Suspeita de infecção por malware

Gustavo Ceron Lombardi · 22 de julho de 2021

Boa noite.
Meu Instagram começou a seguir perfis "sozinho" e estou suspeitando de algum vírus no meu notebook que tenha roubado a senha.
Alguém pode me ajudar a fazer uma verificação ?

Edit: Restauração de sistema apresentando erro 0x80070005, também não consigo criar um ponto de restauração.

ZA-Scan.txt

Elias Pereira · 23 de julho de 2021

@Gustavo Ceron Lombardi

Por favor, atente para o seguinte:

Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
IMPORTANTE: Caso tenha programas de ativação do Windows ou de compartilhamento p2p/toŕŕent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
Respeite a ordem das instruções passadas;
Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Regras da Área de Remoção de Malware << IMPORTANTE A LEITURA

Regras Gerais do Forum Clube do Hardware << IMPORTANTE A LEITURA

Siga os passos abaixo:

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

ETAPA 1

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e Windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em

Clique em VERIFICAR AGORA/SCAN NOW. Após o termino clique em LIMPAR/CLEAN e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

ETAPA 2

Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html

Execute o arquivo ZHPCleaner.exe Como Administrador

Clique no botão Scanner.
A ferramenta começara o exame do seu sistema.
Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
Em seguida clique no botão Reparar.
Será gerado um log chamado ZHPCleaner.txt

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

Gustavo Ceron Lombardi · 23 de julho de 2021

@Elias Pereira

AdwCleaner
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-06-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    07-23-2021
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned: 13
# Failed:   0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted       My Bing Search
Deleted       My Bing Search
Deleted       https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=
Deleted       https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=
Deleted       https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=
Deleted       https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2960 octets] - [23/07/2021 11:21:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

ZHPCleaner

~ ZHPCleaner v2021.7.23.313 by Nicolas Coolman (2021/07/23)
~ Run by Usuario (Administrator) (23/07/2021 11:54:11)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Usuario\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Usuario\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 18363)

---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.

---\\ Services (0)
~ No malicious or unnecessary items found.

---\\ Browser internet (0)
~ No malicious or unnecessary items found.

---\\ Hosts file (1)
~ The hosts file is legitimate (21)

---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\ Explorer ( File, Folder) (11)
MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++www.softonic.com.br\.metadata-v2    =>SUP.Optional.Softonic
MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++ultraiso.br.uptodown.com\.metadata-v2    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++pxlgnpgecom-a.akamaihd.net\.metadata-v2    =>.SUP.AkamaiHD
MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++pxlclnmdecom-a.akamaihd.net\.metadata-v2    =>.SUP.AkamaiHD
MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++k-lite-mega-codec-pack.br.uptodown.com\.metadata-v2    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++daemon-tools.br.uptodown.com\.metadata-v2    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++camtasia-studio.br.uptodown.com\.metadata-v2    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++balabolka-portable.br.uptodown.com\.metadata-v2    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>Préférences Chromium
MOVED file: C:\Users\Usuario\AppData\Local\Microsoft\Edge\User Data\Default\Preferences    =>Préférences Chromium
MOVED folder: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj =>.SUP.Orphan

---\\ Registry ( Key, Value, Data) (0)
~ No malicious or unnecessary items found.

---\\ Summary of the elements found (5)
https://nicolascoolman.eu/forum/Topic/softonic-logiciel-potentiellement-superflu-lps/ =>SUP.Optional.Softonic
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>PUP.Optional.UpToDown
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan

---\\ Other deletions. (4)
~ Registry Keys Tracing deleted (4)
~ Remove the old reports ZHPCleaner. (0)

---\\ Result of repair
~ Repair carried out successfully
~ Mozilla Firefox OK
~ Internet Explorer OK
~ Opera Stable OK

---\\ Statistics
~ Items scanned : 5512
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17

---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of clean in 00h00mn36s

---\\ Reports (4)
ZHPCleaner-[R]-21072021-18_30_51.txt
ZHPCleaner-[S]-21072021-18_19_19.txt
ZHPCleaner-[S]-23072021-11_51_52.txt
ZHPCleaner-[R]-23072021-11_54_47.txt

Elias Pereira · 23 de julho de 2021

@Gustavo Ceron Lombardi

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop)

roguekiller.exe (x64) << link

Feche todos os programas
Execute o RogueKiller.exe.
** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em
Clique em SCAN
Clique no primeiro START "Standard Scan (recommended)" e aguarde o scan...
Clique no botão RESULTS
Clique na opção REPORT e em EXPORT e selecione a opção Text file...
Salve o arquivo na area de trabalho com o nome roguekiller_report

Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Gustavo Ceron Lombardi · 23 de julho de 2021

@Elias Pereira

RogueKiller Anti-Malware V15.0.8.0 (x64) [Jul 13 2021] (Premium) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64-bit
Started in : Normal mode
User : Usuario [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210720_183440, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2021/07/23 16:06:07 (Duration : 00:09:21)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> O4 - Run
[Suspicious.Path (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Microsoft\Windows\CurrentVersion\Run|utweb -- "C:\Users\Usuario\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (missing) -> Found
>>>>>> XX - System Policies
[PUM.Policies (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Firefox Config
[PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename (C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App\prefs.js) -- My Bing Search -> Found
[PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine (C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App\prefs.js) -- My Bing Search -> Found
[PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename (C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\prefs.js) -- My Bing Search -> Found
[PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine (C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\prefs.js) -- My Bing Search -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Elias Pereira · 23 de julho de 2021

@Gustavo Ceron Lombardi

Execute novamente o RogueKiller e após o scan, marque as entradas para remoção.

Abra o relatório gerado, copie e cole o conteúdo na sua próxima resposta.

Gustavo Ceron Lombardi · 23 de julho de 2021

@Elias Pereira

RogueKiller Anti-Malware V15.0.8.0 (x64) [Jul 13 2021] (Premium) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64-bit
Started in : Normal mode
User : Usuario [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210720_183440, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2021/07/23 19:30:31 (Duration : 00:09:21)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] HKEY_USERS\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Microsoft\Windows\CurrentVersion\Run|utweb -- [%_Usuario_appdata%\uTorrent Web\utweb.exe] -> Deleted
[PUM.Policies (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Replaced (2)
[PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename -- My Bing Search -> Deleted
[PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine -- My Bing Search -> Deleted
[PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename -- My Bing Search -> Deleted
[PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine -- My Bing Search -> Deleted

Elias Pereira · 24 de julho de 2021

@Gustavo Ceron Lombardi

Clique no menu Iniciar, e após isso clique com o botão direito do mouse sob Este computador e selecione a opção Propriedades.
Em Propriedades, selecione a opção Configurações avançadas do sistema.
Vá na aba Proteção do Sistema, e em Restauração do Sistema, vá na opção Criar.
OBS: Atente para a correta criação do ponto de restauração
Depois basta seguir as instruções em tela, para criar seu ponto de restauração.
OBS: Lembre-se de colocar um nome de fácil entendimento para uma posterior restauração a partir deste ponto.

Pressione as teclas Windows + R e digite: msconfig
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Abrir Gerenciador de Tarefas
- Clique com o botão direito em cada entrada da inicialização e clique em Desabilitar/Desativar.

Volte para a tela de Configurações do Sistema e clique em Aplicar e depois em OK.

Siga as mensagens ate que seja solicitado a reiniciar.

Me informe se tudo ok ou se ocorreu algum problema.

Gustavo Ceron Lombardi · 25 de julho de 2021

@Elias Pereira
Tudo ok, nenhum problema.

Elias Pereira · 25 de julho de 2021

@Gustavo Ceron Lombardi

Em relação a malwares, não temos mais problemas.

MANTENHA O SO ATUALIZADO:
Mantenha como "automatica" as atualizações do Windows. Novas brechas de segurança são descobertas com freqüência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações. Por isso é fundamental manter o seu sistema atualizado.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Gustavo Ceron Lombardi · 25 de julho de 2021

@Elias Pereira
Obrigado pela ajuda.
Só tenho uma dúvida...
Posso estar infectado com algum outro tipo de vírus que não são pegos pelos programas que foram passados ?

Elias Pereira · 25 de julho de 2021

4 horas atrás, Gustavo Ceron Lombardi disse:

Posso estar infectado com algum outro tipo de vírus que não são pegos pelos programas que foram passados ?

Até pode. Os problemas iniciais ainda persistem?

Gustavo Ceron Lombardi · 25 de julho de 2021

@Elias Pereira Após a invasão ao instagram, troquei a senha.
Ontem de manhã o facebook me avisou sobre uma tentativa de login na minha conta na Alemanha, troquei a senha também.
O desempenho do notebook tá normal.

Elias Pereira · 25 de julho de 2021

@Gustavo Ceron Lombardi

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

** Usuários do Windows Vista, Windows 7, 8/8.1 e Windows 10:
Clique com o direito sobre o arquivo FRST64.EXE, depois clique em http://i.imgur.com/VRIfczU.png .

Aceite o contrato e depois clique no botão Scan/Examinar.Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

Gustavo Ceron Lombardi · 26 de julho de 2021

@Elias Pereira

FRST

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 19-07-2021 01
Executado por Usuario (administrador) em DESKTOP-I5G2Q4N (Dell Inc. Inspiron 7520) (26-07-2021 12:46:27)
Executando a partir de C:\Users\Usuario\Desktop
Perfis Carregados: Usuario
Platform: Windows 10 Pro Versão 1909 18363.1556 (X64) Idioma: Português (Brasil)
Navegador padrão: FF
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359518.inf_amd64_ddc5c961c2795261\B359297\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359518.inf_amd64_ddc5c961c2795261\B359297\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe
(Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture_DELL.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.3.107.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\mesmo\McSmtFwk.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_4\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) C:\Program Files\Diebold\Warsaw\core.exe <2>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Scarlet.Crush Productions) [Arquivo não assinado] C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348200 2015-07-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [Arquivo não assinado]
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [409760 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [HDD Regenerator] => "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [msnmsgr] => "C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1045056 2021-05-21] (Digital Wave Ltd -> Digital Wave Ltd)
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [uTorrent] => C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe [2268136 2019-12-06] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [Opera Browser Assistant] => C:\Users\Usuario\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4079824 2021-07-21] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\MountPoints2: {8990ba3c-4929-11eb-9811-e006e6cf8ea8} - "E:\LaunchU3.exe" -a
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2019-11-13] (pdfforge GmbH) [Arquivo não assinado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-20] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO

==================== Tarefas Agendadas (Whitelisted) ============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0580C1BE-0FF4-499D-AA2E-E24D6F3D5FEA} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {06600067-3001-40FE-8D94-1802B9BAFAAA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0938693D-6B30-4F53-AB6F-C686A95D847B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {223B46EB-0666-45BC-A983-7011C33BD9C6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {28568FCD-C388-40E2-B4C1-0B37E311FF0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {2BC10DF2-E766-4413-9894-A9916031CCA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC)
Task: {49570756-6ADF-4420-BBF2-F567FBFA9F24} - System32\Tasks\Opera scheduled assistant Autoupdate 1576838203 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Usuario\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {5510920A-52BD-4CDA-A4C1-E06C28EB40FC} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC)
Task: {5C34AA8A-A092-4453-8EE2-FCBA57A8094B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {621A1456-B4DA-44DB-819F-53A6620CA05F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6C20AB84-A680-4722-A488-0D86577A60C0} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7B9A3E3D-221E-4DA0-AFAD-67432C84B8E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {813C8F90-E997-4B55-B4EC-E76941238FD0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Orchestrator => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [1662662 2018-02-24] (MS) [Arquivo não assinado]
Task: {92D2D785-395B-4285-8D72-D360E4B530F7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Shutdown => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [1662662 2018-02-24] (MS) [Arquivo não assinado]
Task: {951F8D96-B977-4BC8-8048-6AB7BA661B44} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-07-08] () [Arquivo não assinado]
Task: {95716E15-AC07-46B8-A048-F40A58515FA2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {98F7D800-CC7A-4A22-8195-F4F0861034D2} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4114728 2021-04-29] (McAfee, LLC -> McAfee, LLC)
Task: {9F2BD1AE-9A81-45F6-8741-96428752BF9A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C45D70A8-BE3F-4A33-B445-053521B704BF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4CD0060-4B29-432B-9D70-95499E155027} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {C906B71F-C0DA-47FD-B6FD-12BA1E5D01BB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {CDFEBBF5-B27A-4C4F-9F67-576B50DC5F0B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {D87C985A-93D1-47B8-AFA3-BE8CA3967501} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC)
Task: {EAC87C8F-CA18-4A27-99A6-FD162A4A6964} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC)
Task: {F2E4423E-8169-468A-953A-C9AF5D239F85} - System32\Tasks\Opera scheduled Autoupdate 1573773820 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software)
Task: {F807E8AE-D6CE-46DD-855D-4F931C5C749F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{040a3816-807d-4343-a4da-d10f7485137c}: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{6536d128-8fca-4d42-adc4-1b88cca0c3a2}: [DhcpNameServer] 192.168.15.1

Edge:
=======
Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)]
Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)]
Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)]
Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)]
Edge Profile: C:\Users\Usuario\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-23]

FireFox:
========
FF DefaultProfile: vgzm1g9q.default
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App [2021-07-26]
FF Homepage: Mozilla\Firefox\Profiles\mvwwq55k.App -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\mvwwq55k.App -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=
FF SearchPlugin: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App\searchplugins\My Bing Search.xml [2021-07-22]
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\vgzm1g9q.default [2021-07-26]
FF Homepage: Mozilla\Firefox\Profiles\vgzm1g9q.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\vgzm1g9q.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release [2021-07-26]
FF NewTab: Mozilla\Firefox\Profiles\z5b2d0y9.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=
FF Notifications: Mozilla\Firefox\Profiles\z5b2d0y9.default-release -> hxxps://minhaclaroresidencial.claro.com.br; hxxps://www.palmeiras.com.br; hxxps://medal.tv; hxxps://www.faceit.com; hxxps://villacountry.com.br
FF Extension: (BetterTTV) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\[email protected] [2021-07-20]
FF Extension: (Direct Message DM for Instagram) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\[email protected] [2020-12-03]
FF Extension: (Bilômetro) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\{09d09f49-3615-4cf3-ad57-a6cc924f29e8}.xpi [2021-07-13]
FF Extension: (GamersClub Booster) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\{68a6744b-6d1e-4c85-83ad-637c9dc135b5}.xpi [2021-06-26]
FF SearchPlugin: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\searchplugins\My Bing Search.xml [2021-07-22]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => não encontrado (a)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-06-30] [] [não assinado]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-06-04] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-06-04] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2021-07-26]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2021-07-23]
CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?fr=mcafee&type=E211BR105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://br.search.yahoo.com/sugg/gossip/gossip-br-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Apresentações) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-13]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-13]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-26]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-13]
CHR Extension: (Facebook Pixel Helper) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2021-07-22]
CHR Extension: (Planilhas) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-07-22]
CHR Extension: (Documentos Google off-line) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-10]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-26]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-01]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-06]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera:
=======
OPR Profile: C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable [2021-07-25]
OPR Notifications: Opera Stable -> hxxps://www.; hxxps://www.reddit.com; hxxps://www.youtube.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-25]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado]
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482696 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421536 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [80544 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [422432 2021-05-23] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3981856 2021-05-23] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [623136 2021-05-23] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-06-21] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-05-27] (Dell Inc -> )
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [454720 2021-05-21] (Digital Wave Ltd -> Digital Wave Ltd)
R2 Ds3Service; C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe [381952 2014-04-02] (Scarlet.Crush Productions) [Arquivo não assinado]
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [24914888 2021-07-25] (FACE IT LIMITED -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-07-05] (HP Inc. -> HP Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [974168 2021-06-24] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_4\McApExe.exe [797576 2021-06-04] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.3.107.0\\McCSPServiceHost.exe [2825792 2021-05-12] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1669200 2021-05-28] (McAfee, LLC -> McAfee, LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288320 2021-04-21] (McAfee, LLC -> McAfee, LLC)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1716632 2021-05-11] (Rockstar Games, Inc. -> Rockstar Games)
R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [2269056 2021-03-02] (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6517736 2021-05-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-07-01] (Dell Inc -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12054872 2019-10-10] (TeamViewer GmbH -> TeamViewer GmbH)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1141648 2020-08-10] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4316784 2015-06-16] (WDKTestCert qcaswbld,130129545209614653 -> Qualcomm Atheros Communications, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80400 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2021-07-26] (CPUID S.A.R.L.U. -> CPUID)
R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [27896 2021-05-17] (WDKTestCert Amit_K_Tiwari,132158070448517957 -> )
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [42256 2020-01-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [59344 2020-01-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EMAC-Driver; C:\Windows\System32\drivers\EMAC-Driver-x64.sys [3453464 2021-07-24] (Gamers Club (Gamers Club Ltda) -> )
S3 EMACDRV; C:\Windows\System32\drivers\EMAC-Driver-x64.sys [3453464 2021-07-24] (Gamers Club (Gamers Club Ltda) -> )
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [12112880 2021-07-25] (FACE IT LIMITED -> )
U5 GCSYS; C:\Users\Usuario\AppData\Local\Programs\gcac-launcher\resources\bin\EMAC-Driver-x64.sys [3453464 2021-07-24] (Gamers Club (Gamers Club Ltda) -> )
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [89112 2021-01-18] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [550944 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [390664 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85952 2021-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [527368 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [1037320 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [590032 2021-04-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [120512 2021-04-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [121352 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [257552 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [47800 2021-07-26] (Gas Informatica Ltda -> GAS Tecnologia)
R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [61456 2020-08-11] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44728 2019-04-15] (Gas Informatica Ltda -> GAS Tecnologia)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43528 2020-07-23] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf)
S3 amdkmdap; \SystemRoot\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atikmpag.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2021-07-26 12:46 - 2021-07-26 12:47 - 000035818 _____ C:\Users\Usuario\Desktop\FRST.txt
2021-07-26 12:46 - 2021-07-26 12:46 - 000000000 ____D C:\FRST
2021-07-26 11:49 - 2021-07-26 11:49 - 010311711 _____ C:\Users\Usuario\Downloads\Office 2020 by ApkGames.rar
2021-07-26 11:11 - 2021-07-26 11:12 - 002300416 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2021-07-26 11:06 - 2021-07-26 11:06 - 000003110 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2021-07-25 19:35 - 2021-07-25 19:35 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2802420505-662629979-4225180187-1002
2021-07-25 19:35 - 2021-07-25 19:35 - 000002436 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-25 18:01 - 2021-07-25 18:01 - 012112880 _____ C:\Windows\system32\Drivers\FACEIT.sys
2021-07-24 15:59 - 2021-07-24 15:59 - 000000000 _____ C:\Windows\system32\Drivers\dump_storahci.sys
2021-07-24 15:59 - 2021-07-24 15:59 - 000000000 _____ C:\Windows\system32\Drivers\dump_dumpfve.sys
2021-07-24 15:59 - 2021-07-24 15:59 - 000000000 _____ C:\Windows\system32\Drivers\dump_diskdump.sys
2021-07-23 19:35 - 2021-07-23 20:06 - 000000000 ____D C:\ESD
2021-07-23 19:33 - 2021-07-23 19:33 - 000000000 ___HD C:\$Windows.~WS
2021-07-23 16:36 - 2021-07-23 16:36 - 000000000 ____D C:\Pasta compartilhada
2021-07-23 11:21 - 2021-07-23 11:22 - 000000000 ____D C:\AdwCleaner
2021-07-22 20:31 - 2021-07-22 20:31 - 000026498 _____ C:\ZA-Scan.txt
2021-07-22 20:20 - 2021-07-22 20:20 - 000000000 ____D C:\zoek_backup
2021-07-22 19:20 - 2021-07-22 19:20 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2021-07-22 19:10 - 2021-07-22 19:20 - 000000000 ____D C:\ProgramData\HitmanPro
2021-07-22 19:10 - 2021-07-22 19:10 - 000040960 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2021-07-22 18:58 - 2021-07-22 18:58 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-07-22 11:28 - 2021-07-22 11:28 - 000001879 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2021-07-22 11:28 - 2021-07-22 11:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\UTW008
2021-07-22 10:47 - 2021-07-22 10:57 - 000066881 _____ C:\Users\Usuario\Desktop\Ed.Comercial BH.dwg
2021-07-21 20:02 - 2021-07-22 00:13 - 000000000 ____D C:\Program Files (x86)\HDD Regenerator
2021-07-21 20:02 - 2021-07-21 20:02 - 000002112 _____ C:\Users\Public\Desktop\HDD Regenerator.lnk
2021-07-21 20:02 - 2021-07-21 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator
2021-07-21 20:01 - 2021-07-21 20:01 - 000914679 _____ C:\Users\Usuario\Downloads\Crack.rar
2021-07-21 20:00 - 2021-07-21 20:00 - 008222163 _____ C:\Users\Usuario\Downloads\HDD Regenerator.rar
2021-07-21 19:27 - 2021-07-21 19:27 - 000000118 ___RH C:\Users\Usuario\Downloads\Stinger.opt
2021-07-21 19:24 - 2021-07-21 19:24 - 000000000 ____D C:\Quarantine
2021-07-21 19:21 - 2021-07-21 19:27 - 000000000 ____D C:\Program Files\stinger
2021-07-21 18:38 - 2021-07-21 18:44 - 000000000 ____D C:\ProgramData\Ultra Adware Killer
2021-07-21 18:38 - 2021-07-21 18:38 - 001241848 ____H (Carifred) C:\Users\Usuario\Desktop\UltraAdwareKiller64.exe
2021-07-21 17:37 - 2021-07-21 17:37 - 000004484 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1576838203
2021-07-21 17:13 - 2021-07-21 17:22 - 000000000 ___HD C:\$SysReset
2021-07-21 11:10 - 2021-07-21 11:10 - 001564823 _____ C:\ProgramData\7593
2021-07-21 11:10 - 2021-07-21 11:10 - 000324410 _____ C:\ProgramData\64070.64070
2021-07-21 11:10 - 2021-07-21 11:10 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\wG3cB0qZ3rM5x
2021-07-21 11:10 - 2021-07-21 11:10 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\discord_files
2021-07-21 11:10 - 2021-07-21 11:10 - 000000000 ____D C:\ProgramData\74
2021-07-21 11:09 - 2021-07-21 11:09 - 000000821 _____ C:\Users\Usuario\AppData\LocalLow\machineinfo.txt
2021-07-21 11:08 - 2021-07-21 17:46 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\closestep
2021-07-21 11:08 - 2021-07-21 11:09 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\nW6mI-7yS1k
2021-07-21 11:08 - 2021-07-21 11:08 - 001564823 _____ C:\ProgramData\6274
2021-07-21 11:08 - 2021-07-21 11:08 - 001564823 _____ C:\ProgramData\6070
2021-07-21 11:08 - 2021-07-21 11:08 - 000325129 _____ C:\ProgramData\110856.110856
2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Adzuvt
2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\yJ7yX3xU-6u
2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Yandex
2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\ProgramData\FBTAIOVZP25IC3ZBHCJGMO8MR
2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\ProgramData\79
2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\ProgramData\77
2021-07-21 10:23 - 2021-07-21 19:53 - 000000000 ____D C:\ProgramData\TEMP
2021-07-20 16:19 - 2021-07-20 16:19 - 000007193 _____ C:\Users\Usuario\Desktop\818165.pdf
2021-07-20 10:55 - 2021-07-20 14:58 - 000089389 _____ C:\Users\Usuario\Desktop\2.dxe
2021-07-20 10:25 - 2021-07-20 10:25 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-07-19 16:52 - 2021-07-19 16:52 - 038736547 _____ C:\Users\Usuario\Downloads\catalogo_comercial_dispan.pdf
2021-07-19 10:37 - 2021-07-19 10:37 - 004726824 _____ (Crystal Dew World ) C:\Users\Usuario\Downloads\crystaldiskinfo-8-12-4.exe
2021-07-15 17:26 - 2021-07-15 17:26 - 000092643 _____ C:\Users\Usuario\Desktop\85603968 - orçamento cliente 4 15.07.2021.PDF
2021-07-15 16:50 - 2021-07-15 16:50 - 000071886 _____ C:\Users\Usuario\Desktop\Gustavo Ceron.pdf
2021-07-13 17:39 - 2021-07-13 17:39 - 162153414 _____ C:\Users\Usuario\Downloads\catalago-wetzel-2019.pdf
2021-07-13 13:51 - 2021-07-13 13:51 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-11 16:59 - 2021-07-11 17:10 - 000000000 ____D C:\Users\Usuario\AppData\Local\FACEIT
2021-07-11 16:59 - 2021-07-11 16:59 - 000002185 _____ C:\Users\Usuario\Desktop\FACEIT.lnk
2021-07-11 16:58 - 2021-07-25 18:02 - 000000000 ____D C:\Program Files\FACEIT AC
2021-07-11 16:58 - 2021-07-11 16:58 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk
2021-07-09 08:07 - 2021-07-09 08:07 - 000004232 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1573773820
2021-07-09 08:07 - 2021-07-09 08:07 - 000001411 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2021-07-08 18:21 - 2021-07-08 18:21 - 000127532 _____ C:\Users\Usuario\Desktop\CREA G6.pdf
2021-07-08 17:25 - 2021-07-08 17:25 - 000959077 _____ C:\Users\Usuario\Downloads\1121_AR_EX_0001_PLA_R04.dwg
2021-07-08 17:12 - 2021-07-08 17:13 - 000973189 _____ C:\Users\Usuario\Downloads\1121_AR_EX_0001_PLA_R04.bak
2021-07-07 17:21 - 2021-07-07 17:21 - 001269039 _____ C:\Users\Usuario\Downloads\1121_AR_EX_0001_PLA_R05.dwg
2021-07-05 17:49 - 2021-07-05 20:10 - 001024344 _____ C:\Users\Usuario\Downloads\1121_AR_EX_0001_PLA_R05.bak
2021-07-03 18:19 - 2021-07-25 19:37 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\FACEIT
2021-07-03 18:19 - 2021-07-11 16:59 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd
2021-06-30 11:15 - 2021-06-30 11:15 - 000003300 _____ C:\Windows\system32\Tasks\McAfeeLogon
2021-06-30 11:13 - 2021-05-19 10:48 - 000550944 _____ (McAfee, LLC) C:\Windows\system32\Drivers\mfeaack.sys
2021-06-30 11:13 - 2021-05-19 10:48 - 000121352 _____ (McAfee, LLC) C:\Windows\system32\Drivers\mfeplk.sys
2021-06-30 11:13 - 2021-05-11 09:40 - 000609304 _____ (McAfee, LLC) C:\Windows\system32\mfevtps.exe
2021-06-27 17:46 - 2021-06-27 17:46 - 000000000 ____D C:\Users\Usuario\Documents\Zen Studios

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2021-07-26 12:46 - 2019-11-14 20:15 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2021-07-26 12:18 - 2019-11-13 15:07 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-26 11:47 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-26 11:37 - 2019-11-24 08:30 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\WhatsApp
2021-07-26 11:11 - 2019-06-29 01:01 - 001742324 _____ C:\Windows\system32\PerfStringBackup.INI
2021-07-26 11:11 - 2019-03-19 09:46 - 000752820 _____ C:\Windows\system32\prfh0416.dat
2021-07-26 11:11 - 2019-03-19 09:46 - 000148836 _____ C:\Windows\system32\prfc0416.dat
2021-07-26 11:11 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2021-07-26 11:09 - 2020-12-16 07:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2021-07-26 11:07 - 2020-12-16 13:26 - 000000000 __RSD C:\Users\Usuario\Documents\McAfee Vaults
2021-07-26 11:07 - 2019-11-13 15:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-26 11:06 - 2019-11-14 21:09 - 000047800 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2021-07-26 11:06 - 2019-11-14 20:27 - 000000000 ____D C:\Windows\system32\Tasks\McAfee
2021-07-26 11:06 - 2019-11-13 15:25 - 000000000 __SHD C:\Users\Usuario\IntelGraphicsProfiles
2021-07-26 11:06 - 2019-11-13 15:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-07-26 11:06 - 2019-06-29 00:54 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-25 19:43 - 2019-11-13 16:29 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-07-25 19:43 - 2019-03-19 01:37 - 000786432 _____ C:\Windows\system32\config\BBI
2021-07-25 19:42 - 2019-11-14 21:11 - 000000000 ____D C:\Program Files (x86)\Steam
2021-07-25 19:37 - 2019-12-14 15:28 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Discord
2021-07-25 19:35 - 2019-11-13 15:06 - 000000000 ___RD C:\Users\Usuario\OneDrive
2021-07-25 19:21 - 2019-12-14 15:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\Discord
2021-07-25 17:59 - 2020-06-13 17:21 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\gcac-launcher
2021-07-25 14:05 - 2019-06-29 00:53 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-07-25 10:07 - 2019-11-14 20:25 - 000000000 ____D C:\ProgramData\McAfee
2021-07-24 15:59 - 2021-03-21 15:14 - 003453464 _____ C:\Windows\system32\Drivers\EMAC-Driver-x64.sys
2021-07-24 15:59 - 2020-10-10 16:36 - 000001561 _____ C:\Users\Usuario\Desktop\Gamers Club Anti-Cheat.lnk
2021-07-23 20:34 - 2020-06-18 09:22 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-23 20:06 - 2019-06-29 00:53 - 000000000 ____D C:\Windows\Panther
2021-07-23 18:30 - 2021-04-20 12:02 - 000167989 _____ C:\Windows\diagwrn.xml
2021-07-23 18:30 - 2021-04-20 12:02 - 000167643 _____ C:\Windows\diagerr.xml
2021-07-23 15:45 - 2019-11-13 14:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\Packages
2021-07-23 11:54 - 2019-12-18 22:01 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\ZHP
2021-07-23 10:24 - 2019-11-13 15:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-22 20:21 - 2019-11-15 17:51 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2021-07-22 19:57 - 2019-11-14 08:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\D3DSCache
2021-07-22 18:58 - 2019-11-13 15:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-22 18:54 - 2019-11-15 12:38 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Telegram Desktop
2021-07-22 11:37 - 2019-11-14 21:27 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\HD Tune Pro
2021-07-22 11:28 - 2019-12-06 21:29 - 000000000 ____D C:\Users\Usuario\AppData\Local\BitTorrentHelper
2021-07-22 10:02 - 2021-04-23 17:07 - 000000000 ____D C:\Users\Usuario\AppData\Local\WhatsApp
2021-07-22 10:02 - 2021-04-09 17:48 - 000015458 _____ C:\Users\Usuario\Desktop\Conta Corrente.xlsx
2021-07-21 20:02 - 2019-11-29 11:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Downloaded Installations
2021-07-21 19:39 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-07-21 19:30 - 2020-12-01 13:13 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\IGDump
2021-07-21 19:21 - 2019-11-14 20:26 - 000000000 ____D C:\Program Files\McAfee
2021-07-21 17:46 - 2021-03-24 17:33 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\zOONnDYbqMmrswTL
2021-07-21 17:46 - 2021-03-24 17:30 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\XsIFHGJDtKPLGWOf
2021-07-21 17:31 - 2019-11-14 08:16 - 000000000 ____D C:\ProgramData\FLEXnet
2021-07-21 17:31 - 2019-11-13 15:21 - 000000000 ____D C:\Program Files\AMD
2021-07-21 17:28 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-21 17:27 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\registration
2021-07-21 17:22 - 2019-11-14 22:01 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\DVDVideoSoft
2021-07-21 11:23 - 2019-11-13 14:01 - 000000000 ____D C:\Users\Usuario
2021-07-21 10:48 - 2019-03-19 01:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-07-20 23:02 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2021-07-20 20:19 - 2019-11-13 15:08 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-20 10:25 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-07-20 10:24 - 2019-06-29 01:29 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-20 10:22 - 2019-12-07 12:58 - 000000000 ___HD C:\$Windows.~BT
2021-07-19 06:30 - 2019-11-13 15:15 - 000000000 ____D C:\Windows\system32\MRT
2021-07-19 06:27 - 2019-11-13 15:15 - 133422552 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-07-16 19:40 - 2021-03-24 17:52 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2021-07-16 19:33 - 2021-03-24 17:44 - 000000000 ____D C:\Users\Usuario\Documents\Wondershare Filmora 9
2021-07-16 11:13 - 2019-11-13 15:08 - 000003588 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 11:13 - 2019-11-13 15:08 - 000003464 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-13 09:23 - 2019-11-24 08:30 - 000000000 ____D C:\Users\Usuario\AppData\Local\SquirrelTemp
2021-07-11 16:59 - 2019-11-13 16:36 - 000000000 ____D C:\Users\Usuario\AppData\Local\cache
2021-07-09 14:10 - 2020-01-21 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-07-09 14:09 - 2019-11-16 20:47 - 000000000 ____D C:\ProgramData\PCDr
2021-07-09 10:29 - 2020-02-07 10:57 - 000000132 _____ C:\Users\Usuario\AppData\Roaming\Adobe PNG Format CS6 Prefs
2021-07-07 15:46 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2021-07-06 11:00 - 2021-05-19 12:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-07-01 10:10 - 2019-11-14 20:26 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-06-30 11:16 - 2019-11-14 20:25 - 000000000 ____D C:\Program Files\Common Files\McAfee
2021-06-30 09:06 - 2020-06-18 09:22 - 000003618 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-30 09:06 - 2020-06-18 09:22 - 000003494 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-29 17:19 - 2020-01-13 10:01 - 000000000 ____D C:\Program Files (x86)\Origin
2021-06-29 12:57 - 2019-11-13 16:31 - 000000000 ____D C:\Users\Usuario\AppData\Local\PlaceholderTileLogoFolder
2021-06-27 15:20 - 2020-01-13 10:00 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Origin
2021-06-27 15:20 - 2020-01-13 10:00 - 000000000 ____D C:\ProgramData\Origin
2021-06-27 15:17 - 2020-01-13 10:02 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-06-27 15:17 - 2020-01-13 10:00 - 000000000 ____D C:\Users\Usuario\AppData\Local\Origin

==================== Arquivos na raiz de alguns diretórios ========

2020-02-07 10:57 - 2021-07-09 10:29 - 000000132 _____ () C:\Users\Usuario\AppData\Roaming\Adobe PNG Format CS6 Prefs
2020-12-24 17:37 - 2021-05-09 12:29 - 000007597 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg

==================== FCheck ================================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

FCheck: C:\Windows\system32\Drivers\dump_diskdump.sys [2021-07-24] <==== ATENÇÃO (zero byte Arquivo/Pasta)
FCheck: C:\Windows\system32\Drivers\dump_dumpfve.sys [2021-07-24] <==== ATENÇÃO (zero byte Arquivo/Pasta)
FCheck: C:\Windows\system32\Drivers\dump_storahci.sys [2021-07-24] <==== ATENÇÃO (zero byte Arquivo/Pasta)

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Addition

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 19-07-2021 01
Executado por Usuario (26-07-2021 12:47:55)
Executando a partir de C:\Users\Usuario\Desktop
Windows 10 Pro Versão 1909 18363.1556 (X64) (2019-11-13 16:58:22)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-2802420505-662629979-4225180187-500 - Administrator - Disabled)
Convidado (S-1-5-21-2802420505-662629979-4225180187-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-2802420505-662629979-4225180187-503 - Limited - Disabled)
Usuario (S-1-5-21-2802420505-662629979-4225180187-1002 - Administrator - Enabled) => C:\Users\Usuario
WDAGUtilityAccount (S-1-5-21-2802420505-662629979-4225180187-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 21.005.20058 - Adobe Systems Incorporated)
AdoptOpenJDK JRE with Hotspot 8.0.232.09 (x64) (HKLM\...\{D7307955-374A-4D68-9B25-29B8BB49B83B}) (Version: 8.0.232.09 - AdoptOpenJDK)
AdoptOpenJDK JRE with Hotspot 8.0.232.09 (x86) (HKLM-x32\...\{6D3C434E-3E4B-44C7-B4FB-4DA3AE852836}) (Version: 8.0.232.09 - AdoptOpenJDK)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.9.2 - Advanced Micro Devices, Inc.)
Aplicativo Itaú (HKLM-x32\...\{4B6778AC-BABE-44D4-BDF3-1BA382F7D580}) (Version: 1.0.162 - Banco Itaú)
Aplicativos da Autodesk em destaque 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
AutoCAD 2019 - English (HKLM\...\{28B89EEF-2001-0409-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2019 - English (HKLM\...\AutoCAD 2019 - English) (Version: 23.0.46.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.14.1.3 - Autodesk, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0.49 - Banco Bradesco S.A.)
CORSAIR iCUE Software (HKLM-x32\...\{3D350B22-542B-4FB4-B3AC-EA760941C319}) (Version: 3.38.61 - Corsair)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
CPUID HWMonitor 1.42 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.42 - CPUID, Inc.)
CrystalDiskInfo 8.3.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.3.2 - Crystal Dew World)
Dell SupportAssist (HKLM\...\{270DE507-0182-4444-AAC8-FDD6689A92B0}) (Version: 3.10.0.47 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell Touchpad (HKLM\...\Elantech) (Version: 15.3.0.14 - ELAN Microelectronic Corp.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Discord (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
FACEIT (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\FACEIT) (Version: 1.31.1 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free Audio Editor (HKLM-x32\...\Free Audio Editor_is1) (Version: 1.1.35.831 - Digital Wave Ltd)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.3.49.521 - Digital Wave Ltd)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.3.24.729 - Digital Wave Ltd)
Gamers Club AC Launcher 3.2.20 (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\79ac4417-2a6e-5545-a41f-fb03b7abc70c) (Version: 3.2.20 - EMAC LAB LTDA)
Gamers Club Anti-Cheat 3.1.22 (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\5336d6e5-cfd5-580d-976b-0c07db708c28) (Version: 3.1.22 - Gamers Club Engeneering)
Google Chrome (HKLM\...\{104B4CED-D037-33A4-B0A4-3995A7B733B9}) (Version: 91.0.4472.164 - Google LLC)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
HP DeskJet 2600 series Ajuda (HKLM-x32\...\{CF6446D7-ED6A-4738-80AE-0102E9494218}) (Version: 44.0.0 - HP)
HP DeskJet 2600 series Software básico do dispositivo (HKLM\...\{762C001A-5C6E-487F-B160-E2A73464D07D}) (Version: 43.3.2478.18107 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{0E317A5C-E816-42A3-ABF5-E3EF44DACD06}) (Version: 36.0.100.66344 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{E378164C-7A57-4B60-A86C-D5DA4FD0AC19}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{01841008-D75C-447A-90A7-BA96287E6384}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{72D64F2C-8290-446B-A657-80EA5BEF253D}) (Version: 36.0.100.66344 - HP)
HP OneDrive Plugin (HKLM-x32\...\{379920B1-9CA6-4CCA-9A0D-721F6C4C576A}) (Version: 36.0.0.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{D5CB6398-A20C-4A1E-BF09-31EDE8771388}) (Version: 43.0.0.0 - HP)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
K-Lite Mega Codec Pack 15.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.6.0 - KLCP)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R34 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.55 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProjectPro2019Volume - pt-br) (Version: 16.0.10376.20033 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProPlus2019Volume - pt-br) (Version: 16.0.10376.20033 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\OneDriveSetup.exe) (Version: 21.129.0627.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{D06A5649-3BDB-4F2C-9C38-AB25CD5102E2}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visio Professional 2019 - pt-br (HKLM\...\VisioPro2019Volume - pt-br) (Version: 16.0.10376.20033 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{070C55FA-FB9D-46DD-B30B-4B520A83A66A}) (Version: 1.20.146.0 - Microsoft)
Monitor da tecnologia Intel® Turbo Boost 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 90.0.2 (x64 pt-BR)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Opera Stable 77.0.4054.203 (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Opera 77.0.4054.203) (Version: 77.0.4054.203 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.1 - pdfforge GmbH)
PyCharm Community Edition 2020.1.1 (HKLM-x32\...\PyCharm Community Edition 2020.1.1) (Version: 201.7223.92 - JetBrains s.r.o.)
Python Launcher (HKLM-x32\...\{406A47EE-C4AE-4944-BADE-1B543A443873}) (Version: 3.8.7072.0 - Python Software Foundation)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.7.1965 - TeamViewer)
Tekla BIMsight (HKLM\...\{4EDD824B-F4F9-4BA3-857F-3A712553736D}) (Version: 1.10 - Trimble Solutions Corporation)
Tekla Model Sharing Foundation, Clash Check 2.7 (HKLM-x32\...\{8DFA9AE5-A5BD-4976-952F-75E95E72D6BD}) (Version: 2.7.0 - Tekla Corporation)
Tekla Model Sharing Foundation, SketchUp Plugin 1.39 (HKLM-x32\...\{815A3CBE-A089-4D46-AA20-F6A446A7D6EA}) (Version: 1.39 - Tekla Corporation)
Tekla Model Sharing Foundation, WebViewerXml plugin 1.9 (HKLM-x32\...\{4614B232-B595-4CF2-A4A6-DC6D29D11051}) (Version: 1.9.0 - Tekla Corporation)
Telegram Desktop version 2.8.11 (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.8.11 - Telegram FZ-LLC)
Trimble Connect (HKLM\...\{CDD37B47-18D6-4742-836B-1C3487A86F85}) (Version: 1.8.2.169 - Trimble Solutions Corporation)
Trimble Solutions ImportSDK, BSQ Import Plugin 1.6 (x86 build) (HKLM-x32\...\{8C3EA90B-CFEC-41F8-8053-084A78084EAC}) (Version: 1.6 - Trimble Solutions Corporation)
Trimble Solutions ImportSDK, DGN plugin 1.39 (x64 build) (HKLM\...\{1256F9EB-56A4-4A2A-A766-836ED45DFE59}) (Version: 1.39 - Trimble Solutions Corporation)
Trimble Solutions ImportSDK, DWG plugin 1.42 (x64 build) (HKLM\...\{8CAC805E-2A2C-4CC1-A2B1-AA98F82026B2}) (Version: 1.42 - Trimble Solutions Corporation)
Trimble Solutions ImportSDK, IFC plugin 5.34 (x64 build) (HKLM\...\{2C97BFCF-D053-4B14-8A4F-9DB3A6C487AD}) (Version: 5.34 - Trimble Solutions Corporation)
Trimble Solutions ImportSDK, LandXML plugin 1.20 (x86 build) (HKLM-x32\...\{B5C13BC8-0942-4809-9C51-971B204639CB}) (Version: 1.20 - Trimble Solutions Corporation)
Trimble Solutions ImportSDK, STEP/IGES plugin 3.15 (x64 build) (HKLM\...\{CC0283C2-0E4F-4EE1-AF60-BB57022BA43F}) (Version: 3.15 - Trimble Solutions Corporation)
Warsaw 2.18.0.65 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.18.0.65 - Diebold Nixdorf)
WebAdvisor da McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.605 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\WhatsApp) (Version: 2.2126.14 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.3.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-21] (Microsoft Corporation)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.2.0_x64__htrsf667h5kn2 [2021-07-21] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_128.1.219.0_x64__v10z8vjag6ke6 [2021-07-21] (HP Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.14.0_x86__8xx8rvfyw5nnt [2021-07-21] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-07-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-07-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-21] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0 [2021-07-21] (Spotify AB) [Startup Task]

==================== Exame Personalizado CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2802420505-662629979-4225180187-1002_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2802420505-662629979-4225180187-1002_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2802420505-662629979-4225180187-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2802420505-662629979-4225180187-1002_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2802420505-662629979-4225180187-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2018-01-30] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-01-30] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-06-04] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-06-04] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [Arquivo não assinado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [Arquivo não assinado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [Arquivo não assinado]

==================== Atalhos & WMI ========================

==================== Módulos Carregados (Whitelisted) =============

2021-03-05 18:44 - 2021-03-05 18:44 - 000209408 _____ () [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2021-03-05 18:44 - 2021-03-05 18:44 - 000101376 _____ () [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000017920 _____ () [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 003567616 _____ () [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [Arquivo não assinado] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [Arquivo não assinado] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [Arquivo não assinado] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [Arquivo não assinado] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2019-11-16 21:09 - 2014-05-13 21:06 - 000440320 ____N (Atheros) [Arquivo não assinado] C:\Windows\system32\athihvs.dll
2019-11-13 16:33 - 2012-08-01 13:05 - 000030208 _____ (Conexant Systems, Inc.) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\Conexant\SA3\SmartAudio.Creative.dll
2019-11-13 15:13 - 2019-11-13 15:13 - 000116736 _____ (pdfforge GmbH) [Arquivo não assinado] C:\Windows\System32\pdfcmon.dll
2020-11-20 14:10 - 2020-11-20 14:10 - 001638912 _____ (Robert Simpson, et al.) [Arquivo não assinado] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2020-12-16 09:26 - 2020-12-16 09:26 - 000090112 _____ (Silicon Laboratories, Inc.) [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2021-06-29 17:19 - 2020-03-16 14:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-06-29 17:19 - 2020-03-16 14:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Origin\ssleay32.dll
2021-03-05 18:43 - 2021-03-05 18:43 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2021-03-05 18:43 - 2021-03-05 18:43 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2021-06-29 17:19 - 2020-01-13 10:01 - 001611264 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-06-29 17:19 - 2020-01-13 10:01 - 005487104 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-06-29 17:19 - 2020-01-13 10:01 - 005841920 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-06-29 17:19 - 2020-01-13 10:01 - 001179136 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-06-29 17:19 - 2020-01-13 10:01 - 000146432 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-06-29 17:19 - 2020-01-13 10:01 - 005089792 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-06-29 17:19 - 2020-01-13 10:01 - 000184832 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000031744 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000039424 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000031744 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000413696 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000025088 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000025088 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000023552 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000519168 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 001431040 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 001180672 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000135680 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-09-23 04:09 - 2020-09-23 04:09 - 006010880 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 006345216 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 001078272 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000313856 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 004000256 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 003802624 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000171008 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 001083904 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000205312 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000329728 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000113152 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000376320 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 092323328 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 005560832 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000463360 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000188416 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 002888704 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000053760 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000059392 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000017408 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000287232 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000329216 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000136192 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000089088 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000312320 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-08-19 17:48 - 2020-08-19 17:48 - 000017920 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-09-23 04:09 - 2020-09-23 04:09 - 000085504 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [210]
AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7 [154]

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Associação (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

HKU\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-06-04] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-06-04] (McAfee, LLC -> McAfee, LLC)

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\localhost -> localhost

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\AdoptOpenJDK\jre-8.0.232.09-hotspot\bin;C:\Program Files (x86)\AdoptOpenJDK\jre-8.0.232.09-hotspot\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\Desktop\86ab66de9449a62a4357ff4a9affec5b.jpg
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall do Windows está habilitado.

Network Binding:
=============
Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled)
Wi-Fi: Diebold Network Monitor -> nt_wsddntf (enabled)

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: AdAppMgrSvc => 2
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "HDD Regenerator"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "vidnotifier.exe"
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "msnmsgr"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{87C8E9B0-A6D4-4C6D-A1B9-1D3D36F4D51F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F229E847-715E-4560-B25F-B2D507DE4757}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1278CF74-DC35-455D-A7F3-BE4B4737D63B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C28D4BF-F26E-4155-91C0-8A2B347BC04B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{55337E7B-6794-4C90-9590-195E5E4F758A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CAFFC508-2CB7-4D04-A963-301953BE524F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B1255BA1-FFA9-4C65-A51B-819A66ABCE4D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A39DDC0C-191B-4B53-B70E-6FE430261488}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{504B20B6-4EE5-491D-8AA1-6C0CF829CAD5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{BF7CF1BD-9F7E-48DE-A216-1BDD1AE2EDBA}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{A9367D84-17A6-49BC-8440-F68F15A1AD79}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf)
FirewallRules: [{08CA8859-CC75-42CD-AD80-D2FFA5B95D3A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0C4534B6-4705-4409-B236-4BE9679495C5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{701C8848-079A-47FA-BD40-A1E1D4813ED7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{00A7D9E2-7A65-44CB-A493-91B548E9C816}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7A92CA12-FE65-4522-BF9F-531204AC099B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77D48831-FE18-4BE6-AC0E-DEF9448F2AE8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{20E0233E-0B71-48BA-9C0D-1215042CDC76}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ED625EFF-504A-4C94-8F91-61992F1021BD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EEB35AD4-2F51-40E2-BE24-A66A431BD419}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{445C2999-4013-418F-A44F-3006D15F8C97}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{84557DAA-B6DB-40B6-8C53-E492F53CF4B1}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{884409E2-D1E4-4F16-91D6-7BF773056682}] => (Allow) LPort=5357
FirewallRules: [{80175F56-68F8-4140-BD09-8D1BF2A595B0}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{F64BA36D-492B-42D0-8B30-7068786E7DAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cursed Treasure 2\Cursed TD2.exe () [Arquivo não assinado]
FirewallRules: [{AF9F0AD1-1B9E-45C0-80CA-98B7A11980B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cursed Treasure 2\Cursed TD2.exe () [Arquivo não assinado]
FirewallRules: [{C28C568E-A32D-4D01-A2EA-EE469B047F35}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5A979F15-9BE4-440E-9EC0-B22BD19CBC7A}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{62385334-53E0-45B7-BF5B-8B4CAA9F773A}] => (Allow) C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe (MS) [Arquivo não assinado]
FirewallRules: [{050BF33A-FBC3-4980-93D3-B2D81F14E1A9}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{8D666B48-6D10-4811-817C-3E3B1E922FA5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{091A3DA4-CF18-4030-8C32-19330487AE7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CF7E6461-5568-47E5-A135-BCA583D7BB9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A6C25E46-2D2A-49D6-A4DE-B50285714BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\factorio.exe => Nenhum Arquivo
FirewallRules: [{F63128BE-BFF3-4AD9-8324-AE9D70D7B20E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\factorio.exe => Nenhum Arquivo
FirewallRules: [{02D56520-C941-480F-8F6B-ECFD84331C7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GIBZ\GIBZ.exe (Torrunt.net) [Arquivo não assinado]
FirewallRules: [{7AFF0BCE-0C17-44B7-A9F1-D2C17083BE62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GIBZ\GIBZ.exe (Torrunt.net) [Arquivo não assinado]
FirewallRules: [{45941221-F556-41AA-ACE9-EBA3955FB3C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bit Dungeon II\bitDungeonII.exe () [Arquivo não assinado]
FirewallRules: [{3AABD1D7-43E8-4ECA-8E1D-E1AD9902E15B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bit Dungeon II\bitDungeonII.exe () [Arquivo não assinado]
FirewallRules: [{0D194D60-6C62-4E6C-981D-B50EBCCA3BFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Arquivo não assinado]
FirewallRules: [{A44AE0B4-971F-42BC-9532-9B79C6F13449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Arquivo não assinado]
FirewallRules: [{C1964F93-D141-466F-95D3-46AEB8C1BF7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bit Dungeon III\bd3.exe () [Arquivo não assinado]
FirewallRules: [{1BFE7459-B3C4-4E82-864A-BDB271245575}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bit Dungeon III\bd3.exe () [Arquivo não assinado]
FirewallRules: [{CAC10449-BC92-4477-886B-78C983430862}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{D17B4D37-AA75-4284-9D6A-5C75C06B3122}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{38A7EE7F-86CD-4961-A12A-6F94BE73F790}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Screen Grabber Pro\AceThinker Screen Grabber Pro.exe => Nenhum Arquivo
FirewallRules: [{90FDC3B9-8EE9-4116-821D-65B68267917A}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Screen Grabber Pro\AceThinker Screen Grabber Pro.exe => Nenhum Arquivo
FirewallRules: [{91FD5B87-A7EF-4A34-A8CD-CDD27837E964}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pinball FX3\Pinball FX3.exe () [Arquivo não assinado]
FirewallRules: [{D278DBA0-CC2F-4B99-9CB5-D101CC3E1E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pinball FX3\Pinball FX3.exe () [Arquivo não assinado]
FirewallRules: [{2A205712-0AA6-43B0-AD90-01C411F4815B}] => (Allow) C:\Users\Usuario\AppData\Local\Programs\Opera\77.0.4054.172\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{685F7C8D-A6C7-4B7D-B7BE-67EC06858849}] => (Allow) C:\Users\Usuario\AppData\Local\Programs\Opera\77.0.4054.203\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{F10DB2D6-C3C9-41EA-B268-118C9D48A615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A8936B80-1859-473B-A880-3870642CBE24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C0E3F50B-1B37-45B8-85EE-CF705D273B8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6F49838-1C2C-4E91-805C-AD3439F7C52E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7A13BF75-C21A-47DE-B9AD-D125A0E5C309}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5FE1A46A-1992-4860-9A76-21FB63BBBF74}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{283D536B-3319-4687-A537-DADFED44B55F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C3F1C2A3-B312-4E4B-961A-1343F01E7EDC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9DC3E7AB-E4D8-4593-8261-56EFC8822179}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C9D44B48-8ECE-479A-AE3B-DDE759E64EE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43D2E12D-BC7C-4A7B-89A4-28433D12F329}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93648D01-9FF2-4B51-AA0F-E7C4FB44304E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FCEC5C81-9715-491B-B9C0-2A75F9C80EB9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F8B0BCFE-0094-42C0-BB03-D83FEF88D7D6}] => (Allow) C:\Users\Usuario\Desktop\UltraAdwareKiller.exe => Nenhum Arquivo
FirewallRules: [{67DE65AA-082C-4B95-8079-AD35A1B898C3}] => (Allow) C:\Users\Usuario\Desktop\UltraAdwareKiller.exe => Nenhum Arquivo
FirewallRules: [{9DD83B58-A5CC-4E62-B61D-8D844360EC2F}] => (Allow) C:\Users\Usuario\Desktop\UltraAdwareKiller64.exe (Da Silva Alfrédo -> Carifred)
FirewallRules: [{299A3166-5244-4F1E-A215-527DC77DFBA9}] => (Allow) C:\Users\Usuario\Desktop\UltraAdwareKiller64.exe (Da Silva Alfrédo -> Carifred)

==================== Pontos de Restauração =========================

21-07-2021 19:46:35 Removed HDD Regenerator.
21-07-2021 19:50:37 Installed HDD Regenerator.
21-07-2021 19:53:55 Removed HDD Regenerator.
21-07-2021 20:02:41 Installed HDD Regenerator.
23-07-2021 11:53:29 ZHPcleaner
24-07-2021 20:57:34 2407

==================== Dispositivos Apresentando Falhas No Gerenciador ============

==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (07/25/2021 11:00:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: AUDIODG.EXE, versão: 10.0.18362.1533, carimbo de data/hora: 0x66e9554c
Nome do módulo com falha: CX64AP71.dll, versão: 4.80.70.0, carimbo de data/hora: 0x501ae8c8
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000106baa
ID do processo com falha: 0x226c
Hora de início do aplicativo com falha: 0x01d7815a10b3e02d
Caminho do aplicativo com falha: C:\Windows\system32\AUDIODG.EXE
Caminho do módulo com falha: C:\Windows\system32\CX64AP71.dll
ID do Relatório: 8be922c6-4c05-4df1-81f9-433175feba0e
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (07/24/2021 10:21:53 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.

Error: (07/24/2021 10:21:53 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]

Error: (07/24/2021 10:21:53 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.

Error: (07/24/2021 10:21:53 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]

Error: (07/24/2021 09:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: AUDIODG.EXE, versão: 10.0.18362.1533, carimbo de data/hora: 0x66e9554c
Nome do módulo com falha: CX64AP71.dll, versão: 4.80.70.0, carimbo de data/hora: 0x501ae8c8
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000106baa
ID do processo com falha: 0x2ca0
Hora de início do aplicativo com falha: 0x01d780eaf2696c11
Caminho do aplicativo com falha: C:\Windows\system32\AUDIODG.EXE
Caminho do módulo com falha: C:\Windows\system32\CX64AP71.dll
ID do Relatório: a85189e7-7e47-46b6-96f5-503420072e67
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (07/24/2021 09:18:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: MMSSHOST.EXE, versão: 1.8.121.0, carimbo de data/hora: 0x60940a2d
Nome do módulo com falha: MMSSHOST.EXE, versão: 1.8.121.0, carimbo de data/hora: 0x60940a2d
Código de exceção: 0xc0000409
Deslocamento da falha: 0x000000000002ba75
ID do processo com falha: 0x14e8
Hora de início do aplicativo com falha: 0x01d780e8143a3184
Caminho do aplicativo com falha: C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.EXE
Caminho do módulo com falha: C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.EXE
ID do Relatório: 1eee067a-ea92-469e-bcc7-cb4c70f976ef
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (07/24/2021 12:56:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: AUDIODG.EXE, versão: 10.0.18362.1533, carimbo de data/hora: 0x66e9554c
Nome do módulo com falha: CX64AP71.dll, versão: 4.80.70.0, carimbo de data/hora: 0x501ae8c8
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000106baa
ID do processo com falha: 0x2d88
Hora de início do aplicativo com falha: 0x01d780a40213b879
Caminho do aplicativo com falha: C:\Windows\system32\AUDIODG.EXE
Caminho do módulo com falha: C:\Windows\system32\CX64AP71.dll
ID do Relatório: d105758d-8dfe-4ce2-8093-a6b2184d87d1
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Erros de Sistema:
=============
Error: (07/26/2021 12:47:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço wuauserv terminou com o erro:
O sistema não pode encontrar o arquivo especificado.

Error: (07/26/2021 12:47:48 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/26/2021 12:45:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço wuauserv terminou com o erro:
O sistema não pode encontrar o arquivo especificado.

Error: (07/26/2021 12:45:48 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/26/2021 12:43:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço wuauserv terminou com o erro:
O sistema não pode encontrar o arquivo especificado.

Error: (07/26/2021 12:43:47 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/26/2021 12:41:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço wuauserv terminou com o erro:
O sistema não pode encontrar o arquivo especificado.

Error: (07/26/2021 12:41:47 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} não se registrou no DCOM dentro do tempo limite necessário.

==================== Informações da Memória ===========================

BIOS: Dell Inc. A14 05/17/2018
placa-mãe: Dell Inc. 0DNMM8
Processador: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Percentagem de memória em uso: 49%
RAM física total: 8067.35 MB
RAM física disponível: 4038.99 MB
Virtual Total: 12931.35 MB
Virtual disponível: 7148.16 MB

==================== Drives ================================

Drive () (Fixed) (Total:465.19 GB) (Free:158.33 GB) NTFS

\\?\Volume{c82ad428-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.57 GB) (Free:0.16 GB) NTFS

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C82AD428)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: 21AD8077)

Partition: GPT.

==================== Fim de Addition.txt =======================

Elias Pereira · 26 de julho de 2021

@Gustavo Ceron Lombardi

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
File: C:\Program Files (x86)\scpbrad\scpbradguard.exe,C:\Program Files (x86)\scpbrad\scpbradserv.exe,C:\Windows\system32\pdfcmon.dll,C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe,C:\Windows\system32\svchost.exe,C:\Windows\SysWOW64\svchost.exe
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\MountPoints2: {8990ba3c-4929-11eb-9811-e006e6cf8ea8} - "E:\LaunchU3.exe" -a
HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
Task: {0580C1BE-0FF4-499D-AA2E-E24D6F3D5FEA} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {06600067-3001-40FE-8D94-1802B9BAFAAA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0938693D-6B30-4F53-AB6F-C686A95D847B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {223B46EB-0666-45BC-A983-7011C33BD9C6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {28568FCD-C388-40E2-B4C1-0B37E311FF0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {2BC10DF2-E766-4413-9894-A9916031CCA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC)
Task: {49570756-6ADF-4420-BBF2-F567FBFA9F24} - System32\Tasks\Opera scheduled assistant Autoupdate 1576838203 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Usuario\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {5510920A-52BD-4CDA-A4C1-E06C28EB40FC} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC)
Task: {5C34AA8A-A092-4453-8EE2-FCBA57A8094B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {621A1456-B4DA-44DB-819F-53A6620CA05F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6C20AB84-A680-4722-A488-0D86577A60C0} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7B9A3E3D-221E-4DA0-AFAD-67432C84B8E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {813C8F90-E997-4B55-B4EC-E76941238FD0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Orchestrator => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [1662662 2018-02-24] (MS) [Arquivo não assinado]
Task: {92D2D785-395B-4285-8D72-D360E4B530F7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Shutdown => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [1662662 2018-02-24] (MS) [Arquivo não assinado]
Task: {951F8D96-B977-4BC8-8048-6AB7BA661B44} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-07-08] () [Arquivo não assinado]
Task: {95716E15-AC07-46B8-A048-F40A58515FA2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {98F7D800-CC7A-4A22-8195-F4F0861034D2} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4114728 2021-04-29] (McAfee, LLC -> McAfee, LLC)
Task: {9F2BD1AE-9A81-45F6-8741-96428752BF9A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C45D70A8-BE3F-4A33-B445-053521B704BF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4CD0060-4B29-432B-9D70-95499E155027} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {C906B71F-C0DA-47FD-B6FD-12BA1E5D01BB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {CDFEBBF5-B27A-4C4F-9F67-576B50DC5F0B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {D87C985A-93D1-47B8-AFA3-BE8CA3967501} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC)
Task: {EAC87C8F-CA18-4A27-99A6-FD162A4A6964} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC)
Task: {F2E4423E-8169-468A-953A-C9AF5D239F85} - System32\Tasks\Opera scheduled Autoupdate 1573773820 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software)
Task: {F807E8AE-D6CE-46DD-855D-4F931C5C749F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e Windows 10:Clique com o direito sobre o arquivo FRST.EXE, depois clique em http://i.imgur.com/VRIfczU.png

Clique no botão

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

Gustavo Ceron Lombardi · 26 de julho de 2021

@Elias Pereira

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 19-07-2021 01
Executado por Usuario (26-07-2021 16:32:35) Run:1
Executando a partir de C:\Users\Usuario\Desktop
Perfis Carregados: Usuario
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
File: C:\Program Files (x86)\scpbrad\scpbradguard.exe,C:\Program Files (x86)\scpbrad\scpbradserv.exe,C:\Windows\system32\pdfcmon.dll,C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe,C:\Windows\system32\svchost.exe,C:\Windows\SysWOW64\svchost.exe
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\MountPoints2: {8990ba3c-4929-11eb-9811-e006e6cf8ea8} - "E:\LaunchU3.exe" -a
HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
Task: {0580C1BE-0FF4-499D-AA2E-E24D6F3D5FEA} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {06600067-3001-40FE-8D94-1802B9BAFAAA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0938693D-6B30-4F53-AB6F-C686A95D847B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {223B46EB-0666-45BC-A983-7011C33BD9C6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {28568FCD-C388-40E2-B4C1-0B37E311FF0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {2BC10DF2-E766-4413-9894-A9916031CCA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC)
Task: {49570756-6ADF-4420-BBF2-F567FBFA9F24} - System32\Tasks\Opera scheduled assistant Autoupdate 1576838203 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Usuario\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {5510920A-52BD-4CDA-A4C1-E06C28EB40FC} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC)
Task: {5C34AA8A-A092-4453-8EE2-FCBA57A8094B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {621A1456-B4DA-44DB-819F-53A6620CA05F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6C20AB84-A680-4722-A488-0D86577A60C0} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7B9A3E3D-221E-4DA0-AFAD-67432C84B8E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {813C8F90-E997-4B55-B4EC-E76941238FD0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Orchestrator => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [1662662 2018-02-24] (MS) [Arquivo não assinado]
Task: {92D2D785-395B-4285-8D72-D360E4B530F7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Shutdown => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [1662662 2018-02-24] (MS) [Arquivo não assinado]
Task: {951F8D96-B977-4BC8-8048-6AB7BA661B44} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-07-08] () [Arquivo não assinado]
Task: {95716E15-AC07-46B8-A048-F40A58515FA2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {98F7D800-CC7A-4A22-8195-F4F0861034D2} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4114728 2021-04-29] (McAfee, LLC -> McAfee, LLC)
Task: {9F2BD1AE-9A81-45F6-8741-96428752BF9A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C45D70A8-BE3F-4A33-B445-053521B704BF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4CD0060-4B29-432B-9D70-95499E155027} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {C906B71F-C0DA-47FD-B6FD-12BA1E5D01BB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {CDFEBBF5-B27A-4C4F-9F67-576B50DC5F0B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {D87C985A-93D1-47B8-AFA3-BE8CA3967501} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC)
Task: {EAC87C8F-CA18-4A27-99A6-FD162A4A6964} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC)
Task: {F2E4423E-8169-468A-953A-C9AF5D239F85} - System32\Tasks\Opera scheduled Autoupdate 1573773820 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software)
Task: {F807E8AE-D6CE-46DD-855D-4F931C5C749F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.

========================= File: C:\Program Files (x86)\scpbrad\scpbradguard.exe,C:\Program Files (x86)\scpbrad\scpbradserv.exe,C:\Windows\system32\pdfcmon.dll,C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe,C:\Windows\system32\svchost.exe,C:\Windows\SysWOW64\svchost.exe ========================

"C:\Program Files (x86)\scpbrad\scpbradguard.exe,C:\Program Files (x86)\scpbrad\scpbradserv.exe,C:\Windows\system32\pdfcmon.dll,C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe,C:\Windows\system32\svchost.exe,C:\Windows\SysWOW64\svchost.exe" => não encontrado (a)
====== Fim de File: ======

"HKU\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removido (a) com sucesso.
HKU\S-1-5-21-2802420505-662629979-4225180187-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8990ba3c-4929-11eb-9811-e006e6cf8ea8} => removido (a) com sucesso.
HKLM\SOFTWARE\Policies\Google => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0580C1BE-0FF4-499D-AA2E-E24D6F3D5FEA}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0580C1BE-0FF4-499D-AA2E-E24D6F3D5FEA}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WaaSMedic\MaintenanceWork" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06600067-3001-40FE-8D94-1802B9BAFAAA}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06600067-3001-40FE-8D94-1802B9BAFAAA}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0938693D-6B30-4F53-AB6F-C686A95D847B}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0938693D-6B30-4F53-AB6F-C686A95D847B}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{223B46EB-0666-45BC-A983-7011C33BD9C6}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{223B46EB-0666-45BC-A983-7011C33BD9C6}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\StartCN => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartCN" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28568FCD-C388-40E2-B4C1-0B37E311FF0A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28568FCD-C388-40E2-B4C1-0B37E311FF0A}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2BC10DF2-E766-4413-9894-A9916031CCA8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BC10DF2-E766-4413-9894-A9916031CCA8}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49570756-6ADF-4420-BBF2-F567FBFA9F24}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49570756-6ADF-4420-BBF2-F567FBFA9F24}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Opera scheduled assistant Autoupdate 1576838203 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1576838203" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5510920A-52BD-4CDA-A4C1-E06C28EB40FC}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5510920A-52BD-4CDA-A4C1-E06C28EB40FC}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Auto Maintenance Task Agent" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C34AA8A-A092-4453-8EE2-FCBA57A8094B}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C34AA8A-A092-4453-8EE2-FCBA57A8094B}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeBackgroundTaskHandlerLogon" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{621A1456-B4DA-44DB-819F-53A6620CA05F}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{621A1456-B4DA-44DB-819F-53A6620CA05F}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\ModifyLinkUpdate => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ModifyLinkUpdate" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C20AB84-A680-4722-A488-0D86577A60C0}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C20AB84-A680-4722-A488-0D86577A60C0}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\StartCNBM => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartCNBM" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B9A3E3D-221E-4DA0-AFAD-67432C84B8E0}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B9A3E3D-221E-4DA0-AFAD-67432C84B8E0}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentFallBack2016" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{813C8F90-E997-4B55-B4EC-E76941238FD0}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{813C8F90-E997-4B55-B4EC-E76941238FD0}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Orchestrator => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Orchestrator" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92D2D785-395B-4285-8D72-D360E4B530F7}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92D2D785-395B-4285-8D72-D360E4B530F7}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Shutdown => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Shutdown" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{951F8D96-B977-4BC8-8048-6AB7BA661B44}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{951F8D96-B977-4BC8-8048-6AB7BA661B44}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\klcp_update => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{95716E15-AC07-46B8-A048-F40A58515FA2}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95716E15-AC07-46B8-A048-F40A58515FA2}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates 2.0" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98F7D800-CC7A-4A22-8195-F4F0861034D2}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98F7D800-CC7A-4A22-8195-F4F0861034D2}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\McAfee\DAD.Execute.Updates => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\DAD.Execute.Updates" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9F2BD1AE-9A81-45F6-8741-96428752BF9A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F2BD1AE-9A81-45F6-8741-96428752BF9A}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\StartDVR => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartDVR" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C45D70A8-BE3F-4A33-B445-053521B704BF}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C45D70A8-BE3F-4A33-B445-053521B704BF}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C4CD0060-4B29-432B-9D70-95499E155027}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4CD0060-4B29-432B-9D70-95499E155027}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentLogOn2016" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C906B71F-C0DA-47FD-B6FD-12BA1E5D01BB}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C906B71F-C0DA-47FD-B6FD-12BA1E5D01BB}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CDFEBBF5-B27A-4C4F-9F67-576B50DC5F0B}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDFEBBF5-B27A-4C4F-9F67-576B50DC5F0B}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\McAfeeLogon => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfeeLogon" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D87C985A-93D1-47B8-AFA3-BE8CA3967501}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D87C985A-93D1-47B8-AFA3-BE8CA3967501}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Idle Detection Task" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAC87C8F-CA18-4A27-99A6-FD162A4A6964}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAC87C8F-CA18-4A27-99A6-FD162A4A6964}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F2E4423E-8169-468A-953A-C9AF5D239F85}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2E4423E-8169-468A-953A-C9AF5D239F85}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1573773820 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1573773820" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F807E8AE-D6CE-46DD-855D-4F931C5C749F}" => não encontrado (a)
C:\Windows\System32\Tasks\AMDLinkUpdate => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AMDLinkUpdate" => removido (a) com sucesso.
C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => movido com sucesso

========= ipconfig /flushdns =========

Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-2802420505-662629979-4225180187-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-2802420505-662629979-4225180187-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.

========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 711764676 B
Java, Flash, Steam htmlcache => 711480737 B
Windows/system/drivers => 1403321 B
Edge => 531204 B
Chrome => 242216115 B
Firefox => 2064719179 B
Opera => 318689843 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 3274377 B
systemprofile32 => 3274377 B
LocalService => 8332238 B
NetworkService => 8342848 B
Usuario => 319489717 B

RecycleBin => 1333995367 B
EmptyTemp: => 5.3 GB de dados temporários Removidos.

================================

O sistema precisou ser reiniciado.

==== Fim de Fixlog 16:45:32 ====

Elias Pereira · 26 de julho de 2021

@Gustavo Ceron Lombardi

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

File: C:\Program Files (x86)\scpbrad\scpbradguard.exe;C:\Program Files (x86)\scpbrad\scpbradserv.exe;C:\Windows\system32\pdfcmon.dll;C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe;C:\Windows\system32\svchost.exe;C:\Windows\SysWOW64\svchost.exe

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e Windows 10:Clique com o direito sobre o arquivo FRST.EXE, depois clique em http://i.imgur.com/VRIfczU.png

Clique no botão

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

Gustavo Ceron Lombardi · 26 de julho de 2021

@Elias Pereira

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 19-07-2021 01
Executado por Usuario (26-07-2021 17:48:27) Run:2
Executando a partir de C:\Users\Usuario\Desktop
Perfis Carregados: Usuario
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
File: C:\Program Files (x86)\scpbrad\scpbradguard.exe;C:\Program Files (x86)\scpbrad\scpbradserv.exe;C:\Windows\system32\pdfcmon.dll;C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe;C:\Windows\system32\svchost.exe;C:\Windows\SysWOW64\svchost.exe
*****************

========================= File: C:\Program Files (x86)\scpbrad\scpbradguard.exe;C:\Program Files (x86)\scpbrad\scpbradserv.exe;C:\Windows\system32\pdfcmon.dll;C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe;C:\Windows\system32\svchost.exe;C:\Windows\SysWOW64\svchost.exe ========================

C:\Program Files (x86)\scpbrad\scpbradguard.exe
O arquivo é assinado digitalmente
MD5: 1E86F0E497B83F19A0AF901D0AF4CDA6
Data de criação e modificação: 2019-12-13 11:05 - 2019-12-13 11:05
Tamanho: 003100032
Atributos: ----N
Nome Da Empresa: Banco Bradesco S.A. -> Scopus Soluções em TI Ltda
Interno Nome: scpsecguard.exe
Original Nome: scpsecguard.exe
Produto: scpsecguard
Descrição: Módulo de Interação do Serviço de Segurança Scopus
Arquivo Versão: 1.0.0.49
Produto Versão: 1.0.0.49
Copyright: Copyright (C) 2018
VirusTotal: https://www.virustotal.com/gui/file/e5fe00e8d9da012e9b396edfb229b5e2f9c23e745374531d48c5a2157df420ba/detection/f-e5fe00e8d9da012e9b396edfb229b5e2f9c23e745374531d48c5a2157df420ba-1625242576

C:\Program Files (x86)\scpbrad\scpbradserv.exe
O arquivo é assinado digitalmente
MD5: C1B59FB4C0D99A0A74548C1E77B08CCA
Data de criação e modificação: 2019-12-13 11:05 - 2021-03-02 11:11
Tamanho: 002269056
Atributos: ----N
Nome Da Empresa: Banco Bradesco S.A. -> Scopus Soluções em TI Ltda
Interno Nome: ScpSecurityService.exe
Original Nome: ScpSecurityService.exe
Produto: ScpSecurityService
Descrição: Componente de Segurança Bradesco
Arquivo Versão: 1.0.0.51
Produto Versão: 1.0.0.51
Copyright: Copyright (C) 2020
VirusTotal: https://www.virustotal.com/gui/file/fcaea2d5c61b3c174a300135e241f8d6f48d9a046e822c7292be523ed3463d7a/detection/f-fcaea2d5c61b3c174a300135e241f8d6f48d9a046e822c7292be523ed3463d7a-1626464920

C:\Windows\system32\pdfcmon.dll
Arquivo não assinado
MD5: C3938F5570991DC59774FA2BD0C53705
Data de criação e modificação: 2019-11-13 15:13 - 2019-11-13 15:13
Tamanho: 000116736
Atributos: ----A
Nome Da Empresa: pdfforge GmbH
Interno Nome: pdfcmon
Original Nome: pdfcmon
Produto: pdfcmon
Descrição: pdfcmon
Arquivo Versão: 0.9.8.1
Produto Versão: 0.9.8.1
Copyright: Copyright (c) by pdfforge
VirusTotal: https://www.virustotal.com/gui/file/a9354a30c9176913198b356ad0f346c86d2c1666f5174bf7f5f915fae40d33bf/detection/f-a9354a30c9176913198b356ad0f346c86d2c1666f5174bf7f5f915fae40d33bf-1623312884

C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe
Arquivo não assinado
MD5: 711E5C829211E28CA596416FD22388B3
Data de criação e modificação: 2021-01-02 20:36 - 2014-04-02 22:08
Tamanho: 000381952
Atributos: ----A
Nome Da Empresa: Scarlet.Crush Productions
Interno Nome: ScpService.exe
Original Nome: ScpService.exe
Produto: ScpService
Descrição: ScpService
Arquivo Versão: 1.2.2.175
Produto Versão: 1.2.2.175
Copyright: Copyright © Scarlet.Crush Productions 2012, 2013, 2014
VirusTotal: https://www.virustotal.com/gui/file/82428854423d2cf399661e937a66ffacdf57a0a2d7d2e79ead7a587202eb5134/detection/f-82428854423d2cf399661e937a66ffacdf57a0a2d7d2e79ead7a587202eb5134-1618152104

C:\Windows\system32\svchost.exe
Catalog: C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.1556.cat
O arquivo é assinado digitalmente
MD5: 9520A99E77D6196D0D09833146424113
Data de criação e modificação: 2019-03-19 01:44 - 2019-03-19 01:44
Tamanho: 000053744
Atributos: ----A
Nome Da Empresa: Microsoft Windows Publisher -> Microsoft Corporation
Interno Nome: svchost.exe
Original Nome: svchost.exe
Produto: Microsoft® Windows® Operating System
Descrição: Host Process for Windows Services
Arquivo Versão: 10.0.18362.1 (WinBuild.160101.0800)
Produto Versão: 10.0.18362.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file/dd191a5b23df92e12a8852291f9fb5ed594b76a28a5a464418442584afd1e048/detection/f-dd191a5b23df92e12a8852291f9fb5ed594b76a28a5a464418442584afd1e048-1627319032

C:\Windows\SysWOW64\svchost.exe
Catalog: C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0012~31bf3856ad364e35~amd64~~10.0.18362.1556.cat
O arquivo é assinado digitalmente
MD5: A7296C1245EE76768D581C6330DADE06
Data de criação e modificação: 2019-03-19 01:45 - 2019-03-19 01:45
Tamanho: 000045448
Atributos: ----A
Nome Da Empresa: Microsoft Windows Publisher -> Microsoft Corporation
Interno Nome: svchost.exe
Original Nome: svchost.exe
Produto: Microsoft® Windows® Operating System
Descrição: Host Process for Windows Services
Arquivo Versão: 10.0.18362.1 (WinBuild.160101.0800)
Produto Versão: 10.0.18362.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file/5be0de7f915ba819d4ba048db7a2a87f6f3253fdd4865dc418181a0d6a031caa/detection/f-5be0de7f915ba819d4ba048db7a2a87f6f3253fdd4865dc418181a0d6a031caa-1627279700

====== Fim de File: ======

==== Fim de Fixlog 17:49:30 ====

Elias Pereira · 26 de julho de 2021

@Gustavo Ceron Lombardi

Em relação a malwares, não temos mais problemas.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Elias Pereira · 26 de julho de 2021

Problema resolvido!

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.