Computadora muy lenta de reacciones

Buenas, un saludo a todos. Acudo de nuevo al foro para pedir una vez más vuestra valiosa e inestimable ayuda, ya que me temo que mi portátil está con virus. El síntoma principal es que está muy lento de reacciones. He notado también que el video a veces se ralentiza un poco.

Otro detalle que me tiene mosca: cuando intento iniciar sesión en vuestra página, tecleo mi correo (o usuario), mi contraseña y aparece el siguiente mensaje vuestro remarcado en verde: “Encontramos una cuenta que coincide con [email protected] (mi dirección de correo), deberías recibir un email con un enlace de ingreso en breve”. Al de poco la pestaña donde tengo abierto mi correo informa que ha entrado un mensaje, pero cuando abro la pestaña nunca aparece el mensaje en mi bandeja de entrada.

Finalmente, visto que no conseguía iniciar sesión usando mi antigua contraseña, me he registrado de nuevo con otro nombre de usuario y contraseña, con lo que (vosotros me lo confirmaréis) temo que hayáis perdido los datos referentes a todas mis anteriores visitas y consultas (espero que no).

Agradecería mucho que me orientarais sobre cómo proceder. Me pongo en vuestras manos para lo que consideréis oportuno.

Gracias de antemano como siempre.

Hola @abendibar1 y Bienvenido al nuevo Foro.!!!

LO que comentas de tu anterior cuenta, se debe a esto :

Dinos que problemas tienes exactamente en el Foro para poderte ayudar.

SAludos.

Hola JavierHF, gracias por la rápida respuesta.

Repitiendo un poco lo que explico arriba, me temo que mi portátil está con virus. El síntoma principal es que está lentísimo de reacciones. He notado también que el video a veces se ralentiza un poco. Vamos, los síntomas típicos de algún tipo de infección.

Me pongo a vuestra disposición y pido vuestra ayuda para que me orientéis sobre cómo proceder.

Mil gracias por adelantado.

Bien… pues para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: [Cómo deshabilitar temporalmente su Antivirus , mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.

Buenas.

Solo una observación, y es que me ha resultado imposible seguir vuestras instrucciones en el caso del Malwarebytes, ya que a la hora de instalarlo me saltaba un mensaje diciendo que ocurrió un error en la instalación por no tener acceso a internet. Con lo cual, solo he podido instalarlo conectándome puntualmente a internet. Aparte de ese detalle todo normal. Coloco a continuación los informes solicitados.



-Detalles del registro-
Fecha del análisis: 9/10/20
Hora del análisis: 14:17
Archivo de registro: 5ef81828-0a53-11eb-9869-00ffb2daf881.json

-Información del software-
Versión: 4.2.1.89
Versión de los componentes: 1.0.1061
Versión del paquete de actualización: 1.0.31014
Licencia: Prueba

-Información del sistema-
SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 306282
Amenazas detectadas: 22
Amenazas en cuarentena: 0
Tiempo transcurrido: 40 min, 46 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 3
HackTool.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\KMSAutoNet, Sin acciones por parte del usuario, 1298, 805275, , , , , , 
HackTool.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F5E40CE2-17CA-44DF-B6C5-B70C4B924AE5}, Sin acciones por parte del usuario, 1298, 805275, , , , , , 
HackTool.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{F5E40CE2-17CA-44DF-B6C5-B70C4B924AE5}, Sin acciones por parte del usuario, 1298, 805275, , , , , , 

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 1
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV, Sin acciones por parte del usuario, 1298, 805275, , , , , , 

Archivo: 18
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\devcon.exe, Sin acciones por parte del usuario, 1298, 805275, , , , , 3904D0698962E09DA946046020CBCB17, A51E25ACC489948B31B1384E1DC29518D19B421D6BC0CED90587128899275289
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\devcon.exe, Sin acciones por parte del usuario, 1298, 805275, , , , , 7F0C8F7B6F6D22ECD83013F2F26A71AE, A4E561F666C08353C2226E8E264555C406893B0AD1B74FD05F4F29655E128809
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\FakeClient.exe, Sin acciones por parte del usuario, 1298, 805275, , , , , B85F4CE841F3AE1EBDF76835D2EADBEF, CE28748F6AE7B54AB35FC31D825E80A26E143737CF4748FFF523781E04C1EE79
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WdfCoInstaller01009.dll, Sin acciones por parte del usuario, 1298, 805275, , , , , BE566E174EAF5B93B0474593CD8F2715, CEE8496BFA1080FD84FC48BA4375625238900FE93EA739B2DC0300206FDE8330
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.dll, Sin acciones por parte del usuario, 1298, 805275, , , , , 3F0C03E5076C7E6B404F894FF4DC5BB1, 4E7EBED8410C83B73A23185AA94680143DA2933305CD6DEEFE8EC0B51B7EE6F3
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.inf, Sin acciones por parte del usuario, 1298, 805275, , , , , A94D989905A248AFCA52BC3CBFCB248B, 6C9F7DEA4F9A47788D5D2BA110B08457FD00DBABE4812EBCA6F022300843A75D
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.sys, Sin acciones por parte del usuario, 1298, 805275, , , , , A0D15D8727D0780C51628DF46B7268B3, 5E23F3ED1D6620C39A644F9879404A22DED86B3B076EC4A898B4B6BE244AFD64
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\oas_sert.cer, Sin acciones por parte del usuario, 1298, 805275, , , , , 0041584E5F66762B1FA9BE8910D0B92B, BB27684B569CBB72DEC63EA6FDEF8E5F410CDAEB73717EEE1B36478DBCFF94CC
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\KMSSS.exe, Sin acciones por parte del usuario, 1298, 805275, , , , , ADD80E5D9FAD482705C3807BACFE1993, BB3830B14DF80838FB201C611ABF0C1F3714C6B8B103ED084EAFC170036631BE
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\KMSSS.log, Sin acciones por parte del usuario, 1298, 805275, , , , , 3D4EBAA1CC9F8726F9527D1A798FC026, 26C8E6AF3EC54DDD54939466AA2233D77A019C43C9FC1191319B7DDB6F377CDF
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\TunMirror.exe, Sin acciones por parte del usuario, 1298, 805275, , , , , 2ED9C12A91E795804B1B770958C647AC, CB56C248A38292C234D1AABE5E33A671FE8AE8AED28E0C8C4FBE767E4E7B82F5
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\TunMirror2.exe, Sin acciones por parte del usuario, 1298, 805275, , , , , 3B33E3AB6E91806DF4CAE19405AB8846, D9CD47831FABA4053225DAC181709FD7AB9D066C3DE6F541968FFFEEEE4A9BF9
HackTool.KMS, C:\ProgramData\KMSAutoS\KMSAuto Net.exe, Sin acciones por parte del usuario, 1298, 805275, , , , , 93A3A8CE440197D31168FAC569082937, 22EF521964080E77D7006F9341D720683FA98409361C62A7BC4FE81EC474B1B2
HackTool.KMS, C:\ProgramData\KMSAutoS\kmsauto.ini, Sin acciones por parte del usuario, 1298, 805275, , , , , 2BAA3DE617ED3272AF13D8A3CEC671E9, DB588C52DE6F286A4D4179EBC95F233E3F161B33DE98047CF8AD4B11156416C5
HackTool.KMS, C:\WINDOWS\SYSTEM32\TASKS\KMSAutoNet, Sin acciones por parte del usuario, 1298, 805275, , , , , CF797561E3C06A994485650D2CA96E0D, 0023533AFF2DFC14587B23D6EABF960B907C7BA18D78A7D8130E2E55CAF544A5
PUP.Optional.PushNotifications.Generic, C:\USERS\JON IMAZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sin acciones por parte del usuario, 201, 838845, 1.0.31014, , ame, , 36849D6D272317F7C4C470D74F590921, E4EE3DED7B7B21E878AD5FAC3DB86735052CF63A197B52D841DD4030BB6C4034
PUP.Optional.PushNotifications.Generic, C:\USERS\JON IMAZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sin acciones por parte del usuario, 201, 838845, 1.0.31014, , ame, , 36849D6D272317F7C4C470D74F590921, E4EE3DED7B7B21E878AD5FAC3DB86735052CF63A197B52D841DD4030BB6C4034
PUP.Optional.PushNotifications.Generic, C:\USERS\JON IMAZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sin acciones por parte del usuario, 201, 838845, 1.0.31014, , ame, , 36849D6D272317F7C4C470D74F590921, E4EE3DED7B7B21E878AD5FAC3DB86735052CF63A197B52D841DD4030BB6C4034

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)

(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-10-2020
# Duration: 00:00:05
# OS:       Windows 8.1 Single Language
# Cleaned:  8
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\Jon Imaz\AppData\Local\slimware utilities inc
Deleted       C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Conduit
Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKLM\Software\Wow6432Node\Conduit
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1938 octets] - [18/10/2018 20:18:02]
AdwCleaner[C00].txt - [1954 octets] - [18/10/2018 20:19:05]
AdwCleaner[S01].txt - [3105 octets] - [10/10/2020 07:58:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 Single Language x64 
Ran by Jon Imaz (Administrator) on 10/10/2020 at  9:33:41,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 2 

Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Program Files (x86)\GUT4589.tmp (File) 

Deleted the following from C:\Users\Jon Imaz\AppData\Roaming\Mozilla\Firefox\Profiles\w2eu3x0b.default-1495374066735-1554123762353\prefs.js
user_pref(browser.newtab.url, hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__190718);
user_pref(browser.newtabpage.url, hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__190718);


Registry: 3 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/10/2020 at  9:41:58,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hola.

Lo siento pero no estoy pudiendo postar los informes del FARBAR porque me salta un mensaje vuestro diciendo que solo se pueden incluir dos enlaces por publicación y que solo se pueden incluir dos citas por publicación.

Algun consejo?

Gracias.

Hola.

Mira SI ya puedes ponerlos o sigue los pasos para ponerlos como ficheros adjuntos :

:arrow_right: Guía : ¿Como Pegar reportes en el Foro?

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 04-10-2020
Executado por Jon Imaz (administrador) em JON (Acer Aspire E5-571) (10-10-2020 09:45:29)
Executando a partir de D:\Jon Imaz\ÀREA DE TRABALHO
Perfis Carregados: Jon Imaz
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Navegador padrão: Opera
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) C:\Program Files\Diebold\Warsaw\core.exe <2>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
Falha ao acessar processo -> ig.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2020-02-05] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [Opera Browser Assistant] => c:\program files (x86)\opera\assistant\browser_assistant.exe [3085336 2020-10-06] (Opera Software AS -> Opera Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm Atheros -> Atheros Communications) [Arquivo não assinado]
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198000 2019-12-18] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\MountPoints2: {006cacfc-f206-11e5-8276-f8a963611d9d} - "F:\LaunchU3.exe" -a
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [222208 2020-03-04] (Bullzip) [Arquivo não assinado]
HKLM\...\Print\Monitors\HP1006LM: C:\Windows\system32\HP1006LM.DLL [198144 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO

==================== Tarefas Agendadas (Whitelisted) ============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {28DAB617-CD00-4AB9-85E2-F2C031366839} - System32\Tasks\{C62F6514-B5BE-4F3D-8938-1E9593CAD58C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {2FB8FEB0-10E6-4425-B09E-2F0D3C88D274} - System32\Tasks\{1DB68CA9-7783-41E5-8453-D196A9EBEAE6} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {30FC5438-6119-4C5C-99AA-6265495A3227} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {346D23FA-6D04-442A-9087-21300028C50E} - System32\Tasks\{F7079146-D1CF-492F-AE67-7950044B285F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {39A8BA0F-2789-4E24-9B3F-4F138355FAA2} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {44F160D9-D5DD-49F9-9B65-975F589D0F94} - System32\Tasks\{52770487-4238-4707-8322-F9DEF8482DA7} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {51E99C94-A99B-49A4-81BA-F09EDB3BC282} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {5E96482B-1E79-4C5B-A156-E7E0DC2BDA2B} - System32\Tasks\G2MUpdateTask-S-1-5-21-4292848827-1158437421-1775176333-1001 => C:\Users\Jon Imaz\AppData\Local\GoToMeeting\18705\g2mupdate.exe [31320 2020-09-20] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {60F5EF02-C531-4D3F-8635-F3C3787E7BC4} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {72A3B4E9-B662-4F31-96BB-83CBEF68FE47} - System32\Tasks\{2BAC07AE-924D-4560-B80C-C26AE563EB06} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {761CC962-D740-4A48-BC53-21AA1DB3E3F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-29] (Google Inc -> Google Inc.)
Task: {78036F13-07AF-4E25-8939-D73303B98DB0} - System32\Tasks\Opera scheduled Autoupdate 1473604737 => c:\program files (x86)\opera\launcher.exe [1712152 2020-10-06] (Opera Software AS -> Opera Software)
Task: {7DB26E0B-3B4A-41FE-87E4-CD6F4FF8C94C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-29] (Google Inc -> Google Inc.)
Task: {834F3270-39F9-4958-A407-E4CED6EE5B31} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474344 2014-06-08] (Acer Incorporated -> Acer Incorporated)
Task: {880AD4C1-55B1-4AB1-8316-C0C2D6EA1E6D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-19] (Adobe Inc. -> Adobe)
Task: {88A84E0E-944C-4551-97FD-CA7DC4230413} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {891D60C4-9F33-41BF-B132-2CCADB003C9A} - System32\Tasks\Opera scheduled assistant Autoupdate 1582553286 => c:\program files (x86)\opera\launcher.exe [1712152 2020-10-06] (Opera Software AS -> Opera Software)
Task: {9A16EA10-2A03-4307-BC32-3677DDDED34C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9A2BD645-F71B-40BA-9CC7-81FBAAABB9EE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {9C2B3162-06B3-4073-9568-C8E61F46D221} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3850336 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
Task: {9D14D82B-CD74-446A-9AEE-9CE308057DCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-19] (Adobe Inc. -> Adobe)
Task: {BA03D7B0-16A2-4C24-856B-19B1F52A7882} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\Windows\TEMP\is-M4GQ0.tmp\corefixer.exe <==== ATENÇÃO
Task: {BB95269E-9A93-4A47-B081-2BB390566FEA} - System32\Tasks\G2MUploadTask-S-1-5-21-4292848827-1158437421-1775176333-1001 => C:\Users\Jon Imaz\AppData\Local\GoToMeeting\18705\g2mupload.exe [31320 2020-09-20] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {C35CA811-E2D8-4C02-8D0C-78A514028C9A} - System32\Tasks\{3C0B26DE-14B8-4F4E-AA4C-8A98F62C35E5} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {D3300008-ADB6-45C7-A77D-90F5DA3964F0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D57B90A8-935E-4F07-82AC-9C3FAA8ABA17} - System32\Tasks\{10E0E336-AF63-4560-A01D-9750D13207E8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {E07DC94A-B776-4B28-9985-55D9E36DAA50} - System32\Tasks\{D53FD6A1-E5F1-4823-83C4-7D9F110AA4EB} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {EABD55E3-FAC0-46C1-A431-58D67BF6C415} - System32\Tasks\{7B460525-4530-48C2-8C6C-496B89F58B03} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {EE7C766A-372F-4447-91EE-4CBA64700AAB} - System32\Tasks\{FC574F5A-E95B-4EF0-B587-2B7E82806857} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {FE9BA373-3690-40B5-A4E0-AE103A02505A} - System32\Tasks\{273F36C7-7A74-47E3-8611-FCF6D880BBAA} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4292848827-1158437421-1775176333-1001.job => C:\Users\Jon Imaz\AppData\Local\GoToMeeting\18705\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4292848827-1158437421-1775176333-1001.job => C:\Users\Jon Imaz\AppData\Local\GoToMeeting\18705\g2mupload.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyServer: [S-1-5-21-4292848827-1158437421-1775176333-1001] => 89.140.125.17:80
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1A417A7C-F1A5-463B-B2A9-65FE6A15F9F5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DDC7DFC3-DEC6-4FB5-84A1-CF0734C38618}: [DhcpNameServer] 192.168.1.1

Edge: 
======
Edge Profile: C:\Users\Jon Imaz\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-08]

FireFox:
========
FF DefaultProfile: w2eu3x0b.default-1495374066735-1554123762353
FF ProfilePath: C:\Users\Jon Imaz\AppData\Roaming\Mozilla\Firefox\Profiles\w2eu3x0b.default-1495374066735-1554123762353 [2020-10-10]
FF Extension: (Avast Online Security) - C:\Users\Jon Imaz\AppData\Roaming\Mozilla\Firefox\Profiles\w2eu3x0b.default-1495374066735-1554123762353\Extensions\[email protected] [2020-07-03] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2020-10-10]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2019-01-26]

Chrome: 
=======
CHR Profile: C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default [2020-10-08]
CHR Notifications: Default -> hxxps://app.plataformasicessolar.com.br; hxxps://blog-cursoelet.os.tc; hxxps://carteirarica.com.br; hxxps://maldita.es; hxxps://neosolarsol.pushcrew.com; hxxps://www.mundodaeletrica.com.br; hxxps://www.youtube.com
CHR Extension: (Presentaciones) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-29]
CHR Extension: (Documentos) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-29]
CHR Extension: (Google Drive) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-29]
CHR Extension: (YouTube) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-29]
CHR Extension: (Pushbullet) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2020-06-22]
CHR Extension: (Bring Pushbullet Notifications Back to Chrome) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpmmngoajnhfhalbmdkglnekmkkijjap [2019-01-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-08-25]
CHR Extension: (Hojas de cálculo) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-29]
CHR Extension: (Negro y tema blanco) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2019-01-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-08]
CHR Extension: (Cuponomia - Cupom e Cashback) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidejehfgombmkfflghejpncblgfkagj [2020-09-10]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-08-25]
CHR Extension: (Avast Online Security) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-04]
CHR Extension: (Mais Barato PROTESTE) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmbjlhnlibdfompahnfionljdfeeipdb [2020-08-16]
CHR Extension: (Office) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2020-08-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-08-16]
CHR Profile: C:\Users\Jon Imaz\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-08]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

Opera: 
=======
OPR Notifications: hxxps://apu8.xgen.com.br; hxxps://catracalivre.com.br; hxxps://forospyware.com; hxxps://suftoajachi.com; hxxps://www.solarlivre.com.br; hxxps://www.videograbber.net; hxxps://www1.folha.uol.com.br
OPR Extension: (Pushbullet) - C:\Users\Jon Imaz\AppData\Roaming\Opera Software\Opera Stable\Extensions\jacmgnhcnfdmjdkdlfndaccecdegacba [2020-02-19]
OPR Extension: (Google Translate) - C:\Users\Jon Imaz\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2020-08-27]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-12] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [955520 2016-04-28] (ABBYY Production LLC -> ABBYY Production LLC)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-19] (Adobe Inc. -> Adobe)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7824280 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357848 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2018-05-15] () [Arquivo não assinado]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-10-08] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> )
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1118256 2019-11-22] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206392 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235584 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [195648 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42768 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175192 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [517592 2020-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84848 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851600 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469880 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217328 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [53904 2017-03-01] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326408 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-05-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-05-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [42472 2020-08-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-10-08] (Malwarebytes Corporation -> Malwarebytes)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217592 2020-10-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197280 2020-10-10] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73880 2020-10-10] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-10-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131232 2020-10-10] (Malwarebytes Inc -> Malwarebytes)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [47800 2020-10-10] (Gas Informatica Ltda -> GAS Tecnologia)
R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [47576 2019-08-28] (Gas Informatica Ltda -> GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44728 2019-04-15] (Gas Informatica Ltda -> GAS Tecnologia)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43560 2018-01-09] (Gas Informatica Ltda -> GAS Tecnologia)
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um mês (criados) ===================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2020-10-10 09:45 - 2020-10-10 09:47 - 000000000 ____D C:\FRST
2020-10-10 08:21 - 2020-10-10 08:21 - 000000000 ____D C:\Users\Jon Imaz\AppData\LocalLow\IGDump
2020-10-10 08:02 - 2020-10-10 08:02 - 000197280 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-10-10 08:02 - 2020-10-10 08:02 - 000131232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-10-10 08:02 - 2020-10-10 08:02 - 000073880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-10-08 22:27 - 2020-10-08 22:27 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-10-08 22:27 - 2020-10-08 22:27 - 000217592 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-10-08 22:27 - 2020-10-08 22:27 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-10-08 22:27 - 2020-10-08 22:27 - 000001940 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-10-07 22:58 - 2020-10-07 22:58 - 000004357 _____ C:\Users\Jon Imaz\AppData\Local\recently-used.xbel
2020-09-21 22:34 - 2020-09-21 22:33 - 000338528 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-09-21 22:34 - 2020-09-21 22:33 - 000217328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-09-21 22:34 - 2020-09-21 22:33 - 000175192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-09-21 09:02 - 2020-09-25 12:09 - 000000000 ____D C:\Users\Jon Imaz\AppData\Local\WhatsApp
2020-09-15 20:25 - 2020-10-09 14:27 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-14 11:05 - 2020-05-03 17:13 - 001005170 _____ C:\Windows\system32\Windows8.1-KB2999226-x64.msu
2020-09-14 11:05 - 2020-05-03 17:13 - 000044312 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140_1.dll
2020-09-14 11:05 - 2020-05-03 17:13 - 000027416 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_codecvt_ids.dll

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2020-10-10 09:39 - 2018-10-01 14:17 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-10-10 09:37 - 2019-07-30 14:44 - 000000660 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4292848827-1158437421-1775176333-1001.job
2020-10-10 09:06 - 2017-09-25 23:00 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-10-10 08:59 - 2019-07-30 14:44 - 000000564 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4292848827-1158437421-1775176333-1001.job
2020-10-10 08:34 - 2017-08-31 15:52 - 000000000 ____D C:\Users\Jon Imaz\AppData\Local\AVAST Software
2020-10-10 08:03 - 2016-03-11 18:03 - 000000000 ____D C:\Users\Jon Imaz\AppData\Local\CrashDumps
2020-10-10 08:01 - 2019-11-20 17:36 - 000047800 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2020-10-10 08:01 - 2019-07-23 12:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-10 08:01 - 2013-08-22 11:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-09 15:45 - 2019-08-19 16:23 - 000000000 ____D C:\Users\Todos os Usuários\KMSAutoS
2020-10-09 15:45 - 2019-08-19 16:23 - 000000000 ____D C:\ProgramData\KMSAutoS
2020-10-09 14:28 - 2020-09-09 08:43 - 000004040 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582553286
2020-10-09 14:28 - 2020-07-03 06:28 - 000003552 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-09 14:28 - 2020-07-03 06:28 - 000003424 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-09 14:28 - 2019-07-30 14:44 - 000003656 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-4292848827-1158437421-1775176333-1001
2020-10-09 14:28 - 2019-07-30 14:44 - 000003560 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-4292848827-1158437421-1775176333-1001
2020-10-09 14:28 - 2019-01-29 23:06 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-09 14:28 - 2019-01-29 23:06 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-09 14:28 - 2018-10-01 14:17 - 000002786 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-10-09 14:28 - 2017-12-10 14:25 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-10-09 14:28 - 2017-10-04 11:10 - 000002912 _____ C:\Windows\system32\Tasks\Rerun Warsaw's CoreFixer
2020-10-09 14:28 - 2016-09-11 11:39 - 000003842 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1473604737
2020-10-09 14:28 - 2015-02-16 23:52 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4292848827-1158437421-1775176333-500
2020-10-09 14:27 - 2020-08-03 21:37 - 000000000 ____D C:\Users\Jon Imaz\AppData\Roaming\vlc
2020-10-09 14:27 - 2019-09-30 20:37 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-10-09 14:27 - 2016-03-11 12:46 - 000003352 _____ C:\Windows\system32\Tasks\BacKGroundAgent
2020-10-09 14:12 - 2016-03-11 12:33 - 000000000 ____D C:\Users\Jon Imaz
2020-10-09 09:00 - 2016-03-11 12:41 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4292848827-1158437421-1775176333-1001
2020-10-08 22:27 - 2016-03-16 14:02 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2020-10-08 22:27 - 2016-03-16 14:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-10-08 22:18 - 2013-08-22 10:36 - 000000000 ____D C:\Windows\Inf
2020-10-08 22:07 - 2016-09-11 11:38 - 000000000 ____D C:\Program Files (x86)\Opera
2020-10-08 22:06 - 2016-03-11 15:58 - 000000000 ____D C:\Users\Todos os Usuários\AVAST Software
2020-10-08 22:06 - 2016-03-11 15:58 - 000000000 ____D C:\ProgramData\AVAST Software
2020-10-08 21:50 - 2020-08-12 19:14 - 000000000 ____D C:\Users\Jon Imaz\AppData\Roaming\DAEMON Tools Pro
2020-10-08 21:50 - 2018-03-12 21:28 - 000000000 ____D C:\Users\Jon Imaz\AppData\Roaming\inkscape
2020-10-08 21:50 - 2017-07-16 14:12 - 000000000 ____D C:\Users\Jon Imaz\AppData\Roaming\BitTorrent
2020-10-08 21:49 - 2016-09-30 14:33 - 000000000 ____D C:\Windows\Minidump
2020-10-08 18:44 - 2019-07-15 11:46 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2020-10-06 10:02 - 2016-03-11 23:56 - 000000000 ____D C:\Users\Jon Imaz\AppData\Local\Aplicativo Itau
2020-10-04 20:23 - 2015-02-17 04:12 - 000768942 _____ C:\Windows\system32\prfh0416.dat
2020-10-04 20:23 - 2015-02-17 04:12 - 000155726 _____ C:\Windows\system32\prfc0416.dat
2020-10-04 20:23 - 2014-03-18 06:53 - 001789752 _____ C:\Windows\system32\PerfStringBackup.INI
2020-09-29 11:32 - 2016-03-12 23:23 - 000000000 ____D C:\Users\Jon Imaz\AppData\Local\ElevatedDiagnostics
2020-09-27 08:54 - 2019-07-30 14:44 - 000000000 ____D C:\Users\Jon Imaz\AppData\Local\GoToMeeting
2020-09-26 07:28 - 2017-10-11 16:41 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-25 12:10 - 2019-12-31 10:50 - 000000000 ____D C:\Users\Jon Imaz\AppData\Roaming\WhatsApp
2020-09-25 12:09 - 2019-12-31 10:49 - 000000000 ____D C:\Users\Jon Imaz\AppData\Local\SquirrelTemp
2020-09-24 07:37 - 2020-04-18 09:03 - 000517592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-09-22 11:41 - 2013-08-22 10:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-09-21 22:34 - 2017-09-25 22:59 - 000326408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-09-21 22:33 - 2020-02-13 10:48 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-09-21 22:33 - 2019-01-14 12:45 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-09-21 22:33 - 2019-01-13 08:44 - 000195648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-09-21 22:33 - 2019-01-13 08:44 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-09-21 22:33 - 2018-10-10 13:43 - 000042768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-09-21 22:33 - 2017-11-09 14:24 - 000206392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-09-21 22:33 - 2017-09-25 22:59 - 000851600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-09-21 22:33 - 2017-09-25 22:59 - 000469880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-09-21 22:33 - 2017-09-25 22:59 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-09-21 22:33 - 2017-09-25 22:59 - 000084848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-09-21 20:01 - 2019-01-29 23:07 - 000002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-21 18:23 - 2019-01-18 06:02 - 005353536 _____ C:\Windows\system32\FNTCACHE.DAT
2020-09-21 11:11 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-09-19 12:17 - 2020-06-10 06:12 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-09-19 12:17 - 2020-06-10 06:12 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-19 12:17 - 2017-08-09 19:07 - 000004544 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-09-19 12:17 - 2017-08-09 19:07 - 000004398 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-09-19 12:17 - 2016-03-12 09:50 - 000000000 ____D C:\Users\Jon Imaz\AppData\Local\Adobe
2020-09-19 12:17 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-09-19 12:17 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-09-14 19:11 - 2017-07-14 19:05 - 000000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2020-09-14 19:11 - 2017-07-14 19:05 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-09-14 10:49 - 2017-10-11 16:41 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-09-11 00:01 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\rescache
2020-09-10 12:32 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\system32\NDF

==================== Arquivos na raiz de alguns diretórios ========

2009-03-24 11:52 - 2009-03-24 11:52 - 000170080 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\ComCt232.ocx
2018-10-02 09:39 - 2018-10-02 09:39 - 000000000 _____ () C:\Users\Jon Imaz\AppData\Local\oobelibMkey.log
2020-10-07 22:58 - 2020-10-07 22:58 - 000004357 _____ () C:\Users\Jon Imaz\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)


LastRegBack: 2020-10-02 07:46
==================== Fim de FRST.txt ========================
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 04-10-2020
Executado por Jon Imaz (10-10-2020 09:49:05)
Executando a partir de D:\Jon Imaz\ÀREA DE TRABALHO
Windows 8.1 Single Language (Update) (X64) (2016-03-11 15:33:30)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-4292848827-1158437421-1775176333-500 - Administrator - Disabled)
Convidado (S-1-5-21-4292848827-1158437421-1775176333-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4292848827-1158437421-1775176333-1003 - Limited - Enabled)
Jon Imaz (S-1-5-21-4292848827-1158437421-1775176333-1001 - Administrator - Enabled) => C:\Users\Jon Imaz

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.625 - ABBYY Production LLC)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aplicativo Itaú (HKLM-x32\...\{4B6778AC-BABE-44D4-BDF3-1BA382F7D580}) (Version: 1.0.162 - Banco Itaú)
Apowersoft Online Launcher version 1.7.7 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.7 - APOWERSOFT LIMITED)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
BitTorrent (HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\BitTorrent) (Version: 7.10.5.45785 - BitTorrent Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
calibre (HKLM-x32\...\{077B3600-3861-4F0D-9BBB-CD30DD5B8522}) (Version: 4.4.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version:  - )
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
Direct Show Ogg Vorbis Filter (remove only) (HKLM-x32\...\OggDS) (Version:  - )
DirectVobSub 2.41.7259 (5d3641a) Beta (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.7259 - MPC-HC Team)
DivX Pro 6.8.0 VFW (HKLM-x32\...\divx650vfw_is1) (Version: 6.8.0.14 - )
EditPad Lite ES 7.4.1 (HKLM\...\EditPad Lite) (Version: ES 7.4.1 - Just Great Software)
ffdshow v1.3.4531 [2014-06-28] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4531.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{665DF231-32BE-46BA-ABD2-B0D69F8314FF}) (Version: 1.0.494 - LogMeIn, Inc.)
GoToMeeting 10.13.1.18705 (HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\GoToMeeting) (Version: 10.13.1.18705 - LogMeIn, Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.27) (Version: 9.27 - Artifex Software Inc.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Inkscape 0.92.2 (HKLM-x32\...\Inkscape) (Version: 0.92.2 - Inkscape Project)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3947 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
LibreOffice 6.3 Help Pack (Portuguese (Brazil)) (HKLM\...\{72E1DCAE-8184-4D73-867B-F4E18AC7DDF1}) (Version: 6.3.4.2 - The Document Foundation)
LibreOffice 6.3.4.2 (HKLM\...\{191F4D69-B671-4163-BB01-901B89A20D04}) (Version: 6.3.4.2 - The Document Foundation)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.154 - Logitech)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
MKVToolNix 17.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 17.0.0 - Moritz Bunkus)
Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
Opera Stable 71.0.3770.228 (HKLM-x32\...\Opera 71.0.3770.228) (Version: 71.0.3770.228 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PVsyst (HKLM-x32\...\{1BDFE66C-E161-4B5A-805B-DD178A7F3868}) (Version: 6.7.0 - PVsyst SA)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Radiasol 2 (HKLM-x32\...\ST6UNST #1) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21257 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7300 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Scribus 1.4.8 (64bit) (HKLM\...\Scribus 1.4.8) (Version: 1.4.8 - The Scribus Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
Skype versão 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1216 - SUPERAntiSpyware.com)
Telegram Desktop versão 2.0.1 (HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.0.1 - Telegram FZ-LLC)
Vegas Pro 13.0 (64-bit) (HKLM\...\{204DC300-0BC8-11E5-B87F-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VEGAS Pro 16.0 (HKLM\...\{0A511800-A098-11E8-80AC-00155D6302F2}) (Version: 16.0.248 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Warsaw 2.14.1.3 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.14.1.3 - GAS Tecnologia)
WhatsApp (HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\WhatsApp) (Version: 2.2037.6 - WhatsApp)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
Zoom (HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2018-05-15] (WildTangent Games)
AccuWeather for Windows 8 -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_4.1.0.31_x64__8zz2pj9h1h1d8 [2018-05-15] (AccuWeather)
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4 [2018-05-15] (Acer Incorporated)
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t [2018-05-15] (Amazon.com)
Biblioteca do Microsoft Windows para JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2018-05-15] (Extensões de Plataformas da Microsoft)
Biblioteca do Microsoft Windows para JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2018-05-15] (Microsoft Platform Extensions)
Booking.com Partner Edition -> C:\Program Files\WindowsApps\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr [2018-05-15] (Booking.com B.V.)
Editor de Vídeos -> C:\Program Files\WindowsApps\Microsoft.MovieMoments_6.3.9654.20464_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2018-05-15] (Evernote)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-05-15] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation)
Jogos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation) [MS Ad]
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2018-05-15] (AMZN Mobile LLC)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2018-05-15] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2018-05-15] (Microsoft Platform Extensions)
MSN Clima -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation) [MS Ad]
MSN Dinheiro -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation) [MS Ad]
MSN Esportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation) [MS Ad]
MSN Notícias -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation) [MS Ad]
MSN Receitas e Bebidas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation) [MS Ad]
MSN Saúde e Bem-estar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation) [MS Ad]
MSN Viagem -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation) [MS Ad]
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation) [MS Ad]
mxtest2 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.mxtest2_2.0.0.0_neutral__x35ns48czryn0 [2018-05-15] (m1df_mmengesha)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.22.0.39_x64__mcm4njqhnhss8 [2018-10-26] (Netflix, Inc.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2018-05-15] (Skype) [MS Ad]
Test_Framework_BP_052015 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBP052015_1.0.0.9_neutral__x35ns48czryn0 [2018-05-15] (m1df_mmengesha)
Test_Framework_win81appxneutral_061115 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkwin81appxneutral06_4.0.0.7_neutral__x35ns48czryn0 [2018-05-15] (M1DF_Mmengesha)
Test_FrameworkBackpublish_050515 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBackpublish050515_1.0.0.0_neutral__x35ns48czryn0 [2018-05-15] (m1df_mmengesha)
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_1.1.0.0_neutral__6bhtb546zcxnj [2018-05-15] (TuneIn)
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2018-05-15] (Microsoft Corporation) [MS Ad]

==================== Exame Personalizado CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001_Classes\CLSID\{9042BC61-732E-AF80-DD0E-B78379F34D8D}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] (Notepad++ -> )
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Nenhum Arquivo
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Nenhum Arquivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter64.acm [2231296 2013-04-05] () [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2014-10-19] () [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2014-09-29] () [Arquivo não assinado]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [186368 2014-10-28] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-05] () [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.DIVX] => C:\Windows\SysWOW64\divx.dll [682496 2007-12-04] (DivX, Inc.) [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2014-10-19] () [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-06-28] () [Arquivo não assinado]

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Jon Imaz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Módulos Carregados (Whitelisted) =============

2016-03-12 00:16 - 2020-03-04 11:32 - 000222208 _____ (Bullzip) [Arquivo não assinado] C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll
2014-02-25 22:17 - 2014-02-25 22:17 - 000107648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CommApi.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutLookLib.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000115328 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de Aplicativos:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.es/
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
DownloadDir: D:\Jon Imaz\DOWNLOADS
SearchScopes: HKLM -> DefaultScope {8C11D7CD-4621-4A75-BF58-F37212052CD8} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {8C11D7CD-4621-4A75-BF58-F37212052CD8} URL = 
SearchScopes: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001 -> {CCD0B6F5-AB7D-401D-B6D8-9262EA30F932} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} -  Nenhum Arquivo
Handler: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} -  Nenhum Arquivo
Handler: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} -  Nenhum Arquivo
Handler: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} -  Nenhum Arquivo
Handler: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} -  Nenhum Arquivo
Handler: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} -  Nenhum Arquivo
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\1001movie.com -> 1001movie.com

Existem ainda 7519 sites a mais.


==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2019-01-04 08:29 - 000002465 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   192.150.14.69
127.0.0.1                   192.150.18.101
127.0.0.1                   192.150.18.108
127.0.0.1                   192.150.22.40
127.0.0.1                   192.150.8.100
127.0.0.1                   192.150.8.118
127.0.0.1                   209-34-83-73.ood.opsource.net
127.0.0.1                   3dns-1.adobe.com
127.0.0.1                   3dns-2.adobe.com
127.0.0.1                   3dns-3.adobe.com
127.0.0.1                   3dns-4.adobe.com
127.0.0.1                   3dns.adobe.com
127.0.0.1                   activate-sea.adobe.com
127.0.0.1                   activate-sjc0.adobe.com
127.0.0.1                   activate.wip.adobe.com
127.0.0.1                   activate.wip1.adobe.com
127.0.0.1                   activate.wip2.adobe.com
127.0.0.1                   activate.wip3.adobe.com
127.0.0.1                   activate.wip4.adobe.com
127.0.0.1                   adobe-dns-1.adobe.com
127.0.0.1                   adobe-dns-2.adobe.com
127.0.0.1                   adobe-dns-3.adobe.com
127.0.0.1                   adobe-dns-4.adobe.com
127.0.0.1                   adobe-dns.adobe.com
127.0.0.1                   adobe.activate.com
127.0.0.1                   adobeereg.com
127.0.0.1                   crl.verisign.net
127.0.0.1                   CRL.VERISIGN.NET.*

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Acer\abFiles\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: O Suporte não está conectado à internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall do Windows está habilitado.

Network Binding:
=============
Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled) 
Wi-Fi: Diebold Network Monitor -> nt_wsddntf (enabled) 
Ethernet 2: Diebold Network Monitor -> nt_wsddntf (enabled) 

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\StartupApproved\Run: => "AutoHelpDesk"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{F6E3BE99-D17F-4E1C-B7E4-D7FB5E60D04D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{32A803D7-6130-4BF2-947E-CCCEAD747FF2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F54F264A-F073-4DFB-BA89-8F8582892CFD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{0B618689-679A-4F99-80CD-A04BBDFEA6E1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D07E08D4-B9F4-424E-A748-8B23504784BA}] => (Allow) C:\Program Files (x86)\Chami\HTML-Kit\Bin\HTMLKit.exe (Chami.com) [Arquivo não assinado]
FirewallRules: [{74215321-257A-41B6-BCC9-4D3AB6663EC8}] => (Allow) C:\Program Files (x86)\Chami\HTML-Kit\Bin\HTMLKit.exe (Chami.com) [Arquivo não assinado]
FirewallRules: [{3865B32A-577F-4745-B2C7-40DB9CF903B2}] => (Allow) C:\Program Files (x86)\Chami\HTML-Kit\Bin\HTMLKit.exe (Chami.com) [Arquivo não assinado]
FirewallRules: [{722A275F-BFC6-4582-9B0E-A1D11E00BB07}] => (Allow) C:\Program Files (x86)\Chami\HTML-Kit\Bin\HTMLKit.exe (Chami.com) [Arquivo não assinado]
FirewallRules: [{C12AC70B-EE8F-4598-AB46-1D3E4132FBED}] => (Allow) C:\Users\Jon Imaz\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{08EED35B-1AA2-4327-A072-2DB1DAA94689}] => (Allow) C:\Users\Jon Imaz\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4BB86B2E-FB6D-4D90-AAF1-D6752D1B8A10}] => (Allow) C:\Users\Jon Imaz\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{59035CB6-D1EA-44C2-A7E6-251A9F4725B4}] => (Allow) C:\Users\Jon Imaz\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{44B8F875-23C3-4AD6-802E-B0132CB8A225}] => (Block) C:\Program Files (x86)\ABBYY\Setup.exe (ABBYY Production LLC -> ABBYY Production LLC.)
FirewallRules: [{AFDA8955-745C-4288-AD6D-94B0826E5763}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{03C50FC5-3459-4680-9B97-9D7986748CDA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6C0151B5-D1A6-44AE-90A2-D1A45771DB53}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{56499859-69C2-410E-A4B5-26B497873809}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{22B0101A-424F-40CA-966B-B61C3577D81E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{46A38A00-0A84-475E-BAC9-CA75147D93DA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C732C6FB-306A-456B-ADDD-121E5CE00510}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1AD80BD5-8259-4388-BF5E-B7465391491B}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf)
FirewallRules: [{A4C5A549-7A4F-4364-A03B-C35ED62BE660}] => (Allow) C:\Users\Jon Imaz\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{DDFF9797-62EE-42B1-9FC3-60145BDE862F}] => (Allow) C:\Users\Jon Imaz\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{90C499B5-E707-45FF-839C-519201DFAFAF}] => (Allow) C:\Users\Jon Imaz\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{F136B552-64BB-4A51-BC5A-8F859DCA825B}] => (Allow) C:\Users\Jon Imaz\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{73FC193D-2DC5-4CBF-961B-4CB2E3C85290}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{F26D2473-40C3-40D8-928C-38069DF1D99B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A88AAD4C-E76D-4768-9683-9BD91EC1DEA7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{27C0D385-E2B9-45DF-881F-419F9C95DD8F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{84F21EF0-2163-4406-8F47-109B0E2CA759}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A303D062-2DA6-4D6B-80D1-63D6C5604781}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FDDB4A51-71F6-4134-9626-F4D0B73B43AD}] => (Allow) c:\program files (x86)\opera\71.0.3770.198\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{3632986C-3A11-450D-9305-3255D6F4A9AB}] => (Allow) c:\program files (x86)\opera\71.0.3770.228\opera.exe (Opera Software AS -> Opera Software)

==================== Pontos de Restauração =========================

24-09-2020 15:31:09 Ponto de Verificação Agendado
02-10-2020 07:48:12 Ponto de Verificação Agendado
10-10-2020 09:33:44 JRT Pre-Junkware Removal

==================== Dispositivos Apresentando Falhas No Gerenciador ============


==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (10/10/2020 08:02:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ig.exe, versão: 1.0.1.1, carimbo de data/hora: 0x5f43d0e0
Nome do módulo com falha: KERNELBASE.dll, versão: 6.3.9600.19678, carimbo de data/hora: 0x5e82c0f7
Código de exceção: 0xc0000142
Deslocamento da falha: 0x0009d452
ID do processo com falha: 0x12bc
Hora de início do aplicativo com falha: 0x01d69ef4d40d6306
Caminho do aplicativo com falha: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
Caminho do módulo com falha: KERNELBASE.dll
ID do Relatório: 162ffaf8-0ae8-11eb-854a-5cc9d3ed7dbd
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (10/09/2020 08:11:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: AGSService.exe, versão: 7.2.0.32, carimbo de data/hora: 0x5f6abe78
Nome do módulo com falha: AGSService.exe, versão: 7.2.0.32, carimbo de data/hora: 0x5f6abe78
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00193a73
ID do processo com falha: 0x6fc
Hora de início do aplicativo com falha: 0x01d69dd899a7d1f6
Caminho do aplicativo com falha: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Caminho do módulo com falha: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
ID do Relatório: 244af462-0a20-11eb-8548-5cc9d3ed7dbd
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (10/08/2020 07:20:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: DllHost.exe, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503c46
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.19678, carimbo de data/hora: 0x5e82c0f7
Código de exceção: 0xc000000d
Deslocamento da falha: 0x0009d452
ID do processo com falha: 0x195c
Hora de início do aplicativo com falha: 0x01d69dc149186684
Caminho do aplicativo com falha: C:\Windows\SysWOW64\DllHost.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll
ID do Relatório: 8729ed60-09b4-11eb-8547-5cc9d3ed7dbd
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (10/08/2020 07:18:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: DllHost.exe, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503c46
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.19678, carimbo de data/hora: 0x5e82c0f7
Código de exceção: 0xc000000d
Deslocamento da falha: 0x0009d452
ID do processo com falha: 0x15f8
Hora de início do aplicativo com falha: 0x01d69d5c5a7fc17d
Caminho do aplicativo com falha: C:\Windows\SysWOW64\DllHost.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll
ID do Relatório: 98d7f79a-094f-11eb-8546-5cc9d3ed7dbd
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (10/07/2020 06:41:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: DllHost.exe, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503c46
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.19678, carimbo de data/hora: 0x5e82c0f7
Código de exceção: 0xc000000d
Deslocamento da falha: 0x0009d452
ID do processo com falha: 0x2444
Hora de início do aplicativo com falha: 0x01d69c8e09a301a2
Caminho do aplicativo com falha: C:\Windows\SysWOW64\DllHost.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll
ID do Relatório: 49e8b4a3-0881-11eb-8544-5cc9d3ed7dbd
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (10/06/2020 10:02:27 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL rdyboost do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.

Error: (10/06/2020 07:48:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: DllHost.exe, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503c46
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.19678, carimbo de data/hora: 0x5e82c0f7
Código de exceção: 0xc000000d
Deslocamento da falha: 0x0009d452
ID do processo com falha: 0x1ac
Hora de início do aplicativo com falha: 0x01d69bce2c28c31b
Caminho do aplicativo com falha: C:\Windows\SysWOW64\DllHost.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll
ID do Relatório: 6b9cb187-07c1-11eb-8544-5cc9d3ed7dbd
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (10/05/2020 10:14:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: DllHost.exe, versão: 6.3.9600.17415, carimbo de data/hora: 0x54503c46
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.19678, carimbo de data/hora: 0x5e82c0f7
Código de exceção: 0xc000000d
Deslocamento da falha: 0x0009d452
ID do processo com falha: 0xa74
Hora de início do aplicativo com falha: 0x01d69b7e140a48be
Caminho do aplicativo com falha: C:\Windows\SysWOW64\DllHost.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll
ID do Relatório: 53a91ea0-0771-11eb-8544-5cc9d3ed7dbd
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:


Erros de Sistema:
=============
Error: (10/10/2020 08:01:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço NetGroup Packet Filter Driver devido ao seguinte erro: 
O sistema não pode encontrar o arquivo especificado.

Error: (10/10/2020 08:00:40 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Serviço de Compartilhamento de Rede do Windows Media Player depende do serviço Windows Search, mas não foi possível iniciá-lo devido ao seguinte erro: 
O serviço não foi iniciado.

Error: (10/10/2020 08:00:18 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (10/10/2020 08:00:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço AtherosSvc foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (10/10/2020 08:00:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Serviço de Compartilhamento de Rede do Windows Media Player foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.

Error: (10/10/2020 08:00:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Adobe Genuine Monitor Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (10/10/2020 08:00:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Cyberlink RichVideo Service(CRVS) foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (10/10/2020 08:00:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Presentation Foundation Font Cache 3.0.0.0 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.


Windows Defender:
===================================
Date: 2019-05-13 07:27:48.046
Description: 
O exame do Windows Defender foi interrompido antes da conclusão.
ID do Exame: {4BDACEEB-F356-4073-B290-20CA16801794}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2019-05-12 07:30:21.824
Description: 
O exame do Windows Defender foi interrompido antes da conclusão.
ID do Exame: {D31D4562-6459-4BC3-9082-13328D8CDB5D}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2019-05-04 07:40:02.129
Description: 
O exame do Windows Defender foi interrompido antes da conclusão.
ID do Exame: {AC733540-EC7F-4B51-9A02-B8E94D5EE5D4}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2019-05-02 10:08:13.939
Description: 
O Windows Defender detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nome: HackTool:Win32/AutoKMS
ID: 2147685180
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\Windows\System32\Tasks\KMSAutoNet->(UTF-16LE);process:_pid:6440,ProcessStart:132012756991916660;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A435054D-02A6-4176-B386-0ACE166D6457};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet;taskscheduler:_C:\Windows\System32\Tasks\KMSAutoNet
Origem da Detecção: Computador local
Tipo de Detecção: FastPath
Origem da Detecção: Sistema
Usuário: AUTORIDADE NT\SISTEMA
Nome do Processo: C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Versão da Assinatura: AV: 1.293.652.0, AS: 1.293.652.0, NIS: 119.0.0.0
Versão do Mecanismo: AM: 1.1.15900.4, NIS: 2.1.14600.4

Date: 2019-05-02 10:08:03.142
Description: 
O Windows Defender detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/TunMirror&threatid=2147734094&enterprise=0
Nome: HackTool:MSIL/TunMirror
ID: 2147734094
Severidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\ProgramData\KMSAutoS\bin\TunMirror.exe
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: Jon\Jon Imaz
Nome do Processo: C:\Windows\SysWOW64\cmd.exe
Versão da Assinatura: AV: 1.293.652.0, AS: 1.293.652.0, NIS: 119.0.0.0
Versão do Mecanismo: AM: 1.1.15900.4, NIS: 2.1.14600.4

Date: 2019-05-01 06:54:59.814
Description: 
O Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 1.293.501.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Anti-spyware
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 1.1.15900.4
Código de erro: 0x80070652
Descrição do erro: Outra instalação já está em andamento. Conclua a outra instalação antes de prosseguir com esta. 

Date: 2019-05-01 06:54:59.814
Description: 
O Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 1.293.501.0
Origem da Atualização: Centro de Proteção contra Malware da Microsoft
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 1.1.15900.4
Código de erro: 0x80070652
Descrição do erro: Outra instalação já está em andamento. Conclua a outra instalação antes de prosseguir com esta. 

Date: 2019-05-01 06:54:52.157
Description: 
O Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 
Origem da Atualização: Usuário
Tipo de Assinatura: 
Tipo de Atualização: 
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 
Código de erro: 0x80070652
Descrição do erro: Outra instalação já está em andamento. Conclua a outra instalação antes de prosseguir com esta. 

Date: 2019-05-01 06:54:52.157
Description: 
O Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 
Origem da Atualização: Usuário
Tipo de Assinatura: 
Tipo de Atualização: 
Usuário: AUTORIDADE NT\SERVIÇO DE REDE
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 
Código de erro: 0x80070652
Descrição do erro: Outra instalação já está em andamento. Conclua a outra instalação antes de prosseguir com esta. 

Date: 2019-05-01 06:54:41.107
Description: 
O Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 1.293.501.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 1.1.15900.4
Código de erro: 0x80240016
Descrição do erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte. 

CodeIntegrity:
===================================

Date: 2020-05-06 03:14:50.121
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Windows signing level requirements.

Date: 2020-05-06 03:14:49.230
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

Date: 2020-05-06 03:14:46.855
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

Date: 2020-05-06 01:57:46.492
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

Date: 2020-05-06 01:57:46.039
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

Date: 2020-05-06 01:57:45.992
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

Date: 2020-05-06 01:28:26.904
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

Date: 2020-05-05 22:13:39.309
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Diebold\Warsaw\wslbscr64.dll that did not meet the Windows signing level requirements.

==================== Informações da Memória =========================== 

BIOS: Insyde Corp. V1.26 12/18/2014
placa-mãe: Acer EA50_HB
Processador: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentagem de memória em uso: 51%
RAM física total: 4010.33 MB
RAM física disponível: 1962.75 MB
Virtual Total: 8106.33 MB
Virtual disponível: 6221.07 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:229.76 GB) (Free:163.54 GB) NTFS
Drive d: (DATOS) (Fixed) (Total:218.79 GB) (Free:184.92 GB) NTFS

\\?\Volume{43c088c1-b309-473c-9f8c-81e0f6e0cc9b}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.28 GB) NTFS
\\?\Volume{b8cf61ff-13f3-4b13-b912-34b77c33a7ac}\ (Push Button Reset) (Fixed) (Total:16.2 GB) (Free:2.45 GB) NTFS

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 576E7D06)

Partition: GPT.

==================== Fim de Addition.txt =======================

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Nenhum Arquivo
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Nenhum Arquivo
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de Aplicativos:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
Handler: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
Handler: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
Handler: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
Handler: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
Handler: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
Handler: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\MountPoints2: {006cacfc-f206-11e5-8276-f8a963611d9d} - "F:\LaunchU3.exe" -a
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
Task: {28DAB617-CD00-4AB9-85E2-F2C031366839} - System32\Tasks\{C62F6514-B5BE-4F3D-8938-1E9593CAD58C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {346D23FA-6D04-442A-9087-21300028C50E} - System32\Tasks\{F7079146-D1CF-492F-AE67-7950044B285F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {72A3B4E9-B662-4F31-96BB-83CBEF68FE47} - System32\Tasks\{2BAC07AE-924D-4560-B80C-C26AE563EB06} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {BA03D7B0-16A2-4C24-856B-19B1F52A7882} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\Windows\TEMP\is-M4GQ0.tmp\corefixer.exe <==== ATENÇÃO
Task: {C35CA811-E2D8-4C02-8D0C-78A514028C9A} - System32\Tasks\{3C0B26DE-14B8-4F4E-AA4C-8A98F62C35E5} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {D57B90A8-935E-4F07-82AC-9C3FAA8ABA17} - System32\Tasks\{10E0E336-AF63-4560-A01D-9750D13207E8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {E07DC94A-B776-4B28-9985-55D9E36DAA50} - System32\Tasks\{D53FD6A1-E5F1-4823-83C4-7D9F110AA4EB} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {EABD55E3-FAC0-46C1-A431-58D67BF6C415} - System32\Tasks\{7B460525-4530-48C2-8C6C-496B89F58B03} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {EE7C766A-372F-4447-91EE-4CBA64700AAB} - System32\Tasks\{FC574F5A-E95B-4EF0-B587-2B7E82806857} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {FE9BA373-3690-40B5-A4E0-AE103A02505A} - System32\Tasks\{273F36C7-7A74-47E3-8611-FCF6D880BBAA} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8 :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Hola.

He cumplido a rajatabla todo lo indicado y ha ido todo bien, sin imprevistos.

Reporto aqui abajo el informe solicitado.

Si os parece bien, me tomaré unos dias para observar el comportamiento del PC. Después os reportaré lo que he observado.

Mil gracias de momento, como siempre.

INFORME Fixlog.txt

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 04-10-2020
Executado por Jon Imaz (10-10-2020 20:54:05) Run:1
Executando a partir de D:\Jon Imaz\ÀREA DE TRABALHO
Perfis Carregados: Jon Imaz
Modo da Inicialização: Safe Mode (with Networking)
==============================================

fixlist Conteúdo:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Nenhum Arquivo
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Nenhum Arquivo
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Users\Todos os Usu�rios:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Application Data:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Dados de Aplicativos:YXVtLmh6aQ [3698]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
Handler: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
Handler: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
Handler: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
Handler: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
Handler: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
Handler: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Nenhum Arquivo
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\...\MountPoints2: {006cacfc-f206-11e5-8276-f8a963611d9d} - "F:\LaunchU3.exe" -a
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restri��o <==== ATEN��O
CHR HKLM\SOFTWARE\Policies\Google: Restri��o <==== ATEN��O
Task: {28DAB617-CD00-4AB9-85E2-F2C031366839} - System32\Tasks\{C62F6514-B5BE-4F3D-8938-1E9593CAD58C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {346D23FA-6D04-442A-9087-21300028C50E} - System32\Tasks\{F7079146-D1CF-492F-AE67-7950044B285F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {72A3B4E9-B662-4F31-96BB-83CBEF68FE47} - System32\Tasks\{2BAC07AE-924D-4560-B80C-C26AE563EB06} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {BA03D7B0-16A2-4C24-856B-19B1F52A7882} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\Windows\TEMP\is-M4GQ0.tmp\corefixer.exe <==== ATEN��O
Task: {C35CA811-E2D8-4C02-8D0C-78A514028C9A} - System32\Tasks\{3C0B26DE-14B8-4F4E-AA4C-8A98F62C35E5} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {D57B90A8-935E-4F07-82AC-9C3FAA8ABA17} - System32\Tasks\{10E0E336-AF63-4560-A01D-9750D13207E8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {E07DC94A-B776-4B28-9985-55D9E36DAA50} - System32\Tasks\{D53FD6A1-E5F1-4823-83C4-7D9F110AA4EB} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {EABD55E3-FAC0-46C1-A431-58D67BF6C415} - System32\Tasks\{7B460525-4530-48C2-8C6C-496B89F58B03} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
Task: {EE7C766A-372F-4447-91EE-4CBA64700AAB} - System32\Tasks\{FC574F5A-E95B-4EF0-B587-2B7E82806857} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/abandoninstall?page=tsProgressBar
Task: {FE9BA373-3690-40B5-A4E0-AE103A02505A} - System32\Tasks\{273F36C7-7A74-47E3-8611-FCF6D880BBAA} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/es/go/help.faq.installer?LastError=1618
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Erro: Ponto de Restauração somente pode ser criado em modo normal.
Processos fechados com sucesso.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities => removido (a) com sucesso.
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Glary Utilities => removido (a) com sucesso.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removido (a) com sucesso.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities => removido (a) com sucesso.
C:\ProgramData => ":YXVtLmh6aQ" ADS removido (a) com sucesso.
C:\Windows\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso.
"C:\Users\All Users" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\Users\Todos os Usu�rios" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\ProgramData\Application Data" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\ProgramData\Dados de Aplicativos" => ":YXVtLmh6aQ" ADS não encontrado (a).
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`29hfm" ADS removido (a) com sucesso.
"C:\Users\Todos os Usu�rios\Application Data" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\Users\Todos os Usu�rios\Dados de Aplicativos" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\Users\Todos os Usu�rios\Reprise" => ":wupeogjxlctlfudivq`qsp`29hfm" ADS não encontrado (a).
HKLM\Software\Classes\PROTOCOLS\Handler\http => removido (a) com sucesso.
HKLM\Software\Classes\PROTOCOLS\Handler\http => não encontrado (a)
HKLM\Software\Classes\PROTOCOLS\Handler\https => removido (a) com sucesso.
HKLM\Software\Classes\PROTOCOLS\Handler\https => não encontrado (a)
HKLM\Software\Classes\PROTOCOLS\Handler\msdaipp => removido (a) com sucesso.
HKLM\Software\Classes\PROTOCOLS\Handler\msdaipp => não encontrado (a)
"HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => removido (a) com sucesso.
HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{006cacfc-f206-11e5-8276-f8a963611d9d} => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9} => removido (a) com sucesso.
HKLM\SOFTWARE\Policies\Mozilla => removido (a) com sucesso.
HKLM\SOFTWARE\Policies\Google => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28DAB617-CD00-4AB9-85E2-F2C031366839}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28DAB617-CD00-4AB9-85E2-F2C031366839}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\{C62F6514-B5BE-4F3D-8938-1E9593CAD58C} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C62F6514-B5BE-4F3D-8938-1E9593CAD58C}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{346D23FA-6D04-442A-9087-21300028C50E}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{346D23FA-6D04-442A-9087-21300028C50E}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\{F7079146-D1CF-492F-AE67-7950044B285F} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F7079146-D1CF-492F-AE67-7950044B285F}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72A3B4E9-B662-4F31-96BB-83CBEF68FE47}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72A3B4E9-B662-4F31-96BB-83CBEF68FE47}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\{2BAC07AE-924D-4560-B80C-C26AE563EB06} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2BAC07AE-924D-4560-B80C-C26AE563EB06}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{BA03D7B0-16A2-4C24-856B-19B1F52A7882}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA03D7B0-16A2-4C24-856B-19B1F52A7882}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Rerun Warsaw's CoreFixer => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Rerun Warsaw's CoreFixer" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C35CA811-E2D8-4C02-8D0C-78A514028C9A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C35CA811-E2D8-4C02-8D0C-78A514028C9A}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\{3C0B26DE-14B8-4F4E-AA4C-8A98F62C35E5} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3C0B26DE-14B8-4F4E-AA4C-8A98F62C35E5}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D57B90A8-935E-4F07-82AC-9C3FAA8ABA17}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D57B90A8-935E-4F07-82AC-9C3FAA8ABA17}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\{10E0E336-AF63-4560-A01D-9750D13207E8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{10E0E336-AF63-4560-A01D-9750D13207E8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E07DC94A-B776-4B28-9985-55D9E36DAA50}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E07DC94A-B776-4B28-9985-55D9E36DAA50}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\{D53FD6A1-E5F1-4823-83C4-7D9F110AA4EB} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D53FD6A1-E5F1-4823-83C4-7D9F110AA4EB}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EABD55E3-FAC0-46C1-A431-58D67BF6C415}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EABD55E3-FAC0-46C1-A431-58D67BF6C415}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\{7B460525-4530-48C2-8C6C-496B89F58B03} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7B460525-4530-48C2-8C6C-496B89F58B03}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE7C766A-372F-4447-91EE-4CBA64700AAB}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE7C766A-372F-4447-91EE-4CBA64700AAB}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\{FC574F5A-E95B-4EF0-B587-2B7E82806857} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FC574F5A-E95B-4EF0-B587-2B7E82806857}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE9BA373-3690-40B5-A4E0-AE103A02505A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE9BA373-3690-40B5-A4E0-AE103A02505A}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\{273F36C7-7A74-47E3-8611-FCF6D880BBAA} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{273F36C7-7A74-47E3-8611-FCF6D880BBAA}" => removido (a) com sucesso.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removido (a) com sucesso.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\npf => removido (a) com sucesso.
npf => serviço removido (a) com sucesso.
C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => removido (a) com sucesso.
"HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-4292848827-1158437421-1775176333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.


========= Fim de RemoveProxy: =========


========= netsh winsock reset =========


Cat logo Winsock redefinido com ˆxito.
Reinicie o computador para concluir a redefini‡Æo.


========= Fim de CMD: =========


========= ipconfig /renew =========


Configura‡Æo de IP do Windows

Nenhuma opera‡Æo pode ser executada em Ethernet 2 enquanto a 
m¡dia estiver desconectada.
Nenhuma opera‡Æo pode ser executada em ConexÆo Local* 3 enquanto a 
m¡dia estiver desconectada.
Nenhuma opera‡Æo pode ser executada em ConexÆo Local* 2 enquanto a 
m¡dia estiver desconectada.
Nenhuma opera‡Æo pode ser executada em Wi-Fi enquanto a 
m¡dia estiver desconectada.
Nenhuma opera‡Æo pode ser executada em Ethernet enquanto a 
m¡dia estiver desconectada.

========= Fim de CMD: =========


========= ipconfig /flushdns =========


Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= Fim de CMD: =========


========= netsh advfirewall reset =========

Ok.


========= Fim de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= Fim de CMD: =========


========= netsh int ipv4 reset =========

Redefinindo Global, OK!
Redefinindo Interface, OK!
Redefinindo Endere‡o Unicast, OK!
Redefinindo Vizinho, OK!
Redefinindo Caminho, OK!
Redefinindo Rota, OK!
Falha ao redefinir .
Acesso negado.

Redefinindo , OK!
Reinicie o computador para concluir esta a‡Æo.


========= Fim de CMD: =========


========= netsh int ipv6 reset =========

Redefinindo Interface, OK!
Redefinindo Vizinho, OK!
Redefinindo Caminho, OK!
Falha ao redefinir .
Acesso negado.

Redefinindo , OK!
Redefinindo , OK!
Reinicie o computador para concluir esta a‡Æo.


========= Fim de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19202011 B
Java, Flash, Steam htmlcache => 1099 B
Windows/system/drivers => 3430749 B
Edge => 0 B
Chrome => 815644 B
Firefox => 20720687 B
Opera => 380543777 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 11822 B
NetworkService => 918854 B
Jon Imaz => 76441699 B

RecycleBin => 0 B
EmptyTemp: => 486.8 MB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 21:01:21 ====

Hola.

De acuerdo, revisa el equipo durante otras 24-48h y luego nos dices como sigue en relacion al problema planteado.

P.D// > :warning: Y de momento , Por Favor, mientras estemos desinfectando/arreglando tu máquina :

Saludos.

Hola. Bueno, pues esto tiene muy buena pinta. Noto el PC totalmente normalizado e incluso más rápido que anteriormente. Por mi parte y a la espera de lo que digáis, el tema puede darse por solucionado…

Perfecto @abendibar1 :+1: excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Solucionado.

Saludos, Javier.