Start::
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1602253523-1079814496-1200024627-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Nenhum Arquivo)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (Nenhum Arquivo)
Task: {C9444312-B8E4-4949-B176-8770537CA9DF} - System32\Tasks\CorelUpdateHelperTask-DF8CB56F80FDA803EEC12FAD85F1AEE7 => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe -resume (Nenhum Arquivo)
Task: {EEA5536C-4342-44F2-A408-4AF534E2C350} - System32\Tasks\CorelUpdateHelperTask-F2251323A7EB7D50F4B6576B0063142D => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe -resume (Nenhum Arquivo)
CHR Notifications: Default -> hxxps://theshafou.com
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [17456368 2022-08-07] (EnigmaSoft Limited -> EnigmaSoft Limited)
2022-08-07 12:13 - 2022-08-07 12:13 - 000001058 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2022-08-07 12:13 - 2022-08-07 12:13 - 000000000 ____D C:\sh5ldr
2022-08-07 12:13 - 2022-08-07 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2022-08-07 12:13 - 2022-08-07 12:13 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2022-08-07 12:13 - 2022-08-07 12:13 - 000000000 ____D C:\Program Files\EnigmaSoft
2022-08-07 12:11 - 2022-08-07 12:11 - 006705440 _____ (EnigmaSoft Limited) C:\Users\marce\Downloads\SpyHunter-5.12-122-18929-Installer.exe
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Nenhum Arquivo
FirewallRules: [{1C0487D5-B7B8-4487-8B99-94D6D50CA1F2}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe => Nenhum Arquivo
FirewallRules: [{46F52E89-4A55-4793-BDF6-CE87248D54F2}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{B075EED4-4018-46EA-A7F2-D816053F5629}D:\Steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) D:\Steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{6775A410-E122-4EAE-B434-F76FF522BE3C}D:\Steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) D:\Steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{133A132D-EDA0-45CF-8C16-ACF70D202042}D:\epic games\alienisolation\ai.exe] => (Allow) D:\epic games\alienisolation\ai.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{952B3034-FD49-4284-A4BA-C4C85AE0D07A}D:\epic games\alienisolation\ai.exe] => (Allow) D:\epic games\alienisolation\ai.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{AD0FF9FD-2F0B-4030-9418-7BC0BB21093E}D:\Steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) D:\Steam\steamapps\common\7 days to die\7daystodie.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{996001DF-F3B5-4F05-AB62-2C14B3D2C63C}D:\Steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) D:\Steam\steamapps\common\7 days to die\7daystodie.exe => Nenhum Arquivo
FirewallRules: [{92A01DA9-62AF-4F09-BFF4-56FBD2B436FE}] => (Allow) D:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => Nenhum Arquivo
FirewallRules: [{DE7BF1DA-3FD8-4F44-ACAF-0DE0A817FF59}] => (Allow) D:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{9D319B2D-2226-43CC-9B00-A80A466E833C}D:\epic games\alienisolation\ai.exe] => (Allow) D:\epic games\alienisolation\ai.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{EE03B7D7-5B2B-409D-9DAF-9179FCE23A96}D:\epic games\alienisolation\ai.exe] => (Allow) D:\epic games\alienisolation\ai.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{4782ADFB-61B6-4FAF-98CC-4018453CA0E1}D:\Steam\steamapps\common\gears5\geargame\binaries\Steam\gears5.exe] => (Allow) D:\Steam\steamapps\common\gears5\geargame\binaries\Steam\gears5.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{5FCB2E1F-5A03-4159-943F-471B7AEA86A1}D:\Steam\steamapps\common\gears5\geargame\binaries\Steam\gears5.exe] => (Allow) D:\Steam\steamapps\common\gears5\geargame\binaries\Steam\gears5.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{8A05BAFC-7A94-47FA-998E-DCE11CDB0EF0}D:\Steam\steamapps\common\conqueror's blade frontier\game\x64\ship\client\cc\ccmini.exe] => (Allow) D:\Steam\steamapps\common\conqueror's blade frontier\game\x64\ship\client\cc\ccmini.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{8377CAD6-01A9-413B-A2F4-C0F0B8EC25A6}D:\Steam\steamapps\common\conqueror's blade frontier\game\x64\ship\client\cc\ccmini.exe] => (Allow) D:\Steam\steamapps\common\conqueror's blade frontier\game\x64\ship\client\cc\ccmini.exe => Nenhum Arquivo
FirewallRules: [{E745E387-5F9B-4C91-BCAF-306779B570FF}] => (Allow) D:\Steam\steamapps\common\Conqueror's Blade Frontier\game\x64\Ship\client\proven_ground_client.exe => Nenhum Arquivo
FirewallRules: [{75A5B346-3D3B-48FF-A237-94AE0989693D}] => (Allow) D:\Steam\steamapps\common\Conqueror's Blade Frontier\game\x64\Ship\client\proven_ground_client.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{08974B1D-6B40-48BD-B8E6-7C671214754E}D:\Steam\steamapps\common\new world closed beta\bin64\newworld.exe] => (Allow) D:\Steam\steamapps\common\new world closed beta\bin64\newworld.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{36F48550-DCD1-4531-94DD-935A6A5FE517}D:\Steam\steamapps\common\new world closed beta\bin64\newworld.exe] => (Allow) D:\Steam\steamapps\common\new world closed beta\bin64\newworld.exe => Nenhum Arquivo
FirewallRules: [{D2199192-BF37-4D49-8176-C1AC03813E93}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe => Nenhum Arquivo
FirewallRules: [{CC694FD4-364E-4443-8A8A-FD2739F21359}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe => Nenhum Arquivo
FirewallRules: [{B4BD6404-6EE1-4E63-BB72-1C53F2EC86E6}] => (Allow) C:\Users\marce\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [{59D84B6D-45F1-4D89-801D-D6F081EA92B3}] => (Allow) C:\Users\marce\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{DC623F75-E421-4B5A-8BE1-8059A9377FB3}D:\Steam\steamapps\common\new world playtest\bin64\newworld.exe] => (Allow) D:\Steam\steamapps\common\new world playtest\bin64\newworld.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{8B4730A9-62E3-4526-A6D0-BE7D8C452AD7}D:\Steam\steamapps\common\new world playtest\bin64\newworld.exe] => (Allow) D:\Steam\steamapps\common\new world playtest\bin64\newworld.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{DD30BAF3-FEBD-4F51-AE74-54A500118A66}D:\epic games\thehuntercallofthewild\thehuntercotw_f.exe] => (Allow) D:\epic games\thehuntercallofthewild\thehuntercotw_f.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{027D45C5-DDAD-4C24-A9F4-D20A74AC3379}D:\epic games\thehuntercallofthewild\thehuntercotw_f.exe] => (Allow) D:\epic games\thehuntercallofthewild\thehuntercotw_f.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{08BBD437-F337-42CE-8340-ED9750828E01}D:\epic games\neverwinter\neverwinter\live\x64\gameclient.exe] => (Allow) D:\epic games\neverwinter\neverwinter\live\x64\gameclient.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{7903820A-3F9F-4A48-824A-DDCFE91EDEA0}D:\epic games\neverwinter\neverwinter\live\x64\gameclient.exe] => (Allow) D:\epic games\neverwinter\neverwinter\live\x64\gameclient.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{94E178FB-99E4-4982-B0DF-79E4048D0D82}D:\epic games\secondextinction\secondextinctioneos.exe] => (Allow) D:\epic games\secondextinction\secondextinctioneos.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{D720D4D2-5C56-439E-846A-7F5337FE51EB}D:\epic games\secondextinction\secondextinctioneos.exe] => (Allow) D:\epic games\secondextinction\secondextinctioneos.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{1F27CD9E-F583-4163-9CEE-BFF0C8297E94}D:\epic games\pathfinderkingmaker\kingmaker.exe] => (Allow) D:\epic games\pathfinderkingmaker\kingmaker.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{6112338B-4338-4891-A3F7-FBEC16303450}D:\epic games\pathfinderkingmaker\kingmaker.exe] => (Allow) D:\epic games\pathfinderkingmaker\kingmaker.exe => Nenhum Arquivo
FirewallRules: [{7DC33A41-CCCE-4B01-A4CB-E5AE838B98D7}] => (Allow) D:\Steam\steamapps\common\WTLOnline\WTL.exe => Nenhum Arquivo
FirewallRules: [{3B1BC366-FC48-49B6-8DE1-0CA622E7BDD1}] => (Allow) D:\Steam\steamapps\common\WTLOnline\WTL.exe => Nenhum Arquivo
FirewallRules: [{0AA0E6C9-530B-4650-940C-3AFDB590F0A3}] => (Allow) D:\Steam\steamapps\common\Osiris\OsirisNewDawn.exe => Nenhum Arquivo
FirewallRules: [{3C48E10E-4917-4807-B55A-C682B71FE727}] => (Allow) D:\Steam\steamapps\common\Osiris\OsirisNewDawn.exe => Nenhum Arquivo
FirewallRules: [{2B1D50E2-67D1-4648-A2E5-3E94615460B9}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZLauncher.exe => Nenhum Arquivo
FirewallRules: [{ED7C0185-BDF2-43CA-B5CB-1A872D1FD7EB}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZLauncher.exe => Nenhum Arquivo
FirewallRules: [{061E5032-9A3D-42C3-849E-4D4C5437289A}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe => Nenhum Arquivo
FirewallRules: [{FC55821D-E132-4AED-BD74-410018008F02}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe => Nenhum Arquivo
FirewallRules: [{7EB7CBAB-6B46-425B-B348-D3C14876DA31}] => (Allow) D:\Steam\steamapps\common\Police Simulator Patrol Officers\Boston.exe => Nenhum Arquivo
FirewallRules: [{F06FDFD1-9621-455D-AAC3-277BD59024F9}] => (Allow) D:\Steam\steamapps\common\Police Simulator Patrol Officers\Boston.exe => Nenhum Arquivo
FirewallRules: [{8A7F59C4-F568-4EA8-9C25-0EA3CBBA59D0}] => (Allow) D:\Steam\steamapps\common\New World\NewWorldLauncher.exe => Nenhum Arquivo
FirewallRules: [{82BEB054-ED29-483C-B5FA-6287F6FD6A4F}] => (Allow) D:\Steam\steamapps\common\New World\NewWorldLauncher.exe => Nenhum Arquivo
FirewallRules: [{9188E2AD-3AD4-4F43-B291-8061F9AA1882}] => (Allow) E:\ARK\Server1\ShooterGame\Binaries\Win64\ShooterGameServer.exe => Nenhum Arquivo
FirewallRules: [{8055DF07-264A-40F4-9775-48BB612A90CB}] => (Allow) E:\ARK\Server1\ShooterGame\Binaries\Win64\ShooterGameServer.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{CEC71AC7-CC28-47C3-B869-89608EDA367B}E:\ark\steamcmd\steamcmd\steamcmd.exe] => (Allow) E:\ark\steamcmd\steamcmd\steamcmd.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{AF7EB49E-7574-45E6-9947-CA6937FAB394}E:\ark\steamcmd\steamcmd\steamcmd.exe] => (Allow) E:\ark\steamcmd\steamcmd\steamcmd.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{06C87E3A-27A0-4B6A-8351-F970B78F6DAE}D:\xboxgames\halo- the master chief collection\content\mcc\binaries\win64\mccwinstore-win64-shipping.exe] => (Allow) D:\xboxgames\halo- the master chief collection\content\mcc\binaries\win64\mccwinstore-win64-shipping.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{4FE39548-798F-4368-B1A4-4BEC678516D0}D:\xboxgames\halo- the master chief collection\content\mcc\binaries\win64\mccwinstore-win64-shipping.exe] => (Allow) D:\xboxgames\halo- the master chief collection\content\mcc\binaries\win64\mccwinstore-win64-shipping.exe => Nenhum Arquivo
CMD: sfc /scannow
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winhttp reset proxy
CMD: Bitsadmin /Reset /Allusers
CMD: Winmgmt /salvagerepository
CMD: Winmgmt /resetrepository
CMD: winmgmt /resyncperf
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
C:\WINDOWS\SysWOW64\*.tmp
C:\WINDOWS\System32\*.tmp
C:\Windows\SystemTemp\*.tmp
EmptyEventlogs:
EmptyTemp:
End::