Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: BORN Ontario child registry data breach affects 3.4 million people

Featured Deal: Get started in AI or make your own with this $19.97 course bundle

Latest Buyer's Guide: Best VPNs to unblock Stan outside Australia in 2023

Windows startup problems and treatments

Started by Kay07 , Sep 11 2023 09:28 AM

Please log in to reply

131 replies to this topic

#16 Kay07

Topic Starter

Members
61 posts
OFFLINE

Posted 13 September 2023 - 12:25 PM

Yes l uninstalled

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-09-2023

Ran by SISTEMA (13-09-2023 14:17:19) Run:7

Running from D:\

Boot Mode: Recovery

==============================================

fixlist content:

*****************

Folder: C:\Users\Kaique-Vidal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome

Folder: C:\WINDOWS\Setup

Combo Cleaner (HKLM-x32\...\InstallShield_{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT)

D:\Setup_123_Passwords_Full\

C:\WINDOWS\System32\DRIVERS\Trufos.sys

C:\Users\Kaique-Vidal\Documents\vmowdidaclrkkhvwyj.txt

2023-09-09 22:15 - 2023-09-09 22:15 - 000000000 ____D C:\Users\Kaique-Vidal\Downloads\Kaspersky_Total_Security

2023-09-09 21:52 - 2023-09-09 21:53 - 063565774 _____ C:\Users\Kaique-Vidal\Downloads\Kaspersky_Total_Security.rar

2023-09-09 20:14 - 2023-09-12 11:49 - 000000000 ____D C:\Users\Kaique-Vidal\AppData\Roaming\Fortect

2023-09-09 20:14 - 2023-09-12 08:45 - 000000000 ____D C:\ProgramData\Fortect

2023-09-09 20:14 - 2023-09-11 14:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fortect

2023-09-09 20:14 - 2023-09-11 14:41 - 000000000 ____D C:\Program Files\Fortect

2023-09-12 11:43 - 2023-01-16 00:36 - 000000000 ____D C:\Users\Kaique-Vidal\AppData\LocalLow\Temp

2023-09-12 10:51 - 2023-02-17 13:11 - 000000000 ____D C:\ProgramData\TEMP

2023-09-12 10:41 - 2023-01-02 11:09 - 000000000 ____D C:\Users\Kaique-Vidal\AppData\Roaming\IObit

2023-09-12 10:41 - 2023-01-02 11:09 - 000000000 ____D C:\ProgramData\IObit

2023-09-11 21:25 - 2023-01-24 14:27 - 000003446 _____ C:\WINDOWS\SysWOW64\pubfreeware.ini

C:\Users\KAIQUE~1\AppData\Local\Temp

ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => D:\Reflect\RContextMenu.dll -> No File

ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => D:\Reflect\RContextMenu.dll -> No File

S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.64\elevation_service.exe" [X]

S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2022-12-24 01:25:57&iid=8a884268-3e2c-421c-b62f-daa3be78a13f&bName=

SearchScopes: HKU\S-1-5-21-1323333070-3634341992-397913038-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230521123721.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230522121739.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230523121739.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230524121739.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230525131351.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230526122506.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230527121739.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230528121740.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230529121739.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230529131420.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "assistant_installer_20230530035434.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "CUsersKaique-VidalAppDataLocalProgramsOpera101.0.4843.43opera_autoupdate.download.lock"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "cv_debug.log"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "native_push_sensors"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "_TE16A.tmp"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "_TE38F2.tmp"

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\StartupApproved\StartupFolder: => "_TE50A4.tmp"

HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [2450336 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [2450336 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-1323333070-3634341992-397913038-1001\...\Policies\Explorer: [HideSCAMeetNow] 1

HKLM\...\Run: [Combo Cleaner] => "D:\ComboCleaner.exe" -minimized (No File)

HKLM\...\Run: [Fortect] => C:\Program Files\Fortect\bin\FortectTray.exe [462296 2023-08-17] (Fortect LTD -> Fortect Ltd.)

HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1

HKLM\Software\Policies\...\system: [PublishUserActivities] 0

HKLM\Software\Policies\...\system: [UploadUserActivities] 0

HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0

HKLM\Software\Policies\...\system: [EnableActivityFeed] 0

HKLM\Software\Policies\...\system: [EnableCdp] 0

HKLM\Software\Policies\...\system: [EnableMmx] 0

HKLM\Software\Policies\...\system: [RSoPLogging] 0

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\.opera [2023-09-12]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\00ba8470-0bb0-4a3c-ad6b-decf74ac56f4.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\02942418-11f8-41ca-b8d1-0bbfe475ee18.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\0479ca4c-f468-4a98-b7b3-37e7b388870e.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\07dbb5ba-480c-4da3-b1e5-50692d439c6a.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\0bde356e-9261-43b5-b14a-4fd880da33c5.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\0becd06a-ebbb-4a06-9e1e-1863e906ca34.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\0dace01b-4e31-4c4e-a5a0-4703f0980f7b.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\15174c12-75c8-472c-891b-091e6c9dbe71.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\15e6a057-d22b-4043-aca4-db200acf25c2.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\174524c4-35b8-4d3a-bb19-162cc0bf8db4.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\1b847e2c-d7d6-4782-a08a-45c29f467053.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\1b9b829c-913d-4d9c-906d-90c1ad05369f.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\1c3d756f-cf12-4406-8ad0-59eec536040a.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\1c81c251-4e60-46f7-ac98-c1bed9fcf242.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\1fdc9056-6fe4-4d58-9f19-35eba47c57ca.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\25ee928e-0657-4411-920e-06cc6662ea18.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\2707eb08-4b5e-441f-9438-32ba1d7be898.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\2858238d-2cbe-4633-81a1-6c79e57b4af7.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\2acd7a6e-9868-4a77-8e18-de2215183b73.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\2f0a77c1-ddb3-4ae1-8f2a-768ce9a0d394.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\3525bcad-a153-48c2-baea-9d1d567fb49c.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\35cdd6bb-88f7-4d97-a3fa-02131100a8ce.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\3c721c48-f979-4674-acff-cee1ee1d89d4.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\3cee1596-7a80-4f42-9150-a0cad46321f1.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\42cb3e1d-5ee3-4473-93e1-925745030850.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\446c018b-01eb-4002-9bc4-b16a879ae3c2.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\45823692-52ed-4e25-a93a-9f183445c0af.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\46de1b23-397e-4e1a-8075-a255a5acd2cc.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\4713bd67-5c3d-4ead-bf41-38565eecc64b.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\4f165e1b-0c02-4b62-89c1-dc00d139c2c8.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\5334d2dc-09b5-4d53-8aa9-519d9ddd85ed.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\5613ffd5-c51a-495a-9960-93e1f54a5ec3.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\59f92524-c124-4d84-b80d-0859db8605d1.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\5a657285-36cc-4f0c-a639-c2017daf8b0d.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\5d20146a-5686-4a68-8cab-376c8288a7bf.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\65964f8c-1718-450c-858a-7eaed76c0b4b.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\6b3fdc32-5277-4fb1-bc32-608a017be6e4.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\75ae0626-d333-4593-b1c5-526c45ccd17d.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\7c16da1f-2749-492b-9cc9-b18859ae5fc7.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\804cd446-527b-4436-8493-dc1dbff5950d.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\847ede16-d795-4bd1-ac95-2c147d93bed1.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\88cbf3ab-4410-4a9f-88a7-1bffaea9d83a.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\892d2dc9-957c-4386-a93a-6cae18514adc.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\8be321de-b6b7-4d2d-a62c-91d5b1ee7588.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\8bea1ad5-33e0-44d2-82a2-833db7c9b215.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\8c43e1ef-bffb-494a-bee6-8b1ca3450dc1.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\8d9ab006-ac84-45d9-ac6c-b37fa90ed1a5.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\8dc1ea81-7cd7-4f19-ab1f-a402889df513.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\961b48dd-4b49-416d-b527-de9e59a1477e.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\96a0760f-837f-42d2-9af0-b0768266ce29.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\9f142f2f-3b09-48d3-a26a-372d7a397b82.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\a1fcc367-025b-450b-aaa1-f20a2cebb3f4.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\a712a6d5-158b-4444-8bda-f8cee1a26b35.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\aae2d259-b57f-433c-ba02-adae7bc858ff.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\acrobat_sbx [2023-09-12]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\acrord32_super_sbx [2023-09-12]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\AdobeARM.log [2023-09-12] () [File not signed]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\ae9bf621-72d6-4253-bc5e-2022fc520914.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\AMDLinkDriverUpdate.xml [2023-09-12] () [File not signed]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\assistant_installer_20230912182905.log [2023-09-12] () [File not signed]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\b39b48c2-de7a-42b2-9e19-c9cf764fa93f.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\b513073c-dc67-4645-b76c-5e87214ce761.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\bc3902d8132f43e3ae086a009979fa88.db [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\bc3902d8132f43e3ae086a009979fa88.db-shm [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\bc3902d8132f43e3ae086a009979fa88.db-wal [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\bc3902d8132f43e3ae086a009979fa88.db.ses [2023-09-12] () [File not signed]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\bd83c354-cd8b-4284-8b35-2d22acb152cc.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\cb0f8f49-b6d7-4237-99a6-be22a530c999.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\cb8b672e-0af1-49a3-b623-a56bf974be59.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\cbcf7044-377d-4f8a-bd98-47cba41bbe1c.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\cc300ade-c2d9-42a8-9f4a-67966e614af3.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\chrome_BITS_1856_436215170 [2023-09-12]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\CUsersKaique-VidalAppDataLocalProgramsOpera101.0.4843.43opera_autoupdate.download.lock [2023-09-12] () <==== ATTENTION [zero byte File/Folder]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\d10f4a6a-dc49-4793-8b7c-8c0e5d5fd14e.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\db3a1255-4dd9-4fd8-810b-9e456fb5ffb4.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\df859b5a-94a1-43e8-80d2-d121b0dd5a7b.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\dfd4c7eb-dadf-48af-aa6c-c3be93353886.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\e2094844-322b-4369-8a8e-54dac079c092.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\e5e4a5e9-55db-4393-ad83-1c36b0baa494.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\e6eb4cdb-f59f-4b49-9faf-88a32bbdb45a.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\e7d83b31-d309-46d7-b829-fd460efae0b9.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\ec9d76b9-6202-4abe-81aa-bf8557fe3b15.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\efcd53e8-4eb3-474a-bd17-a62f3fb2d6c4.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\f0249bd9-7ea3-409a-ab59-79a9509021b5.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\f2a5be5a-19b6-4a5c-9935-9f2471d88157.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\f7aa3e4f-dbed-480b-9b8f-2037bc014d2e.tmp [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\fa9885ea-8514-49fd-b51b-5ce809aafe1e.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\fe20ea2c-9c87-41c2-b48f-0dcf7117766e.tmp [2023-09-12] () [File not signed] [File is in use]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\InstallManagerApp [2023-09-12]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\mat-debug-9640.log [2023-09-12] () <==== ATTENTION [zero byte File/Folder]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\mat-debug-9816.log [2023-09-12] () <==== ATTENTION [zero byte? (Error=32)]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\SoftwareUpdate_Temp [2023-09-12]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\UpgradeTool [2023-09-12]

Startup: C:\Users\KAIQUE~1\AppData\Local\Temp\{B0A05933-3A49-4A10-BD39-FFF769AB742A} - OProcSessId.dat [2023-09-12] () <==== ATTENTION [zero byte File/Folder]

StartMenuInternet: (HKU\S-1-5-21-1323333070-3634341992-397913038-1001) Vivaldi.G2ZQPJ63ESHF3FEJIOOMKYJKFE - "C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Application\vivaldi.exe"

Task: {B11C9E1A-1D4D-46A9-BCBB-FE37FF074470} - System32\Tasks\CareCenter\EEventManager_Reg_HKLMWow6432Run => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (No File)

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]

CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]

C:\Users\Kaique-Vidal\AppData\Roaming\Opera Software\Opera Stable\Extensions\ompjkhnkeoicimmaehlcmgmpghobbjoj

emptytemp:

*****************

========================= Folder: C:\Users\Kaique-Vidal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome ========================

2023-09-09 12:42 - 2023-09-09 12:42 - 000002703 ____A [7129BD8C7790247700FE01B308AE0F14] () C:\Users\Kaique-Vidal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\Apresentações.lnk

2023-09-09 12:42 - 2023-09-09 12:42 - 000002687 ____A [6857C9629D725E64734513ED72449767] () C:\Users\Kaique-Vidal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\Gmail.lnk

2023-09-09 12:42 - 2023-09-09 12:42 - 000002701 ____A [8A7B536D04D16FD9FF686067C4E52A2B] () C:\Users\Kaique-Vidal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\Google Drive.lnk

2023-09-09 12:42 - 2023-09-09 12:42 - 000002695 ____A [3FC241AD12B945366ABECB239BBCAE59] () C:\Users\Kaique-Vidal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\Planilhas.lnk

2023-09-09 12:42 - 2023-09-09 12:42 - 000002689 ____A [D7023E96F631520FE8C5C10E1AB4A81A] () C:\Users\Kaique-Vidal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\Textos.lnk

2023-09-09 12:42 - 2023-09-09 12:42 - 000002691 ____A [AAE209312239C8BD795EBB389413057A] () C:\Users\Kaique-Vidal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\YouTube.lnk

====== End of Folder: ======

========================= Folder: C:\WINDOWS\Setup ========================

2023-09-08 04:33 - 2023-09-08 04:33 - 000000000 ____D [00000000000000000000000000000000] C:\WINDOWS\Setup\LatentAcquisition

2023-09-08 04:33 - 2023-09-08 00:09 - 000144417 ____N [057D6A4090A111677166F55DABD69CB0] () C:\WINDOWS\Setup\LatentAcquisition\ActionList.xml

2023-09-08 04:57 - 2023-09-08 05:14 - 000000000 ____D [00000000000000000000000000000000] C:\WINDOWS\Setup\Scripts

2022-05-07 02:28 - 2022-05-07 02:28 - 000000000 ____D [00000000000000000000000000000000] C:\WINDOWS\Setup\State

2022-05-07 02:28 - 2023-09-08 05:14 - 000000042 ____A [06571B600B3C5D02CFFF5BA550A011FE] () C:\WINDOWS\Setup\State\State.ini

====== End of Folder: ======

Combo Cleaner (HKLM-x32\...\InstallShield_{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT) => Error: No automatic fix found for this entry.

"D:\Setup_123_Passwords_Full" => not found

C:\WINDOWS\System32\DRIVERS\Trufos.sys => moved successfully

C:\Users\Kaique-Vidal\Documents\vmowdidaclrkkhvwyj.txt => moved successfully

C:\Users\Kaique-Vidal\Downloads\Kaspersky_Total_Security => Could not move

C:\Users\Kaique-Vidal\Downloads\Kaspersky_Total_Security.rar => moved successfully

C:\Users\Kaique-Vidal\AppData\Roaming\Fortect => Could not move

C:\ProgramData\Fortect => Could not move

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fortect => Could not move

C:\Program Files\Fortect => Could not move

C:\Users\Kaique-Vidal\AppData\LocalLow\Temp => Could not move

C:\ProgramData\TEMP => Could not move

C:\Users\Kaique-Vidal\AppData\Roaming\IObit => Could not move

C:\ProgramData\IObit => Could not move

C:\WINDOWS\SysWOW64\pubfreeware.ini => moved successfully

C:\Users\KAIQUE~1\AppData\Local\Temp => Could not move

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ReflectShellExt => removed successfully

HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\ReflectShellExt => removed successfully

HKLM\System\ControlSet001\Services\BraveElevationService => removed successfully

BraveElevationService => service removed successfully

HKLM\System\ControlSet001\Services\Trufos => removed successfully

Trufos => service removed successfully

SearchScopes: HKU\S-1-5-21-1323333070-3634341992-397913038-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms} => Error: The entry should be fixed outside recovery mode.

"\assistant_installer_20230521123721.log" => not found