Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 18-09-2019 01 Executado por I.G.D (18-09-2019 21:31:55) Executando a partir de C:\Users\Computador\Downloads Windows 10 Home Versão 1903 18362.329 (X64) (2019-08-16 00:21:47) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Achei (S-1-5-21-1208584395-1539893261-2913042047-1013 - Limited - Enabled) => C:\Users\Achei Administrador (S-1-5-21-1208584395-1539893261-2913042047-500 - Administrator - Disabled) Convidado (S-1-5-21-1208584395-1539893261-2913042047-501 - Limited - Disabled) DefaultAccount (S-1-5-21-1208584395-1539893261-2913042047-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1208584395-1539893261-2913042047-1012 - Limited - Enabled) I.G.D (S-1-5-21-1208584395-1539893261-2913042047-1001 - Administrator - Enabled) => C:\Users\Computador WDAGUtilityAccount (S-1-5-21-1208584395-1539893261-2913042047-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Avira Antivirus (Disabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe) Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation) aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Avira (HKLM-x32\...\{1db45392-716a-490d-9b3e-2d96adbb5ab0}) (Version: 1.2.136.25116 - Avira Operations GmbH & Co. KG) Avira (HKLM-x32\...\{CC898F82-66EF-4083-947F-5C69703DDBAF}) (Version: 1.2.136.25116 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.1908.1579 - Avira Operations GmbH & Co. KG) Avira Home Guard (HKLM-x32\...\{B44A6ACF-D50A-4CAC-9A8E-246402BDC101}) (Version: 1.1.10.773 - Avira Operations GmbH & Co. KG) Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.28.5.20306 - Avira Operations GmbH & Co. KG) Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.0.2.1915 - Avira Operations GmbH & Co. KG) Avira Software Updater (HKLM-x32\...\{644ABCB8-ADC7-46AA-809C-E8A6EE76F7A8}) (Version: 2.0.6.20377 - Avira Operations GmbH & Co. KG) CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform) Corel Graphics - Windows Shell Extension (HKLM\...\_{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.0.633 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.633 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C0408619-0431-4B54-B63C-C3AB18B1E4B4}) (Version: 20.0.633 - Corel Corporation) Hidden Corel Shell Extension - 64Bit (HKLM\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF011}) (Version: 14.0 - Corel Corporation) Hidden Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.8.364 - Corel corporation) Hidden CorelDRAW Graphics Suite 2018 - BR (x64) (HKLM\...\{575AFBB6-FDF0-4191-97D0-E109C1A53E9B}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation) CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Capture (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF012}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Content (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF016}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Draw (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF013}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Filters (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF017}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - FontNav (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF019}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics SUite X4 - ICA (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - IPM (HKLM-x32\...\{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Lang BR (HKLM-x32\...\{1A9DAB4D-46CD-4CBF-A9FC-28D8AA8D2FCF}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Lang DE (HKLM-x32\...\{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Lang EN (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF100}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Lang ES (HKLM-x32\...\{D2827848-7D2A-4547-9AD1-C965FB3E6344}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Lang FR (HKLM-x32\...\{9D306690-3173-42CD-94C6-9EF9318AF24B}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Lang IT (HKLM-x32\...\{D0160DD3-6F62-4F1E-B999-6C68D3AE7390}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - Lang NL (HKLM-x32\...\{A6C27FFF-75EF-4B5B-A64E-F9E128994908}) (Version: 14.0 - Uw bedrijfsnaam) Hidden CorelDRAW Graphics Suite X4 - PP (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF014}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 - VBA (HKLM-x32\...\{BF439B41-0252-48DE-8B8B-0430CB26A181}) (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X4 (HKLM-x32\...\{44A27085-0616-4181-A0C3-81C7ECA17F73}) (Version: 14.0 - Corel Corporation) Hidden CPUID HWMonitor 1.35 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.35 - CPUID, Inc.) DriverUpdate (HKLM\...\{095EB3C7-1324-46CF-9947-BE02B65F40CE}) (Version: 5.6.5 - Slimware Utilities Holdings, Inc.) Hidden ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC) Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{2DCBB45E-AA03-4089-87E7-EC17E606D738}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden Instalação do DivX (HKLM\...\DivX Setup) (Version: 10.8.7.0 - DivX, LLC) Intel Driver && Support Assistant (HKLM-x32\...\{FEC20E93-5B88-45AA-9AA3-1185EE8A46AF}) (Version: 19.8.34.6 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{A9133872-C9FE-45CC-8F01-D1947B0F09EA}) (Version: 2.4.04755 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{e46e0766-a9ed-4cf2-94c7-a684b0aa214f}) (Version: 19.8.34.6 - Intel) Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation) K-Lite Mega Codec Pack 14.8.8 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.8.8 - KLCP) Led Control System V6 (HKLM-x32\...\{264800A1-2410-450B-AC19-1B7A90758F0E}_is1) (Version: 6.0.0.40 - ZOEHOO, Inc.) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.14.1 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1298.831 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.) Security Task Manager 2.3c (HKLM-x32\...\Security Task Manager) (Version: 2.3c - Neuber Software) SlimCleaner Plus (HKLM\...\{7E03DFCF-3091-4D7A-91AB-59994A7A36B6}) (Version: 2.8.3 - Slimware Utilities Holdings, Inc.) Hidden SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.6.1.119 - EnigmaSoft Limited) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation) VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden Vivaldi (HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\Vivaldi) (Version: 2.6.1566.49 - Vivaldi Technologies AS.) WhatsApp (HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\WhatsApp) (Version: 0.3.2848 - WhatsApp) WinPcap for Avira 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Domotz, Inc) WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) Packages: ========= Email e Calendário -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad] HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-09-14] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad] Microsoft Notícias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Studios) [MS Ad] MSN Clima -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation) [MS Ad] MSN Dinheiro -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad] MSN Esportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad] MSN Receitas e Bebidas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad] MSN Saúde e Bem-estar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad] MSN Viagem -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.562.0_x64__mcm4njqhnhss8 [2019-09-18] (Netflix, Inc.) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) CustomCLSID: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> C:\Users\Computador\AppData\Local\Vivaldi\Application\2.6.1566.49\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Sem Nome - {E37CB5F0-51F5-4395-A808-5FA49E399003} - -> Nenhum Arquivo ShellExecuteHooks-x32: Sem Nome - {E37CB5F0-51F5-4395-A808-5FA49E399007} - -> Nenhum Arquivo ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Nenhum Arquivo ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-08] (DivX, LLC -> DivX, LLC) ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-08] (DivX, LLC -> DivX, LLC) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Nenhum Arquivo ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-08-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Nenhum Arquivo ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Nenhum Arquivo ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Nenhum Arquivo ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Nenhum Arquivo ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-08-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Computador\Downloads\programas\ativador\Ativador Win 10 e Office 2019\LC Tutors Install™ - Clique aqui para abrir.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=oigibaklffbfdjbmehekfggagpoidgdi ==================== Módulos Carregados (Whitelisted) ============== 2018-12-05 17:01 - 2018-12-05 17:01 - 000022528 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\boost_chrono-vc90-mt-1_58.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 000041984 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\boost_date_time-vc90-mt-1_58.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 000098304 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\boost_filesystem-vc90-mt-1_58.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 000037376 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\boost_iostreams-vc90-mt-1_58.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 000360960 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\boost_locale-vc90-mt-1_58.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 000012800 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\boost_system-vc90-mt-1_58.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 000086016 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\boost_thread-vc90-mt-1_58.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 001016320 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\libprotobuf.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 000412160 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\netsnmp.dll 2019-02-25 13:33 - 2019-02-25 13:33 - 003663872 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\overlook.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 000059904 _____ () [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\zlib1.dll 2019-02-25 13:33 - 2019-02-25 13:33 - 000477184 _____ (Fing Limited) [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\fingkit.dll 2015-01-13 23:47 - 2015-01-14 02:47 - 000120320 _____ (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\WINDOWS\System32\E_YLMI2E.DLL 2019-09-17 23:24 - 2019-09-17 23:24 - 000913920 _____ (ServiceStack) [Arquivo não assinado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\874bec717e2ea414859b8ac6561c7eea\ServiceStack.Text.ni.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 001359360 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\LIBEAY32.dll 2018-12-05 17:01 - 2018-12-05 17:01 - 000354816 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Avira\Home Guard\FingKit\SSLEAY32.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\WINDOWS\system32\Drivers\csrtkbde.sys:changelist [300] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\bancoreal.com.br -> hxxp://www.bancoreal.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\bancosantander.com.br -> hxxp://www.bancosantander.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\bancosantander.com.br -> hxxps://www.bancosantander.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\caixa.gov.br -> imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\realsecureweb.com.br -> hxxps://www.realsecureweb.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\santander.com.br -> www.santander.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\santander.com.br -> hxxp://www.santander.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\santanderempresarial.com.br -> www.santanderempresarial.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\santanderempresarial.com.br -> hxxp://www.santanderempresarial.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\santandernet.com.br -> www.santandernet.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\santandernet.com.br -> hxxps://www.santandernet.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\santandernetibe.com.br -> www.santandernetibe.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\santandernetibe.com.br -> hxxps://www.santandernetibe.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\secureweb.com.br -> hxxps://www.secureweb.com.br IE trusted site: HKU\S-1-5-21-1208584395-1539893261-2913042047-1013\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2019-01-08 21:25 - 004194841 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 cpm.paneladmin.pro 127.0.0.1 publisher.hmdiadmingate.xyz 127.0.0.1 hmdicrewtracksystem.xyz 127.0.0.1 mydownloaddomain.com 127.0.0.1 linkmate.space 127.0.0.1 space1.adminpressure.space 127.0.0.1 trackpressure.website 127.0.0.1 doctorlink.space 127.0.0.1 plugpackdownload.net 127.0.0.1 texttotalk.org 127.0.0.1 gambling577.xyz 127.0.0.1 htagdownload.space 127.0.0.1 mybcnmonetize.com 127.0.0.1 360devtraking.website 127.0.0.1 dscdn.pw 127.0.0.1 bcnmonetize.go2affise.com 127.0.0.1 beautifllink.xyz 2019-09-15 00:39 - 2019-09-17 09:52 - 000000436 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKCU\Environment\\Path -> ;C:\Program Files (x86)\Microsoft VS Code\bin;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Computador\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-1208584395-1539893261-2913042047-1013\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-82-1036420768-1044797643-1061213386-2937092688-4282445334\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-82-271721585-897601226-2024613209-625570482-296978595\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-82-3682073875-1643277370-2842298652-3532359455-2406259117\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-82-3876422241-1344743610-1729199087-774402673-2621913236\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-82-4068219030-1673637257-3279585211-533386110-4122969689\Control Panel\Desktop\\Wallpaper -> DNS Servers: 177.86.16.9 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Nenhum Arquivo) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == Se uma entrada for incluída na fixlist, será removida. HKLM\...\StartupApproved\Run: => "ETDCtrl" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "Diebold - Warsaw" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "WinZip PreLoader" HKLM\...\StartupApproved\Run: => "WinZip UN" HKLM\...\StartupApproved\Run: => "Reimage" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "MovieDea" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "DivXMediaServer" HKLM\...\StartupApproved\Run32: => "WinZip PreLoader" HKLM\...\StartupApproved\Run32: => "ETDCtrl" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\StartupFolder: => "Microsoft SharePoint Workspace.lnk" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\StartupFolder: => "FacebookGamesNotifier.exe.lnk" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\Run: => "OfficeSyncProcess" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\Run: => "Chromium" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\Run: => "com.squirrel.WhatsApp.WhatsApp" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\Run: => "DriverAgent Plus" HKU\S-1-5-21-1208584395-1539893261-2913042047-1001\...\StartupApproved\Run: => "DriverAgentPlusHelper" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> ) FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{271AE99F-C5B9-464F-9183-7B0216260FD2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{F24B7CEA-8CD5-41B6-B290-8FE41A4CD279}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{6EF77CA7-9FD9-4E7E-8249-5F1151F4C0D9}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{E9B7400C-A3A8-4727-8399-FE2B9394B8F4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{B71D59D0-5751-41E9-A93B-AF1620335402}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{724E67AB-5453-4B2E-9A96-D247AA7799AE}] => (Allow) C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;) ==================== Pontos de Restauração ========================= ATENÇÃO: A Restauração do Sistema está desabilitada (Total:155.36 GB) (Free:116.5 GB) (75%) ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Bluetooth Device (Personal Area Network) #3 Description: Dispositivo Bluetooth (Rede Pessoal) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: B13 Stereo Description: Origem do A2dp do Microsoft Bluetooth Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthA2dp Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (09/18/2019 09:38:55 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4112,R,98) TILEREPOSITORYS-1-5-18: Erro -1023 (0xfffffc01) ao abrir o arquivo de log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/18/2019 09:32:12 PM) (Source: MsiInstaller) (EventID: 11310) (User: CARLOS) Description: Product: Ad Escape Software Updater -- Error 1310. Error writing to file: C:\ProgramData\Porland\tplg.dll. System error 0. Verify that you have access to that directory. Error: (09/18/2019 09:24:15 PM) (Source: MsiInstaller) (EventID: 11310) (User: CARLOS) Description: Product: Ad Escape Software Updater -- Error 1310. Error writing to file: C:\ProgramData\Porland\tplg.dll. System error 0. Verify that you have access to that directory. Error: (09/18/2019 09:12:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando. . Operação: Executando Operação Assíncrona Contexto: Estado Atual: DoSnapshotSet Error: (09/18/2019 09:10:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service SlimWare Services since QueryServiceConfig API failed System Error: O sistema não pode encontrar o arquivo especificado. . Error: (09/18/2019 09:10:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service SlimWare Utility Service Launcher since QueryServiceConfig API failed System Error: O sistema não pode encontrar o arquivo especificado. . Error: (09/18/2019 09:10:30 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {e85050ae-3520-4bc5-98ef-d5ea9cfa8d74} Error: (09/18/2019 09:00:26 PM) (Source: MsiInstaller) (EventID: 11310) (User: CARLOS) Description: Product: Ad Escape Software Updater -- Error 1310. Error writing to file: C:\ProgramData\TmpLoog\tmplog.dll. System error 0. Verify that you have access to that directory. Erros de Sistema: ============= Error: (09/18/2019 07:21:58 PM) (Source: BTHUSB) (EventID: 5) (User: ) Description: O driver Bluetooth esperava um evento HCI com um determinado tamanho, mas não o recebeu. Error: (09/18/2019 07:10:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Avira Home Guard. Error: (09/18/2019 01:37:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80073d02: 9WZDNCRFJBH4-Microsoft.Windows.Photos. Error: (09/17/2019 11:46:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Avira Home Guard. Error: (09/17/2019 11:45:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Avira Home Guard. Error: (09/17/2019 11:45:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Avira Home Guard. Error: (09/17/2019 11:44:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Avira Home Guard. Error: (09/17/2019 11:43:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Avira Home Guard. Windows Defender: =================================== Date: 2019-09-17 18:11:45.246 Description: Windows Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nome: HackTool:MSIL/AutoKMS ID: 2147711767 Gravidade: Alto Categoria: Ferramenta Caminho: containerfile:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar; containerfile:_C:\Users\Computador\Downloads\programas\ativador\Ativador Win 10 e Office 2019.rar; file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe; file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe->(inno#000002); file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe->(inno#000005); file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe->(inno#000006 Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Usuário Usuário: CARLOS\I.G.D Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.301.1134.0, AS: 1.301.1134.0, NIS: 1.301.1134.0 Versão do Mecanismo: AM: 1.1.16300.1, NIS: 1.1.16300.1 Date: 2019-09-17 18:10:53.445 Description: O exame do Windows Defender Antivirus foi interrompido antes da conclusão. ID do Exame: {6CF789D0-232B-4F04-800B-A7FD26C731F0} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Completa Usuário: CARLOS\I.G.D Date: 2019-09-17 18:10:53.442 Description: Windows Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nome: HackTool:MSIL/AutoKMS ID: 2147711767 Gravidade: Alto Categoria: Ferramenta Caminho: containerfile:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar; containerfile:_C:\Users\Computador\Downloads\programas\ativador\Ativador Win 10 e Office 2019.rar; file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe->(inno#000002); file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe->(inno#000005); file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe->(inno#000006); file:_C:\Users\Computador\Downloads\programas\ativador\Ativador Win 10 e Office 2019.rar->Ativador Win 10 e Office 2019\Programs\KMSAuto Lite Portable v1.3.9\KMSAuto x64.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Usuário Usuário: CARLOS\I.G.D Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.301.1134.0, AS: 1.301.1134.0, NIS: 1.301.1134.0 Versão do Mecanismo: AM: 1.1.16300.1, NIS: 1.1.16300.1 Date: 2019-09-17 18:10:53.437 Description: Windows Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nome: HackTool:Win32/AutoKMS ID: 2147685180 Gravidade: Alto Categoria: Ferramenta Caminho: containerfile:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar; file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe->(inno#000015); file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe->(inno#000016); file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe->(inno#000019); file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office and windows activator).rar->KMSpico v10.0.4 (Office and windows activator) [TechTools.NET]\KMSpico_setup.exe->(inno#000033); file:_C:\Users\Computador\Downloads\programas\ativadores\KMSpico v10.0.4 (Office Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Usuário Usuário: CARLOS\I.G.D Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.301.1134.0, AS: 1.301.1134.0, NIS: 1.301.1134.0 Versão do Mecanismo: AM: 1.1.16300.1, NIS: 1.1.16300.1 Date: 2019-09-17 16:56:35.788 Description: Windows Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nome: HackTool:MSIL/AutoKMS ID: 2147711767 Gravidade: Alto Categoria: Ferramenta Caminho: file:_C:\Users\Computador\Downloads\programas\ativador\Ativador Win 10 e Office 2019\Programs\KMSAuto Lite Portable v1.3.9\KMSAuto x64.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: AUTORIDADE NT\SISTEMA Nome do Processo: C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe Versão da Inteligência de Segurança: AV: 1.301.1134.0, AS: 1.301.1134.0, NIS: 1.301.1134.0 Versão do Mecanismo: AM: 1.1.16300.1, NIS: 1.1.16300.1 Date: 2019-09-17 15:13:06.565 Description: Windows Defender Antivirus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.301.1134.0 Fonte da Atualização: Centro de Proteção contra Malware da Microsoft Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.16300.1 Código de Erro: 0x80072ee7 Descrição do Erro: O nome ou o endereço do servidor não pôde ser resolvido Date: 2019-09-17 15:13:06.564 Description: Windows Defender Antivirus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.301.1134.0 Fonte da Atualização: Centro de Proteção contra Malware da Microsoft Tipo da Inteligência de Segurança: Anti-spyware Tipo da atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.16300.1 Código de Erro: 0x80072ee7 Descrição do Erro: O nome ou o endereço do servidor não pôde ser resolvido Date: 2019-09-17 15:13:06.563 Description: Windows Defender Antivirus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.301.1134.0 Fonte da Atualização: Centro de Proteção contra Malware da Microsoft Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.16300.1 Código de Erro: 0x80072ee7 Descrição do Erro: O nome ou o endereço do servidor não pôde ser resolvido Date: 2019-09-17 15:13:04.048 Description: Windows Defender Antivirus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.301.1134.0 Fonte da Atualização: Centro de Proteção contra Malware da Microsoft Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.16300.1 Código de Erro: 0x80072ee7 Descrição do Erro: O nome ou o endereço do servidor não pôde ser resolvido Date: 2019-09-17 15:13:04.048 Description: Windows Defender Antivirus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.301.1134.0 Fonte da Atualização: Centro de Proteção contra Malware da Microsoft Tipo da Inteligência de Segurança: Anti-spyware Tipo da atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.16300.1 Código de Erro: 0x80072ee7 Descrição do Erro: O nome ou o endereço do servidor não pôde ser resolvido CodeIntegrity: =================================== Date: 2019-09-16 10:27:59.058 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\BthA2dp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-15 00:11:10.060 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\HdAudio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== BIOS: Phoenix Technologies Ltd. 00RH 12/19/2011 Motherboard: SAMSUNG ELECTRONICS CO., LTD. RV419 Processador: Intel(R) Celeron(R) CPU B800 @ 1.50GHz Percentagem de memória em uso: 90% RAM física total: 4009.54 MB RAM física disponível: 392.8 MB Virtual Total: 6822.51 MB Virtual disponível: 837.27 MB ==================== Drives ================================ Drive c: (BOBOBY) (Fixed) (Total:155.36 GB) (Free:116.5 GB) NTFS Drive d: (Arquivos_BOBOBY) (Fixed) (Total:309.51 GB) (Free:19.44 GB) NTFS Drive f: () (Removable) (Total:1.85 GB) (Free:1.85 GB) FAT Drive i: (Arquivos_Black) (Fixed) (Total:74.53 GB) (Free:2.8 GB) NTFS \\?\Volume{6913163b-1ff7-11e5-be65-806e6f6e6963}\ (Reservado pelo Sistema) (Fixed) (Total:0.34 GB) (Free:0.29 GB) NTFS \\?\Volume{8977a38c-0000-0000-0000-00ed26000000}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 8977A38C) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=155.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=560 MB) - (Type=27) Partition 4: (Not Active) - (Size=309.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 1.9 GB) (Disk ID: 20736F63) No partition Table on disk 1. ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: 69039950) Partition 1: (Not Active) - (Size=74.5 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================