Peguei vários tipos de virus, alguns não consigo me livrar

Clau de Oliveira · 20 de março de 2023

Peguei vírus, spyware, tudo que possa imaginar depois que tentei recuperar alguns arquivos perdidos com programas baixados da internet.

Passei o cclenear, pois o software capcut abre mais cheio de chuvisco, aí o cclenear apagou meus arquivos

Aguardo, obrigada!!

Addition.txt FRST.txt AdwCleaner[C00].txt AdwCleaner[S00].txt

Elias Pereira · 26 de março de 2023

Por favor, atente para o seguinte:

Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento to44ent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
Respeite a ordem das instruções passadas;
Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Regras da Área de Remoção de Malware << IMPORTANTE A LEITURA

Regras Gerais do Forum Clube do Hardware << IMPORTANTE A LEITURA

Siga os passos abaixo:

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

ETAPA 1

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em

Clique em VERIFICAR AGORA/SCAN NOW. Após o termino clique em LIMPAR/CLEAN e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

ETAPA 2

Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html

Execute o arquivo ZHPCleaner.exe Como Administrador

Clique no botão Scanner.
A ferramenta começara o exame do seu sistema.
Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
Em seguida clique no botão Reparar.
Será gerado um log chamado ZHPCleaner.txt

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

Clau de Oliveira · 27 de março de 2023

@Elias Pereira Olá

Eu já fiz o escaneamento do adwcleaner e postei o resultado no primeiro post.

Elias Pereira · 1 de abril de 2023

Em 26/03/2023 às 23:24, Clau de Oliveira disse:

Eu já fiz o escaneamento do adwcleaner e postei o resultado no primeiro post.

Mas isso foi em março. Preciso de logs novos.

Por gentileza, execute os procedimentos solicitados.

Clau de Oliveira · 3 de abril de 2023

@Elias Pereira

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-03-2023
# Duration: 00:00:34
# OS: Windows 10 (Build 19045.2728)
# Scanned: 32097
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [1567 octets] - [19/03/2023 22:14:55]
AdwCleaner[C00].txt - [1699 octets] - [19/03/2023 22:15:48]
AdwCleaner[S01].txt - [1542 octets] - [20/03/2023 22:38:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

~ ZHPCleaner v2023.4.2.15 by Nicolas Coolman (2023/04/02) ~ Run by clare (Administrator) (03/04/2023 11:36:00) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\clare\OneDrive\Área de Trabalho\ZHPCleaner (R).txt ~ Quarantine : C:\Users\clare\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 19045) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (22) ---\ Scheduled automatic tasks. (1) DELETED task: [AutoKMSDaily] [C:\WINDOWS\Tasks\AutoKMSDaily.job (Not File) ] =>HackTool.AutoKMS ---\ Explorer ( File, Folder) (4) MOVED file: C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences =>Préférences Chromium MOVED file: C:\Users\clare\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Windows\Tasks\AutoKMSDaily.job =>HackTool.AutoKMS ---\ Registry ( Key, Value, Data) (1) DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask ---\ Summary of the elements found (3) https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask ---\ Other deletions. (0) ~ Registry Keys Tracing deleted (0) ~ Remove the old reports ZHPCleaner. (0) ---\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Internet Explorer OK ---\ Statistics ~ Items scanned : 2677 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h00mn11s ---\ Reports (2) ZHPCleaner-[S]-03042023-11_29_08.txt ZHPCleaner-[R]-03042023-11_36_11.txt

Elias Pereira · 3 de abril de 2023

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Clique com o direito sobre o arquivo FRST64.EXE, depois clique em http://i.imgur.com/VRIfczU.png .

Aceite o contrato e depois clique no botão Scan/Examinar.Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

Clau de Oliveira · 4 de abril de 2023

@Elias Pereira

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 03-04-2023
Executado por clare (03-04-2023 23:32:32)
Executando a partir de C:\Users\clare\OneDrive\Área de Trabalho
Microsoft Windows 10 Home Single Language Versão 22H2 19045.2728 (X64) (2020-07-11 18:20:45)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-868159705-1825106094-3080552626-500 - Administrator - Disabled)
clare (S-1-5-21-868159705-1825106094-3080552626-1001 - Administrator - Enabled) => C:\Users\clare
Convidado (S-1-5-21-868159705-1825106094-3080552626-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-868159705-1825106094-3080552626-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-868159705-1825106094-3080552626-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Acer Jumpstart (HKLM-x32\...\{4335EAF1-21F1-43D3-8F6F-D7E481E6959A}) (Version: 3.3.19180.60 - Acer)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1046-1033-7760-BC15014EA700}) (Version: 23.001.20093 - Adobe)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_1_2) (Version: 22.1.2 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.14 - philandro Software GmbH)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Canva (HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\3d0ba22d-e02b-5c6d-93a1-4e2a9af9c1f2) (Version: 1.62.0 - Canva Pty Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.147 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 72.0.3.0 - Google LLC)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM\...\{631C57C3-B765-4327-822A-057C34D691CC}) (Version: 10.1.17695.8086 - Intel Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{C5A3E7E0-34F2-4582-A7FF-F335C8ED582B}) (Version: 2.4.09007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{310C6D71-5D6E-41EC-8D57-90A45FAFF6DB}) (Version: 16.8.0.1000 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.0.1000 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{2D79E334-B178-45B9-A2A6-7A60A084C268}) (Version: 16.8.0.1000 - Intel Corporation)
Malwarebytes version 4.5.25.256 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.25.256 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft ASP.NET Core 3.1.10 Targeting Pack (x64) (HKLM\...\{3DCD041B-A4CB-3585-893D-60E7B8D74C37}) (Version: 3.1.10.20560 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.14 Shared Framework (x64) (HKLM\...\{1DDE3A7E-9E64-38C4-A76B-EEC6CE0EC9C6}) (Version: 5.0.14.22063 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0015-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0016-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-00BA-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0044-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-00A1-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-001A-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0018-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-001F-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-002C-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0019-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010 (HKLM\...\{90140000-002A-0416-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-006E-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-001B-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.054.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.4053 False (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.57102 False (HKLM\...\{f0cbd694-71ce-4391-9690-5da93b2f0445}) (Version: 8.0.57102 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.58298 False (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.4053 False (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.57103 False (HKLM-x32\...\{d8fea624-4f2c-432d-9a54-6eee9cd1a77e}) (Version: 8.0.57103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False (HKLM\...\{D04659D1-EB2D-3DE5-A833-837A623CCCF7}) (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False (HKLM\...\{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}) (Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.0 False (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 False (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148.0 False (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.0 False (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.0 False (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 False (HKLM-x32\...\{0f12c81f-93ef-46ec-bc94-d952c1a775d4}) (Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 False Eng (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 False (HKLM-x32\...\{35459b22-19a6-44ec-8d34-27eb3131acac}) (Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 False Eng (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 False (HKLM-x32\...\{dde2682b-961a-41ea-8d44-6005991b7947}) (Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 False Eng (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 False Eng (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False (HKLM-x32\...\{6c95b50e-cb5a-4a1f-a7b4-8a6004f8dd6a}) (Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False Eng (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False (HKLM-x32\...\{615bc16d-60f5-482e-91b3-b51d8130963b}) (Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False Eng (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False (HKLM-x32\...\{01db25f3-1b76-4d97-88c8-1c90634d88fb}) (Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False Eng (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 False Eng (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 False (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 False (HKLM\...\{3C28BFD4-90C7-3138-87EF-418DC16E9598}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 False (HKLM\...\{764384C5-BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 False (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 False (HKLM\...\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 False (HKLM\...\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (HKLM-x32\...\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False (HKLM-x32\...\{3D6AD258-61EA-35F5-812C-B7A02152996E}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (HKLM-x32\...\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False (HKLM-x32\...\{E7D4E834-93EB-351F-B8FB-82CDAE623003}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 False (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 False Eng (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 False (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 False Eng (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 False (HKLM-x32\...\{c6870a89-ef30-4f22-bbd1-49cd2516bc56}) (Version: 12.0.40649.5 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 False Eng (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 False (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 False Eng (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 False Eng (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False Eng (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False Eng (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 False (HKLM-x32\...\{78142960-066b-4581-b984-0bdcf560c4be}) (Version: 12.0.40649.5 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 False Eng (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 False (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 False Eng (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 False Eng (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 False (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649 False (HKLM\...\{20C1086D-C843-36B1-B678-990089D1BD44}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 False (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 False (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649 False (HKLM\...\{ABB19BB4-838D-3082-BDA4-87C6604181A2}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 False (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 False (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40649 False (HKLM-x32\...\{A8589745-51BC-3963-B4E9-201CF8693538}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 False (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 False (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40649 False (HKLM-x32\...\{DEA7F8E3-B7B9-3C3C-945B-7F8CE9041748}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 False (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
NVIDIA Driver de gráficos 531.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.29 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.0 - OBS Project)
PDFCreator (HKLM\...\{1E0CF1C6-D640-4566-8E6F-2C2708422A25}) (Version: 4.4.2 - pdfforge GmbH)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0416-0000-0000000FF1CE}_Office14.PROPLUS_{51C5D139-1A25-4F98-880C-9A1619D2882C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0416-1000-0000000FF1CE}_Office14.PROPLUS_{0852D5D5-CEE8-4D04-8106-93A6DFB09341}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0416-0000-0000000FF1CE}_Office14.PROPLUS_{2F01C7C0-8077-4C14-BC52-0A00190D386D}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0416-0000-0000000FF1CE}_Office14.PROPLUS_{E703A730-E5DD-4E57-81E9-C7BF7A89F00E}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Warsaw 2.34.1.1 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.34.1.1 - Topaz)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.5.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoom (HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\ZoomUMX) (Version: 5.13.7 (12602) - Zoom vídeo Communications, Inc.)

Packages:
=========
Acer Collection S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3040.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated)
Área de Trabalho Remota da Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3005.0_x64__8wekyb3d8bbwe [2023-03-14] (Microsoft Corporation)
Assistência Rápida -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corp.)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated)
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4628.0_x64__8j3eq9eme6ctt [2023-03-24] (INTEL CORP) [Startup Task]
ColorNote Bloco de Notas -> C:\Program Files\WindowsApps\DBA41F73.ColorNoteNotepadNotes_1.1.0.20_neutral__3jn8vbmxrzmj2 [2023-03-13] (Social & Mobile, Inc.)
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation)
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-13] (HP Inc.)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.5.3021.0_x86__8wekyb3d8bbwe [2023-03-14] (Microsoft Studios)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2023-03-13] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2023-03-13] (CYBERLINK COM CORP)
Pride 2019 -> C:\Program Files\WindowsApps\Microsoft.Pride2019_9.0.0.0_neutral__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.158.0_x64__dt26b99r8h8gj [2023-03-13] (Realtek Semiconductor Corp)
Sherlock: Casos ocultos -> C:\Program Files\WindowsApps\828B5831.SherlockHiddenMatch-3Cases_1.29.2902.0_x64__ytsefhwckbdv6 [2023-03-14] (G5 Entertainment AB)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Studios) [MS Ad]
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.6.3.0_x64__t4vj0pshhgkwm [2023-03-22] (Telegram Messenger LLP) [Startup Task]
TeleprompterPAD -> C:\Program Files\WindowsApps\ThePixelDiscovery.TeleprompterPAD_1.27.2.0_x64__ah442vqtwsnvy [2023-03-31] (The Pixel Discovery)
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3104.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm [2023-03-14] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-03-14] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-03-14] (Microsoft Corporation)

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-868159705-1825106094-3080552626-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\clare\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-868159705-1825106094-3080552626-1001_Classes\CLSID\{E5DF1139-B036-497A-A287-8A93CCD4763C} -> [MEGAsync] => C:\Users\clare\OneDrive\Documentos\MEGAsync [2020-01-03 08:40]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [Arquivo não assinado] [O arquivo está em uso]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.054.0313.0001\FileSyncShell64.dll [2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2021-11-18] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [Arquivo não assinado] [O arquivo está em uso]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.054.0313.0001\FileSyncShell64.dll [2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.054.0313.0001\FileSyncShell64.dll [2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_0141c6d660e4d11a\nvshext.dll [2023-03-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Atalhos & WMI ========================

==================== Módulos Carregados (Whitelisted) =============

2020-07-07 14:33 - 2016-07-21 10:54 - 000137728 _____ () [Arquivo não assinado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-07-07 14:33 - 2017-09-12 10:34 - 001506304 _____ () [Arquivo não assinado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2023-03-11 11:59 - 2023-03-11 11:59 - 001530368 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\e_sqlite3.dll
2023-03-14 19:08 - 2023-03-14 19:08 - 105989120 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2023-03-14 19:08 - 2023-03-14 19:08 - 008795648 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2023-03-26 21:45 - 2023-03-13 01:32 - 002767872 _____ () [Arquivo não assinado] C:\Users\clare\AppData\Local\Programs\Canva\ffmpeg.dll
2018-12-03 22:19 - 2018-12-03 22:19 - 000126976 _____ (Intel Corporation) [Arquivo não assinado] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-04-17 15:49 - 2022-07-15 20:06 - 000181248 _____ (pdfforge GmbH) [Arquivo não assinado] C:\WINDOWS\System32\pdfcmon.dll
2019-05-13 21:06 - 2022-07-22 11:23 - 005114544 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Arquivo não assinado] C:\Users\clare\AppData\Local\MEGAsync\Qt5Core.dll
2020-07-07 14:33 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [Arquivo não assinado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2334]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Application Data:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Temp:9494338C [252]

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-868159705-1825106094-3080552626-1001 -> DefaultScope {02A9CDE3-EC5E-46C9-97A2-9075BFE987E1} URL =
SearchScopes: HKU\S-1-5-21-868159705-1825106094-3080552626-1001 -> {02A9CDE3-EC5E-46C9-97A2-9075BFE987E1} URL =
BHO: Sem Nome -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Nenhum Arquivo
Filter: text/xml - Nenhum Valor CLSID

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\sharepoint.com -> hxxps://clareroli-files.sharepoint.com

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2020-08-27 13:53 - 2023-03-19 22:06 - 000000860 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 platform.wondershare.com

2021-08-08 22:50 - 2021-08-08 22:50 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\clare\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall do Windows está habilitado.

Network Binding:
=============
Wi-Fi: Diebold Network Monitor -> nt_wsddntf (enabled)
Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled)

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: EaseUS UPDATE SERVICE => 2
MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2
MSCONFIG\Services: HPPrintScanDoctorService => 2
MSCONFIG\Services: PDF Architect 8 => 2
MSCONFIG\Services: PDF Architect 8 Creator => 3
MSCONFIG\Services: PDF Architect 8 Update Service => 3
MSCONFIG\Services: ss_conn_launcher_service => 3
MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2
MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WSVCUUpdateHelper.exe"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\StartupApproved\Run: => "CanvaAutoLaunchAvailabilityCheckAgent"
HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{70A4D341-86A6-4D61-AA4C-9A5FD3555895}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{711B0503-FD9E-4A7B-98B2-8F1218531686}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{7CF937E2-9E6D-4B29-A252-4A799AD67363}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{2964E9E9-0634-4E79-B5A7-AF2F10AEDE24}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{306D23D0-5FE2-4316-BF4D-C87FBB2EAA0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{572EFC4B-638A-49B9-B6EE-EDD8BE2040E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FF446469-5EFB-40C7-B931-9CB480FA86AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{153D5720-51D2-442F-8FC3-632483165660}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{72F6DA85-CE05-4301-A57B-3E4CDAEC390D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CFC14462-7018-40E1-B847-F9514EA16EA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{721B4CF1-EAD3-4B76-BF64-D0FB7543395A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F333A289-9044-424E-9FA1-E19EE0562434}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4855AE8B-D1FF-410C-88C4-31DC1AB826E7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{DE8A449E-3834-435B-89D4-3CF97922DE51}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{6406B5A6-D92B-4B93-AE4D-7E1DE7ECD8A7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D48D4D5D-0634-48B1-B2F0-E5B06E84ACE1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{3217E818-7B17-48D9-8B18-0B089313D2F8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{CA6DA78B-7754-4EFF-86BD-12D881373241}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

==================== Pontos de Restauração =========================

21-03-2023 15:27:20 Ponto de Verificação Agendado
03-04-2023 11:30:06 ZHPcleaner

==================== Dispositivos Apresentando Falhas No Gerenciador ============

==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (04/03/2023 09:05:30 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: CLARE)
Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status.

Error: (04/03/2023 06:05:32 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: CLARE)
Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status.

Error: (04/03/2023 03:05:32 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: CLARE)
Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status.

Error: (04/03/2023 12:05:37 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: CLARE)
Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status.

Error: (04/03/2023 11:48:17 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.

Error: (04/03/2023 11:48:17 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]

Error: (04/03/2023 11:48:17 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.

Error: (04/03/2023 11:48:17 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]

Erros de Sistema:
=============
Error: (04/03/2023 11:50:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ACCSvc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (04/03/2023 11:48:10 AM) (Source: DCOM) (EventID: 10010) (User: CLARE)
Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário.

Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço NVIDIA Display Container LS foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço.

Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Realtek Audio Universal Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Graphics Command Center Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Qualcomm Atheros WLAN Driver Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço AtherosSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Adobe Acrobat Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Windows Defender:
================
Date: 2023-03-13 22:40:02
Description:
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUAMarketing:Win32/Comscore&threatid=311418&enterprise=1
Nome: PUAMarketing:Win32/Comscore
Gravidade: Grave
Categoria: Software Potencialmente Indesejado
Caminho: file:_C:\Users\clare\AppData\Local\Temp\is-3I7LB.tmp\rk_setup.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: CLARE\clare
Nome do Processo: C:\Users\clare\AppData\Local\Temp\is-L2AT8.tmp\dvrsetup.tmp
Versão da Inteligência de Segurança: AV: 1.383.1760.0, AS: 1.383.1760.0, NIS: 1.383.1760.0
Versão do Mecanismo: AM: 1.1.20100.6, NIS: 1.1.20100.6

Date: 2023-02-24 14:16:44
Description:
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=1
Nome: HackTool:Win32/AutoKMS
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Windows\KMSEmulator.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: CLARE\clare
Nome do Processo: C:\Users\clare\Downloads\office 2010\Office 2010 Toolkit.exe
Versão da Inteligência de Segurança: AV: 1.381.80.0, AS: 1.381.80.0, NIS: 1.381.80.0
Versão do Mecanismo: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-02-24 14:15:19
Description:
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.E!MSR&threatid=2147743252&enterprise=1
Nome: HackTool:Win32/AutoKMS.E!MSR
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Users\clare\Downloads\office 2010\Office 2010 Toolkit.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: CLARE\clare
Nome do Processo: C:\Windows\explorer.exe
Versão da Inteligência de Segurança: AV: 1.381.80.0, AS: 1.381.80.0, NIS: 1.381.80.0
Versão do Mecanismo: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2022-08-24 13:29:47
Description:
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=1
Nome: HackTool:Win32/Keygen
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Windows\KMSEmulator.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: CLARE\clare
Nome do Processo: C:\Users\clare\OneDrive\Área de Trabalho\office 2010\office 2010\autenticar office 2010\Office 2010 Toolkit.exe
Versão da Inteligência de Segurança: AV: 1.341.201.0, AS: 1.341.201.0, NIS: 1.341.201.0
Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2022-08-24 13:27:50
Description:
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=1
Nome: HackTool:Win32/Keygen
Gravidade: Alto
Categoria: Ferramenta
Caminho: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\Windows\KMSEmulator.exe; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22775DAB-9D15-4631-AC94-F458547C1D63}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: CLARE\clare
Nome do Processo: C:\Users\clare\OneDrive\Área de Trabalho\office 2010\office 2010\autenticar office 2010\Office 2010 Toolkit.exe
Versão da Inteligência de Segurança: AV: 1.341.201.0, AS: 1.341.201.0, NIS: 1.341.201.0
Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4
Event[0]:

Date: 2023-03-13 22:27:32
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança:
Versão da Inteligência de Segurança anterior: 1.383.1760.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo:
Versão Anterior do Mecanismo: 1.1.20100.6
Código de Erro: 0x80070102
Descrição do Erro: O tempo limite de espera foi atingido.

Date: 2023-01-08 23:34:22
Description:
O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou.
Recurso: Sistema de Inspeção de Rede
Código do Erro: 0x8007041d
Descrição do erro: O serviço não respondeu à requisição de início ou controle em tempo hábil.
Motivo: O sistema não possui atualizações que são necessárias para executar o Sistema de Inspeção de Rede. Instale as atualizações necessárias e reinicie o dispositivo.

Date: 2022-11-18 23:32:49
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança:
Versão da Inteligência de Segurança anterior: 1.375.781.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo:
Versão Anterior do Mecanismo: 1.1.19600.3
Código de Erro: 0x8024001e
Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte.

CodeIntegrity:
===============
Date: 2023-04-03 23:25:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Topaz OFD\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-04-03 15:22:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\72.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

==================== Informações da Memória ===========================

BIOS: Insyde Corp. V1.14 05/24/2019
placa-mãe: WL Raticate_WL
Processador: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Percentagem de memória em uso: 38%
RAM física total: 16232.24 MB
RAM física disponível: 9920.4 MB
Virtual Total: 38232.24 MB
Virtual disponível: 31598.66 MB

==================== Drives ================================

Drive (Acer) (Fixed) (Total:930.4 GB) (Free:422.9 GB) (Model: WDC WD10SPZX-21Z10T0) NTFS
Drive g: ([email protected] - Google Drive) (Fixed) (Total:15 GB) (Free:15 GB) (Model: WDC WD10SPZX-21Z10T0) FAT32
Drive h: ([email protected] - G...) (Fixed) (Total:15 GB) (Free:15 GB) (Model: WDC WD10SPZX-21Z10T0) FAT32

\\?\Volume{a1ec22da-27c4-433e-aafc-4fcca9655532}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.48 GB) NTFS
\\?\Volume{56eb7a99-f1ba-431f-b0ca-223b99f831c2}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 65632B75)

Partition: GPT.

==================== Fim de Addition.txt =======================

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 03-04-2023
Executado por clare (administrador) em CLARE (Acer Aspire A515-52G) (03-04-2023 23:28:43)
Executando a partir de C:\Users\clare\OneDrive\Área de Trabalho
Perfis Carregados: clare
Plataforma: Microsoft Windows 10 Home Single Language Versão 22H2 19045.2728 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Canva -> Canva Pty Ltd) C:\Users\clare\AppData\Local\Programs\Canva\Canva.exe <2>
(DriverStore\FileRepository\cui_dch.inf_amd64_bb78abeaf9afb67e\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bb78abeaf9afb67e\igfxEM.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\72.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\clare\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <33>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bb78abeaf9afb67e\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_8739c242c92433b5\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b57a83a6990c9a72\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b57a83a6990c9a72\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacig.inf_amd64_0141c6d660e4d11a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2>
(svchost.exe ->) (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\Wondershare\UniConverter\WSVCUUpdateHelper.exe (Nenhum Arquivo)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nenhum Arquivo)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (Nenhum Arquivo)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\clare\AppData\Local\Microsoft\Teams\Update.exe [2585824 2022-12-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Nenhum Arquivo)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\clare\AppData\Local\Microsoft\Teams\Update.exe [2585824 2022-12-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\clare\AppData\Local\Programs\Canva\Canva.exe [158071432 2023-03-13] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\Windows\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP c111 Status Monitor: hpinkstsc111LM.dll (Nenhum Arquivo)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-07-15] (pdfforge GmbH) [Arquivo não assinado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.147\Installer\chrmstp.exe [2023-03-29] (Google LLC -> Google LLC)
Startup: C:\Users\clare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-04-26]
ShortcutTarget: MEGAsync.lnk -> C:\Users\clare\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restrição ? <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO

==================== Tarefas Agendadas (Whitelisted) ============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {01FEFF8A-93A2-4E1B-B8E9-CD3FB7A6AA70} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [462848 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {0219B601-8F68-4E0F-AADB-F064BB6BE383} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {10CA2D03-6D42-4E6A-A5F5-1EEFEB37B568} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [834032 2019-02-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1500BF84-CCC6-4FBD-8123-9401637C6FC7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {1B5AF7DA-A632-4B17-BA80-65E489426A8A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1BABCB9C-19E9-4947-A869-394EA85F11AD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {27E8FD4D-C5D6-488D-B731-3B1A4F486C59} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {2A4EA318-BD0D-420D-B860-C365A0393524} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C33F99E-C38A-460D-86B7-989A916F92C0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {31F6A644-F40E-4213-8188-09DCD6B1B329} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {384034EC-2BD9-414E-97BD-788C3CD92FF1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Nenhum Arquivo)
Task: {3D8280CE-976F-4281-84B5-BCDF1BC367A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-14] (Google LLC -> Google LLC)
Task: {3DB554B4-2BB9-4560-9FAD-F2C8045FD935} - System32\Tasks\CareCenter\GoogleDriveFS_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (Nenhum Arquivo) <==== ATENÇÃO
Task: {4FDD8597-A20D-4A1A-BDB9-5415E8DB0700} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {55A55051-9D6E-41BF-A3C6-830842CE4CD2} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {568CCD61-B443-48B3-8219-7932F3867604} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Nenhum Arquivo)
Task: {5A758AEE-B9AA-43DC-B791-782C60B00C5E} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\clare\AppData\Roaming\\sysinfotool\\sitool.exe -st -tu 3 (Nenhum Arquivo) <==== ATENÇÃO
Task: {64B570F5-FC37-4211-8199-EB9848FBB8D3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69F5D084-06BF-4295-ABB9-993000940009} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\clare\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-16] (ESET, spol. s r.o. -> ESET)
Task: {6D6A4622-9B4F-43BD-A972-B8AEE4BCFD55} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {727BE017-6B03-4730-BAA4-7837422309B3} - System32\Tasks\CareCenter\Wondershare Helper Compact.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
Task: {78D500F6-8B68-4E26-9DC3-94DC356B21C4} - System32\Tasks\Microsoft\Windows\Windows Update\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe (Nenhum Arquivo)
Task: {7F39972B-17FF-49CC-B995-E9D9DCFAB08C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8130A3F4-0C36-4139-9FDD-F7E94823E8B6} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-MLMFK.tmp\corefixer.exe /norerun (Nenhum Arquivo) <==== ATENÇÃO
Task: {828FDE0A-9939-45D4-902D-83E69A942278} - System32\Tasks\pdfforge GmbH\Update => C:\Program Files\PDF Architect 8\architect.exe --update --mode check auto notify (Nenhum Arquivo)
Task: {8E9B8598-E418-4CFD-B959-873B5C90BDFE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002032 2022-12-07] (Intel Corporation -> Intel Corporation)
Task: {9342B0A9-7442-4E40-80A0-2DCE92498587} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (Nenhum Arquivo)
Task: {9AEB1BF5-70CA-4633-A6BB-49F5194859EF} - System32\Tasks\CareCenter\AnyDesk.lnk_FolderCommonAppdata => C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
Task: {9B5E199F-9D12-4C45-9E89-CC654CD5E88C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196792 2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7FFC8F9-66E2-48A8-B11E-B7A710B822D8} - System32\Tasks\CareCenter\MEGAsync.lnk_FolderAppdata_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Users\clare\AppData\Local\MEGAsync\MEGAsync.exe [65128112 2023-03-27] (Mega Limited -> Mega Limited)
Task: {AD061118-8FA7-4C74-8116-BF5E9A2A95FA} - System32\Tasks\CareCenter\HP Software Update_Reg_HKLMWow6432Run => C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {ADBDBD1E-0035-4F89-AAF8-9BBD4A3D7868} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B2514D61-EA2B-4B51-9765-528234104B9B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Users\clare\AppData\Local\MEGAsync\MEGAupdater.exe [1776304 2023-03-27] (Mega Limited -> )
Task: {B42748F9-085A-4717-B98E-452D60FAD011} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Maintenance Schedule created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {B55E241A-D276-4295-8EBA-0B612E4FAEAE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196792 2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2808C9E-412F-47E0-921A-BF62CA4C81C6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {C3431AFB-D315-43B9-8C83-1760F917DFB5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DAA1C8DC-12D0-4A91-B9FF-3CC838D534B9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {DB072358-8F7B-47F8-A668-7748A6F40766} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [462848 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {DDAAAF73-1AB1-49B5-866C-3330A2981ECF} - System32\Tasks\CareCenter\MicrosoftEdgeAutoLaunch_A295FA842BF5E5CB2E822951A6B7AC5E_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [4056016 2023-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF65097F-00A0-410E-82EF-222D780A8333} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DFAE1CB0-BB59-4418-B1D8-34FA138F8D31} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\clare\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-16] (ESET, spol. s r.o. -> ESET)
Task: {E549B32C-8404-4E58-97D2-24B7A474C9F3} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002032 2022-12-07] (Intel Corporation -> Intel Corporation)
Task: {EA6CDDF7-033A-49AD-87F7-F386E5D27EF0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {FDBC3071-DC9B-4F0B-A22D-EBADD2F4FA1B} - System32\Tasks\CareCenter\BCSSync_Reg_HKLMWow6432Run => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF3E2D09-67EB-42FA-BF10-9AD593A199DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-14] (Google LLC -> Google LLC)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: 127.0.0.1 platform.wondershare.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 1.1.1.1
Tcpip\..\Interfaces\{260b3c9e-989f-432d-ac3d-67dd72ca6fe2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{39a84177-32c5-4971-8e8a-563d704db63e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{85a08483-54af-4980-8a82-7b60c469a4a0}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{8f10f5d3-ad23-46eb-952d-04f4e2ac6b5b}: [DhcpNameServer] 8.8.8.8 1.1.1.1

Edge:
=======
Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)]
Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)]
Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)]
Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\clare\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-03]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\clare\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-04-03]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-03-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default [2023-04-03]
CHR Extension: (Image Downloader) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2022-11-11]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2023-01-21]
CHR Extension: (vídeo downloader - CocoCut) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\gddbgllpilhpnjpkdbopahnpealaklle [2023-03-08]
CHR Extension: (Google Docs Offline) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-03-12]
CHR Extension: (Stream Recorder - download HLS as MP4) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogidnfllpdhagebkblkgbfijkbkjdmm [2023-02-23]
CHR Extension: (Live Stream Downloader) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\looepbdllpjgdmkpdcdffhdbmpbcfekj [2023-02-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2023-03-08]
CHR Profile: C:\Users\clare\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-03-13]
CHR Profile: C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-04-03]
CHR Extension: (Google Docs Offline) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-01-01]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-01]
CHR Profile: C:\Users\clare\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-13]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-868159705-1825106094-3080552626-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.054.0313.0001\FileSyncHelper.exe [3417008 2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-09-21] (HP Inc. -> HP Inc.)
S2 KMService; C:\WINDOWS\SysWOW64\srvany.exe [8192 2020-06-24] () [Arquivo não assinado]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9094440 2023-03-29] (Malwarebytes Inc. -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.054.0313.0001\OneDriveUpdaterService.exe [3801008 2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [188736 2023-03-19] (Qualcomm Atheros, Inc. -> )
R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1001256 2022-09-19] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-04-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-04-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X]
S4 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_0141c6d660e4d11a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_0141c6d660e4d11a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X]

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2023-03-19] (Acer Incorporated -> Acer Incorporated)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2021-03-23] (EldoS Corporation -> EldoS Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198584 2023-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-04-03] (Malwarebytes Inc. -> Malwarebytes)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2018-12-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49608 2023-04-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [495896 2023-04-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-04-03] (Microsoft Windows -> Microsoft Corporation)
S3 WsAudio_Device(1); C:\WINDOWS\system32\drivers\VirtualAudio1.sys [31080 2015-08-03] (Wondershare Software Co., Ltd. -> Wondershare)
S1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [47800 2023-03-14] (Gas Informatica Ltda -> GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [51160 2021-05-21] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [34768 2021-05-21] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [36768 2022-02-25] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-04-03 23:25 - 2023-04-03 23:25 - 000000000 ____D C:\Users\clare\AppData\LocalLow\IGDump
2023-04-03 11:52 - 2023-04-03 11:52 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-04-03 11:21 - 2023-04-03 11:36 - 000000000 ____D C:\Users\clare\AppData\Roaming\ZHP
2023-04-03 11:21 - 2023-04-03 11:21 - 000000000 ____D C:\Users\clare\AppData\Local\ZHP
2023-03-27 22:05 - 2023-03-27 22:05 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn
2023-03-27 18:19 - 2023-03-27 18:19 - 000019867 _____ C:\Users\clare\Downloads\Abril.pdf
2023-03-26 21:45 - 2023-04-03 23:24 - 000000000 ____D C:\Users\clare\AppData\Roaming\Canva
2023-03-26 21:45 - 2023-03-26 21:45 - 000002217 _____ C:\Users\clare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Canva.lnk
2023-03-23 20:54 - 2023-03-23 20:54 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\CURSO JORNADA
2023-03-23 19:11 - 2023-03-23 19:12 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\Adobe
2023-03-23 18:55 - 2023-03-23 18:55 - 000000000 ____D C:\Users\clare\Downloads\igfx_win10_100.8476
2023-03-23 18:55 - 2020-07-28 13:54 - 024385824 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2023-03-23 18:55 - 2020-07-28 13:54 - 023040656 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2023-03-23 18:55 - 2020-07-28 13:54 - 000161376 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2023-03-23 18:55 - 2020-07-28 13:54 - 000136880 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2023-03-23 18:53 - 2023-03-23 18:55 - 336985352 _____ C:\Users\clare\Downloads\igfx_win10_100.8476.zip
2023-03-23 18:49 - 2023-03-23 18:49 - 000000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk
2023-03-23 18:42 - 2022-01-07 23:10 - 1035202898 _____ (KpoJIuK) C:\Users\clare\Downloads\Adobe Premiere Pro 2022 (22.1.2.1).exe
2023-03-23 18:42 - 2021-04-18 23:22 - 000000640 _____ C:\Users\clare\Downloads\README.txt
2023-03-23 18:02 - 2023-03-23 18:37 - 000000000 ____D C:\Users\clare\Downloads\Telegram Desktop
2023-03-21 16:02 - 2023-04-03 23:18 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\1a PODOLOGIA YOUTUBE
2023-03-21 15:36 - 2023-03-21 15:53 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-20 22:37 - 2023-03-20 22:37 - 000000336 _____ C:\Users\clare\OneDrive\Documentos\20-03-2023 escaneamento.txt
2023-03-19 22:17 - 2023-04-03 23:29 - 000000000 ____D C:\FRST
2023-03-19 22:14 - 2023-03-19 22:15 - 000000000 ____D C:\AdwCleaner
2023-03-19 21:59 - 2023-03-19 21:59 - 000063116 _____ C:\Users\clare\OneDrive\Documentos\System Information Report.html
2023-03-19 21:57 - 2023-03-19 21:57 - 000053632 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2023-03-19 21:16 - 2023-03-19 21:16 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2023-03-19 21:10 - 2023-03-19 21:10 - 000106280 _____ (Qualcomm) C:\WINDOWS\system32\Drivers\btfilter.sys
2023-03-19 21:08 - 2023-03-19 21:08 - 001210248 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2023-03-19 21:07 - 2023-03-19 21:07 - 010098480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2023-03-19 21:07 - 2023-03-19 21:07 - 001854072 _____ (Logitech, Inc.) C:\WINDOWS\system32\LkmdfCoInst.dll
2023-03-19 21:07 - 2023-03-19 21:07 - 000086648 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LHidFilt.Sys
2023-03-19 21:07 - 2023-03-19 21:07 - 000069240 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LMouFilt.Sys
2023-03-19 21:07 - 2023-03-19 21:07 - 000063096 _____ (Logitech, Inc.) C:\WINDOWS\system32\LMouFiltCoInst.dll
2023-03-19 21:07 - 2023-03-19 21:07 - 000050808 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LUsbFilt.sys
2023-03-19 20:52 - 2023-03-19 20:52 - 000000000 ____D C:\Users\clare\AppData\LocalLow\Intel
2023-03-19 20:47 - 2023-03-19 22:01 - 000000000 ____D C:\ProgramData\ProductData
2023-03-19 20:47 - 2023-03-19 20:47 - 000000000 ____D C:\Users\clare\AppData\LocalLow\IObit
2023-03-19 20:46 - 2023-03-19 22:15 - 000000000 ____D C:\Users\clare\AppData\Roaming\IObit
2023-03-19 20:46 - 2023-03-19 21:58 - 000000000 ____D C:\ProgramData\IObit
2023-03-16 15:37 - 2023-03-16 15:37 - 000003838 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-03-16 15:37 - 2023-03-16 15:37 - 000003396 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-03-15 13:06 - 2023-03-15 13:06 - 000000000 ___HD C:\$WinREAgent
2023-03-14 22:01 - 2023-03-20 18:49 - 000001382 _____ C:\Users\clare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-03-14 22:01 - 2023-03-14 22:01 - 015274968 _____ (ESET) C:\Users\clare\Downloads\esetonlinescanner.exe
2023-03-14 22:01 - 2023-03-14 22:01 - 000000000 ____D C:\Users\clare\AppData\Local\ESET
2023-03-14 18:31 - 2023-03-14 18:31 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-14 18:31 - 2023-03-14 18:31 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-14 18:31 - 2023-03-08 08:17 - 002904632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2023-03-14 18:31 - 2023-03-08 08:17 - 002234920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2023-03-14 18:31 - 2023-03-08 08:17 - 001297464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2023-03-14 18:30 - 2023-03-14 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2023-03-14 18:30 - 2023-03-14 18:30 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-14 18:30 - 2023-03-14 18:30 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-14 18:30 - 2023-03-14 18:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-14 18:30 - 2023-03-14 18:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-14 18:30 - 2023-03-14 18:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-14 18:30 - 2023-03-14 18:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-14 18:30 - 2023-03-14 18:30 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-14 18:30 - 2023-03-14 18:30 - 000000000 ____D C:\WINDOWS\system32\lxss
2023-03-14 18:30 - 2023-03-08 08:17 - 000169512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2023-03-14 18:30 - 2023-03-08 08:17 - 000148520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2023-03-14 18:26 - 2023-03-08 08:17 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2023-03-14 18:25 - 2023-03-09 02:06 - 000851432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-03-14 18:25 - 2023-03-09 02:01 - 005835312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-03-14 18:24 - 2023-03-09 02:11 - 002172512 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-03-14 18:24 - 2023-03-09 02:11 - 002172512 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-03-14 18:24 - 2023-03-09 02:11 - 001607776 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-03-14 18:24 - 2023-03-09 02:11 - 001607776 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-03-14 18:24 - 2023-03-09 02:11 - 001487384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-03-14 18:24 - 2023-03-09 02:11 - 001479264 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-03-14 18:24 - 2023-03-09 02:11 - 001479264 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-03-14 18:24 - 2023-03-09 02:11 - 001226776 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-03-14 18:24 - 2023-03-09 02:11 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-03-14 18:24 - 2023-03-09 02:11 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-03-14 18:24 - 2023-03-09 02:07 - 000671744 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-03-14 18:24 - 2023-03-09 02:07 - 000506344 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-03-14 18:24 - 2023-03-09 02:05 - 001534488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-03-14 18:24 - 2023-03-09 02:05 - 001193000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-03-14 18:24 - 2023-03-09 02:04 - 000741400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-03-14 18:24 - 2023-03-09 02:03 - 002163696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-03-14 18:24 - 2023-03-09 02:03 - 001620016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-03-14 18:24 - 2023-03-09 02:02 - 013765680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-03-14 18:24 - 2023-03-09 02:02 - 011645952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-03-14 18:24 - 2023-03-09 02:02 - 006084096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-03-14 18:24 - 2023-03-09 02:02 - 003430448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-03-14 18:24 - 2023-03-09 02:02 - 000457712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-03-14 18:24 - 2023-03-09 02:01 - 005911552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-03-14 18:24 - 2023-03-09 02:00 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-03-14 18:24 - 2023-03-09 01:58 - 006788432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-03-14 18:24 - 2023-03-08 08:17 - 000104256 _____ C:\WINDOWS\system32\nvinfo.pb
2023-03-14 18:19 - 2023-03-14 18:19 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2023-03-14 18:06 - 2023-03-14 18:06 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2023-03-14 18:06 - 2023-03-14 18:06 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2023-03-14 18:06 - 2023-03-14 18:06 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2023-03-14 18:06 - 2022-12-13 08:21 - 000047240 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2023-03-14 12:51 - 2023-03-14 12:51 - 000000000 ____D C:\WINDOWS\Panther
2023-03-14 12:40 - 2023-03-14 16:49 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-03-14 12:36 - 2023-03-14 18:51 - 000000000 ____D C:\WINDOWS\pss
2023-03-14 11:35 - 2023-03-14 11:35 - 000000000 ___HD C:\$SysReset
2023-03-12 22:23 - 2023-03-13 10:57 - 000000000 ____D C:\Users\clare\AppData\Roaming\EaseUS
2023-03-12 20:23 - 2023-03-12 20:23 - 000000000 ____D C:\Users\clare\AppData\Roaming\Remo
2023-03-12 20:21 - 2021-03-23 17:28 - 000026024 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys
2023-03-12 19:06 - 2023-03-13 20:56 - 000000000 ____D C:\Users\clare\AppData\Local\unali-100514406
2023-03-12 19:06 - 2023-03-13 20:56 - 000000000 ____D C:\Users\clare\AppData\Local\unali-100514281
2023-03-12 18:02 - 2023-03-16 11:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\DocumentosUSOShared-type6.6.9.7
2023-03-12 17:45 - 2023-03-14 11:47 - 000000000 ____D C:\Users\clare\AppData\Roaming\SysInfoTool
2023-03-12 13:19 - 2023-03-12 18:07 - 000684984 _____ (Mozilla Foundation) C:\Users\clare\AppData\LocalLow\freebl3.dll
2023-03-12 13:19 - 2023-03-12 18:07 - 000627128 _____ (Mozilla Foundation) C:\Users\clare\AppData\LocalLow\mozglue.dll
2023-03-12 13:19 - 2023-03-12 18:07 - 000254392 _____ (Mozilla Foundation) C:\Users\clare\AppData\LocalLow\softokn3.dll
2023-03-12 11:36 - 2023-03-12 11:36 - 000000000 ____D C:\Users\clare\AppData\Roaming\TSMonitor
2023-03-11 16:24 - 2023-03-11 16:24 - 000000000 ____D C:\Users\clare\AppData\Local\ServiceHub
2023-03-11 15:53 - 2023-03-11 15:53 - 000000000 ____D C:\Users\clare\AppData\Roaming\Bytedance
2023-03-11 15:52 - 2023-03-11 15:52 - 000000000 ____D C:\Users\clare\AppData\Roaming\NVIDIA
2023-03-11 15:43 - 2023-03-09 01:59 - 007924696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-03-11 13:33 - 2023-03-14 18:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2023-03-11 12:28 - 2023-03-13 14:44 - 000000000 ____D C:\Users\clare\AppData\Local\VEDetector
2023-03-11 12:27 - 2023-03-23 19:17 - 000000000 ____D C:\Users\clare\AppData\Local\CapCut
2023-03-09 19:13 - 2023-03-09 19:14 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\CURSO DESCOMPLICANDO O YOUTUBE
2023-03-08 16:02 - 2023-03-16 21:09 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\CURSO SALA VIP

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-04-03 22:43 - 2020-07-11 14:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-03 22:32 - 2019-12-14 18:30 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-03 22:12 - 2020-07-07 14:31 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\Wondershare Filmora 9
2023-04-03 22:12 - 2020-07-07 14:31 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2023-04-03 21:05 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-03 16:03 - 2019-12-14 18:37 - 000000000 ___RD C:\Users\clare\Google Drive
2023-04-03 12:25 - 2019-06-27 01:04 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-03 12:21 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2023-04-03 12:03 - 2020-01-03 08:40 - 000000000 ___RD C:\Users\clare\OneDrive\Documentos\MEGAsync
2023-04-03 12:01 - 2019-12-14 18:19 - 000000000 __SHD C:\Users\clare\IntelGraphicsProfiles
2023-04-03 11:50 - 2020-07-11 15:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-03 11:50 - 2020-07-11 14:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-03 11:50 - 2019-06-27 00:59 - 000000000 ___HD C:\Intel
2023-04-03 11:49 - 2021-12-14 15:45 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-04-03 11:49 - 2019-12-07 06:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2023-04-03 11:31 - 2019-06-27 00:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-04-02 19:47 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-02 19:47 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-02 17:20 - 2019-12-14 18:19 - 000000000 ____D C:\Users\clare\AppData\Roaming\Adobe
2023-04-02 11:47 - 2020-06-24 11:33 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-31 21:32 - 2020-07-11 15:18 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-31 21:32 - 2020-07-11 15:18 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-31 19:54 - 2021-12-14 15:46 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001
2023-03-31 19:54 - 2021-11-27 20:38 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-03-31 19:54 - 2021-11-27 20:38 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-31 19:53 - 2020-01-20 15:15 - 000000000 ____D C:\Users\clare\AppData\Local\D3DSCache
2023-03-31 19:50 - 2019-12-14 18:21 - 000000000 ____D C:\Users\clare\AppData\Local\PlaceholderTileLogoFolder
2023-03-31 19:50 - 2019-12-14 18:19 - 000000000 ____D C:\Users\clare\AppData\Local\Packages
2023-03-31 19:50 - 2019-12-14 18:12 - 000000000 ____D C:\ProgramData\Packages
2023-03-30 14:54 - 2022-06-20 17:42 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\TRABALHO MARKETING DIGITAL
2023-03-30 13:50 - 2020-07-11 15:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-03-30 13:49 - 2022-10-13 20:55 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-03-29 16:00 - 2019-12-14 18:32 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-27 14:31 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-27 11:21 - 2020-01-03 08:39 - 000000000 ____D C:\Users\clare\AppData\Local\MEGAsync
2023-03-24 19:14 - 2019-12-14 18:23 - 000000000 ____D C:\Users\clare\AppData\Local\Publishers
2023-03-23 19:11 - 2019-12-14 18:22 - 000000000 ___RD C:\Users\clare\OneDrive
2023-03-23 18:59 - 2019-06-27 01:12 - 000000000 ____D C:\Program Files (x86)\Intel
2023-03-23 18:59 - 2019-06-27 01:02 - 000000000 ____D C:\Program Files\Intel
2023-03-23 18:52 - 2020-01-03 08:38 - 000000000 ____D C:\Users\clare\AppData\Local\Adobe
2023-03-23 18:49 - 2021-12-14 16:25 - 000000000 ____D C:\Program Files\Adobe
2023-03-23 18:49 - 2021-12-14 16:24 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-03-23 18:49 - 2020-07-11 13:33 - 000000000 ____D C:\Users\clare
2023-03-23 18:49 - 2020-01-03 08:40 - 000000000 ____D C:\ProgramData\Adobe
2023-03-23 18:48 - 2019-06-27 01:02 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-23 17:19 - 2019-12-14 18:21 - 000000000 ____D C:\Users\clare\AppData\Local\NVIDIA Corporation
2023-03-22 16:51 - 2022-01-04 11:51 - 000000000 ____D C:\Users\clare\AppData\Local\CrashDumps
2023-03-21 18:37 - 2020-07-07 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2023-03-21 18:35 - 2020-07-07 14:31 - 000000000 ____D C:\Program Files\Wondershare
2023-03-21 11:32 - 2021-09-03 15:25 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-03-20 20:12 - 2020-07-11 15:02 - 001751504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-20 20:12 - 2019-12-07 11:54 - 000755588 _____ C:\WINDOWS\system32\prfh0416.dat
2023-03-20 20:12 - 2019-12-07 11:54 - 000149642 _____ C:\WINDOWS\system32\prfc0416.dat
2023-03-19 21:25 - 2019-06-26 08:52 - 002455872 _____ (Qualcomm Atheros, Inc.) C:\WINDOWS\system32\Drivers\Qcamain10x64.sys
2023-03-19 21:25 - 2019-06-26 08:52 - 000188736 _____ C:\WINDOWS\system32\Drivers\QcomWlanSrvx64.exe
2023-03-19 21:15 - 2019-06-27 00:45 - 000000000 ____D C:\ProgramData\Intel
2023-03-19 21:09 - 2018-12-22 00:59 - 006539840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2023-03-19 21:08 - 2020-05-12 22:29 - 000036800 _____ (Acer Incorporated) C:\WINDOWS\system32\Drivers\AcerAirplaneModeController.sys
2023-03-19 21:07 - 2018-12-11 00:14 - 001367344 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2023-03-19 20:16 - 2020-02-21 21:58 - 000000000 ____D C:\Users\clare\AppData\Local\NVIDIA
2023-03-15 17:06 - 2020-07-11 14:51 - 000486592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-15 17:00 - 2021-11-19 14:30 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-03-15 17:00 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-15 17:00 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-15 15:15 - 2020-07-11 14:59 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-03-15 12:36 - 2019-12-19 10:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-15 12:24 - 2019-12-19 10:31 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-03-14 18:32 - 2019-06-27 01:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-03-14 18:31 - 2019-06-27 01:04 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-03-14 18:31 - 2019-06-27 01:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-03-14 18:06 - 2020-07-07 15:10 - 000006649 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2023-03-14 18:06 - 2020-07-07 15:03 - 000017260 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2023-03-14 18:06 - 2020-07-07 15:03 - 000013481 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2023-03-14 18:06 - 2019-12-14 18:19 - 000000000 ____D C:\Users\clare\AppData\Local\Intel
2023-03-14 17:36 - 2022-12-15 17:20 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2023-03-14 17:34 - 2020-01-08 19:03 - 000047800 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2023-03-14 11:53 - 2020-11-13 11:39 - 000000000 ____D C:\Program Files\dotnet
2023-03-13 20:59 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-03-13 20:57 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2023-03-13 20:57 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-03-13 20:57 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2023-03-13 20:57 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-03-13 20:57 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\Services
2023-03-13 20:56 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files\Windows Portable Devices
2023-03-13 20:56 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-03-13 20:56 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\IME
2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Globalization
2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Containers
2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Branding
2023-03-13 20:56 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\servicing
2023-03-13 20:37 - 2019-12-07 11:55 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\IME
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-03-13 19:29 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\registration
2023-03-12 19:52 - 2022-11-15 18:24 - 000000000 ____D C:\Users\clare\AppData\LocalLow\Mozilla
2023-03-11 16:41 - 2022-09-11 22:39 - 000000000 ____D C:\Users\clare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2023-03-11 16:41 - 2019-12-14 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer
2023-03-11 16:32 - 2020-11-13 11:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2023-03-11 16:30 - 2020-07-10 16:55 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-03-11 16:24 - 2020-11-13 11:32 - 000000000 ____D C:\Users\clare\AppData\Roaming\Visual Studio Setup
2023-03-11 12:32 - 2021-08-08 22:11 - 000000000 ____D C:\Users\clare\AppData\Roaming\Code
2023-03-08 08:17 - 2022-02-17 14:24 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2023-03-08 08:17 - 2022-02-17 14:24 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2023-03-08 08:17 - 2019-06-27 01:32 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

==================== Arquivos na raiz de alguns diretórios ========

2021-03-15 11:58 - 2021-03-15 11:58 - 000007604 _____ () C:\Users\clare\AppData\Local\Resmon.ResmonCfg
2022-02-11 23:11 - 2022-02-11 23:11 - 000000000 _____ () C:\Users\clare\AppData\Local\{F46B5C7A-FE23-4578-8A41-2592382CEAEF}

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Elias Pereira · 11 de abril de 2023

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2334]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Application Data:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Temp:9494338C [252]
GroupPolicy: Restrição ? <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
Task: {01FEFF8A-93A2-4E1B-B8E9-CD3FB7A6AA70} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [462848 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {0219B601-8F68-4E0F-AADB-F064BB6BE383} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {10CA2D03-6D42-4E6A-A5F5-1EEFEB37B568} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [834032 2019-02-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1500BF84-CCC6-4FBD-8123-9401637C6FC7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {1B5AF7DA-A632-4B17-BA80-65E489426A8A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1BABCB9C-19E9-4947-A869-394EA85F11AD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {27E8FD4D-C5D6-488D-B731-3B1A4F486C59} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {2A4EA318-BD0D-420D-B860-C365A0393524} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C33F99E-C38A-460D-86B7-989A916F92C0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {31F6A644-F40E-4213-8188-09DCD6B1B329} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {384034EC-2BD9-414E-97BD-788C3CD92FF1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Nenhum Arquivo)
Task: {3D8280CE-976F-4281-84B5-BCDF1BC367A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-14] (Google LLC -> Google LLC)
Task: {3DB554B4-2BB9-4560-9FAD-F2C8045FD935} - System32\Tasks\CareCenter\GoogleDriveFS_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (Nenhum Arquivo) <==== ATENÇÃO
Task: {4FDD8597-A20D-4A1A-BDB9-5415E8DB0700} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {55A55051-9D6E-41BF-A3C6-830842CE4CD2} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {568CCD61-B443-48B3-8219-7932F3867604} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Nenhum Arquivo)
Task: {5A758AEE-B9AA-43DC-B791-782C60B00C5E} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\clare\AppData\Roaming\\sysinfotool\\sitool.exe -st -tu 3 (Nenhum Arquivo) <==== ATENÇÃO
Task: {64B570F5-FC37-4211-8199-EB9848FBB8D3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69F5D084-06BF-4295-ABB9-993000940009} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\clare\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-16] (ESET, spol. s r.o. -> ESET)
Task: {6D6A4622-9B4F-43BD-A972-B8AEE4BCFD55} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {727BE017-6B03-4730-BAA4-7837422309B3} - System32\Tasks\CareCenter\Wondershare Helper Compact.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
Task: {78D500F6-8B68-4E26-9DC3-94DC356B21C4} - System32\Tasks\Microsoft\Windows\Windows Update\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe (Nenhum Arquivo)
Task: {7F39972B-17FF-49CC-B995-E9D9DCFAB08C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8130A3F4-0C36-4139-9FDD-F7E94823E8B6} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-MLMFK.tmp\corefixer.exe /norerun (Nenhum Arquivo) <==== ATENÇÃO
Task: {828FDE0A-9939-45D4-902D-83E69A942278} - System32\Tasks\pdfforge GmbH\Update => C:\Program Files\PDF Architect 8\architect.exe --update --mode check auto notify (Nenhum Arquivo)
Task: {8E9B8598-E418-4CFD-B959-873B5C90BDFE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002032 2022-12-07] (Intel Corporation -> Intel Corporation)
Task: {9342B0A9-7442-4E40-80A0-2DCE92498587} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (Nenhum Arquivo)
Task: {9AEB1BF5-70CA-4633-A6BB-49F5194859EF} - System32\Tasks\CareCenter\AnyDesk.lnk_FolderCommonAppdata => C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
Task: {9B5E199F-9D12-4C45-9E89-CC654CD5E88C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196792 2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7FFC8F9-66E2-48A8-B11E-B7A710B822D8} - System32\Tasks\CareCenter\MEGAsync.lnk_FolderAppdata_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Users\clare\AppData\Local\MEGAsync\MEGAsync.exe [65128112 2023-03-27] (Mega Limited -> Mega Limited)
Task: {AD061118-8FA7-4C74-8116-BF5E9A2A95FA} - System32\Tasks\CareCenter\HP Software Update_Reg_HKLMWow6432Run => C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {ADBDBD1E-0035-4F89-AAF8-9BBD4A3D7868} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B2514D61-EA2B-4B51-9765-528234104B9B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Users\clare\AppData\Local\MEGAsync\MEGAupdater.exe [1776304 2023-03-27] (Mega Limited -> )
Task: {B42748F9-085A-4717-B98E-452D60FAD011} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Maintenance Schedule created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {B55E241A-D276-4295-8EBA-0B612E4FAEAE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196792 2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2808C9E-412F-47E0-921A-BF62CA4C81C6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {C3431AFB-D315-43B9-8C83-1760F917DFB5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DAA1C8DC-12D0-4A91-B9FF-3CC838D534B9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {DB072358-8F7B-47F8-A668-7748A6F40766} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [462848 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {DDAAAF73-1AB1-49B5-866C-3330A2981ECF} - System32\Tasks\CareCenter\MicrosoftEdgeAutoLaunch_A295FA842BF5E5CB2E822951A6B7AC5E_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [4056016 2023-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF65097F-00A0-410E-82EF-222D780A8333} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DFAE1CB0-BB59-4418-B1D8-34FA138F8D31} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\clare\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-16] (ESET, spol. s r.o. -> ESET)
Task: {E549B32C-8404-4E58-97D2-24B7A474C9F3} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002032 2022-12-07] (Intel Corporation -> Intel Corporation)
Task: {EA6CDDF7-033A-49AD-87F7-F386E5D27EF0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {FDBC3071-DC9B-4F0B-A22D-EBADD2F4FA1B} - System32\Tasks\CareCenter\BCSSync_Reg_HKLMWow6432Run => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF3E2D09-67EB-42FA-BF10-9AD593A199DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-14] (Google LLC -> Google LLC)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
S2 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X]
S4 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [X]
S3 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X]
reg: reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run"
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
reg: reg query "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig"
reg: reg query "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run"
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run"
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:Clique com o direito sobre o arquivo FRST.EXE, depois clique em http://i.imgur.com/VRIfczU.png

Clique no botão

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

Clau de Oliveira · 13 de abril de 2023

@Elias Pereira

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 10-04-2023
Executado por clare (12-04-2023 22:53:15) Run:1
Executando a partir de C:\Users\clare\OneDrive\Área de Trabalho
Perfis Carregados: clare
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2334]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Application Data:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Temp:9494338C [252]
GroupPolicy: Restrição ? <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
Task: {01FEFF8A-93A2-4E1B-B8E9-CD3FB7A6AA70} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [462848 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {0219B601-8F68-4E0F-AADB-F064BB6BE383} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {10CA2D03-6D42-4E6A-A5F5-1EEFEB37B568} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [834032 2019-02-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1500BF84-CCC6-4FBD-8123-9401637C6FC7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {1B5AF7DA-A632-4B17-BA80-65E489426A8A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1BABCB9C-19E9-4947-A869-394EA85F11AD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {27E8FD4D-C5D6-488D-B731-3B1A4F486C59} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {2A4EA318-BD0D-420D-B860-C365A0393524} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C33F99E-C38A-460D-86B7-989A916F92C0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {31F6A644-F40E-4213-8188-09DCD6B1B329} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {384034EC-2BD9-414E-97BD-788C3CD92FF1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Nenhum Arquivo)
Task: {3D8280CE-976F-4281-84B5-BCDF1BC367A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-14] (Google LLC -> Google LLC)
Task: {3DB554B4-2BB9-4560-9FAD-F2C8045FD935} - System32\Tasks\CareCenter\GoogleDriveFS_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (Nenhum Arquivo) <==== ATENÇÃO
Task: {4FDD8597-A20D-4A1A-BDB9-5415E8DB0700} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {55A55051-9D6E-41BF-A3C6-830842CE4CD2} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {568CCD61-B443-48B3-8219-7932F3867604} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Nenhum Arquivo)
Task: {5A758AEE-B9AA-43DC-B791-782C60B00C5E} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\clare\AppData\Roaming\\sysinfotool\\sitool.exe -st -tu 3 (Nenhum Arquivo) <==== ATENÇÃO
Task: {64B570F5-FC37-4211-8199-EB9848FBB8D3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69F5D084-06BF-4295-ABB9-993000940009} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\clare\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-16] (ESET, spol. s r.o. -> ESET)
Task: {6D6A4622-9B4F-43BD-A972-B8AEE4BCFD55} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {727BE017-6B03-4730-BAA4-7837422309B3} - System32\Tasks\CareCenter\Wondershare Helper Compact.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
Task: {78D500F6-8B68-4E26-9DC3-94DC356B21C4} - System32\Tasks\Microsoft\Windows\Windows Update\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe (Nenhum Arquivo)
Task: {7F39972B-17FF-49CC-B995-E9D9DCFAB08C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8130A3F4-0C36-4139-9FDD-F7E94823E8B6} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-MLMFK.tmp\corefixer.exe /norerun (Nenhum Arquivo) <==== ATENÇÃO
Task: {828FDE0A-9939-45D4-902D-83E69A942278} - System32\Tasks\pdfforge GmbH\Update => C:\Program Files\PDF Architect 8\architect.exe --update --mode check auto notify (Nenhum Arquivo)
Task: {8E9B8598-E418-4CFD-B959-873B5C90BDFE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002032 2022-12-07] (Intel Corporation -> Intel Corporation)
Task: {9342B0A9-7442-4E40-80A0-2DCE92498587} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (Nenhum Arquivo)
Task: {9AEB1BF5-70CA-4633-A6BB-49F5194859EF} - System32\Tasks\CareCenter\AnyDesk.lnk_FolderCommonAppdata => C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
Task: {9B5E199F-9D12-4C45-9E89-CC654CD5E88C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196792 2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7FFC8F9-66E2-48A8-B11E-B7A710B822D8} - System32\Tasks\CareCenter\MEGAsync.lnk_FolderAppdata_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Users\clare\AppData\Local\MEGAsync\MEGAsync.exe [65128112 2023-03-27] (Mega Limited -> Mega Limited)
Task: {AD061118-8FA7-4C74-8116-BF5E9A2A95FA} - System32\Tasks\CareCenter\HP Software Update_Reg_HKLMWow6432Run => C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {ADBDBD1E-0035-4F89-AAF8-9BBD4A3D7868} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B2514D61-EA2B-4B51-9765-528234104B9B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Users\clare\AppData\Local\MEGAsync\MEGAupdater.exe [1776304 2023-03-27] (Mega Limited -> )
Task: {B42748F9-085A-4717-B98E-452D60FAD011} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Maintenance Schedule created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {B55E241A-D276-4295-8EBA-0B612E4FAEAE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196792 2023-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2808C9E-412F-47E0-921A-BF62CA4C81C6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {C3431AFB-D315-43B9-8C83-1760F917DFB5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DAA1C8DC-12D0-4A91-B9FF-3CC838D534B9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {DB072358-8F7B-47F8-A668-7748A6F40766} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [462848 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {DDAAAF73-1AB1-49B5-866C-3330A2981ECF} - System32\Tasks\CareCenter\MicrosoftEdgeAutoLaunch_A295FA842BF5E5CB2E822951A6B7AC5E_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [4056016 2023-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF65097F-00A0-410E-82EF-222D780A8333} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DFAE1CB0-BB59-4418-B1D8-34FA138F8D31} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\clare\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-16] (ESET, spol. s r.o. -> ESET)
Task: {E549B32C-8404-4E58-97D2-24B7A474C9F3} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002032 2022-12-07] (Intel Corporation -> Intel Corporation)
Task: {EA6CDDF7-033A-49AD-87F7-F386E5D27EF0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {FDBC3071-DC9B-4F0B-A22D-EBADD2F4FA1B} - System32\Tasks\CareCenter\BCSSync_Reg_HKLMWow6432Run => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF3E2D09-67EB-42FA-BF10-9AD593A199DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-14] (Google LLC -> Google LLC)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
S2 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X]
S4 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [X]
S3 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X]
reg: reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run"
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
reg: reg query "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig"
reg: reg query "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run"
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run"
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
C:\ProgramData => ":chnpbmzkyg" ADS removido (a) com sucesso.
C:\ProgramData => ":YXVtLmh6aQ" ADS removido (a) com sucesso.
C:\WINDOWS\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso.
"C:\Users\All Users" => ":chnpbmzkyg" ADS não encontrado (a).
"C:\Users\All Users" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\Users\Todos os Usuários" => ":chnpbmzkyg" ADS não encontrado (a).
"C:\Users\Todos os Usuários" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\ProgramData\Application Data" => ":chnpbmzkyg" ADS não encontrado (a).
"C:\ProgramData\Application Data" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\ProgramData\Dados de Aplicativos" => ":chnpbmzkyg" ADS não encontrado (a).
"C:\ProgramData\Dados de Aplicativos" => ":YXVtLmh6aQ" ADS não encontrado (a).
C:\ProgramData\Temp => ":9494338C" ADS removido (a) com sucesso.
C:\WINDOWS\system32\GroupPolicy\Machine => movido com sucesso
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido com sucesso
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido com sucesso
C:\ProgramData\NTUSER.pol => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => valor restaurado com sucesso
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => valor restaurado com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01FEFF8A-93A2-4E1B-B8E9-CD3FB7A6AA70}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01FEFF8A-93A2-4E1B-B8E9-CD3FB7A6AA70}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by server => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by server" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0219B601-8F68-4E0F-AADB-F064BB6BE383}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0219B601-8F68-4E0F-AADB-F064BB6BE383}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Software Update Application => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Update Application" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10CA2D03-6D42-4E6A-A5F5-1EEFEB37B568}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10CA2D03-6D42-4E6A-A5F5-1EEFEB37B568}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\RtkAudUService64_BG => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RtkAudUService64_BG" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1500BF84-CCC6-4FBD-8123-9401637C6FC7}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1500BF84-CCC6-4FBD-8123-9401637C6FC7}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushLaunch => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushLaunch" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B5AF7DA-A632-4B17-BA80-65E489426A8A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B5AF7DA-A632-4B17-BA80-65E489426A8A}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BABCB9C-19E9-4947-A869-394EA85F11AD}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BABCB9C-19E9-4947-A869-394EA85F11AD}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27E8FD4D-C5D6-488D-B731-3B1A4F486C59}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27E8FD4D-C5D6-488D-B731-3B1A4F486C59}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Win10 S Mode event listener created by enrollment client => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Win10 S Mode event listener created by enrollment client" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A4EA318-BD0D-420D-B860-C365A0393524}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A4EA318-BD0D-420D-B860-C365A0393524}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C33F99E-C38A-460D-86B7-989A916F92C0}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C33F99E-C38A-460D-86B7-989A916F92C0}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Provisioning initiated session => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Provisioning initiated session" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31F6A644-F40E-4213-8188-09DCD6B1B329}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31F6A644-F40E-4213-8188-09DCD6B1B329}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{384034EC-2BD9-414E-97BD-788C3CD92FF1}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384034EC-2BD9-414E-97BD-788C3CD92FF1}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3D8280CE-976F-4281-84B5-BCDF1BC367A5}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D8280CE-976F-4281-84B5-BCDF1BC367A5}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3DB554B4-2BB9-4560-9FAD-F2C8045FD935}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DB554B4-2BB9-4560-9FAD-F2C8045FD935}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CareCenter\GoogleDriveFS_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\GoogleDriveFS_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FDD8597-A20D-4A1A-BDB9-5415E8DB0700}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{55A55051-9D6E-41BF-A3C6-830842CE4CD2}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55A55051-9D6E-41BF-A3C6-830842CE4CD2}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC_QUEENCREEK" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{568CCD61-B443-48B3-8219-7932F3867604}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{568CCD61-B443-48B3-8219-7932F3867604}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\ACC => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACC" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A758AEE-B9AA-43DC-B791-782C60B00C5E}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A758AEE-B9AA-43DC-B791-782C60B00C5E}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\SystemInfo" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64B570F5-FC37-4211-8199-EB9848FBB8D3}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64B570F5-FC37-4211-8199-EB9848FBB8D3}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69F5D084-06BF-4295-ABB9-993000940009}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D6A4622-9B4F-43BD-A972-B8AEE4BCFD55}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D6A4622-9B4F-43BD-A972-B8AEE4BCFD55}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushUpgrade => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushUpgrade" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{727BE017-6B03-4730-BAA4-7837422309B3}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{727BE017-6B03-4730-BAA4-7837422309B3}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CareCenter\Wondershare Helper Compact.exe_Reg_HKLMWow6432Run => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\Wondershare Helper Compact.exe_Reg_HKLMWow6432Run" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78D500F6-8B68-4E26-9DC3-94DC356B21C4}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78D500F6-8B68-4E26-9DC3-94DC356B21C4}" => removido (a) com sucesso.
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Update\RUXIM\PLUGScheduler" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Update\RUXIM\PLUGScheduler" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F39972B-17FF-49CC-B995-E9D9DCFAB08C}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F39972B-17FF-49CC-B995-E9D9DCFAB08C}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8130A3F4-0C36-4139-9FDD-F7E94823E8B6}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8130A3F4-0C36-4139-9FDD-F7E94823E8B6}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Rerun Warsaw's CoreFixer => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Rerun Warsaw's CoreFixer" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{828FDE0A-9939-45D4-902D-83E69A942278}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{828FDE0A-9939-45D4-902D-83E69A942278}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\pdfforge GmbH\Update => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pdfforge GmbH\Update" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8E9B8598-E418-4CFD-B959-873B5C90BDFE}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E9B8598-E418-4CFD-B959-873B5C90BDFE}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9342B0A9-7442-4E40-80A0-2DCE92498587}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9342B0A9-7442-4E40-80A0-2DCE92498587}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Oem\AcerJumpstartTask => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Oem\AcerJumpstartTask" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9AEB1BF5-70CA-4633-A6BB-49F5194859EF}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AEB1BF5-70CA-4633-A6BB-49F5194859EF}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CareCenter\AnyDesk.lnk_FolderCommonAppdata => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\AnyDesk.lnk_FolderCommonAppdata" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B5E199F-9D12-4C45-9E89-CC654CD5E88C}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\OneDrive Per-Machine Standalone Update Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Per-Machine Standalone Update Task" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A7FFC8F9-66E2-48A8-B11E-B7A710B822D8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7FFC8F9-66E2-48A8-B11E-B7A710B822D8}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CareCenter\MEGAsync.lnk_FolderAppdata_S-1-5-21-868159705-1825106094-3080552626-1001 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\MEGAsync.lnk_FolderAppdata_S-1-5-21-868159705-1825106094-3080552626-1001" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD061118-8FA7-4C74-8116-BF5E9A2A95FA}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD061118-8FA7-4C74-8116-BF5E9A2A95FA}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CareCenter\HP Software Update_Reg_HKLMWow6432Run => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\HP Software Update_Reg_HKLMWow6432Run" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADBDBD1E-0035-4F89-AAF8-9BBD4A3D7868}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADBDBD1E-0035-4F89-AAF8-9BBD4A3D7868}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2514D61-EA2B-4B51-9765-528234104B9B}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2514D61-EA2B-4B51-9765-528234104B9B}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-868159705-1825106094-3080552626-1001 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MEGA\MEGAsync Update Task S-1-5-21-868159705-1825106094-3080552626-1001" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B42748F9-085A-4717-B98E-452D60FAD011}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B42748F9-085A-4717-B98E-452D60FAD011}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Maintenance Schedule created by enrollment client => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Maintenance Schedule created by enrollment client" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B55E241A-D276-4295-8EBA-0B612E4FAEAE}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B55E241A-D276-4295-8EBA-0B612E4FAEAE}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2808C9E-412F-47E0-921A-BF62CA4C81C6}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2808C9E-412F-47E0-921A-BF62CA4C81C6}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Passport for Work alert created by enrollment client => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Passport for Work alert created by enrollment client" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3431AFB-D315-43B9-8C83-1760F917DFB5}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3431AFB-D315-43B9-8C83-1760F917DFB5}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAA1C8DC-12D0-4A91-B9FF-3CC838D534B9}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAA1C8DC-12D0-4A91-B9FF-3CC838D534B9}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\OS Edition Upgrade event listener created by enrollment client => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\OS Edition Upgrade event listener created by enrollment client" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB072358-8F7B-47F8-A668-7748A6F40766}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB072358-8F7B-47F8-A668-7748A6F40766}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by client => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by client" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DDAAAF73-1AB1-49B5-866C-3330A2981ECF}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDAAAF73-1AB1-49B5-866C-3330A2981ECF}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CareCenter\MicrosoftEdgeAutoLaunch_A295FA842BF5E5CB2E822951A6B7AC5E_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\MicrosoftEdgeAutoLaunch_A295FA842BF5E5CB2E822951A6B7AC5E_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF65097F-00A0-410E-82EF-222D780A8333}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF65097F-00A0-410E-82EF-222D780A8333}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFAE1CB0-BB59-4418-B1D8-34FA138F8D31}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E549B32C-8404-4E58-97D2-24B7A474C9F3}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E549B32C-8404-4E58-97D2-24B7A474C9F3}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA6CDDF7-033A-49AD-87F7-F386E5D27EF0}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA6CDDF7-033A-49AD-87F7-F386E5D27EF0}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule #3 created by enrollment client => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule #3 created by enrollment client" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FDBC3071-DC9B-4F0B-A22D-EBADD2F4FA1B}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDBC3071-DC9B-4F0B-A22D-EBADD2F4FA1B}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CareCenter\BCSSync_Reg_HKLMWow6432Run => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\BCSSync_Reg_HKLMWow6432Run" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF3E2D09-67EB-42FA-BF10-9AD593A199DA}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF3E2D09-67EB-42FA-BF10-9AD593A199DA}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso.
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => movido com sucesso
HKLM\System\CurrentControlSet\Services\ACCSvc => removido (a) com sucesso.
ACCSvc => o serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\EaseUS UPDATE SERVICE => removido (a) com sucesso.
EaseUS UPDATE SERVICE => o serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\QALSvc => removido (a) com sucesso.
QALSvc => o serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\QASvc => removido (a) com sucesso.
QASvc => o serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\UEIPSvc => removido (a) com sucesso.
UEIPSvc => o serviço removido (a) com sucesso.

========= reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" =========

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
GoogleDriveFS REG_SZ "C:\Program Files\Google\Drive File Stream\73.0.4.0\GoogleDriveFS.exe" --startup_mode
com.squirrel.Teams.Teams REG_SZ C:\Users\clare\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
CanvaAutoLaunchAvailabilityCheckAgent REG_SZ "C:\Users\clare\AppData\Local\Programs\Canva\Canva.exe" --start-availability-check-agent

========= Fim de Reg: =========

========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" =========

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SecurityHealth REG_EXPAND_SZ %windir%\system32\SecurityHealthSystray.exe
IAStorIcon REG_SZ "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
WSVCUUpdateHelper.exe REG_SZ C:\Program Files (x86)\Wondershare\UniConverter\WSVCUUpdateHelper.exe
Wondershare Helper Compact.exe REG_SZ C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

========= Fim de Reg: =========

========= reg query "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig" =========

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\state

========= Fim de Reg: =========

========= reg query "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" =========

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run
GoogleDriveFS REG_SZ C:\Program Files\Google\Drive File Stream\73.0.4.0\GoogleDriveFS.exe --startup_mode

========= Fim de Reg: =========

========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run" =========

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
BCSSync REG_SZ "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
Wondershare Helper Compact.exe REG_SZ C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HP Software Update REG_SZ C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
(padrÆo) REG_SZ
Aimersoft Helper Compact.exe REG_SZ C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
TeamsMachineUninstallerLocalAppData REG_EXPAND_SZ %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
TeamsMachineUninstallerProgramData REG_EXPAND_SZ %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default

========= Fim de Reg: =========

========= ipconfig /flushdns =========

Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-868159705-1825106094-3080552626-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-868159705-1825106094-3080552626-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.

========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

FlushDNS => completado
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 95947127 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 78165446 B
Edge => 81537 B
Chrome => 119208046 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 447397044 B
systemprofile32 => 447397087 B
LocalService => 447551371 B
NetworkService => 456705167 B
clare => 1956810982 B

RecycleBin => 3043793 B
EmptyTemp: => 3.8 GB de dados temporários Removidos.

================================

O sistema precisou ser reiniciado.

==== Fim de Fixlog 22:58:41 ====

Elias Pereira · 16 de abril de 2023

Faça o download do Kaspersky Virus Removal Tool

http://devbuilds.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe

Reinicie seu computador em modo seguro;Execute o Kaspersky Virus Removal Tool como Administrador;

Aceite o "End user License Agreement" e aguarde a Inicialização;

Clique em Change parameters e marque também a opção System drive;

OBS: Caso tenha alguma midia removivel plugada no computador clique no botão + Add object... e a marque também;

Clique em OK e depois em Start scan.

Após o termino do scan, clique na opção Report (Abaixo do X de fechar o programa);

Tire uma printscreen da aba Report e também da aba Quarantine. Anexe as printscreens no seu proximo post.

Clau de Oliveira · 18 de abril de 2023

@Elias Pereira

Elias Pereira · 22 de abril de 2023

@Clau de Oliveira

Em relação aos problemas iniciais, como está o computador?

Clau de Oliveira · 24 de abril de 2023

@Elias Pereira Bem melhor, aparentemente não está mais com virus. Iniciando rápido e sem problemas.

Muito obrigada!

Elias Pereira · 28 de abril de 2023

Em relação a malwares, não temos mais problemas.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Lusitano · 29 de abril de 2023

Problema resolvido!

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.