Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 20.06.2018
Executado por User (15-07-2018 00:23:42)
Executando a partir de C:\Users\User\Downloads
Windows 10 Home Single Language Versão 1803 17134.137 (X64) (2018-07-08 09:38:44)
Modo da Inicialização: Safe Mode (with Networking)
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-3482450098-3671538303-3377208914-500 - Administrator - Disabled)
Convidado (S-1-5-21-3482450098-3671538303-3377208914-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3482450098-3671538303-3377208914-503 - Limited - Disabled)
User (S-1-5-21-3482450098-3671538303-3377208914-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3482450098-3671538303-3377208914-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_4) (Version: 7.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_5) (Version: 19.1.5 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version:  - Ubisoft)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Epic Games Launcher (HKLM-x32\...\{F47DCC6C-FB71-4BF6-9B2A-68A5B4B35E92}) (Version: 1.1.147.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{816185C8-7C13-4650-9AB4-FC2EC9651A77}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{541E6575-D4A4-448A-91F3-F5E9D6731A7F}) (Version: 3.10.0083 - Seiko Epson Corporation)
EPSON L375 Series Printer Uninstall (HKLM\...\EPSON L375 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version:  - Ubisoft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iTunes (HKLM\...\{63895904-5266-45D1-A3C5-F61A3BAFA224}) (Version: 12.8.0.150 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LonelyScreen 1.2 (HKLM-x32\...\LonelyScreen AirPlay Receiver_is1) (Version: 1.2 - IMTIGER Technologies Inc.)
LonelyScreen 1.2.16 (HKLM-x32\...\LonelyScreen_is1) (Version: 1.2.16 - IMTIGER Technologies Inc.)
Malwarebytes versão 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.10228.20104 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 61.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 61.0.1 (x64 pt-BR)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.0.0 - Duodian Technology Co. Ltd.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Opera Stable 51.0.2830.55 (HKLM-x32\...\Opera 51.0.2830.55) (Version: 51.0.2830.55 - Opera Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
qBittorrent 4.1.1 (HKLM-x32\...\qBittorrent) (Version: 4.1.1 - The qBittorrent project)
R for Windows 3.4.4 (HKLM\...\R for Windows 3.4.4_is1) (Version: 3.4.4 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\Spotify) (Version: 1.0.80.474.gef6b503e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 51.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A53DA100DCA5}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-13] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {01471AC5-61B3-4521-B4E3-671D91667753} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation)
Task: {0784D2C5-F854-4A59-8A67-5EADF6B0D17D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-02] (Microsoft Corporation)
Task: {0BC3611D-6F4B-40D9-99D6-AAB52BC34909} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-02] (Microsoft Corporation)
Task: {11060B45-D467-49A2-B11D-D405943AE237} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DELL-User => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {22B41B12-8129-4723-93B2-00AFF1988EA9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-12] (Microsoft Corporation)
Task: {2BE28AD4-87E5-4687-9878-A8922018F7B8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-12] (Microsoft Corporation)
Task: {42EF2573-81F5-4C82-9553-2A092B628E85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-02] (Microsoft Corporation)
Task: {50FD9F97-B857-4E7D-9DE9-A76AF1FFD986} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-02] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {69CF70A4-1E7C-4088-81ED-EA7ACC0A7224} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
Task: {6B4C2235-D8E6-4CAE-A417-4535AEEF7E03} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {83AF18AC-1C66-491B-8CEA-462E6A2BE4C6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-12] (Microsoft Corporation)
Task: {A940E0DF-6A31-45BE-B5B7-C9354CEAB259} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-12] (Microsoft Corporation)
Task: {AFD303C6-0B13-42D9-BC43-311915EE0969} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-23] (Google Inc.)
Task: {C29DFBC3-67C3-4036-AE04-1B1DBB93C682} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-23] (Google Inc.)
Task: {CBB299C0-292B-4271-9BA9-8756875400BA} - System32\Tasks\R@1n-KMS\Windows64CoreSingleLanguage => wmic [Argument = path SoftwareLicensingProduct where (ID="cd918a57-a41b-4c82-8dce-1a538e221a83") call Activate]
Task: {CD6E2BC4-9C83-468A-A2C6-3298FA22CF71} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {F0D6D961-AE0D-43DE-9BB9-712323F15329} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-12] (Microsoft Corporation)
Task: {F4C97E30-763E-4A3A-AC95-60E452AA5512} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Signal Private Messenger.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=bikioccmkafdpakkkcpdbppfkghcmihk

==================== Módulos Carregados (Whitelisted) ==============

2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2017-09-29 10:46 - 2018-07-14 23:55 - 000004929 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0	choice.microsoft.com
0.0.0.0	choice.microsoft.com.nstac.net
0.0.0.0	df.telemetry.microsoft.com
0.0.0.0	oca.telemetry.microsoft.com
0.0.0.0	oca.telemetry.microsoft.com.nsatc.net
0.0.0.0	redir.metaservices.microsoft.com
0.0.0.0	reports.wes.df.telemetry.microsoft.com
0.0.0.0	services.wes.df.telemetry.microsoft.com
0.0.0.0	settings-sandbox.data.microsoft.com
0.0.0.0	settings-win.data.microsoft.com
0.0.0.0	sqm.df.telemetry.microsoft.com
0.0.0.0	sqm.telemetry.microsoft.com
0.0.0.0	sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0	telecommand.telemetry.microsoft.com
0.0.0.0	telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0	telemetry.appex.bing.net
0.0.0.0	telemetry.microsoft.com
0.0.0.0	telemetry.urs.microsoft.com
0.0.0.0	vortex-sandbox.data.microsoft.com
0.0.0.0	vortex-win.data.microsoft.com
0.0.0.0	vortex.data.microsoft.com
0.0.0.0	watson.telemetry.microsoft.com
0.0.0.0	watson.telemetry.microsoft.com.nsatc.net
0.0.0.0	watson.ppe.telemetry.microsoft.com
0.0.0.0	wes.df.telemetry.microsoft.com
0.0.0.0	vortex-bn2.metron.live.com.nsatc.net
0.0.0.0	vortex-cy2.metron.live.com.nsatc.net
0.0.0.0	watson.live.com
0.0.0.0	watson.microsoft.com
0.0.0.0	feedback.search.microsoft.com

Existem ainda 83 mais linhas.


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "LonelyScreen"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "qBittorrent"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "IDMan"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{A832D69E-C0EE-471A-8F38-38C138712C3E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{F22613E6-968D-4BAF-96FA-B07D4FCB75CD}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C59601C4-6D86-441E-850A-F002B4B87378}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1681FBAC-0ACA-4AE1-B15E-759D6173206A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{097F1954-CC86-4F19-A982-6C282A5CA0CF}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{7CEB47FA-1FCD-4CA9-B1CB-C9FB7ACA78F4}] => (Allow) LPort=8999
FirewallRules: [{D09506E3-CA90-4510-B94A-9E871324C843}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1AC777DA-B47A-4F5E-A263-293B1C28CF66}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{239D09DD-A8A5-4F0F-BF85-5B6BC61815AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F7E3FB3B-CD3A-424D-80CB-E0125DD46CD2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6B978D61-5D6D-4874-B3B1-0B1F0A783C6A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1F1F63CC-51E5-4D50-9A72-21238EB05F25}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3A1ADCBA-BC25-4C6C-A639-5DA887FBAA21}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{2A9358EE-306D-4918-8BB8-9126CEB8AF5C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{C9CC5FA5-48F1-477D-92C6-B650FBFF9A64}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{0B000702-D79D-4900-88E1-28BC06968DCA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [UDP Query User{0FDA8BE0-2CB2-486E-B593-1F1139A38DD1}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{4A1A9DA1-9B5D-4469-949A-11AF5104B159}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{A9660537-D2E9-4AA2-ADD4-C3A26CCC67BC}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{F1DCC342-EA65-49E1-9EE3-E388A65F3D56}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{D309ABA5-25FC-47D8-9DA7-7902BE0C177F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{7BB174A6-B028-4DB3-AD92-37E92CA5931B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{F6B6A899-AB50-4A48-B359-199F104EF6CE}] => (Allow) C:\Program Files\Opera\51.0.2830.55\opera.exe
FirewallRules: [{A15CF90E-6FC2-40A3-A641-B91929065804}] => (Allow) C:\Users\User\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{12A8DEC4-B670-45BF-BE8E-49F3BA047292}] => (Allow) C:\Users\User\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{975AB07A-B980-4F2B-AE11-471599DC1C47}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{8C8A6F6E-C7DD-4A99-A06B-2905383F6665}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{C5EA1B38-0637-4BB8-9EE2-5638746BE805}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{1DF52AAD-16DA-424D-B55E-5D6AE323C7BB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [UDP Query User{3BDB1748-EDEF-42DB-9514-1A0B313B99EE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{C6B29D55-31B5-448E-8908-93A69E36EC67}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{25340243-AF02-4974-A450-2F5EB4419713}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9CDD7ACF-6DF7-49EC-A10F-8F9862AD21E7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6A0A850B-E53C-40B7-B893-71E18F91248D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{644ADBD6-1CC2-4220-A9D7-24CFDFA4DF3C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{113B604E-C188-4820-8C05-138A700A7712}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{65D64D1D-A9BA-4F18-907A-217D26FE7B46}] => (Allow) C:\Program Files\Opera\51.0.2830.40\opera.exe
FirewallRules: [{FC0E0B47-8363-412B-85E5-5C81E4B8B9CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E4ACDFF8-503C-429E-A11D-B72C7C517749}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{8B22B53A-9B0B-4408-9F63-ADE6BF433C82}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe
FirewallRules: [TCP Query User{A413754B-6A99-49A8-B543-77D9AD66248E}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe
FirewallRules: [{DD9AA43E-AC06-4660-96F8-7E2CD7C59A1E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{B5069D71-735C-4A88-8BD9-DF25D3B3E94E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{8B623AC6-96C0-4B49-9D57-83C1305C3AA9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{50466953-ED75-47E2-9519-0AF56C9EA583}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1247B014-8455-4BF4-81B9-2C2479276E8D}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
FirewallRules: [{08BD4F8B-ECB1-4D2A-9C9D-4042A01FBE77}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{AF4C7249-5AFB-47FB-8DE4-BBBB666A6656}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe
FirewallRules: [{F34B2864-E12A-4BB4-8C72-B906EC2081F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe
FirewallRules: [{BF013EFA-0FEF-4B11-B40A-D1362BB68A92}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{E3A69165-7683-44CD-9EE8-0F7ACEB852B3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8A27865C-60CC-4589-8AEA-00A44FBA26AB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{691713C6-E1DB-4E96-B4B7-A8F6ECCD2B14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B107C32F-6B22-4FCD-9110-1DB55D3C86AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B8D42DBE-CBE8-4A7D-9B5D-5A6914D6AAA5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B4436D83-F546-4F35-90A8-760612FA5565}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe
FirewallRules: [{F4C22BEF-7011-4F87-9412-89354656AE4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe
FirewallRules: [{37C22159-85B5-4A2F-A051-22883FC04927}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hacknet\Hacknet.exe
FirewallRules: [{5F1FBC54-2A72-44AC-B4F8-3304DAC6C34D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hacknet\Hacknet.exe
FirewallRules: [{A553416C-F3B5-49F2-887D-809A608D1F02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{98209B52-98CC-46ED-86ED-B7F4D16EE9C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe

==================== Pontos de Restauração =========================

09-07-2018 00:49:46 Windows Update
12-07-2018 22:00:51 Windows Update
15-07-2018 00:05:35 Removed Rapport

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Áudio Intel(R) para telas
Description: Áudio Intel(R) para telas
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel(R) Corporation
Service: IntcDAud
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/14/2018 02:50:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\User\Desktop\tron\resources\stage_9_manual_tools\Autoruns v13.82 x86.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_42f1ce1c44dfc46d.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_fb44974530639b67.manifest.

Error: (07/14/2018 12:28:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\User\Desktop\tron\resources\stage_9_manual_tools\Autoruns v13.82 x86.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_42f1ce1c44dfc46d.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_fb44974530639b67.manifest.

Error: (07/14/2018 12:26:33 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\Users\User\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Descrição = JRT Pre-Junkware Removal; Erro = 0x8007043c).

Error: (07/14/2018 12:07:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\User\Downloads\tron\resources\stage_9_manual_tools\Autoruns v13.82 x86.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_42f1ce1c44dfc46d.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_fb44974530639b67.manifest.

Error: (07/14/2018 10:56:36 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\User\Downloads\tron\resources\stage_9_manual_tools\Autoruns v13.82 x86.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_42f1ce1c44dfc46d.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_fb44974530639b67.manifest.

Error: (07/13/2018 11:18:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-DELL.local already in use; will try DESKTOP-DELL-2.local instead

Error: (07/13/2018 11:18:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 DESKTOP-DELL.local. Addr 172.20.10.4

Error: (07/13/2018 11:18:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 172.20.10.4:5353   16 DESKTOP-DELL.local. AAAA 2804:0018:080B:D8CC:8060:A9C0:17F5:203A


Erros de Sistema:
=============
Error: (07/15/2018 12:24:34 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DELL)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/15/2018 12:24:29 AM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço wuauserv com argumentos "Não Disponível" para executar o servidor:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (07/15/2018 12:24:29 AM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço wuauserv com argumentos "Não Disponível" para executar o servidor:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (07/15/2018 12:24:22 AM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço EventSystem com argumentos "Não Disponível" para executar o servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/15/2018 12:24:17 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DELL)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/15/2018 12:22:16 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DELL)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/15/2018 12:20:27 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DELL)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/15/2018 12:20:20 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DELL)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}


Windows Defender:
===================================
Date: 2018-07-14 17:45:46.979
Description: 
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {2084C13A-9992-4ECD-ACAD-B393D3B27ED2}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2018-07-14 15:41:44.820
Description: 
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {C850A67C-F99E-4CFA-A2B1-ECF3359020C8}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2018-07-13 23:09:59.119
Description: 
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Patcher&threatid=2147659947&enterprise=0
Nome: HackTool:Win32/Patcher
ID: 2147659947
Severidade: Alto
Categoria: Ferramenta
Caminho: containerfile:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe;file:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe->[lowcase_mzpe]
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Sistema
Usuário: AUTORIDADE NT\SISTEMA
Nome do Processo: Unknown
Versão da Assinatura: AV: 1.271.935.0, AS: 1.271.935.0, NIS: 1.271.935.0
Versão do Mecanismo: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-13 23:07:53.053
Description: 
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Patcher&threatid=2147659947&enterprise=0
Nome: HackTool:Win32/Patcher
ID: 2147659947
Severidade: Alto
Categoria: Ferramenta
Caminho: containerfile:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe;file:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe->[lowcase_mzpe]
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Sistema
Usuário: AUTORIDADE NT\SISTEMA
Nome do Processo: Unknown
Versão da Assinatura: AV: 1.271.935.0, AS: 1.271.935.0, NIS: 1.271.935.0
Versão do Mecanismo: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-13 23:07:23.821
Description: 
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Patcher&threatid=2147659947&enterprise=0
Nome: HackTool:Win32/Patcher
ID: 2147659947
Severidade: Alto
Categoria: Ferramenta
Caminho: containerfile:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe;file:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe;file:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe->[lowcase_mzpe]
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: AUTORIDADE NT\SISTEMA
Nome do Processo: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Versão da Assinatura: AV: 1.271.935.0, AS: 1.271.935.0, NIS: 1.271.935.0
Versão do Mecanismo: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-15 00:24:29.525
Description: 
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 1.271.1003.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 1.1.15000.2
Código de erro: 0x8007043c
Descrição do erro: Não é possível compartilhar este serviço no modo de segurança 

Date: 2018-07-15 00:14:24.501
Description: 
O recurso de Proteção em Tempo Real do Windows Defender Antivirus encontrou um erro e falhou.
Recurso: Em Tempo de Acesso
Código do Erro: 0x8007043c
Descrição do erro: Não é possível compartilhar este serviço no modo de segurança 
Motivo: A proteção antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema.

Date: 2018-07-14 00:51:34.932
Description: 
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 1.271.971.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 1.1.15000.2
Código de erro: 0x8007043c
Descrição do erro: Não é possível compartilhar este serviço no modo de segurança 

Date: 2018-07-14 00:41:31.931
Description: 
O recurso de Proteção em Tempo Real do Windows Defender Antivirus encontrou um erro e falhou.
Recurso: Em Tempo de Acesso
Código do Erro: 0x8007043c
Descrição do erro: Não é possível compartilhar este serviço no modo de segurança 
Motivo: A proteção antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema.

Date: 2018-07-08 15:56:26.478
Description: 
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura: 
Versão da Assinatura Anterior: 1.271.672.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual: 
Versão do Mecanismo Anterior: 1.1.15000.2
Código de erro: 0x8007043c
Descrição do erro: Não é possível compartilhar este serviço no modo de segurança 

CodeIntegrity:
===================================

Date: 2018-07-15 00:00:40.330
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-15 00:00:40.328
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-15 00:00:40.323
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-15 00:00:40.321
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-15 00:00:40.313
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-15 00:00:40.311
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-14 23:59:12.211
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-14 23:59:12.208
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Informações da Memória =========================== 

Processador: Intel(R) Pentium(R) CPU G3260 @ 3.30GHz
Percentagem de memória em uso: 15%
RAM física total: 6060.95 MB
RAM física disponível: 5128.64 MB
Virtual Total: 7020.95 MB
Virtual disponível: 6261.92 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.22 GB) (Free:168.04 GB) NTFS
Drive h: () (Fixed) (Total:465.76 GB) (Free:422.15 GB) NTFS

\\?\Volume{138efb62-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.54 GB) (Free:0.13 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 668EB211)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 138EFB62)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================