BA22-46B3-8009-72BB4DB3F7AD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A5EA41C-0712-429C-B1E4-A74D73CF733E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39A1AC8F-3231-487D-908A-CD6C59092DDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{167F520C-DDBA-4648-BEC5-D5F1073581B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C86C33A4-6B6E-4F6B-9D3B-80E52E71CFFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{42A53E57-7BD5-4AB7-95AE-4A9472A73109}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A253A0A3-9F43-49E0-86B9-4B2CDCACE20F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4EBB5C39-7683-4AEE-8904-863AC4F8BC88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{34E24916-2820-4CEB-997F-6ECD09ACDBA0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{50B6D051-AD60-4C50-B251-7FDA06CCD494}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{FC173FEC-28F7-4D07-95CE-6E4BC697BDDD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{1BBBE60B-CD1B-440F-89E0-CEE2283C76D9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{8814D17D-5726-47E9-8556-0A94A77395A6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{56475DF1-4D57-4A50-959F-251D47ECE2F7}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{625E0944-DA8E-4C34-B470-6E1614DE181E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2F2431FD-6461-4774-AFEB-EFAF563BCF5A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Nenhum Arquivo
FirewallRules: [{60D5574D-DB33-4DE5-985E-A322DE629899}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
==================== Pontos de Restauração =========================
16-11-2021 14:14:43 Installed DaVinci Resolve
==================== Dispositivos Apresentando Falhas No Gerenciador ============
==================== Erros no Log de eventos: ========================
Erros em Aplicativos:
==================
Error: (11/17/2021 03:22:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe, versão: 10.0.19041.546, carimbo de data/hora: 0x058e175a
Nome do módulo com falha: SyncController.dll, versão: 10.0.19041.746, carimbo de data/hora: 0x2aa6ba67
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000003d3bc
ID do processo com falha: 0x3cf4
Hora de início do aplicativo com falha: 0x01d7dbdd98581b9a
Caminho do aplicativo com falha: C:\Windows\system32\svchost.exe
Caminho do módulo com falha: C:\Windows\System32\SyncController.dll
ID do Relatório: e8a2ebbb-6dc6-4823-8801-a872972db03b
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (11/17/2021 09:24:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.19041.1348 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 28dc
Hora de Início: 01d7dbadc0b2642f
Hora de Término: 0
Caminho do Aplicativo: C:\Windows\explorer.exe
ID do Relatório: bcca2927-af91-40b6-8efb-324d719d080f
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Tipo com falha: Unknown
Error: (11/16/2021 01:00:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em Backup (D:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A)
Error: (11/16/2021 09:59:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.19041.1348 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 4cc8
Hora de Início: 01d7dae97a04b616
Hora de Término: 0
Caminho do Aplicativo: C:\Windows\explorer.exe
ID do Relatório: ced82f0a-bd72-452c-9a30-dffc131307a6
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Tipo com falha: Unknown
Error: (11/16/2021 09:59:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.19041.1348 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 4448
Hora de Início: 01d7dae995c6195a
Hora de Término: 0
Caminho do Aplicativo: C:\Windows\explorer.exe
ID do Relatório: acf9bd33-fcdd-4515-adfe-cc2868782ce7
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Tipo com falha: Unknown
Error: (11/09/2021 01:32:39 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em Backup (D:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A)
Error: (11/09/2021 09:28:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.19041.1266 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 49c4
Hora de Início: 01d7d564dbfde345
Hora de Término: 0
Caminho do Aplicativo: C:\Windows\explorer.exe
ID do Relatório: e7c9a51f-c374-4bda-bf2e-eeb6a79081d7
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Tipo com falha: Unknown
Error: (11/08/2021 06:26:39 PM) (Source: MsiInstaller) (EventID: 11500) (User: DESKTOP-QBNRO2F)
Description: Produto: Instalação -- Erro 1500. Existe outra instalação em progresso. É necessário completar essa instalação antes de poder continuar esta.
Erros de Sistema:
=============
Error: (11/17/2021 03:23:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (11/17/2021 03:23:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\H2MARK~1\AppData\Local\Temp\ehdrv.sys
Error: (11/17/2021 03:23:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (11/17/2021 03:23:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\H2MARK~1\AppData\Local\Temp\ehdrv.sys
Error: (11/17/2021 03:23:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (11/17/2021 03:23:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\H2MARK~1\AppData\Local\Temp\ehdrv.sys
Error: (11/17/2021 03:23:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (11/17/2021 03:23:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\H2MARK~1\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2021-11-17 15:47:55
Description:
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/DriverPack&threatid=311940&enterprise=0
Nome: PUABundler:Win32/DriverPack
Gravidade: Baixo
Categoria: Software Potencialmente Indesejado
Caminho: file:_C:\Users\H2 Marketing\AppData\Roaming\DRPSu\Alice\DriverPackAssistant.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Sistema
Usuário: DESKTOP-QBNRO2F\H2 Marketing
Nome do Processo: Unknown
Versão da Inteligência de Segurança: AV: 1.353.1142.0, AS: 1.353.1142.0, NIS: 1.353.1142.0
Versão do Mecanismo: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-17 15:47:07
Description:
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Linkury.RS!MTB&threatid=270307&enterprise=0
Nome: Adware:Win32/Linkury.RS!MTB
Gravidade: Alto
Categoria: Adware
Caminho: file:_C:\Program Files (x86)\Common Files\Plustip\uninstall.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: DESKTOP-QBNRO2F\H2 Marketing
Nome do Processo: C:\Users\H2 Marketing\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Versão da Inteligência de Segurança: AV: 1.353.1142.0, AS: 1.353.1142.0, NIS: 1.353.1142.0
Versão do Mecanismo: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-17 11:04:14
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {5964F380-A85B-4444-A782-DD36C54C1388}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2021-11-16 12:30:13
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {39CDE6F2-54B4-43F1-9F5F-1ACB50CFD0C0}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2021-11-14 18:16:06
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {521F3A9E-51FF-4F7F-9835-97E830F60397}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
==================== Informações da Memória ===========================
BIOS: American Megatrends Inc. V18.3 03/14/2013
placa-mãe: MSI H61M-E22/W8 (MS-7788)
Processador: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Percentagem de memória em uso: 59%
RAM física total: 8077.4 MB
RAM física disponível: 3273.89 MB
Virtual Total: 9357.4 MB
Virtual disponível: 3919.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.14 GB) (Free:8.43 GB) NTFS
Drive d: (Backup) (Fixed) (Total:931.51 GB) (Free:438.96 GB) NTFS
\\?\Volume{721dd1d2-5d13-4307-9ddd-9728d358a588}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{b129e0fd-d3b4-42da-8aa3-6144f94303c5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabela de Partições ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 20A36536)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt =======================