Malware com pop up CMD do windows

Nurgui · 5 de junho de 2023

Antes de mais obrigado pela ajuda.

Pop up fica do CMD do windows fica aparecendo e notebook parece mais lento que o normal.

Junto anexo logs

Obrigado pela ajuda.

AdwCleaner[S00].txt Addition.txt FRST.txt

Elias Pereira · 8 de junho de 2023

Por favor, atente para o seguinte:

Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento to44ent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
Respeite a ordem das instruções passadas;
Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Regras da Área de Remoção de Malware << IMPORTANTE A LEITURA

Regras Gerais do Forum Clube do Hardware << IMPORTANTE A LEITURA

Siga os passos abaixo:

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

ETAPA 1

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em

Clique em VERIFICAR AGORA/SCAN NOW. Após o termino clique em LIMPAR/CLEAN e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

ETAPA 2

Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html

Execute o arquivo ZHPCleaner.exe Como Administrador

Clique no botão Scanner.
A ferramenta começara o exame do seu sistema.
Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
Em seguida clique no botão Reparar.
Será gerado um log chamado ZHPCleaner.txt

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

Nurgui · 9 de junho de 2023

Olá Elias.

Obrigado pela sua resposta.

Abaixo segue o print ao POPUP que está sempre abrindo.

A seguir o Log AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-09-2023
# Duration: 00:00:00
# OS: Windows 11 (Build 22621.1702)
# Cleaned: 0
# Failed: 2

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Not Deleted HKCU\SOFTWARE\21aa3a625566a845dd64b40834c67322
Not Deleted HKCU\SOFTWARE\7bb2f06daee1ec0a5af23f31c74fca78

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3115 octets] - [05/06/2023 09:54:08]
AdwCleaner[C00].txt - [1750 octets] - [05/06/2023 09:54:34]
AdwCleaner[S01].txt - [3143 octets] - [07/06/2023 17:05:28]
AdwCleaner[C01].txt - [3462 octets] - [07/06/2023 17:05:59]
AdwCleaner[S02].txt - [1786 octets] - [07/06/2023 17:06:15]
AdwCleaner[C02].txt - [1938 octets] - [07/06/2023 17:06:22]
AdwCleaner[S03].txt - [1908 octets] - [07/06/2023 17:06:57]
AdwCleaner[C03].txt - [2060 octets] - [07/06/2023 17:08:33]
AdwCleaner[S04].txt - [2030 octets] - [09/06/2023 07:53:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

Agora log ZHPCleaner:

~ ZHPCleaner v2023.6.8.23 by Nicolas Coolman (2023/06/08)

~ Run by nursi (Administrator) (09/06/2023 08:19:03)

~ Web: https://www.nicolascoolman.com

~ Blog: https://nicolascoolman.eu/

~ Facebook : https://www.facebook.com/nicolascoolman1

~ State version : Version OK

~ Certificate ZHPCleaner: Legal

~ Type : Repair

~ Report : C:\Users\nursi\OneDrive\Área de Trabalho\ZHPCleaner (R).txt

~ Quarantine : C:\Users\nursi\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt

~ UAC : Activate

~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 22621) ---\ Alternate Data Stream (ADS). (0)

~ No malicious or unnecessary items found. (ADS)

---\ Services (0)

~ No malicious or unnecessary items found. (Service)

---\ Browser internet (0)

~ No malicious or unnecessary items found. (Browser)

---\ Hosts file (1)

~ The hosts file is legitimate (21)

---\ Scheduled automatic tasks. (0)

~ No malicious or unnecessary items found. (Task)

---\ Explorer ( File, Folder) (3)

MOVED file: C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium

MOVED file: C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences =>Préférences Chromium

MOVED file: C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium

---\ Registry ( Key, Value, Data) (5)

DELETED key*: HKEY_USERS\S-1-5-21-3848878613-230039650-1154610324-1001\SOFTWARE\Classes\AppXq0pwa73vfcn2qdexp8cexcc6qk87xh1r [] =>Adware.Navipromo

DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delcam PS-Tutorials11300 [Delcam] =>SUP.Optional.AgenceExclusive

DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [ASUSTeK Computer Inc.] =>Heuristic.Suspect DELETED key*: HKCU\SOFTWARE\21aa3a625566a845dd64b40834c67322 [] =>Hijacker.Browser DELETED key*: HKCU\SOFTWARE\7bb2f06daee1ec0a5af23f31c74fca78 [] =>Hijacker.Browser

---\ Summary of the elements found (5)

https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium

https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Adware.Navipromo

https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>SUP.Optional.AgenceExclusive

https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect

https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser

---\ Other deletions. (2)

~ Registry Keys Tracing deleted (2)

~ Remove the old reports ZHPCleaner. (0)

---\ Result of repair

~ Repair carried out successfully

~ Google Chrome OK

~ Internet Explorer OK

---\ Statistics ~ Items scanned : 1961

~ Items found : 0

~ Items cancelled : 0

~ Space saving (bytes) : 0

~ Items options : 9/17

---\ OPTIONS NOT ACTIVES

~ Temporary file analysis

~ Temporary folder analysis

~ Empty Folder CLSID Analysis

~ Empty Other Folder Analysis

~ Empty LocalLow Folder Analysis

~ Empty Local Folder Analysis

~ Obsolete Installer File Analysis

~ Start browsers with extensions removed

~ End of clean in 00h00mn25s

---\ Reports (2) ZHPCleaner-[S]-09062023-08_12_00.txt ZHPCleaner-[R]-09062023-08_19_28.txt

Elias Pereira · 11 de junho de 2023

Execute novamente o FRST.exe. Abra cada log em separado, copie e cole o conteudo na sua proxima resposta.

Nurgui · 12 de junho de 2023

A seguir os logs:

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-05-2023
Executado por nursi (administrador) em LAPTOP-U216UT7H (ASUSTeK COMPUTER INC. ROG G703GS_G703GS) (12-06-2023 07:57:20)
Executando a partir de C:\Users\nursi\OneDrive\Área de Trabalho\FRST64.exe
Perfis Carregados: nursi
Plataforma: Microsoft Windows 11 Home Versão 22H2 22621.1702 (X64) Idioma: Português (Portugal)
Navegador padrão: Edge
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

() [Arquivo não assinado] C:\Users\nursi\AppData\Local\Temp\Fmocnpecplpmgokmihrjohgewqz.exe
(38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTek Computer Inc.) C:\Program Files\WindowsApps\B9ECED6F.USBChargerPlus_5.0.9.0_x86__qmba6cd70vzyy\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK COMPUTER INC.) [Arquivo não assinado] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Arquivo não assinado] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe ->) (ASUSTeK COMPUTER INC.) [Arquivo não assinado] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
(C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
(C:\Program Files\Emsisoft Anti-Malware\a2guard.exe ->) (Emsisoft Limited -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(C:\Program Files\Emsisoft Anti-Malware\a2service.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.12.0_x86__qmba6cd70vzyy\ATK Package\HControl.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTek Computer Inc.) C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.12.0_x86__qmba6cd70vzyy\ATK Package\ATKOSD2.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23119.303.2080.2726_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.37\msedgewebview2.exe <7>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.43\msedgewebview2.exe <6>
(C:\Users\nursi\OneDrive\Área de Trabalho\FRST64.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2304.26.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3>
(cmd.exe ->) (McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\browserhost.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(explorer.exe ->) (Emsisoft Limited -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\75.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\75.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\certreq.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.43\Installer\setup.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenterService.exe
(services.exe ->) (Emsisoft Limited -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(services.exe ->) (Emsisoft Limited -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\CommService.exe
(services.exe ->) (Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(services.exe ->) (McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvamsi.inf_amd64_9219ad30ce7522b2\Display.NvContainer\NVDisplay.Container.exe <2>
(sihost.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUS) C:\Program Files\WindowsApps\B9ECED6F.ROGAura_2.1.25.0_x86__qmba6cd70vzyy\AuraListen.exe
(sihost.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUS) C:\Program Files\WindowsApps\B9ECED6F.ROGGameVisual_1.2.1.0_x64__qmba6cd70vzyy\ACMON.exe
(sihost.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTek Computer Inc.) C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy\ASUS Battery Health Charging\BhcMgr.exe
(sihost.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTek Computer Inc.) C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.12.0_x86__qmba6cd70vzyy\ATK Package\HControl.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee, LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(sihost.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2321.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.17.11461.0_x64__8wekyb3d8bbwe\OpenConsole.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.17.11461.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.16327.20248.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\nursi\AppData\Local\Microsoft\OneDrive\23.107.0521.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LRVYSRY4iG5Z4umg2kqV3xuDyD1bfLfsq7.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1234432 2019-10-30] (ASUSTeK COMPUTER INC.) [Arquivo não assinado]
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-20] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [Emsisoft Anti-Malware] => C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [10774960 2023-06-04] (Emsisoft Limited -> Emsisoft Ltd)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Update: Restrição <==== ATENÇÃO
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.3.0\GoogleDriveFS.exe [53970712 2023-06-02] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.3.0\GoogleDriveFS.exe [53970712 2023-06-02] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.3.0\GoogleDriveFS.exe [53970712 2023-06-02] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40454048 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123262336 2023-05-30] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31300376 2023-03-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [MicrosoftEdgeAutoLaunch_E9654F28324299FCE4DDE5EEE2A42508] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113808 2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.3.0\GoogleDriveFS.exe [53970712 2023-06-02] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpzppw72: C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll [257024 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\KM Language Monitor: C:\Windows\system32\KMPJL64.DLL [80384 2013-04-08] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
HKLM\...\Print\Monitors\PCL hpz3lw72: C:\Windows\system32\hpz3lw72.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.110\Installer\chrmstp.exe [2023-06-06] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-04-13]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {03CF5ED7-F6EF-433C-9804-52C1BAE7CE66} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {08387746-2324-4345-8016-A28AA1115DC5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {09F9477C-1B5B-4FFF-A749-EC901EC7B063} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {0AC62FB3-3F7F-447D-8747-DC914CB04A60} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {0D69DED8-C7BA-4F0C-BE20-632587859D39} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start ThunderboltService
Task: {22838C5B-7FB2-4BC3-B08F-F6EC9DE6A1F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {23A2C2E9-E278-4AE4-9276-443D67B8616C} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2023-03-08] (Garmin International, Inc. -> )
Task: {3020E1DD-2B33-4756-A425-E6F4CEEAF44D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {34E674F9-2AB1-49F0-96DD-A110C4B99AAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {35C8EA5F-4317-4C5B-BC01-925AFB055646} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Nenhum Arquivo)
Task: {3CB0C6B6-7DB0-4F82-86D2-317660974B79} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Nenhum Arquivo)
Task: {3E717B58-C5EB-4CA1-9428-B3C57EA93F5E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {3F16825E-4A23-4BE5-BFF3-E8875BE51957} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4DB2E56F-33C6-46D4-9626-134B1FA7B1F9} - System32\Tasks\S-1-5-21-3848878613-230039650-1154610324-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (Nenhum Arquivo)
Task: {55C45FC8-E007-494C-A58F-F033D657E907} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "bf5aeb9d-4b7a-44ff-be41-d7fe70b78db2" --version "6.12.10490" --silent
Task: {68ED2B15-9716-4F7F-AC2E-E853DF81A725} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AEAC83B-69C1-4110-A7E4-63CD753D8ED9} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-3848878613-230039650-1154610324-1001 => C:\Users\nursi\AppData\Local\Programs\Messenger\MessengerHelper.exe --lassie (Nenhum Arquivo)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe Reboot (Nenhum Arquivo)
Task: {75C6ECC2-A97B-43FE-955F-F19B1B756E6D} - System32\Tasks\Microsoft\Windows\Method\Size => C:\Users\nursi\AppData\Local\Method\lpxeccajs\Size.exe (Nenhum Arquivo)
Task: {82DED51B-11BB-4D6E-8849-C79650191760} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe [4718048 2018-03-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {837548B2-5C32-40F1-B199-428018558A58} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {883D674E-9997-4C06-998C-1AD66B25BDAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-04] (Google Inc -> Google Inc.)
Task: {8EF2319F-75C3-49AC-BFFD-50AA2D5F8A25} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe [1234432 2019-10-30] (ASUSTeK COMPUTER INC.) [Arquivo não assinado]
Task: {919B36F3-225D-4214-B6A3-3A7CA9BE35CC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9990B736-2BB8-4363-9FB8-7DCA98953BCB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (Nenhum Arquivo)
Task: {AB6CB96E-24C0-4CCF-9899-535BF4C17800} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B130E7A0-31B1-40FD-9840-E02126D42CA5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B3155E12-5FE2-42D1-925C-08E4A0E25E6B} - System32\Tasks\ASUS Promotion => C:\Program Files\ASUS\ASUS Promotion\ASUS Promotion.exe [1049568 2018-10-26] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {B81C4395-30C4-4666-97A1-8ECC080C4751} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C0AD9454-15CC-4B36-8BDA-E25E156109D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C5A67A2B-2DEE-489B-93A5-FBFED80F8A3D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C9B82602-1D68-47D0-90FF-6899003F7E64} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe [811520 2019-10-30] (ASUSTeK COMPUTER INC.) [Arquivo não assinado]
Task: {CB552C89-A0CC-4E63-A286-429E65028A3B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Nenhum Arquivo)
Task: {CE8524D6-D814-4436-B963-C64311AC0A6A} - System32\Tasks\GameFirstV => C:\Program Files (x86)\ASUS\GameFirst\\GameFirst_V.exe [714112 ] (Apex Titan Technology Corp. -> ASUS)
Task: {D64B1995-474C-4E6E-9CFB-2FC258248192} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D7E72569-BA75-4B21-BA36-33E28EF979EC} - System32\Tasks\CCleanerSkipUAC - nursi => C:\Program Files\CCleaner\CCleaner.exe [34264480 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DA0066AB-D295-44A9-8C7F-8754D040F711} - System32\Tasks\USBChargerPlusUWP => C:\Program Files (x86)\ASUS\USB Charger Plus Service\StartupUSBChargerPlus.exe [150416 2018-07-04] (ASUSTeK Computer Inc. -> )
Task: {E008A5EA-2090-4D75-A97F-61D18099AE55} - System32\Tasks\IterationCount => C:\Users\nursi\AppData\Roaming\DefinedTypes\IterationCount (Nenhum Arquivo)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Nenhum Arquivo)
Task: {E90CD071-BE09-4138-BA41-AAAC86583212} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {EB6C88FD-2935-42F7-A8AC-A9FD3B3DE60A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2019-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EE3A4C7D-83B8-468E-9B1A-4B3258D74D59} - \faka -> Nenhum Arquivo <==== ATENÇÃO
Task: {EFBD9700-C01E-45FB-8327-A2762C1EF853} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-04] (Google Inc -> Google Inc.)
Task: {F00BB55C-CB25-4E87-8B60-0ED9F8C4D15F} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHotkeyExec64.exe [176064 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {F1CA1299-F3B4-4FCF-8C47-EDEC9BAA81BB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277528 2019-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F4BC2FB6-E0AD-4A64-8C8B-D915C6A8F7D1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC5855C5-EDF8-4136-8494-9DF310D8161C} - System32\Tasks\Method\Size => C:\Users\nursi\AppData\Local\Method\bxxntqhh\Size.exe [7168 2023-06-09] () [Arquivo não assinado] [O arquivo está em uso]

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0b2953b5-9af0-447d-9e0f-11fa9572663c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c15b09dc-722c-4d37-b52d-c67a7bd8cda3}: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{cff0d725-5d03-488f-b199-9b1a7f0a32aa}: [DhcpNameServer] 172.20.10.1
DnsPolicyConfig: [DNS_RESILIENCY_slscr.update.microsoft.com] => GenericDNSServers=162.159.36.2

Edge:
=======
DownloadDir: C:\Users\nursi\Downloads
Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)]
Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)]
Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)]
Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-12]
Edge HomePage: Default -> hxxp://asus13.msn.com/
Edge StartupUrls: Default -> "hxxp://www.google.pt/"
Edge Extension: (Logitech Smooth Scrolling) - C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2021-11-25]
Edge Extension: (New Tab Redirect) - C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2021-11-25]
Edge Extension: (MyJDownloader Browser Extension) - C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2021-11-25]
Edge Extension: (Edge relevant text changes) - C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-24]

FireFox:
========
FF ProfilePath: C:\Users\nursi\AppData\Roaming\TomTom\HOME\Profiles\ys5opl6g.default [2020-06-15]
FF Extension: (Sem Nome) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected] [não encontrado (a)]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-22]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2021-01-26] [não assinado]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-06-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default [2023-06-12]
CHR HomePage: Default -> hxxp://www.google.pt/
CHR StartupUrls: Default -> "hxxp://www.google.pt/"
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2019-03-04]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-05-19]
CHR Extension: (Google Docs offline) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-22]
CHR Extension: (New Tab Redirect) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2019-07-07]
CHR Extension: (Launcher de aplicações para o Drive (da Google)) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-23]
CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-02]
CHR Profile: C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-06-09]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-12-16]
CHR Extension: (Google Docs offline) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-16]
CHR Extension: (Launcher de aplicações para o Drive (da Google)) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-03-09]
CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-09]
CHR Profile: C:\Users\nursi\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-3848878613-230039650-1154610324-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [11453664 2023-06-04] (Emsisoft Limited -> Emsisoft Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S2 AsHidService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe [173504 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
S2 ASLDRService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe [227776 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
S2 ASUS; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063840 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 EmsiCommService; C:\Program Files\Emsisoft Anti-Malware\CommService.exe [15048472 2023-06-04] (Emsisoft Limited -> Emsisoft Ltd)
R2 EppWsc; C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe [1545368 2023-06-04] (Emsisoft Ltd -> Emsisoft Ltd)
S2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Arquivo não assinado]
S2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [1977392 2019-04-12] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [905472 2019-08-22] (McAfee, LLC -> McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
R2 ROGGamingCenterService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenterService.exe [40416 2018-02-22] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
S2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [Arquivo não assinado]
S2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc)
S2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc.)
S2 USBChargerService; C:\Program Files (x86)\ASUS\USB Charger Plus Service\USBChargerService.exe [120720 2018-07-04] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe [3228464 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe [133592 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvamsi.inf_amd64_9219ad30ce7522b2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvamsi.inf_amd64_9219ad30ce7522b2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [31032 2018-07-04] (WDKTestCert Jie,131315143419111253 -> ASUSTek Computer Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [104808 2018-01-21] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\atkwmiacpi64.sys [36368 2019-03-04] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Arquivo não assinado]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 epp; C:\Program Files\Emsisoft Anti-Malware\epp.sys [164856 2023-06-06] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37776 2023-06-04] (Emsisoft Ltd -> Emsisoft Ltd)
S0 EppElam; C:\WINDOWS\System32\drivers\EppElam.sys [19392 2023-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys [137224 2023-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [34488 2022-08-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 MpKsl186b7a38; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7DA7F735-EBE2-40B4-A552-5373E1B4119C}\MpKslDrv.sys [213288 2023-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 netfilter21556; C:\WINDOWS\System32\drivers\netfilter21556.sys [96392 2017-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-06-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
R3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc. -> SafeNet, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 TPS6598x; C:\WINDOWS\System32\drivers\TPS6598x.sys [56376 2017-11-28] (FPT USA Corp. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498984 2023-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-06-01] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Três meses (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-06-09 07:59 - 2023-06-09 08:19 - 000000000 ____D C:\Users\nursi\AppData\Roaming\ZHP
2023-06-09 07:59 - 2023-06-09 07:59 - 000000000 ____D C:\Users\nursi\AppData\Local\ZHP
2023-06-07 12:26 - 2023-06-07 12:26 - 482131710 _____ C:\Users\nursi\Downloads\b1 new design 004.igs
2023-06-07 12:00 - 2023-06-07 12:00 - 451630434 _____ C:\Users\nursi\Downloads\b1 new design 004.stl
2023-06-06 17:34 - 2023-06-06 17:34 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\POV-Ray
2023-06-05 15:02 - 2023-06-05 15:02 - 000001427 _____ C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-06-05 15:02 - 2023-06-05 15:02 - 000000000 ____D C:\Users\nursi\AppData\Local\ESET
2023-06-05 11:35 - 2023-06-05 11:35 - 000782858 _____ C:\WINDOWS\system32\prfh0816.dat
2023-06-05 11:35 - 2023-06-05 11:35 - 000159072 _____ C:\WINDOWS\system32\prfc0816.dat
2023-06-05 09:57 - 2023-06-12 07:57 - 000000000 ____D C:\FRST
2023-06-05 09:57 - 2023-06-05 09:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Method
2023-06-05 09:52 - 2023-06-05 09:54 - 000000000 ____D C:\AdwCleaner
2023-06-05 08:10 - 2023-06-12 07:58 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2023-06-05 08:10 - 2023-06-05 08:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2023-06-05 08:10 - 2023-06-04 21:01 - 000037776 _____ (Emsisoft Ltd) C:\WINDOWS\system32\Drivers\eppdisk.sys
2023-06-02 12:35 - 2023-06-02 12:35 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-06-02 12:04 - 2023-06-05 08:13 - 000000000 ____D C:\ProgramData\Emsisoft
2023-06-02 09:54 - 2023-06-09 08:33 - 000000000 ____D C:\Users\nursi\AppData\Local\Method
2023-06-02 09:52 - 2023-06-05 08:12 - 000000000 ____D C:\Users\nursi\AppData\Roaming\DefinedTypes
2023-06-02 09:52 - 2023-06-02 09:52 - 000003656 _____ C:\WINDOWS\system32\Tasks\IterationCount
2023-06-02 09:52 - 2023-06-02 09:52 - 000000000 ____D C:\ProgramData\sib
2023-06-02 09:52 - 2023-06-02 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyShot 11
2023-06-02 09:52 - 2023-06-02 09:52 - 000000000 ____D C:\ProgramData\Luxion
2023-06-02 09:51 - 2023-06-02 09:52 - 000000000 ____D C:\Program Files\KeyShot11
2023-06-02 09:19 - 2023-06-02 09:19 - 000000000 ____D C:\Users\nursi\AppData\Roaming\NVIDIA
2023-06-02 09:15 - 2023-06-12 07:53 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\KeyShot 11
2023-06-02 09:15 - 2023-06-06 15:43 - 000000000 ____D C:\Users\nursi\AppData\Roaming\Luxion
2023-06-02 09:01 - 2023-06-02 09:01 - 000001181 _____ C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\keyshot5.lnk
2023-06-02 08:48 - 2023-06-02 08:59 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\KeyShot 5
2023-06-01 17:09 - 2023-06-01 17:09 - 000032786 _____ C:\Users\nursi\Downloads\Hogan_Shoes_and_Fashion.eps
2023-06-01 17:09 - 2023-06-01 17:09 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\Minhas paletas
2023-06-01 16:23 - 2023-06-01 16:24 - 504198189 _____ C:\Users\nursi\Downloads\ASICS X ForEver Meeting 17th May,2023 (1) (1).pptx
2023-06-01 16:22 - 2023-06-01 16:23 - 504198189 _____ C:\Users\nursi\Downloads\ASICS X ForEver Meeting 17th May,2023 (1).pptx
2023-06-01 11:40 - 2023-06-01 11:40 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\FlashIntegro
2023-06-01 11:37 - 2023-06-01 11:37 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\vulcao
2023-06-01 11:22 - 2023-06-01 11:22 - 026693624 _____ C:\Users\nursi\Downloads\Rueda_vapesol_rect_1_6_23.3dm
2023-06-01 11:10 - 2023-06-01 11:10 - 002887440 _____ C:\Users\nursi\Downloads\TP SOLES SONRA_MONSIEURGERMAIN_300523.pdf
2023-05-30 17:07 - 2023-05-30 17:07 - 004883572 _____ C:\Users\nursi\Downloads\Ficheiros 3D.zip
2023-05-30 17:07 - 2023-05-30 17:07 - 000000000 ____D C:\Users\nursi\Downloads\Ficheiros 3D
2023-05-30 13:26 - 2023-05-30 13:26 - 000407788 _____ C:\Users\nursi\Downloads\Bilhetes Passadiços do Mondego (1).pdf
2023-05-30 13:23 - 2023-05-30 13:23 - 000407788 _____ C:\Users\nursi\Downloads\Bilhetes Passadiços do Mondego.pdf
2023-05-30 13:23 - 2023-05-30 13:23 - 000144055 _____ C:\Users\nursi\Downloads\Normas e Recomendações.pdf
2023-05-30 13:12 - 2023-05-30 13:12 - 000025255 _____ C:\Users\nursi\Downloads\87482713.pdf
2023-05-29 13:20 - 2023-05-29 13:20 - 001406433 _____ C:\Users\nursi\Downloads\Kirigamine Zen.pdf
2023-05-29 13:20 - 2023-05-29 13:20 - 000069051 _____ C:\Users\nursi\Downloads\ORÇ_2864_MARCIO_MIT.pdf
2023-05-29 13:10 - 2023-05-29 13:10 - 001920078 _____ C:\Users\nursi\Downloads\FT DAIKIN MULTI.pdf
2023-05-29 13:10 - 2023-05-29 13:10 - 001102590 _____ C:\Users\nursi\Downloads\PO_220523_R00_DK_MULTI.pdf
2023-05-26 07:55 - 2023-05-26 07:55 - 000000000 ____D C:\Users\nursi\AppData\LocalLow\Messenger
2023-05-24 11:18 - 2023-05-24 11:18 - 104545080 _____ C:\Users\nursi\Downloads\S1PS_A2_(PADUA)_V5_003 igs.igs
2023-05-23 16:54 - 2023-05-23 16:54 - 000270180 _____ C:\Users\nursi\Downloads\symb.dxf
2023-05-23 16:52 - 2023-05-23 16:52 - 000028708 _____ C:\Users\nursi\Downloads\shoes-materials-symbols-footwear-labels-vector-20840027.webp
2023-05-23 15:36 - 2023-05-23 15:36 - 000043323 _____ C:\Users\nursi\Downloads\CallaGhan.eps
2023-05-23 14:28 - 2023-05-23 14:28 - 215491326 _____ C:\Users\nursi\Downloads\QUONDAM IGS.igs
2023-05-23 14:11 - 2023-05-23 14:11 - 215632802 _____ C:\Users\nursi\Downloads\wetransfer_quondam-difu-jpg_2023-05-22_1137 (1).zip
2023-05-22 16:06 - 2023-05-22 16:06 - 026919105 _____ C:\Users\nursi\Downloads\Rueda_16_5_23.3dm
2023-05-22 14:53 - 2023-05-22 14:54 - 215632802 _____ C:\Users\nursi\Downloads\wetransfer_quondam-difu-jpg_2023-05-22_1137.zip
2023-05-22 13:50 - 2023-05-22 13:50 - 001503097 _____ C:\Users\nursi\Downloads\THOR STREET (1).pdf
2023-05-22 07:56 - 2023-05-22 07:56 - 001723014 _____ C:\Users\nursi\Downloads\2271CMV-16_BAK_BAK.pdf
2023-05-16 18:02 - 2023-05-16 18:02 - 003883291 _____ C:\Users\nursi\Downloads\HATTY TENNIS SNEAKER Outsole design tech pack .pdf
2023-05-16 18:02 - 2023-05-16 18:02 - 001916145 _____ C:\Users\nursi\Downloads\HATTY TENNIS VECTOR FILE.ai
2023-05-16 18:02 - 2023-05-16 18:02 - 001396764 _____ C:\Users\nursi\Downloads\HATTY BRANDING 02.05.23.ai
2023-05-16 18:02 - 2023-05-16 18:02 - 000137355 _____ C:\Users\nursi\Downloads\HATTY TENNIS DRAWING.pdf
2023-05-16 15:27 - 2023-05-16 15:27 - 000073107 _____ C:\Users\nursi\Downloads\RM 2023-448.pdf
2023-05-16 15:12 - 2023-05-16 15:12 - 000226527 _____ C:\Users\nursi\Downloads\PoleCapV1[1].step
2023-05-15 17:41 - 2023-05-15 17:41 - 083634963 _____ C:\Users\nursi\Downloads\wetransfer_capa-livro-final-stl-stl_2023-05-15_1557.zip
2023-05-15 15:43 - 2023-05-15 15:43 - 000000000 ____D C:\Users\nursi\Downloads\wetransfer_oxford-41-3dm-3dm_2023-05-14_1653
2023-05-15 15:42 - 2023-05-15 15:42 - 180250995 _____ C:\Users\nursi\Downloads\wetransfer_oxford-41-3dm-3dm_2023-05-14_1653.zip
2023-05-15 13:48 - 2023-05-15 13:48 - 039455284 _____ C:\Users\nursi\Downloads\capa livro 3.stl
2023-05-12 10:18 - 2023-05-12 10:18 - 003647486 _____ C:\Users\nursi\Downloads\Casual (1) (1).pdf
2023-05-11 15:21 - 2023-05-11 15:21 - 002199362 _____ C:\Users\nursi\Downloads\23-214.rar
2023-05-11 15:21 - 2023-05-11 15:21 - 002096800 _____ C:\Users\nursi\Downloads\23-218.rar
2023-05-11 14:07 - 2023-05-11 14:07 - 000014719 _____ C:\Users\nursi\Downloads\Logo Chinelo (1).pdf
2023-05-11 09:35 - 2023-05-11 09:35 - 003647486 _____ C:\Users\nursi\Downloads\Casual (1).pdf
2023-05-10 08:55 - 2023-05-10 08:55 - 000000000 ___HD C:\$WinREAgent
2023-05-09 17:14 - 2023-05-09 17:14 - 002736125 _____ C:\Users\nursi\Downloads\PME ART PLUG with wing V1.pdf
2023-05-09 13:22 - 2023-05-09 13:22 - 000023271 _____ C:\Users\nursi\Downloads\5336704.pdf
2023-05-09 12:08 - 2023-05-09 12:08 - 006085630 _____ C:\Users\nursi\Downloads\Profilsohle_links_oval_12_Schwund.iges
2023-05-09 12:08 - 2023-05-09 12:08 - 006084400 _____ C:\Users\nursi\Downloads\Profilsohle_rechts_oval_12_Schwund.iges
2023-05-09 12:07 - 2023-05-09 12:08 - 001721262 _____ C:\Users\nursi\Downloads\Muttersohle_rechts_oval_12_Schwund.iges
2023-05-09 12:07 - 2023-05-09 12:08 - 001720770 _____ C:\Users\nursi\Downloads\Muttersohle_links_oval_12_Schwund.iges
2023-05-09 11:57 - 2023-05-09 11:57 - 000014719 _____ C:\Users\nursi\Downloads\Logo Chinelo.pdf
2023-05-09 11:48 - 2023-05-09 11:48 - 000000000 ____D C:\Users\nursi\Downloads\Dynamic-Sohle-Basis37669-Gr37-Model-Origin
2023-05-09 11:47 - 2023-05-09 11:47 - 008007904 _____ C:\Users\nursi\Downloads\Dynamic-Sohle-Basis37669-Gr37-Model-Origin.zip
2023-05-08 13:04 - 2023-05-08 13:04 - 002651876 _____ C:\Users\nursi\Downloads\FAMIL MALAGA.rar
2023-05-08 11:36 - 2023-05-08 11:36 - 014566316 _____ C:\Users\nursi\Downloads\wetransfer_malaga-y-eivissa_2023-05-08_1005.zip
2023-05-08 07:56 - 2023-05-08 07:56 - 112598874 _____ C:\Users\nursi\Downloads\S1PS_A2_(PADUA)_V5_concavo.igs
2023-05-08 07:56 - 2023-05-08 07:56 - 012434434 _____ C:\Users\nursi\Downloads\74840A.stl
2023-05-04 14:59 - 2023-05-04 14:59 - 012542984 _____ C:\Users\nursi\Downloads\forma nuova brunch.stl
2023-05-04 14:59 - 2023-05-04 14:59 - 000370590 _____ C:\Users\nursi\Downloads\BRUNCH_BLUEPRINT.pdf
2023-05-04 10:25 - 2023-05-04 10:25 - 000150393 _____ C:\Users\nursi\Downloads\BE21DBB4-9C12-430A-98B7-BCE93B187727_1_105_c (1).jpeg
2023-05-03 16:55 - 2023-05-03 16:54 - 000138006 _____ C:\Users\nursi\Downloads\logo_rasto.igs
2023-05-03 14:59 - 2023-05-03 14:59 - 000693177 _____ C:\Users\nursi\Downloads\ROCKSTAR-H.pdf
2023-05-02 15:35 - 2023-05-02 15:35 - 070220372 _____ C:\Users\nursi\Downloads\b1 001.igs
2023-05-02 14:53 - 2023-05-02 14:53 - 000166427 _____ C:\Users\nursi\Downloads\PLANTA_CAPA_TACAO.dxf
2023-04-28 11:08 - 2023-04-28 11:08 - 000593456 _____ C:\Users\nursi\Downloads\L44-20-24 Musterbestellung.pdf
2023-04-28 11:08 - 2023-04-28 11:08 - 000083746 _____ C:\Users\nursi\Downloads\lfs_44-20-24_muster.dxf
2023-04-28 10:55 - 2023-04-28 10:55 - 072204584 _____ C:\Users\nursi\Downloads\44-20-Sohle.stl
2023-04-28 07:56 - 2023-04-28 07:56 - 163637291 _____ C:\Users\nursi\Downloads\wetransfer_vivo-23-igs-files_2023-04-26_1437.zip
2023-04-27 13:51 - 2023-04-27 11:21 - 015934463 _____ C:\Users\nursi\Downloads\Vídeo WhatsApp 2023-04-27 às 10.41.24.mp4
2023-04-27 08:33 - 2023-04-27 08:33 - 010396908 _____ C:\Users\nursi\Downloads\PLANTAE.rar
2023-04-26 16:14 - 2023-04-26 16:13 - 000432661 _____ C:\Users\nursi\Downloads\ITAFLEX - FAMIL - B-SUMMER-KIDS.pdf
2023-04-26 13:55 - 2023-04-26 13:55 - 057343584 _____ C:\Users\nursi\Downloads\emma v8 002 clean (1).igs
2023-04-24 13:53 - 2023-04-24 13:53 - 018275311 _____ C:\Users\nursi\Downloads\sole feedback REAL STEP.pdf
2023-04-24 11:04 - 2023-04-24 11:04 - 000384086 _____ C:\Users\nursi\Downloads\ALL-COURT_7.pdf
2023-04-24 10:50 - 2023-04-24 10:50 - 000764516 _____ C:\Users\nursi\Downloads\LINOSO W4203 OUTSOLE TECH PACK.pdf
2023-04-24 09:24 - 2023-04-24 09:24 - 003531747 _____ C:\Users\nursi\Downloads\limitato 42.dgk
2023-04-24 09:12 - 2023-04-24 09:12 - 000171004 _____ C:\Users\nursi\Downloads\ATHENS 37.pdf
2023-04-24 09:12 - 2023-04-24 09:12 - 000138512 _____ C:\Users\nursi\Downloads\ENCARGO ATHENS 37.pdf
2023-04-24 09:11 - 2023-04-24 09:11 - 000136849 _____ C:\Users\nursi\Downloads\ENCARGO ATHENS 41.pdf
2023-04-21 08:06 - 2023-04-21 08:06 - 001481815 _____ C:\Users\nursi\Downloads\Padua (1).pdf
2023-04-20 17:02 - 2023-04-20 17:02 - 000150393 _____ C:\Users\nursi\Downloads\BE21DBB4-9C12-430A-98B7-BCE93B187727_1_105_c.jpeg
2023-04-20 12:16 - 2023-04-20 12:16 - 000475447 _____ C:\Users\nursi\Downloads\retro Sm.dxf
2023-04-19 15:57 - 2023-04-19 15:57 - 000706416 _____ C:\Users\nursi\Downloads\mymodel.pdf
2023-04-19 11:00 - 2023-04-19 11:01 - 041453542 _____ C:\Users\nursi\Downloads\9079_VISUAL_SKIP_V4.igs
2023-04-19 11:00 - 2023-04-19 11:00 - 057343584 _____ C:\Users\nursi\Downloads\emma v8 002 clean.igs
2023-04-18 15:06 - 2023-04-18 15:06 - 001121205 _____ C:\Users\nursi\Downloads\370x300-120.pdf
2023-04-18 13:45 - 2023-04-18 13:45 - 000109622 _____ C:\Users\nursi\Downloads\0750_001.pdf
2023-04-18 11:18 - 2023-04-18 11:18 - 000026528 _____ C:\Users\nursi\Downloads\ALDO (1).wmj
2023-04-18 11:18 - 2023-04-18 11:17 - 000026528 _____ C:\Users\nursi\Downloads\ALDO.wmj
2023-04-17 17:19 - 2023-04-17 17:19 - 000060333 _____ C:\Users\nursi\Downloads\planta-platformflex-larga (1).dxf
2023-04-17 11:11 - 2023-04-17 11:11 - 052428084 _____ C:\Users\nursi\Downloads\44-80_63-61-17 Proto2.stl
2023-04-17 10:52 - 2023-04-17 10:52 - 000059486 _____ C:\Users\nursi\Downloads\plantas-platformflex-estreita (2).dxf
2023-04-17 10:02 - 2023-04-17 10:03 - 027057029 _____ C:\Users\nursi\Downloads\YIN_4_BLUEPRINT_NOVO- 2.5 (1).pdf
2023-04-14 08:28 - 2023-04-14 08:28 - 000513372 _____ C:\Users\nursi\Downloads\8981-plantas_36.5 ao_46.5 (1).dxf
2023-04-14 08:26 - 2023-04-14 08:26 - 000513372 _____ C:\Users\nursi\Downloads\8981-plantas_36.5 ao_46.5.dxf
2023-04-14 08:05 - 2023-04-10 20:03 - 002172496 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-04-14 08:05 - 2023-04-10 20:03 - 002172496 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-04-14 08:05 - 2023-04-10 20:03 - 001607760 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-04-14 08:05 - 2023-04-10 20:03 - 001607760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-04-14 08:05 - 2023-04-10 20:03 - 001487896 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-04-14 08:05 - 2023-04-10 20:03 - 001479248 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-04-14 08:05 - 2023-04-10 20:03 - 001479248 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-04-14 08:05 - 2023-04-10 20:03 - 001226760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-04-14 08:05 - 2023-04-10 20:03 - 001211472 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-04-14 08:05 - 2023-04-10 20:03 - 001211472 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-04-14 08:05 - 2023-04-10 20:00 - 000851992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-04-14 08:05 - 2023-04-10 20:00 - 000671200 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-04-14 08:05 - 2023-04-10 20:00 - 000506864 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-04-14 08:05 - 2023-04-10 19:59 - 002166280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-04-14 08:05 - 2023-04-10 19:59 - 001620960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-04-14 08:05 - 2023-04-10 19:59 - 001535968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-04-14 08:05 - 2023-04-10 19:59 - 001194992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-04-14 08:05 - 2023-04-10 19:59 - 000978912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-04-14 08:05 - 2023-04-10 19:59 - 000759320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-04-14 08:05 - 2023-04-10 19:59 - 000741384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-04-14 08:05 - 2023-04-10 19:58 - 013768672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-04-14 08:05 - 2023-04-10 19:58 - 011650032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-04-14 08:05 - 2023-04-10 19:58 - 006084120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-04-14 08:05 - 2023-04-10 19:58 - 005911576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-04-14 08:05 - 2023-04-10 19:58 - 005834760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-04-14 08:05 - 2023-04-10 19:58 - 003429896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-04-14 08:05 - 2023-04-10 19:58 - 000457696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-04-14 08:05 - 2023-04-10 19:57 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-04-14 08:05 - 2023-04-08 14:12 - 000104369 _____ C:\WINDOWS\system32\nvinfo.pb
2023-04-13 15:58 - 2023-04-13 15:58 - 027057029 _____ C:\Users\nursi\Downloads\YIN_4_BLUEPRINT_NOVO- 2.5.pdf
2023-04-13 15:58 - 2023-04-13 15:58 - 026559371 _____ C:\Users\nursi\Downloads\YIN_4_BLUEPRINT_NOVO- 2.5.zip
2023-04-13 10:44 - 2023-04-13 10:44 - 000059486 _____ C:\Users\nursi\Downloads\plantas-platformflex-estreita (1).dxf
2023-04-12 16:59 - 2023-04-12 16:59 - 077745361 _____ C:\Users\nursi\Downloads\wetransfer_2d-pdf-e-3d_2023-04-12_1528.zip
2023-04-12 15:07 - 2023-04-12 15:07 - 000060333 _____ C:\Users\nursi\Downloads\planta-platformflex-larga.dxf
2023-04-12 15:07 - 2023-04-12 15:07 - 000059486 _____ C:\Users\nursi\Downloads\plantas-platformflex-estreita.dxf
2023-04-12 14:36 - 2023-04-12 14:36 - 024535148 _____ C:\Users\nursi\Downloads\VERDEVER v5.zip
2023-04-12 14:35 - 2023-04-12 14:35 - 024562445 _____ C:\Users\nursi\Downloads\VERDEVER v5.pdf
2023-04-12 12:25 - 2023-04-12 12:25 - 009368863 _____ C:\Users\nursi\Downloads\STL-VV006-M-42#(2023.03.16)3D.zip
2023-04-12 12:25 - 2023-04-12 12:25 - 000000000 ____D C:\Users\nursi\Downloads\STL-VV006-M-42#(2023.03.16)3D
2023-04-12 11:59 - 2023-04-12 11:59 - 000021622 _____ C:\Users\nursi\Downloads\9026 - MG 42 EVA CONTORNO COLECCAO (1).dgk
2023-04-12 11:17 - 2023-04-12 11:17 - 000017010 _____ C:\Users\nursi\Downloads\9026 - MG 42 EVA CONTORNO COLECCAO.dgk
2023-04-11 17:39 - 2023-04-11 17:39 - 000000371 _____ C:\Users\nursi\Downloads\wetransfer_stl-vv006-m-42-2023-03-16-3d-stl_2023-04-11_1638.zip
2023-04-11 17:39 - 2023-04-11 17:39 - 000000000 ____D C:\Users\nursi\Downloads\wetransfer_stl-vv006-m-42-2023-03-16-3d-stl_2023-04-11_1638
2023-04-07 16:08 - 2023-04-07 16:08 - 000073426 _____ C:\Users\nursi\Downloads\RM 2023-249 (1).pdf
2023-04-07 09:22 - 2023-04-07 09:22 - 000897760 _____ C:\Users\nursi\Downloads\2975F53B-0190-4101-8872-6CAAED468E18.jpeg
2023-04-07 09:22 - 2023-04-07 09:22 - 000221345 _____ C:\Users\nursi\Downloads\00547C3F-C7A0-4B7A-87D3-8C94DC95D3CA_1_105_c.jpeg
2023-04-06 17:07 - 2023-04-06 17:08 - 000464399 _____ C:\Users\nursi\Downloads\bristol.dxf
2023-04-06 16:12 - 2023-04-06 16:12 - 000073501 _____ C:\Users\nursi\Downloads\RM 2023-266 (2).pdf
2023-04-06 15:35 - 2023-04-06 15:35 - 000073501 _____ C:\Users\nursi\Downloads\RM 2023-266 (1).pdf
2023-04-06 08:05 - 2023-04-06 08:05 - 004177890 _____ C:\Users\nursi\Downloads\9435_VISUAL_PADUA.pdf
2023-04-05 08:01 - 2023-04-05 08:01 - 003686064 _____ C:\Users\nursi\Downloads\PUSH 001 igs (1).igs
2023-04-04 21:31 - 2023-04-04 21:31 - 000115729 _____ C:\Users\nursi\Downloads\Rua de São Domingos 2.m4a
2023-04-04 16:32 - 2023-04-04 16:32 - 062022084 _____ C:\Users\nursi\Downloads\emma nova forma.stl
2023-04-04 14:21 - 2023-04-04 14:21 - 000000000 ____D C:\Users\nursi\AppData\Roaming\Delft Spline Systems
2023-04-04 14:21 - 2021-08-04 11:56 - 000000576 _____ C:\Users\nursi\AppData\Roaming\DeskProto.xml
2023-04-04 14:20 - 2023-04-04 14:20 - 095121224 _____ (Delft Spline Systems ) C:\Users\nursi\Downloads\DeskProto71.exe
2023-04-04 12:26 - 2023-04-04 12:26 - 003686064 _____ C:\Users\nursi\Downloads\PUSH 001 igs.igs
2023-04-04 09:12 - 2023-04-04 09:12 - 104856184 _____ C:\Users\nursi\Downloads\46-39 Sohle.stl
2023-04-03 13:22 - 2023-04-03 13:22 - 000197452 _____ C:\Users\nursi\Downloads\RP_5045_DGSS.pdf
2023-04-03 08:40 - 2023-04-03 08:40 - 000220397 _____ C:\Users\nursi\Downloads\INVULSA GOMA-MOLDES STANDAR.pdf
2023-04-03 08:40 - 2023-04-03 08:40 - 000182468 _____ C:\Users\nursi\Downloads\ENCARGO IGUSA 37.pdf
2023-04-03 08:40 - 2023-04-03 08:40 - 000181642 _____ C:\Users\nursi\Downloads\PLANOS IGUSA 37.pdf
2023-04-03 08:40 - 2023-04-03 08:40 - 000025155 _____ C:\Users\nursi\Downloads\Letras japonesas 42mm.dxf
2023-04-03 08:40 - 2023-04-03 08:40 - 000010742 _____ C:\Users\nursi\Downloads\PLANTA MOLDE TACON NATU.igs
2023-03-31 11:15 - 2023-03-31 11:15 - 000653933 _____ C:\Users\nursi\Downloads\RETIFICAÇÕES_B-TREKKING (1).pdf
2023-03-31 11:15 - 2023-03-31 11:15 - 000271132 _____ C:\Users\nursi\Downloads\ITAFLEX_B-TREKKING_RETIFICAÇÕES (1).pdf
2023-03-31 11:11 - 2023-03-31 11:11 - 000653933 _____ C:\Users\nursi\Downloads\RETIFICAÇÕES_B-TREKKING.pdf
2023-03-31 11:11 - 2023-03-31 11:11 - 000271132 _____ C:\Users\nursi\Downloads\ITAFLEX_B-TREKKING_RETIFICAÇÕES.pdf
2023-03-31 09:18 - 2023-03-31 09:18 - 104856184 _____ C:\Users\nursi\Downloads\46-39 Sohle (1).stl
2023-03-31 09:05 - 2023-03-31 09:05 - 000215882 _____ C:\Users\nursi\Downloads\sola gizeh plataform flex larga.dxf
2023-03-31 08:46 - 2023-03-31 08:46 - 000298170 _____ C:\Users\nursi\Downloads\solas arizona plataform flex estreita.dxf
2023-03-30 08:03 - 2023-03-30 08:03 - 000073501 _____ C:\Users\nursi\Downloads\RM 2023-266.pdf
2023-03-29 07:57 - 2023-03-29 07:59 - 313162404 _____ C:\Users\nursi\Downloads\IMG_0417.MOV
2023-03-28 18:03 - 2023-03-28 18:03 - 091106717 _____ C:\Users\nursi\Downloads\wetransfer_emma-v8-igs_2023-03-28_1310.zip
2023-03-28 14:06 - 2023-03-28 14:06 - 012184130 _____ C:\Users\nursi\Downloads\Vargas.PDF
2023-03-27 13:18 - 2023-03-27 13:18 - 000075468 _____ C:\Users\nursi\Downloads\RM 2023-273.pdf
2023-03-27 07:55 - 2023-03-27 07:55 - 000001270 _____ C:\WINDOWS\system32\Drivers\mozart_123216053275227_fw_dump.cmm
2023-03-24 23:31 - 2023-03-24 23:32 - 000000022 _____ C:\Users\nursi\Downloads\rattlesnake_desert_dub-freesoundtrackmusic.zip
2023-03-24 22:38 - 2023-03-24 23:37 - 000000000 ____D C:\Users\nursi\AppData\Roaming\FlashIntegro
2023-03-24 22:38 - 2023-03-24 22:38 - 000000000 ____D C:\Users\nursi\AppData\Local\CrashRpt
2023-03-24 22:37 - 2023-03-24 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro
2023-03-24 22:37 - 2023-03-24 22:37 - 000000000 ____D C:\Program Files\FlashIntegro
2023-03-24 22:37 - 2023-03-24 22:37 - 000000000 ____D C:\Program Files\Common Files\FlashIntegro
2023-03-24 22:37 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\WINDOWS\system32\Lagarith.dll
2023-03-24 22:37 - 2005-08-01 19:43 - 000245760 _____ () C:\WINDOWS\system32\lame.ax
2023-03-24 22:37 - 2004-12-10 10:03 - 000438272 _____ (On2.com) C:\WINDOWS\system32\vp6vfw.dll
2023-03-24 22:37 - 2004-09-06 16:06 - 000053248 _____ C:\WINDOWS\system32\xvid.ax
2023-03-24 22:37 - 2004-07-03 21:08 - 000139264 _____ C:\WINDOWS\system32\xvidvfw.dll
2023-03-24 22:37 - 2004-07-03 20:59 - 000524288 _____ C:\WINDOWS\system32\xvidcore.dll
2023-03-24 22:37 - 2004-02-04 21:11 - 000081920 _____ (fccHandler) C:\WINDOWS\system32\AC3ACM.acm
2023-03-24 22:37 - 2003-05-22 12:26 - 000638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\system32\divx.dll
2023-03-24 22:37 - 2003-05-22 12:26 - 000221215 _____ (DivXNetworks, Inc.) C:\WINDOWS\system32\divxdec.ax
2023-03-24 22:37 - 2003-05-21 23:50 - 000261632 _____ (MainConcept) C:\WINDOWS\system32\mcdvd_32.dll
2023-03-24 22:37 - 2003-05-21 23:50 - 000156910 _____ C:\WINDOWS\WMSysPr8.prx
2023-03-24 22:37 - 2003-05-21 23:50 - 000082944 _____ (Voxware, Inc.) C:\WINDOWS\system32\vct3216.acm
2023-03-24 22:37 - 2003-05-21 23:50 - 000038912 _____ (NCT Company) C:\WINDOWS\system32\alf2cd.acm
2023-03-24 22:37 - 2003-05-21 23:50 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3a.dll
2023-03-24 22:37 - 2003-03-25 05:49 - 000098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\L3CODECX.AX
2023-03-24 22:37 - 2002-08-20 00:41 - 000413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg4c32.dll
2023-03-24 22:37 - 2000-03-14 20:55 - 000013239 _____ (SHARP Corporation) C:\WINDOWS\system32\Scg726.acm
2023-03-24 22:31 - 2023-03-24 22:32 - 102836104 _____ (Flash-Integro LLC ) C:\Users\nursi\Downloads\video_editor_x64.exe
2023-03-22 15:14 - 2023-03-17 09:32 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2023-03-22 12:12 - 2023-03-22 12:12 - 014547384 _____ C:\Users\nursi\Downloads\JV2-0143-1-B07 - 03-17-2023.stl
2023-03-22 12:12 - 2023-03-22 12:12 - 000099664 _____ C:\Users\nursi\Downloads\F23 SH Casual_v2_3.15.pdf
2023-03-20 17:07 - 2023-03-20 17:07 - 000074584 _____ C:\Users\nursi\Downloads\RM 2023-219 (1).pdf
2023-03-20 16:22 - 2023-03-20 16:22 - 002761856 _____ C:\Users\nursi\Downloads\feedback 3 - SOLE REALSTEP.pdf
2023-03-20 12:48 - 2023-03-20 12:48 - 016675635 _____ C:\Users\nursi\Downloads\PG_DE_1_XC72_RECT2.pdf
2023-03-20 11:28 - 2023-03-20 11:28 - 023319325 _____ C:\Users\nursi\Downloads\wetransfer_desenho-3d-90-s-runner_2023-03-16_1943.zip
2023-03-20 11:08 - 2023-03-20 11:08 - 000056151 _____ C:\Users\nursi\Downloads\9421.jpeg
2023-03-20 10:50 - 2023-03-20 10:50 - 000074922 _____ C:\Users\nursi\Downloads\9285_REQ._COLEÇÃO.jpeg
2023-03-20 09:39 - 2023-03-20 09:39 - 000133163 _____ C:\Users\nursi\Downloads\WhatsApp Image 2023-03-20 at 08.13.03.jpeg
2023-03-16 15:03 - 2023-03-16 15:03 - 000000000 ____D C:\Users\nursi\Downloads\Incense_Volcano_2162616
2023-03-16 15:02 - 2023-03-16 15:03 - 001252183 _____ C:\Users\nursi\Downloads\Incense_Volcano_2162616.zip
2023-03-16 13:02 - 2023-03-16 13:02 - 000073426 _____ C:\Users\nursi\Downloads\RM 2023-249.pdf
2023-03-15 11:20 - 2023-03-15 11:20 - 001863842 _____ C:\Users\nursi\Downloads\SONRA 2 v3.pdf
2023-03-15 09:53 - 2023-03-15 09:53 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14
2023-03-14 18:46 - 2023-03-14 18:46 - 002383344 _____ C:\Users\nursi\Downloads\STL-VV006-M-42#(2023.02.16)3D(1).pdf
2023-03-14 16:44 - 2023-03-14 16:44 - 001989547 _____ C:\Users\nursi\Downloads\SONRA II v2 (1).pdf

==================== Três meses (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-06-12 07:58 - 2019-03-04 17:40 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-12 07:56 - 2019-03-07 09:08 - 000000000 ____D C:\Program Files\CCleaner
2023-06-12 07:53 - 2019-03-04 18:00 - 000000000 ____D C:\Users\nursi\AppData\Roaming\PowerSHAPE
2023-06-12 07:52 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-12 07:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-12 07:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-12 07:52 - 2020-07-20 10:08 - 000000000 ____D C:\Users\nursi\AppData\Roaming\Microsoft\Skype for Desktop
2023-06-12 07:52 - 2020-06-08 08:45 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-12 07:52 - 2019-03-04 17:35 - 000000000 ___RD C:\Users\nursi\OneDrive
2023-06-12 07:52 - 2019-03-04 17:33 - 000000000 ___SD C:\Users\nursi\AppData\Roaming\Microsoft\Credentials
2023-06-12 07:51 - 2018-06-22 23:58 - 000000000 ____D C:\ProgramData\NVIDIA
2023-06-09 12:01 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-09 10:00 - 2019-04-08 09:23 - 000000000 ____D C:\Users\nursi\AppData\Local\D3DSCache
2023-06-09 08:07 - 2019-03-04 17:33 - 000000000 ____D C:\Users\nursi\AppData\Local\Packages
2023-06-09 08:01 - 2022-10-13 11:39 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-06-09 08:01 - 2022-09-30 15:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-06-09 07:52 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-09 07:51 - 2020-07-20 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-06-09 07:50 - 2022-09-30 15:04 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3848878613-230039650-1154610324-1001
2023-06-09 07:50 - 2022-09-30 15:04 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3848878613-230039650-1154610324-1001
2023-06-09 07:50 - 2022-09-30 14:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-09 07:50 - 2021-03-08 09:56 - 000002482 _____ C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-09 07:50 - 2019-03-04 18:53 - 000000000 ____D C:\Users\nursi\AppData\Local\CrashDumps
2023-06-07 17:05 - 2018-06-23 00:06 - 000000000 ____D C:\ProgramData\ASUS
2023-06-07 17:05 - 2017-12-02 00:30 - 000000000 ____D C:\Program Files (x86)\ASUS
2023-06-07 15:23 - 2022-01-03 14:58 - 000000000 ____D C:\Users\nursi\AppData\Local\CHITUBOX_Thumbnail
2023-06-06 14:08 - 2022-09-30 11:28 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-06-06 07:52 - 2019-03-04 17:42 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-05 11:35 - 2022-09-30 15:01 - 001790242 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-05 11:35 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-06-05 11:28 - 2022-09-30 15:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-05 11:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-06-05 11:28 - 2021-03-08 10:29 - 000012288 ___SH C:\DumpStack.log.tmp
2023-06-05 11:27 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-06-05 08:10 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-06-02 09:54 - 2019-09-12 14:44 - 000000000 ____D C:\Users\nursi\AppData\Local\Luxion
2023-06-02 09:43 - 2022-09-21 08:03 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-06-02 09:11 - 2019-09-12 14:44 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\KeyShot 8
2023-06-02 07:52 - 2021-02-02 09:14 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-06-01 18:03 - 2019-03-18 15:37 - 000000000 ____D C:\Users\nursi\AppData\Local\JDownloader 2.0
2023-06-01 17:09 - 2019-03-11 10:15 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\Corel
2023-06-01 07:51 - 2019-04-04 13:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-05-26 07:55 - 2020-11-16 15:29 - 000000000 ____D C:\Users\nursi\AppData\Local\Messenger
2023-05-25 16:04 - 2021-12-28 11:31 - 000000000 ____D C:\Users\nursi\AppData\Local\TvVodafone-data
2023-05-23 10:20 - 2019-03-04 18:35 - 000000000 ____D C:\ProgramData\Packages
2023-05-23 10:20 - 2019-03-04 17:51 - 000000000 ____D C:\Users\nursi\AppData\Local\PlaceholderTileLogoFolder
2023-05-22 07:53 - 2022-09-30 15:04 - 000003824 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-05-22 07:53 - 2022-09-30 15:04 - 000003700 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-05-19 08:10 - 2022-09-30 15:04 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-05-19 08:10 - 2022-09-30 15:04 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting

==================== Arquivos na raiz de alguns diretórios ========

2023-04-04 14:21 - 2021-08-04 11:56 - 000000576 _____ () C:\Users\nursi\AppData\Roaming\DeskProto.xml

==================== SigCheckExt =========================

2023-03-24 22:37 - 2003-05-22 12:26 - 000638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\system32\divx.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000032768 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbmiapi.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000033280 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboid.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000009216 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboidps.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000057344 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbpro.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000009728 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbprops.dll
2010-01-19 15:12 - 2010-01-19 15:12 - 000070144 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPBWSDR.DLL
2009-11-27 12:15 - 2009-11-27 12:15 - 000228864 _____ (hp) C:\WINDOWS\system32\hplbddrv.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000079872 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZidr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000045056 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipt12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000030208 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzisn12.dll
2023-03-24 22:37 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\WINDOWS\system32\Lagarith.dll
2023-03-24 22:37 - 2003-05-21 23:50 - 000261632 _____ (MainConcept) C:\WINDOWS\system32\mcdvd_32.dll
2023-03-24 22:37 - 2002-08-20 00:41 - 000413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg4c32.dll
2023-03-24 22:37 - 2003-05-21 23:50 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3a.dll
2023-03-24 22:37 - 2004-12-10 10:03 - 000438272 _____ (On2.com) C:\WINDOWS\system32\vp6vfw.dll
2023-03-24 22:37 - 2004-07-03 20:59 - 000524288 _____ C:\WINDOWS\system32\xvidcore.dll
2023-03-24 22:37 - 2004-07-03 21:08 - 000139264 _____ C:\WINDOWS\system32\xvidvfw.dll
2020-03-16 12:44 - 1997-11-19 16:49 - 000303616 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2003-03-18 20:05 - 2003-03-18 20:05 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2001-01-22 18:05 - 2001-01-22 18:05 - 000028944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20PTG.DLL
2010-08-06 11:13 - 2010-08-06 11:13 - 000050688 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZidr12.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000034816 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZipr12.dll
2018-04-16 17:08 - 2018-04-16 17:08 - 000520192 _____ (DR. JOHANNES HEIDENHAIN GmbH) C:\WINDOWS\SysWOW64\JHHardLock.dll
2003-03-18 22:20 - 2003-03-18 22:20 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2003-03-18 21:44 - 2003-03-18 21:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2003-03-18 22:12 - 2003-03-18 22:12 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
1999-05-18 08:16 - 1999-05-18 08:16 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPRPPTB.DLL
2000-05-23 22:45 - 2000-05-23 22:45 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
1998-08-09 11:07 - 1998-08-09 11:07 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTKPRP.DLL
2003-03-18 21:14 - 2003-03-18 21:14 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2003-02-21 05:42 - 2003-02-21 05:42 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2011-04-29 15:41 - 2011-04-29 15:41 - 001230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2011-04-29 15:41 - 2011-04-29 15:41 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2020-03-16 12:45 - 2002-03-21 10:21 - 000036864 _____ (Renishaw plc (TS6027)) C:\WINDOWS\SysWOW64\RenishawMail.dll
1998-03-24 21:54 - 1998-03-24 21:54 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCP32.DLL
2019-03-04 17:48 - 2005-06-15 04:00 - 000102400 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsccvid.dll
1999-11-24 18:40 - 1999-11-24 18:40 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAME.DLL

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{07d584dd-8e73-11e9-b15e-806e6f6e6963}
{07d584de-8e73-11e9-b15e-806e6f6e6963}
{07d584df-8e73-11e9-b15e-806e6f6e6963}
timeout 1

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale pt-PT
inherit {globalsettings}
default {current}
resumeobject {702b8d55-4685-11ea-9c87-9351b4372579}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Firmware Application (101fffff)
-------------------------------
identifier {07d584dd-8e73-11e9-b15e-806e6f6e6963}
description UEFI:CD/DVD Drive

Firmware Application (101fffff)
-------------------------------
identifier {07d584de-8e73-11e9-b15e-806e6f6e6963}
description UEFI:Removable Device

Firmware Application (101fffff)
-------------------------------
identifier {07d584df-8e73-11e9-b15e-806e6f6e6963}
description UEFI:Network Device

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale pt-PT
inherit {bootloadersettings}
recoverysequence {702b8d58-4685-11ea-9c87-9351b4372579}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {702b8d55-4685-11ea-9c87-9351b4372579}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {702b8d58-4685-11ea-9c87-9351b4372579}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{702b8d59-4685-11ea-9c87-9351b4372579}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale pt-PT
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{702b8d59-4685-11ea-9c87-9351b4372579}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {e51f2b76-56d6-11e9-a0a0-8b1ac8e89708}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{e51f2b77-56d6-11e9-a0a0-8b1ac8e89708}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale pt-PT
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{e51f2b77-56d6-11e9-a0a0-8b1ac8e89708}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {702b8d55-4685-11ea-9c87-9351b4372579}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale pt-PT
inherit {resumeloadersettings}
recoverysequence {702b8d58-4685-11ea-9c87-9351b4372579}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnóstico de Memória do Windows
locale pt-PT
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Local

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {702b8d59-4685-11ea-9c87-9351b4372579}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fim de FRST.txt ========================

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 29-05-2023
Executado por nursi (12-06-2023 07:59:17)
Executando a partir de C:\Users\nursi\OneDrive\Área de Trabalho
Microsoft Windows 11 Home Versão 22H2 22621.1702 (X64) (2022-09-30 14:04:13)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-3848878613-230039650-1154610324-500 - Administrator - Disabled)
Convidado (S-1-5-21-3848878613-230039650-1154610324-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3848878613-230039650-1154610324-503 - Limited - Disabled)
nursi (S-1-5-21-3848878613-230039650-1154610324-1001 - Administrator - Enabled) => C:\Users\nursi
WDAGUtilityAccount (S-1-5-21-3848878613-230039650-1154610324-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Emsisoft Anti-Malware Home (Disabled - Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1046-1033-7760-BC15014EA700}) (Version: 23.003.20201 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ANT Drivers Installer x64 (HKLM\...\{A6B6FBCE-2A3E-47E4-BB07-DE6EF17DAEF5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ArtCAM 2013 (64-bit) (HKLM-x32\...\ArtCAM 2013 (64-bit)) (Version: 2013 - Delcam Plc)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.9.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{02e30ab3-e6e3-42f5-bf7c-7e9b7b316e31}) (Version: 2.2.9.1 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.21 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{c58f0770-46aa-4b41-a148-b9b73a1451f7}) (Version: 1.1.21 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.1 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{fe55c1b5-bc05-4822-873e-412743572d3e}) (Version: 1.2.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.38 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{43baebef-1237-4e88-be25-d3834308a0c6}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.29 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{f651776f-58aa-42a2-ab37-593fb3d78ef2}) (Version: 1.0.29 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.29 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{e3f99131-d5d0-4805-96a7-7e126e8295dd}) (Version: 1.0.29 - ASUSTek COMPUTER INC.) Hidden
ASUS ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.4501 - ASUSTeK COMPUTER INC) Hidden
ASUS Promotion (HKLM\...\{10FE8E2F-7BDD-4430-8D63-3D3BA3F708D9}) (Version: 1.0.3 - ASUSTeK COMPUTER INC.)
ASUS Sonic Radar 3 (HKLM-x32\...\{f302c1fc-67c2-40b1-93c7-266d93310a2d}) (Version: 3.6.45.60920 - ASUSTeK COMPUTER INC)
ASUS Sonic Studio 3 (HKLM-x32\...\{44d9a0cd-0414-49c0-8488-dc0849f46bd1}) (Version: 3.6.45.60920 - ASUSTeK COMPUTER INC)
ASUS SonicRadar3Setup (HKLM\...\{09AE428F-CB54-42C8-8342-D0EC6E4136D0}) (Version: 3.6.45.60920 - ASUSTeK COMPUTER INC) Hidden
ASUS SonicStudio3Setup (HKLM\...\{ACA23ED7-018F-47AE-8C9C-2096E1455DA4}) (Version: 3.6.45.60920 - ASUSTeK COMPUTER INC) Hidden
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.38 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{6c213c67-ce1f-4e63-b202-4c101b6f1f64}) (Version: 3.03.38 - ASUSTeK Computer Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.12 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
CHITUBOX (HKLM-x32\...\CHITUBOX) (Version: - )
CHITUBOX 1.9.0 (HKLM-x32\...\CHITUBOX 1.9.0) (Version: - -CBD Technology Co.,Ltd-)
Corel Compatibility Pack (HKLM-x32\...\{77ECF7E9-5758-4965-803D-77AABC474747}) (Version: 12.4518.1018 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.0.487 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Extra Content (HKLM-x32\...\_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: - Corel Corporation)
CorelDRAW Graphics Suite X5 - Extra Content (HKLM-x32\...\{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (HKLM-x32\...\{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (HKLM\...\{66C10F29-31F0-4A9B-B2CF-465F488AE086}) (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (HKLM-x32\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0.0.486 - Corel Corporation)
Delcam Exchange 2013 R4 (64-bit) (HKLM\...\Delcam Exchange 7.3.10) (Version: 7.3.10 - Delcam)
Delcam PowerSHAPE 2014 (64-bit) (HKLM\...\Delcam PowerSHAPE14145) (Version: 14.1.45 - Delcam)
Delcam PowerSHAPE-ServicePack 2014 (64-bit) (HKLM\...\Delcam PowerSHAPE-ServicePack14145) (Version: 14.1.45 - Delcam)
Elevated Installer (HKLM-x32\...\{68AB1C40-97AB-4CBD-B20B-BF60BFA6B73E}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
Emsisoft Anti-Malware (HKLM\...\{CA975286-D816-410C-B6C9-F7213CA84695}) (Version: 23.6.0.11957 - Emsisoft Ltd.)
GameFirst V (HKLM-x32\...\{870E3092-8763-44FC-A805-056AA42B99AB}) (Version: 5.0.9.0 - ASUSTeK COMPUTER INC.) Hidden
GameFirst V (HKLM-x32\...\GameFirst V 5.0.9.0) (Version: 5.0.9.0 - ASUSTeK COMPUTER INC.)
Garmin Express (HKLM-x32\...\{504335d2-bcff-4687-a901-c1cfde7acd23}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E0E153D2-5A9B-4B1A-B918-9A9ED0C8863B}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.110 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 75.0.3.0 - Google LLC)
Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google)
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C4500 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{0EC01D72-4906-42DD-BCC0-AF89EDA7493D}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{C844CC39-BC28-46CA-8239-3F37D8FE2A59}) (Version: 10.1.17541.8066 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10500.5526 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1808.12.0.1102 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B4F59074-915E-4DFE-BFD6-1B415B37AE2F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{ED204DD8-2982-4B22-B077-0F70024D5FEB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{4B1DEC5C-ED0A-4DD1-ADB2-FD1117FF94D7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{05BDA3C3-06C8-4D55-B11A-DB7287199657}) (Version: 16.0.8.1098 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.8.1098 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{FDA51260-818D-4F38-B39B-FD808ED54E5E}) (Version: 30.100.1727.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{381244DE-5CA7-48D2-A584-7A4E3F5D3961}) (Version: 20.60.2.1625 - Intel Corporation) Hidden
IPTVSmartersPro 1.1.1 (HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\f6c4a7ae-abcb-5b7e-ac53-6c20f026dd0e) (Version: 1.1.1 - WHMCS Smarters)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeyShot 11 (HKLM\...\KeyShot 11) (Version: 11.1.0.46 - Luxion ApS)
Logitech SetPoint 6.70 (HKLM\...\sp6) (Version: 6.70.55 - Logitech)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.92 - McAfee, LLC.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.43 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\OneDriveSetup.exe) (Version: 23.107.0521.0001 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft você++ redistributables repacked. (HKLM\...\{9F513024-FFAD-4466-8CF0-5348389196B8}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft você++ redistributables repacked. (HKLM-x32\...\{C521A8D8-511F-43DF-B789-7DD0B3F7363B}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
NVIDIA Controlador gráfico 531.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.61 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA O controlador de HD Audio 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA O software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.14 (HKLM-x32\...\{73A1AADE-0868-4BB2-9F56-959994D1C4CE}) (Version: 4.114.9811 - Apache Software Foundation)
Pacote de controladores do Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Pacote de controladores do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Pacote de controladores do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\D43FD4059F47ACA9539247D6CF690AAEA503AF2D) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Pacote de controladores do Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Pacote de controladores do Windows - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Pacote de controladores do Windows - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Pacote de controladores do Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
POV-Ray for Windows v3.62 (HKLM\...\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}) (Version: 3.62 - Persistence of Vision Raytracer Pty. Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8761.1 - Realtek Semiconductor Corp.)
ROG Gaming Center (HKLM\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 2.5.6 - ASUSTeK COMPUTER INC.)
Sentinel Protection Installer 7.6.6 (HKLM-x32\...\{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 - SafeNet, Inc.)
Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype versão 8.98 (HKLM-x32\...\Skype_is1) (Version: 8.98 - Skype Technologies S.A.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{f2c35b53-83a0-46a9-aba5-5a273e4de44c}) (Version: 20.60.2 - Intel Corporation)
Stremio (HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Stremio) (Version: 4.4.106 - Smart Code Ltd.)
Suporte para Aplicações Apple (32-bits) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Suporte para Aplicações Apple (64-bits) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Thunderbolt™ Software (HKLM-x32\...\{B43DE90F-2638-4FCC-982E-383200E80797}) (Version: 17.3.74.400 - Intel Corporation)
TNCremo (HKLM-x32\...\{18A99449-9F58-421A-A572-D3A9E5B17214}) (Version: 3.3.428 - DR. JOHANNES HEIDENHAIN GmbH)
Tv Vodafone (HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\TODO_is1) (Version: 1.5.1 - Vodafone)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
USB Charger Plus Service (HKLM-x32\...\{452B3493-18D3-4B36-9F59-78AF7963FFCC}) (Version: 5.0.6 - ASUS)
VSDC Free Vídeo Editor versão 8.1.3.459 (HKLM\...\VSDC Free Vídeo Editor_is1) (Version: 8.1.3.459 - Flash-Integro LLC)
WhatsApp (HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\WhatsApp) (Version: 2.2310.5 - WhatsApp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.9.0 - ASUSTeK COMPUTER INC.)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{B62EF111-9FCC-4DD6-B2BE-9CD1213717EC}) (Version: 3.3.1802.1515 - SplitmediaLabs)
Zoom (HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\ZoomUMX) (Version: 5.10.1 (4420) - Zoom Vídeo Communications, Inc.)

Packages:
=========
Animotica -> C:\Program Files\WindowsApps\24711Mixilab.Animotica_1.1.106.0_x64__c39s816dkej80 [2023-06-09] (Mixilab)
ASUS Battery Health Charging -> C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy [2018-06-23] (ASUSTeK COMPUTER INC.) [Startup Task]
ASUS GIFTBOX -> C:\Program Files\WindowsApps\B9ECED6F.ASUSGIFTBOX_3.2.4.0_x64__qmba6cd70vzyy [2022-09-30] (ASUSTeK COMPUTER INC.)
ASUS Keyboard Hotkeys -> C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.12.0_x86__qmba6cd70vzyy [2019-09-19] (ASUSTeK COMPUTER INC.) [Startup Task]
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_3.2.2.0_x64__kgqvnymyfvs32 [2023-06-05] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2541.1.0_x64__kgqvnymyfvs32 [2023-06-09] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.17.945.0_x64__rz1tebttyb220 [2023-05-08] (Dolby Laboratories)
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2018-06-23] (ASUSTeK COMPUTER INC.)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2023.531.1.0_x64__8xx8rvfyw5nnt [2023-06-12] (Meta)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2023-05-22] (Fitbit)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-05-25] (Apple Inc.) [Startup Task]
KYOCERA Print Center -> C:\Program Files\WindowsApps\A97ECD55.KYOCERAPrintCenter_4.1.11108.0_x64__kqmhh0ktdt7dg [2023-06-09] (KYOCERA Document Solutions Inc)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2023-05-29] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.16327.20248.0_x86__8wekyb3d8bbwe [2023-05-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.16327.20248.0_x86__8wekyb3d8bbwe [2023-05-10] (Microsoft Corporation)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-01-03] (Microsoft Corp.)
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2021-11-03] (Microsoft Platform Extensions)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.16327.20248.0_x86__8wekyb3d8bbwe [2023-05-10] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.16327.20248.0_x86__8wekyb3d8bbwe [2023-05-10] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.16327.20248.0_x86__8wekyb3d8bbwe [2023-05-10] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.16327.20248.0_x86__8wekyb3d8bbwe [2023-05-10] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.16327.20248.0_x86__8wekyb3d8bbwe [2023-05-10] (Microsoft Corporation)
Movie Maker - Vídeo Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.6.24.0_x64__bzg06mxvgh4fa [2023-06-05] (V3TApps)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-05-30] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.60961.0_x64__8wekyb3d8bbwe [2023-05-10] (Microsoft Corporation)
ms-resource:DisplayName -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2023-04-05] (McAfee LLC.)
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-06-23] (ASUSTeK COMPUTER INC.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-04-14] (NVIDIA Corp.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.526.0_x64__8wekyb3d8bbwe [2023-06-01] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.25.0_x64__nfy108tqq3p12 [2023-06-02] (Thumbmunkeys Ltd)
ROG Aura -> C:\Program Files\WindowsApps\B9ECED6F.ROGAura_2.1.25.0_x86__qmba6cd70vzyy [2019-03-04] (ASUSTeK COMPUTER INC.) [Startup Task]
ROG GameVisual -> C:\Program Files\WindowsApps\B9ECED6F.ROGGameVisual_1.2.1.0_x64__qmba6cd70vzyy [2019-12-11] (ASUSTeK COMPUTER INC.) [Startup Task]
Suplemento do Motor Multimédia da Aplicação Fotografias -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-20] (Microsoft Corporation)
USB Charger Plus -> C:\Program Files\WindowsApps\B9ECED6F.USBChargerPlus_5.0.9.0_x86__qmba6cd70vzyy [2019-06-06] (ASUSTek COMPUTER INC.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2321.4.0_x64__cv1g1gvanyjgm [2023-06-09] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-06-09] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x86__8wekyb3d8bbwe [2023-06-09] (Microsoft Corporation)
WPS Office for ASUS -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice_11.2.11219.0_x86__924xes6e8q1tw [2023-02-07] (Kingsoft Office Software Corporation Limited)

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\75.0.3.0\drivefsext.dll [2023-06-02] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\75.0.3.0\drivefsext.dll [2023-06-02] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\75.0.3.0\drivefsext.dll [2023-06-02] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\75.0.3.0\drivefsext.dll [2023-06-02] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\75.0.3.0\drivefsext.dll [2023-06-02] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2023-06-04] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2023-06-04] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2023-06-04] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2023-06-04] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\75.0.3.0\drivefsext.dll [2023-06-02] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\75.0.3.0\drivefsext.dll [2023-06-02] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvamsi.inf_amd64_9219ad30ce7522b2\nvshext.dll [2023-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2023-06-04] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2023-06-04] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Arquivo não assinado]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Arquivo não assinado]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Arquivo não assinado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Arquivo não assinado]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [Arquivo não assinado]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [102400 2005-06-15] (TechSmith Corporation) [Arquivo não assinado]

==================== Atalhos & WMI ========================

==================== Módulos Carregados (Whitelisted) =============

2020-11-27 04:38 - 2020-11-27 04:38 - 000961536 _____ () [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2020-11-27 04:38 - 2020-11-27 04:38 - 001446400 _____ () [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2023-03-08 14:09 - 2023-03-08 14:09 - 000073216 _____ () [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2020-11-18 10:14 - 2020-11-18 10:14 - 117340672 _____ () [Arquivo não assinado] C:\Program Files (x86)\Garmin\Express\libcef.dll
2020-11-18 08:40 - 2020-11-18 08:40 - 000323072 _____ () [Arquivo não assinado] C:\Program Files (x86)\Garmin\Express\libegl.dll
2020-11-18 08:40 - 2020-11-18 08:40 - 005441536 _____ () [Arquivo não assinado] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2019-10-30 17:17 - 2019-10-30 17:17 - 000368128 _____ () [Arquivo não assinado] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\NSConfiguratorDaemonModule.dll
2019-10-30 17:30 - 2019-10-30 17:30 - 000230912 _____ () [Arquivo não assinado] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\ProfileSwitcherDaemonModule.dll
2020-11-15 00:10 - 2020-11-15 00:10 - 000144896 _____ () [Arquivo não assinado] C:\Program Files\Common Files\Logishrd\LAClient\libssh2.dll
2020-11-15 00:10 - 2020-11-15 00:10 - 000077824 _____ () [Arquivo não assinado] C:\Program Files\Common Files\Logishrd\LAClient\zlib.dll
2023-03-08 14:09 - 2023-03-08 14:09 - 001976832 _____ (Apache Software Foundation) [Arquivo não assinado] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2023-03-08 14:12 - 2023-03-08 14:12 - 000234496 _____ (Dynastream Innovations Inc.) [Arquivo não assinado] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2023-03-08 14:09 - 2023-03-08 14:09 - 002711552 _____ (Garmin International) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [Arquivo não assinado] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2023-03-08 14:09 - 2023-03-08 14:09 - 000425472 _____ (Garmin) [Arquivo não assinado] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [Arquivo não assinado] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [Arquivo não assinado] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 21:14 - 2012-05-27 21:14 - 000032256 _____ (Hewlett-Packard Co.) [Arquivo não assinado] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [Arquivo não assinado] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [Arquivo não assinado] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2023-03-08 14:11 - 2023-03-08 14:11 - 000090112 _____ (Silicon Laboratories, Inc.) [Arquivo não assinado] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2020-11-18 08:39 - 2020-11-18 08:39 - 000843264 _____ (The Chromium Authors) [Arquivo não assinado] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2020-11-15 00:10 - 2020-11-15 00:10 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [Arquivo não assinado] C:\Program Files\Common Files\Logishrd\LAClient\LIBCURL.dll
2020-11-15 00:10 - 2020-11-15 00:10 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] C:\Program Files\Common Files\Logishrd\LAClient\LIBEAY32.dll
2020-11-15 00:10 - 2020-11-15 00:10 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] C:\Program Files\Common Files\Logishrd\LAClient\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Modo de Segurança (Whitelisted) ==================

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3848878613-230039650-1154610324-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/
HKU\S-1-5-21-3848878613-230039650-1154610324-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=haste
SearchScopes: HKU\S-1-5-21-3848878613-230039650-1154610324-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3848878613-230039650-1154610324-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2020-11-21] (Logitech Inc -> Logitech, Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-08-22] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2020-11-21] (Logitech Inc -> Logitech, Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-08-22] (McAfee, LLC -> McAfee, Inc.)

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-09-02 13:55 - 2019-09-02 13:56 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3848878613-230039650-1154610324-1001\Control Panel\Desktop\\Wallpaper -> c:\users\nursi\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\asus1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{2CB53D4A-B761-4A52-85D0-490ACCA81AAF}] => (Allow) C:\Users\nursi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Vídeo Communications, Inc. -> Zoom Vídeo Communications, Inc.)
FirewallRules: [UDP Query User{3DC59544-0A77-4694-BCBA-3F2716575465}C:\users\nursi\appdata\local\tv vodafone\tv vodafone.exe] => (Allow) C:\users\nursi\appdata\local\tv vodafone\tv vodafone.exe (Vodafone) [Arquivo não assinado]
FirewallRules: [TCP Query User{FDC3325E-7BBC-48DE-A846-1E7DA31948E1}C:\users\nursi\appdata\local\tv vodafone\tv vodafone.exe] => (Allow) C:\users\nursi\appdata\local\tv vodafone\tv vodafone.exe (Vodafone) [Arquivo não assinado]
FirewallRules: [UDP Query User{7AF788E4-BED2-4242-B1AE-98537AC66290}C:\users\nursi\appdata\local\tv vodafone\tv vodafone.exe] => (Allow) C:\users\nursi\appdata\local\tv vodafone\tv vodafone.exe (Vodafone) [Arquivo não assinado]
FirewallRules: [TCP Query User{B6A852C6-D77E-4780-AD14-DD2F98A4FA95}C:\users\nursi\appdata\local\tv vodafone\tv vodafone.exe] => (Allow) C:\users\nursi\appdata\local\tv vodafone\tv vodafone.exe (Vodafone) [Arquivo não assinado]
FirewallRules: [UDP Query User{5CB94890-2E9E-4D40-A05E-A999835B5925}C:\users\nursi\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\nursi\appdata\local\programs\lnv\stremio-4\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{FACAFEC4-3D55-4112-BF26-1E0AFEBBF944}C:\users\nursi\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\nursi\appdata\local\programs\lnv\stremio-4\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{85EC0234-D2B0-47D3-A2E2-561D6F9BCAE6}C:\users\nursi\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\nursi\appdata\local\programs\lnv\stremio-4\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{8FAA493C-3498-4CAD-9C04-C38E64C423ED}C:\users\nursi\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\nursi\appdata\local\programs\lnv\stremio-4\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [{F07C58C4-63A1-49C4-8970-E019C1E3BB80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{141F4B95-1748-42A3-B581-5B11E5E7F778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A3F359DC-B545-4A47-99EE-84D237BF1EF2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B11B0DDB-3E38-4666-9043-33DF01F58427}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F5432E4F-9F53-43CC-A92E-654D113ED348}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{4620FEBE-F645-4FEE-A066-23C016CE7409}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{D9DD9DDF-4D31-452C-AAF5-2E57D5877149}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{5BE36C9C-A2B1-4495-9461-434E73DA0A98}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{E4B6DF19-A683-44CD-8827-627C8BC7203B}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.) [Arquivo não assinado]
FirewallRules: [{10033677-5F8E-4E87-AFCD-657EAAABAABB}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.) [Arquivo não assinado]
FirewallRules: [{A0D9C797-5D3F-41F6-B337-F1F9CF2852D3}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.) [Arquivo não assinado]
FirewallRules: [{1FF1F9BD-E9E6-49CF-A0E5-63291B3FCE3C}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.) [Arquivo não assinado]
FirewallRules: [{3578091B-2042-4FD0-A3A1-EB89B0DB594C}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc. -> SafeNet, Inc)
FirewallRules: [{83F13352-C314-45A4-A36B-AD663DD0BDE3}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc. -> SafeNet, Inc)
FirewallRules: [{82629899-7332-4CC8-A41E-E9B8CC81873C}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc. -> SafeNet, Inc)
FirewallRules: [{01F4170C-37C8-4993-9EDA-3DB1668F53E3}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc. -> SafeNet, Inc)
FirewallRules: [{515B0374-A4E2-44B6-AC74-49081871DFB8}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{68F3C08E-1B73-4B18-B5FD-519F585FE5BB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) [Arquivo não assinado]
FirewallRules: [{A7D42D21-8B65-478F-8210-6824945E8E69}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) [Arquivo não assinado]
FirewallRules: [{753D2A5F-C526-4E4A-BEB6-E7DC2A6E2C77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{6E0D4BDC-BFE0-4A5A-89BD-4E5EF44266AA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A698E043-7DE5-468C-9B44-43BB6836A0FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{FF111A3E-9301-4538-A30D-E3577348319E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{BD9CC47E-DC10-4535-871A-ACC325F64B94}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{1CEE6028-BADC-4221-A4A6-2F6F1D23EB77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{65ED9C61-39E1-4BC7-9ADB-FB61DE112DDC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{550CEF6A-A3A0-4846-A215-6E9B161A7767}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4FFF0EC6-0A5A-46BB-B6A8-7D6BF77C7A1D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{49AC8101-2048-4E5E-A5EF-8627EA248E2F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F16278E8-80FC-43D1-B83C-623A5EBAB7F9}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{A90B0F8D-D491-4BE6-89E2-D7B60DD4C3F0}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{BCF2B9B2-1717-473A-B252-675DA2AD317E}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{A7DA7765-F5D5-454E-9FCA-C36C5D8BF395}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{FD3FAEC9-BFAF-4A91-BD2E-473E8E107721}] => (Allow) C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGCAndroidService.exe (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{E80AB3B2-2ABA-4E15-B51E-7DE1589E4E23}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\DUTUtil.exe (Apex Titan Technology Corp. -> ASUSTeK Computer Inc.)
FirewallRules: [{B716A873-9210-49D8-85B3-A244F470A0FD}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\DUTUtil.exe (Apex Titan Technology Corp. -> ASUSTeK Computer Inc.)
FirewallRules: [{AAD39A2C-46CC-4AAB-BE06-564E1544765A}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\GameFirst_V.exe (Apex Titan Technology Corp. -> ASUS)
FirewallRules: [{58712F4F-6E2C-45E5-8F08-8B252D2DA10C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BEFFD928-8938-41E3-A814-FF158A53B4F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{956CD114-1C0E-416B-80B3-6FEDF976009F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{665A4950-49B4-44A7-BDB8-B8CF64082252}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5ED2D0EA-9A34-453F-8110-1F5E5FF70065}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{34231E4D-C053-4211-9189-392D8A75CA7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0A903C5A-C5A3-43FF-9636-260691C92E70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B56F03AA-DA81-4018-8EF8-AA25FA07C911}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{2B96C38C-28C4-4B27-9B9F-C834AA01661F}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{4C30F21B-B36C-4C57-8A6A-529F7D0E446B}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{D9C749FC-B632-47AF-83FD-D43C4AEAA8E4}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{A3A3C82D-8D4C-44D8-B659-3ED9E1B00F99}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{A69174C7-752A-464F-9E14-DAAE7AA2560C}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{9D6E5383-F874-46DC-9B0B-18175B9B9042}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E0EDA184-6912-4904-BAD2-6BE12E0DF456}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD4963CE-D9DA-4C66-931C-EDFA587B4F9B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.16327.20248.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F34648E3-5242-431C-A3C1-693E1033B1A9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{A37D2E33-AD9F-4397-9486-2DF9F631E089}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C46444E4-3791-41B9-AAB2-01944F72A35C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{38FF7C8B-CFF3-486B-BCFB-D92DD9CADCEE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{DA2D8C19-1093-4B40-A519-096CFCB9A788}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{6FA806FA-48BB-46C9-ADBF-DDED6136BA47}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{3F72AE8E-3D02-4850-949B-5C91EA7FCACD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BCAB2B41-B103-4565-9253-34624A98A21D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{501C5E32-15C0-49B8-A8C9-35612FCEC003}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23119.303.2080.2726_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7616C08E-6E59-4D85-BF30-075A5016FE38}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23119.303.2080.2726_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB927C79-8EFE-43D8-B7C3-D76AACA8368C}] => (Allow) C:\Program Files\KeyShot11\bin\keyshot.exe (Luxion, Inc. -> Luxion) [Arquivo não assinado]
FirewallRules: [{029A72A7-3220-4F2F-9F31-93F9ED59A15C}] => (Allow) C:\Program Files\KeyShot11\bin\lux_upd.exe (Luxion, Inc. -> Luxion)
FirewallRules: [{28C911B6-BAFD-4BC3-B67A-A8000F9C2CEE}] => (Allow) C:\Program Files\KeyShot11\bin\QtWebEngineProcess.exe (Luxion, Inc. -> The Qt Company Ltd.)
FirewallRules: [{A38232A7-B941-45FA-AE4E-41BFBC6496DE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{626F4607-6651-47A3-B4CE-0A54F4457662}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{16541235-A8CD-43CB-B347-58FB6A998134}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{83186CD6-72CF-4089-865E-AB9A43377F8C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D58E0557-6FBF-4371-9EEF-4A954352593E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2ABC89B4-3AB9-4E90-9547-2E7A8B76EC7A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BAC70DB2-A212-4480-A465-028464DAEE1D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57507DB7-ED3C-4576-9010-559AF2343DCB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E65E1CC-DC26-4806-977B-3615FE85CACE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Pontos de Restauração =========================

07-06-2023 17:05:48 AdwCleaner_BeforeCleaning_07/06/2023_17:05:47
09-06-2023 08:18:42 ZHPcleaner

==================== Dispositivos Apresentando Falhas No Gerenciador ============

==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (06/09/2023 07:50:33 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-U216UT7H)
Description: Nome da aplicação com falha: SetPoint.exe, versão: 6.70.55.0, carimbo de data/hora: 0x5fb84209
Nome do módulo com falha: ntdll.dll, versão: 10.0.22621.1485, carimbo de data/hora: 0xb7f0154a
Código de exceção: 0xc0150010
Desvio de falha: 0x00000000000b89de
ID do processo com falha: 0x0x5d9c
Hora de início da aplicação com falha: 0x0x1d99a9eaa7c0ffc
Caminho da aplicação com falha: C:\Program Files\Logitech\SetPointP\SetPoint.exe
Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll
ID do Relatório: b2ada52e-81b1-4474-942f-fe8669b36efa
Nome completo do pacote com falha:
ID da aplicação relativa ao pacote com falha:

Error: (06/09/2023 07:50:31 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-U216UT7H)
Description: Nome da aplicação com falha: SetPoint.exe, versão: 6.70.55.0, carimbo de data/hora: 0x5fb84209
Nome do módulo com falha: MacroCore.dll, versão: 6.70.55.0, carimbo de data/hora: 0x5fb84142
Código de exceção: 0xc0000005
Desvio de falha: 0x00000000000aeafa
ID do processo com falha: 0x0x5d9c
Hora de início da aplicação com falha: 0x0x1d99a9eaa7c0ffc
Caminho da aplicação com falha: C:\Program Files\Logitech\SetPointP\SetPoint.exe
Caminho do módulo com falha: C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
ID do Relatório: 60dab11f-9281-4716-baae-45b26998256f
Nome completo do pacote com falha:
ID da aplicação relativa ao pacote com falha:

Error: (06/06/2023 05:57:38 PM) (Source: Protexis Licensing Service) (EventID: 49) (User: )
Description: Failed to Release Mutex
Error ID = Returned Error 1

Error: (06/06/2023 05:57:38 PM) (Source: Protexis Licensing Service) (EventID: 49) (User: )
Description: Failed to Release Mutex
Error ID = Returned Error 288

Error: (06/06/2023 05:57:37 PM) (Source: Protexis Licensing Service) (EventID: 49) (User: )
Description: Failed to Release Mutex
Error ID = Returned Error 1

Error: (06/06/2023 05:57:37 PM) (Source: Protexis Licensing Service) (EventID: 49) (User: )
Description: Failed to Release Mutex
Error ID = Returned Error 288

Error: (06/06/2023 05:57:37 PM) (Source: Protexis Licensing Service) (EventID: 49) (User: )
Description: Failed to Release Mutex
Error ID = Returned Error 1

Error: (06/06/2023 05:57:37 PM) (Source: Protexis Licensing Service) (EventID: 49) (User: )
Description: Failed to Release Mutex
Error ID = Returned Error 288

Erros de Sistema:
=============
Error: (06/12/2023 07:54:32 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-U216UT7H)
Description: O servidor {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} não foi registado no DCOM dentro do tempo limite necessário.

Error: (06/09/2023 08:08:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Falha na instalação: O Windows falhou a instalação da seguinte atualização com o erro 0x80073d02: 9WZDNCRFHVQM-MICROSOFT.WINDOWSCOMMUNICATIONSAPPS.

Error: (06/09/2023 08:08:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Falha na instalação: O Windows falhou a instalação da seguinte atualização com o erro 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (06/09/2023 08:07:54 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Falha na instalação: O Windows falhou a instalação da seguinte atualização com o erro 0x80073d02: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop.

Error: (06/09/2023 08:07:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Falha na instalação: O Windows falhou a instalação da seguinte atualização com o erro 0x80240016: 9NBLGGH4RV3K-Microsoft.VCLibs.140.00.UWPDesktop.

Error: (06/09/2023 07:54:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço ROG Gaming Center Service terminou inesperadamente. Isto aconteceu 2 vez(es).

Error: (06/09/2023 07:54:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço NVIDIA LocalSystem Container terminou inesperadamente. Já o fez 1 vez(es). Será efetuada a seguinte ação corretiva em 6000 milissegundos: Reiniciar o serviço.

Error: (06/09/2023 07:54:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço NVIDIA Display Container LS terminou inesperadamente. Já o fez 1 vez(es). Será efetuada a seguinte ação corretiva em 6000 milissegundos: Reiniciar o serviço.

Windows Defender:
================
Date: 2023-06-02 09:54:37
Description:
Antivírus do Microsoft Defender detetou malware maligno ou outro software potencialmente indesejável.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
Nome: VirTool:Win32/DefenderTamperingRestore
Gravidade: Grave
Categoria: Ferramenta
Caminho: regkeyvalue:_hklm\software\microsoft\windows defender\spynet\\DisableBlockAtFirstSeen
Início da Deteção: Desconhecido
Tipo de Deteção: Concreto
Origem da Deteção: Sistema
Utilizador: NT AUTHORITY\SYSTEM
Nome do Processo: Unknown
Versão das informações de segurança: AV: 1.391.234.0, AS: 1.391.234.0, NIS: 1.391.234.0
Versão do Motor: AM: 1.1.23050.3, NIS: 1.1.23050.3

Date: 2023-06-02 08:14:22
Description:
A análise de Antivírus do Microsoft Defender foi parada antes de ser concluída.
ID de Análise: {CDA4D393-B96D-42B7-A1F7-3F4D7CAC3233}
Tipo de Análise: Antimalware
Parâmetros de Análise: Análise Rápida
Utilizador: NT AUTHORITY\SYSTEM

Date: 2023-05-31 08:24:47
Description:
A análise de Antivírus do Microsoft Defender foi parada antes de ser concluída.
ID de Análise: {1DD40D6D-E4E4-46B6-AAC5-7736CC5F7759}
Tipo de Análise: Antimalware
Parâmetros de Análise: Análise Rápida
Utilizador: NT AUTHORITY\SYSTEM

Date: 2023-05-30 08:21:33
Description:
A análise de Antivírus do Microsoft Defender foi parada antes de ser concluída.
ID de Análise: {22549D15-8110-4E80-97D4-74DDB866203A}
Tipo de Análise: Antimalware
Parâmetros de Análise: Análise Rápida
Utilizador: NT AUTHORITY\SYSTEM

Date: 2023-05-29 08:26:16
Description:
A análise de Antivírus do Microsoft Defender foi parada antes de ser concluída.
ID de Análise: {CC44C513-0624-4856-96B9-58F4E2AB4E9F}
Tipo de Análise: Antimalware
Parâmetros de Análise: Análise Rápida
Utilizador: NT AUTHORITY\SYSTEM
Event[0]

Date: 2023-04-12 09:04:59
Description:
Antivírus do Microsoft Defender encontrou um erro ao tentar atualizar as informações de segurança.
Nova versão das informações de segurança:
Versão anterior das informações de segurança: 1.387.740.0
Origem da Atualização: Servidor Microsoft Update
Tipo de informações de segurança: Antivírus
Tipo de Atualização: Completo
Utilizador: NT AUTHORITY\SYSTEM
Versão Atual do Motor:
Versão Anterior do Motor: 1.1.20200.4
Código de erro: 0x80240016
Descrição do erro: Ocorreu um problema inesperado ao procurar atualizações. Para obter informações sobre a instalação ou resolução de problemas de atualizações, consulte a Ajuda e Suporte.

CodeIntegrity:
===============
Date: 2023-06-12 08:00:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Windows signing level requirements.

==================== Informações da Memória ===========================

BIOS: American Megatrends Inc. G703GS.314 08/13/2021
placa-mãe: ASUSTeK COMPUTER INC. G703GS
Processador: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentagem de memória em uso: 31%
RAM física total: 32691.36 MB
RAM física disponível: 22482.8 MB
Virtual Total: 34739.36 MB
Virtual disponível: 21995.12 MB

==================== Drives ================================

Drive (OS) (Fixed) (Total:475.82 GB) (Free:196.92 GB) (Model: Intel Raid 0 Volume) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:506.76 GB) (Model: ST1000LX015-1U7172) NTFS
Drive g: (Google Drive) (Fixed) (Total:475.82 GB) (Free:187.08 GB) (Model: ST1000LX015-1U7172) FAT32

\\?\Volume{77a519a1-bb88-4e86-9278-00d017f41a17}\ () (Fixed) (Total:0.85 GB) (Free:0.24 GB) NTFS
\\?\Volume{1604abb9-4e49-4385-a952-d7bee995dd4b}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: ADBF4CA3)

Partition: GPT.

==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 576896EA)

Partition: GPT.

==================== Fim de Addition.txt =======================

Resultado da análise no atalho de usuários (x64) Versão: 29-05-2023
Executado por nursi (12-06-2023 08:00:22)
Executando a partir de C:\Users\nursi\OneDrive\Área de Trabalho
Modo da Inicialização: Normal

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyShot 11\Documentation\KeyShot Manual.lnk -> hxxp://keyshot.com/manual/keyshot11/KeyShot_11_Manual.pd

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Central de Soluções HP.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de Atualização do Windows 10.lnk -> C:\Windows10Upgrade\Windows10UpgraderApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Live Update.lnk -> C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Nenhum Arquivo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\75.0.3.0\GoogleDriveFS.exe (Google, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk -> C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit\XSplit Gamecaster.lnk -> C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software\Thunderbolt™ Software.lnk -> C:\Program Files (x86)\Intel\Thunderbolt Software\Thunderbolt.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek\Realtek HD Audio Manager.lnk -> C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Unifying\Software Logitech Unifying.lnk -> C:\Program Files\Common Files\LogiShrd\Unifying\DJCUHost.exe (Logitech, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyShot 11\KeyShot 11 Resources.lnk -> C:\Users\Public\Documents\KeyShot 11 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyShot 11\KeyShot 11.lnk -> C:\Program Files\KeyShot11\bin\keyshot.exe (Luxion)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyShot 11\KeyShot.com.lnk -> C:\Program Files\KeyShot11\KeyShot 11.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyShot 11\Uninstall.lnk -> C:\Program Files\KeyShot11\uninstall.exe (Luxion)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Fotografias em iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Atualização HP.lnk -> C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Central de Soluções HP.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Loja de Suprimentos HP.lnk -> C:\Program Files (x86)\HP\HPSSUPPLY\hpqSSupply.exe (Hewlett-Packard Development Company L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4500 Series\Ajuda.lnk -> C:\Program Files (x86)\HP\Digital Imaging\help\aio50.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4500 Series\Leiame.lnk -> C:\Program Files (x86)\HP\Digital Imaging\help\PS_AIO_04_C4500_readme\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4500 Series\Site de suporte a produtos.lnk -> C:\Program Files (x86)\HP\Digital Imaging\HP Photosmart C4500 Series\help\HP Product Support Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEIDENHAIN\TNCcmdPlus.lnk -> C:\Program Files (x86)\HEIDENHAIN\TNCremo\TNCcmdPlus.exe (Dr. JOHANNES HEIDENHAIN GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEIDENHAIN\TNCremo.lnk -> C:\Program Files (x86)\HEIDENHAIN\TNCremo\TNCremo.exe (DR. JOHANNES HEIDENHAIN GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEIDENHAIN\Help\TNCremo.lnk -> C:\Program Files (x86)\HEIDENHAIN\TNCremo\language\en\TNCremo_en.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEIDENHAIN\Connections\Create HeidenhainDNC connections (win32).lnk -> C:\Program Files (x86)\HEIDENHAIN\SDK\Connections\CreateConnections.exe (HEIDENHAIN Numeric B.V.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro\GoPro Quik.lnk -> C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Vídeo Editor\Ativação de produto.lnk -> C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Flash-Integro LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Vídeo Editor\Atualizador de produto.lnk -> C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Flash-Integro LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Vídeo Editor\Desinstalar o VSDC Free Vídeo Editor.lnk -> C:\Program Files\FlashIntegro\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Vídeo Editor\VSDC Free Screen Recorder.lnk -> C:\Program Files\FlashIntegro\VideoEditor\Tools\ScreenRecorder.exe (Flash-Integro LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Vídeo Editor\VSDC Free Vídeo Capture.lnk -> C:\Program Files\FlashIntegro\VideoEditor\Tools\VideoCapture.exe (Flash-Integro LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Vídeo Editor\VSDC Free Vídeo Editor.lnk -> C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Flash-Integro LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Vídeo Editor\Help\Contrato de licença.lnk -> C:\Program Files\FlashIntegro\VideoEditor\License Agreement.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Vídeo Editor\Help\Leiame.lnk -> C:\Program Files\FlashIntegro\VideoEditor\Readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Vídeo Editor\Help\VSDC Free Vídeo Editor Ajuda.lnk -> C:\Program Files\FlashIntegro\VideoEditor\VideoConverter.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft Anti-Malware.lnk -> C:\Program Files\Emsisoft Anti-Malware\a2start.exe (Emsisoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delcam PowerSHAPE 2014 (64-bit)\PowerSHAPE 2014 (64-bit).lnk -> C:\Program Files\Delcam\PowerSHAPE14145\sys\exec64\PSHAPE\DelcamLauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delcam\Shareddb\Shareddb 1026 (32-bit)\SetShareddbStandard.lnk -> C:\Users\Public\Documents\Delcam\shareddb\SetShareddbStandard.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delcam\Exchange\Exchange 2013 R4 (64-bit)\Exchange 2013 R4 (64-bit).lnk -> C:\Program Files\Delcam\Exchange 7.3.10\sys\exec64\sdx.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delcam\Exchange\Exchange 2013 R4 (64-bit)\Help.lnk -> C:\Program Files\Delcam\Exchange 7.3.10\file\help\sdxdoc.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Bitstream Font Navigator.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\FontNav\FontNav.exe (Bitstream Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Clipart.lnk -> C:\Users\Public\Documents\Corel\CorelDRAW Graphics Suite X5\Extras\Content\Clipart ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Corel CAPTURE X5.lnk -> c:\Windows\Installer\{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}\NewShortcut8.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Corel CONNECT.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Connect\Connect.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Corel PHOTO-PAINT X5.lnk -> c:\Windows\Installer\{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}\NewShortcut2.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\CorelDRAW X5.lnk -> c:\Windows\Installer\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}\NewShortcut1.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Duplexing Wizard.lnk -> c:\Windows\Installer\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}\NewShortcut4.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Fonts.lnk -> C:\Users\Public\Documents\Corel\CorelDRAW Graphics Suite X5\Extras\Content\Fonts ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Objects.lnk -> C:\Users\Public\Documents\Corel\CorelDRAW Graphics Suite X5\Extras\Content\Objects ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Photos.lnk -> C:\Users\Public\Documents\Corel\CorelDRAW Graphics Suite X5\Extras\Content\Photos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Vídeo Tutorials.lnk -> c:\Windows\Installer\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}\NewShortcut6_CB374E334DC6464A9290A10D941E6568.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\Corel PHOTO-PAINT X5 Object Model Diagram PDF .lnk -> C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Data\Corel PHOTO-PAINT Object Model Diagram.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\CorelDRAW Graphics Suite X5 Content Manual (PDF).lnk -> C:\Users\Public\Documents\Corel\CorelDRAW Graphics Suite X5\Extras\Content\CGSX5_ContentManual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\CorelDRAW X5 Object Model Diagram PDF.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Data\CorelDRAW Object Model Diagram.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\Macro Programming Guide PDF.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Data\Macro Programming Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Hello.lnk -> C:\Windows\Installer\{D8CE1923-92A9-4036-817E-9E0D8AA2169B}\_71649787133EF622F7B5C6.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Install.lnk -> C:\eSupport\eDriver\AsInsWiz.exe (ASUSTek Computer INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\GameFirst V.lnk -> C:\Program Files (x86)\ASUS\GameFirst\GameFirst_V.exe (ASUS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ROG Gaming Center.lnk -> C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenter.exe (ASUSTeK COMPUTER INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WinFlash.Lnk -> C:\Program Files (x86)\ASUS\WinFlash\WinFlash.exe (ASUSTek Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCAM 2013 (64-bit)\Arquivos ArtCAM.lnk -> C:\Users\Public\Documents\Arquivos ArtCAM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCAM 2013 (64-bit)\ArtCAM 2013 (RMS) (64-bit).lnk -> C:\Program Files\ArtCAM 2013\Exec64\ArtMonitor.exe (Delcam plc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCAM 2013 (64-bit)\ArtSpool.lnk -> C:\Program Files\ArtCAM 2013\Exec\Language\br\ArtSpool_br.EXE (Delcam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCAM 2013 (64-bit)\Desinstalar.lnk -> C:\Program Files\ArtCAM 2013\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCAM 2013 (64-bit)\www.artcam.com.lnk -> C:\Program Files\ArtCAM 2013\ArtCAM.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCAM 2013 (64-bit)\Support Admin\mindumps Location.lnk -> C:\Users\nursi\AppData\Local\Temp\ArtCAM_MiniDump (Nenhum Arquivo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCAM 2013 (64-bit)\Support Admin\Reset ArtCAM 2013 Workspace.lnk -> C:\Program Files\ArtCAM 2013\Exec\ResetArtCAM2013Workspace.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\LiveCaptions.lnk -> C:\Windows\System32\LiveCaptions.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\VoiceAccess.lnk -> C:\Windows\System32\voiceaccess.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\Links\Desktop.lnk -> C:\Users\nursi\OneDrive\Área de Trabalho ()
Shortcut: C:\Users\nursi\Links\Downloads.lnk -> C:\Users\nursi\Downloads ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk -> C:\Users\nursi\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe (ESET)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IPTVSmartersPro.lnk -> C:\Users\nursi\AppData\Local\Programs\IPTVSmartersPro\IPTVSmartersPro.exe (WHMCS Smarters)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\keyshot5.lnk -> E:\Luxion KeyShot Pro 5.0.97 (64 bit)+Animation+KeyShotVR [ChingLiu]\Crack Keygen - x-force\keyshot5.exe (Nenhum Arquivo)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\nursi\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\nursi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Vídeo Communications, Inc.)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk -> C:\Users\nursi\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Ubisoft Connect.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tv Vodafone\Tv Vodafone.lnk -> C:\Users\nursi\AppData\Local\Tv Vodafone\Tv Vodafone.exe (Vodafone)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stremio\Stremio.lnk -> C:\Users\nursi\AppData\Local\Programs\LNV\Stremio-4\stremio.exe ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stremio\Uninstall Stremio.lnk -> C:\Users\nursi\AppData\Local\Programs\LNV\Stremio-4\Uninstall.exe (Smart Code Ltd.)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\POV-Ray for Windows v3.62\License Agreement.lnk -> C:\Users\nursi\AppData\Roaming\POV-Ray\v3.6\povlegal.doc.txt ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\POV-Ray for Windows v3.62\POV-Ray for Windows.lnk -> C:\Users\nursi\AppData\Roaming\POV-Ray\v3.6\bin\pvengine64.exe (Persistence of Vision Raytracer Pty. Ltd.)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\POV-Ray for Windows v3.62\Tutorial and Reference Manual.lnk -> C:\Users\nursi\AppData\Roaming\POV-Ray\v3.6\help\povray36.chm ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Uninstaller.lnk -> C:\Users\nursi\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe (AppWork GmbH)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk -> C:\Users\nursi\AppData\Local\JDownloader 2.0\JDownloader2Update.exe (AppWork GmbH)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2.lnk -> C:\Users\nursi\AppData\Local\JDownloader 2.0\JDownloader2.exe (AppWork GmbH)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CHITUBOX 1.9.0\CHITUBOX 64.lnk -> C:\Program Files\ChiTuBox64 1.9.0\CHITUBOX.exe ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CHITUBOX 1.9.0\Uninstall.lnk -> C:\Program Files\ChiTuBox64 1.9.0\uninst.exe ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CHITUBOX V1.9.3\CHITUBOX.lnk -> C:\Program Files\CHITUBOX V1.9.3\CHITUBOX.exe ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CHITUBOX V1.9.3\Uninstall.lnk -> C:\Program Files\CHITUBOX V1.9.3\uninst.exe ()
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\LiveCaptions.lnk -> C:\Windows\System32\LiveCaptions.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\VoiceAccess.lnk -> C:\Windows\System32\voiceaccess.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\SendTo\The Persistence of Vision Raytracer.lnk -> C:\Users\nursi\AppData\Roaming\POV-Ray\v3.6\bin\pvengine64.exe (Persistence of Vision Raytracer Pty. Ltd.)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\SendTo\Transferência de Ficheiros do Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CorelDRAW X5.lnk -> c:\Windows\Installer\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}\NewShortcut1.exe (Acresso Software Inc.)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\nursi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\KeyShot 5 64.lnk -> C:\Program Files\KeyShot5\bin\keyshot5.exe (Nenhum Arquivo)
Shortcut: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Acrobat.lnk -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Arquivos ArtCAM.lnk -> C:\Users\Public\Documents\Arquivos ArtCAM ()
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\Users\Public\Desktop\Central de Soluções HP.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\Users\Public\Desktop\Exchange 2013 R4 (64-bit).lnk -> C:\Program Files\Delcam\Exchange 7.3.10\sys\exec64\sdx.exe ()
Shortcut: C:\Users\Public\Desktop\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Public\Desktop\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google LLC)
Shortcut: C:\Users\Public\Desktop\GoPro Quik.lnk -> C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe ()
Shortcut: C:\Users\Public\Desktop\KeyShot 11 Resources.lnk -> C:\Users\Public\Documents\KeyShot 11 ()
Shortcut: C:\Users\Public\Desktop\KeyShot 11.lnk -> C:\Program Files\KeyShot11\bin\keyshot.exe (Luxion)
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\OpenOffice 4.1.14.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\Users\Public\Desktop\TNCremo.lnk -> C:\Program Files (x86)\HEIDENHAIN\TNCremo\TNCremo.exe (DR. JOHANNES HEIDENHAIN GmbH)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Radar 3.lnk -> C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe (ASUSTeK COMPUTER INC.) -> /start SonicRadarSystray /command SonicRadarSystray OpenUI
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Studio 3.lnk -> C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe (ASUSTeK COMPUTER INC.) -> /command SonicStudioSystray OpenUI /start SonicStudioSystray
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Rato e teclado\Configurações do rato e do teclado.lnk -> C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendário.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contactos.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Correio.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Encontrar o iPhone.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> keynote
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Lembretes.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notas.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> numbers
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> pages
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4500 Series\Adicionar dispositivo.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{0EC01D72-4906-42DD-BCC0-AF89EDA7493D}\hpzstub.exe (Hewlett-Packard) -> -addadevice
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4500 Series\Configurar o Dispositivo de rede.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{0EC01D72-4906-42DD-BCC0-AF89EDA7493D}\hpzstub.exe (Hewlett-Packard) -> -addadevice -usbsetup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4500 Series\Desinstalar.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{0EC01D72-4906-42DD-BCC0-AF89EDA7493D}\setup\hpzscr40.exe (Hewlett-Packard) -> -datfile hposcr30.dat -onestop -forcereboot
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4500 Series\Registro do produto.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe (Hewlett-Packard Company) -> "HP Photosmart C4500 Series"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delcam PowerSHAPE 2014 (64-bit)\PowerSHAPE-Pro 2014 (64-bit).lnk -> C:\Program Files\Delcam\PowerSHAPE14145\sys\exec64\PowerSHAPE-Pro\DelcamLauncher.exe () -> -pro
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delcam PowerSHAPE 2014 (64-bit)\Toolmaker 2014 (64-bit).lnk -> C:\Program Files\Delcam\PowerSHAPE14145\sys\exec64\PS-Moldmaker\DelcamLauncher.exe () -> -psmm
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delcam\Exchange\Exchange 2013 R4 (64-bit)\COM Register Exchange 2013 R4 (64-bit).lnk -> C:\Program Files\Delcam\Exchange 7.3.10\sys\exec64\sdx.exe () -> -regserver
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\CorelDRAW Graphics Suite X5 Guidebook (PDF).lnk -> c:\Windows\Installer\{368FCA18-C510-4F87-B60E-192B9BDBAE3D}\NewShortcut1_2D4561AA1380433B9EC818E5007E4288.exe (Acresso Software Inc.) -> Help\GB.pdf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Uninstall GameFirst V.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {870E3092-8763-44FC-A805-056AA42B99AB}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCAM 2013 (64-bit)\ArtCAM 2013 (64-bit).lnk -> C:\Program Files\ArtCAM 2013\Exec64\ArtMonitor.exe (Delcam plc) -> /norms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCAM 2013 (64-bit)\Support Admin\ArtCAM 2013 Support Mode (RMS).lnk -> C:\Program Files\ArtCAM 2013\Exec64\ArtMonitor.exe (Delcam plc) -> /supportmode
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCAM 2013 (64-bit)\Support Admin\ArtCAM 2013 Support Mode.lnk -> C:\Program Files\ArtCAM 2013\Exec64\ArtMonitor.exe (Delcam plc) -> /norms /supportmode
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player Legacy.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\nursi\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Vídeo Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\POV-Ray for Windows v3.62\Uninstall POV-Ray for Windows.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {D0CE053E-0E5E-4C12-9BAE-D0F36021E911}
ShortcutWithArgument: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\SendTo\Destinatário do fax.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\nursi\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\nursi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\nursi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PowerSHAPE-Pro 2014 (64-bit).lnk -> C:\Program Files\Delcam\PowerSHAPE14145\sys\exec64\PowerSHAPE-Pro\DelcamLauncher.exe () -> -pro
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Public\Desktop\ArtCAM 2013 (64-bit).lnk -> C:\Program Files\ArtCAM 2013\Exec64\ArtMonitor.exe (Delcam plc) -> /norms
ShortcutWithArgument: C:\Users\Public\Desktop\PowerSHAPE-Pro 2014 (64-bit).lnk -> C:\Program Files\Delcam\PowerSHAPE14145\sys\exec64\PowerSHAPE-Pro\DelcamLauncher.exe () -> -pro
ShortcutWithArgument: C:\Users\Public\Desktop\Toolmaker 2014 (64-bit).lnk -> C:\Program Files\Delcam\PowerSHAPE14145\sys\exec64\PS-Moldmaker\DelcamLauncher.exe () -> -psmm

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.ccleaner.com/ccleaner
InternetURL: C:\Users\nursi\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\nursi\Favorites\ASUS E-Service\ASUS Homepage.url -> URL: hxxp://www.ASUS.com/
InternetURL: C:\Users\nursi\Favorites\ASUS E-Service\ASUS Member.url -> URL: hxxps://account.ASUS.com/
InternetURL: C:\Users\nursi\Favorites\ASUS E-Service\ASUS Software Download.url -> URL: hxxp://support.ASUS.com/download
InternetURL: C:\Users\nursi\Favorites\ASUS E-Service\ASUS Technical Support.url -> URL: hxxp://support.ASUS.com/

==================== Fim de Shortcut.txt =============================

Elias Pereira · 22 de junho de 2023

Desculpa a demora!!

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
() [Arquivo não assinado] C:\Users\nursi\AppData\Local\Temp\Fmocnpecplpmgokmihrjohgewqz.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Update: Restrição <==== ATENÇÃO
Task: {03CF5ED7-F6EF-433C-9804-52C1BAE7CE66} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {08387746-2324-4345-8016-A28AA1115DC5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {09F9477C-1B5B-4FFF-A749-EC901EC7B063} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {0AC62FB3-3F7F-447D-8747-DC914CB04A60} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {0D69DED8-C7BA-4F0C-BE20-632587859D39} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start ThunderboltService
Task: {22838C5B-7FB2-4BC3-B08F-F6EC9DE6A1F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {23A2C2E9-E278-4AE4-9276-443D67B8616C} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2023-03-08] (Garmin International, Inc. -> )
Task: {3020E1DD-2B33-4756-A425-E6F4CEEAF44D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {34E674F9-2AB1-49F0-96DD-A110C4B99AAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {35C8EA5F-4317-4C5B-BC01-925AFB055646} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery RebootDialog (Nenhum Arquivo)
Task: {3CB0C6B6-7DB0-4F82-86D2-317660974B79} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC RebootDialog (Nenhum Arquivo)
Task: {3E717B58-C5EB-4CA1-9428-B3C57EA93F5E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {3F16825E-4A23-4BE5-BFF3-E8875BE51957} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4DB2E56F-33C6-46D4-9626-134B1FA7B1F9} - System32\Tasks\S-1-5-21-3848878613-230039650-1154610324-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe  (Nenhum Arquivo)
Task: {55C45FC8-E007-494C-A58F-F033D657E907} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "bf5aeb9d-4b7a-44ff-be41-d7fe70b78db2" --version "6.12.10490" --silent
Task: {68ED2B15-9716-4F7F-AC2E-E853DF81A725} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AEAC83B-69C1-4110-A7E4-63CD753D8ED9} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-3848878613-230039650-1154610324-1001 => C:\Users\nursi\AppData\Local\Programs\Messenger\MessengerHelper.exe  --lassie (Nenhum Arquivo)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe  Reboot (Nenhum Arquivo)
Task: {75C6ECC2-A97B-43FE-955F-F19B1B756E6D} - System32\Tasks\Microsoft\Windows\Method\Size => C:\Users\nursi\AppData\Local\Method\lpxeccajs\Size.exe  (Nenhum Arquivo)
Task: {82DED51B-11BB-4D6E-8849-C79650191760} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe [4718048 2018-03-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {837548B2-5C32-40F1-B199-428018558A58} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {883D674E-9997-4C06-998C-1AD66B25BDAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-04] (Google Inc -> Google Inc.)
Task: {8EF2319F-75C3-49AC-BFFD-50AA2D5F8A25} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe [1234432 2019-10-30] (ASUSTeK COMPUTER INC.) [Arquivo não assinado]
Task: {919B36F3-225D-4214-B6A3-3A7CA9BE35CC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9990B736-2BB8-4363-9FB8-7DCA98953BCB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe  Display (Nenhum Arquivo)
Task: {AB6CB96E-24C0-4CCF-9899-535BF4C17800} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B130E7A0-31B1-40FD-9840-E02126D42CA5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B3155E12-5FE2-42D1-925C-08E4A0E25E6B} - System32\Tasks\ASUS Promotion => C:\Program Files\ASUS\ASUS Promotion\ASUS Promotion.exe [1049568 2018-10-26] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {B81C4395-30C4-4666-97A1-8ECC080C4751} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C0AD9454-15CC-4B36-8BDA-E25E156109D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C5A67A2B-2DEE-489B-93A5-FBFED80F8A3D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C9B82602-1D68-47D0-90FF-6899003F7E64} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe [811520 2019-10-30] (ASUSTeK COMPUTER INC.) [Arquivo não assinado]
Task: {CB552C89-A0CC-4E63-A286-429E65028A3B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Nenhum Arquivo)
Task: {CE8524D6-D814-4436-B963-C64311AC0A6A} - System32\Tasks\GameFirstV => C:\Program Files (x86)\ASUS\GameFirst\\GameFirst_V.exe [714112 ] (Apex Titan Technology Corp. -> ASUS)
Task: {D64B1995-474C-4E6E-9CFB-2FC258248192} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D7E72569-BA75-4B21-BA36-33E28EF979EC} - System32\Tasks\CCleanerSkipUAC - nursi => C:\Program Files\CCleaner\CCleaner.exe [34264480 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DA0066AB-D295-44A9-8C7F-8754D040F711} - System32\Tasks\USBChargerPlusUWP => C:\Program Files (x86)\ASUS\USB Charger Plus Service\StartupUSBChargerPlus.exe [150416 2018-07-04] (ASUSTeK Computer Inc. -> )
Task: {E008A5EA-2090-4D75-A97F-61D18099AE55} - System32\Tasks\IterationCount => C:\Users\nursi\AppData\Roaming\DefinedTypes\IterationCount  (Nenhum Arquivo)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Nenhum Arquivo)
Task: {E90CD071-BE09-4138-BA41-AAAC86583212} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {EB6C88FD-2935-42F7-A8AC-A9FD3B3DE60A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2019-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EE3A4C7D-83B8-468E-9B1A-4B3258D74D59} - \faka -> Nenhum Arquivo <==== ATENÇÃO
Task: {EFBD9700-C01E-45FB-8327-A2762C1EF853} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-04] (Google Inc -> Google Inc.)
Task: {F00BB55C-CB25-4E87-8B60-0ED9F8C4D15F} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHotkeyExec64.exe [176064 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {F1CA1299-F3B4-4FCF-8C47-EDEC9BAA81BB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277528 2019-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F4BC2FB6-E0AD-4A64-8C8B-D915C6A8F7D1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC5855C5-EDF8-4136-8494-9DF310D8161C} - System32\Tasks\Method\Size => C:\Users\nursi\AppData\Local\Method\bxxntqhh\Size.exe [7168 2023-06-09] () [Arquivo não assinado] [O arquivo está em uso]
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe                     
StartBatch: 
@echo off
echo "VERIFICANDO CHAVE DO REGEDIT..."
echo.
echo.
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run"
echo.
echo.
echo "VERIFICANDO CHAVE DO REGEDIT..."
echo.
echo.
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
echo.
echo.
echo "VERIFICANDO CHAVE DO REGEDIT..."
echo.
echo.
reg query "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig"
echo.
echo.
echo "VERIFICANDO CHAVE DO REGEDIT..."
echo.
echo.
reg query "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run"
EndBatch:
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:Clique com o direito sobre o arquivo FRST.EXE, depois clique em http://i.imgur.com/VRIfczU.png.

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

Nurgui · 24 de junho de 2023

O popup deixou de aparecer depois de ter feito corrigir no FRST.

a seguir o fixlog:

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 21-06-2023
Executado por nursi (24-06-2023 16:54:38) Run:1
Executando a partir de C:\Users\nursi\OneDrive\Área de Trabalho
Perfis Carregados: nursi
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
() [Arquivo não assinado] C:\Users\nursi\AppData\Local\Temp\Fmocnpecplpmgokmihrjohgewqz.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Update: Restrição <==== ATENÇÃO
Task: {03CF5ED7-F6EF-433C-9804-52C1BAE7CE66} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {08387746-2324-4345-8016-A28AA1115DC5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {09F9477C-1B5B-4FFF-A749-EC901EC7B063} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {0AC62FB3-3F7F-447D-8747-DC914CB04A60} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {0D69DED8-C7BA-4F0C-BE20-632587859D39} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start ThunderboltService
Task: {22838C5B-7FB2-4BC3-B08F-F6EC9DE6A1F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {23A2C2E9-E278-4AE4-9276-443D67B8616C} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2023-03-08] (Garmin International, Inc. -> )
Task: {3020E1DD-2B33-4756-A425-E6F4CEEAF44D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {34E674F9-2AB1-49F0-96DD-A110C4B99AAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {35C8EA5F-4317-4C5B-BC01-925AFB055646} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Nenhum Arquivo)
Task: {3CB0C6B6-7DB0-4F82-86D2-317660974B79} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Nenhum Arquivo)
Task: {3E717B58-C5EB-4CA1-9428-B3C57EA93F5E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {3F16825E-4A23-4BE5-BFF3-E8875BE51957} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4DB2E56F-33C6-46D4-9626-134B1FA7B1F9} - System32\Tasks\S-1-5-21-3848878613-230039650-1154610324-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (Nenhum Arquivo)
Task: {55C45FC8-E007-494C-A58F-F033D657E907} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "bf5aeb9d-4b7a-44ff-be41-d7fe70b78db2" --version "6.12.10490" --silent
Task: {68ED2B15-9716-4F7F-AC2E-E853DF81A725} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AEAC83B-69C1-4110-A7E4-63CD753D8ED9} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-3848878613-230039650-1154610324-1001 => C:\Users\nursi\AppData\Local\Programs\Messenger\MessengerHelper.exe --lassie (Nenhum Arquivo)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe Reboot (Nenhum Arquivo)
Task: {75C6ECC2-A97B-43FE-955F-F19B1B756E6D} - System32\Tasks\Microsoft\Windows\Method\Size => C:\Users\nursi\AppData\Local\Method\lpxeccajs\Size.exe (Nenhum Arquivo)
Task: {82DED51B-11BB-4D6E-8849-C79650191760} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe [4718048 2018-03-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {837548B2-5C32-40F1-B199-428018558A58} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {883D674E-9997-4C06-998C-1AD66B25BDAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-04] (Google Inc -> Google Inc.)
Task: {8EF2319F-75C3-49AC-BFFD-50AA2D5F8A25} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe [1234432 2019-10-30] (ASUSTeK COMPUTER INC.) [Arquivo não assinado]
Task: {919B36F3-225D-4214-B6A3-3A7CA9BE35CC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9990B736-2BB8-4363-9FB8-7DCA98953BCB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (Nenhum Arquivo)
Task: {AB6CB96E-24C0-4CCF-9899-535BF4C17800} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B130E7A0-31B1-40FD-9840-E02126D42CA5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B3155E12-5FE2-42D1-925C-08E4A0E25E6B} - System32\Tasks\ASUS Promotion => C:\Program Files\ASUS\ASUS Promotion\ASUS Promotion.exe [1049568 2018-10-26] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {B81C4395-30C4-4666-97A1-8ECC080C4751} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C0AD9454-15CC-4B36-8BDA-E25E156109D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C5A67A2B-2DEE-489B-93A5-FBFED80F8A3D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C9B82602-1D68-47D0-90FF-6899003F7E64} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe [811520 2019-10-30] (ASUSTeK COMPUTER INC.) [Arquivo não assinado]
Task: {CB552C89-A0CC-4E63-A286-429E65028A3B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Nenhum Arquivo)
Task: {CE8524D6-D814-4436-B963-C64311AC0A6A} - System32\Tasks\GameFirstV => C:\Program Files (x86)\ASUS\GameFirst\\GameFirst_V.exe [714112 ] (Apex Titan Technology Corp. -> ASUS)
Task: {D64B1995-474C-4E6E-9CFB-2FC258248192} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D7E72569-BA75-4B21-BA36-33E28EF979EC} - System32\Tasks\CCleanerSkipUAC - nursi => C:\Program Files\CCleaner\CCleaner.exe [34264480 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DA0066AB-D295-44A9-8C7F-8754D040F711} - System32\Tasks\USBChargerPlusUWP => C:\Program Files (x86)\ASUS\USB Charger Plus Service\StartupUSBChargerPlus.exe [150416 2018-07-04] (ASUSTeK Computer Inc. -> )
Task: {E008A5EA-2090-4D75-A97F-61D18099AE55} - System32\Tasks\IterationCount => C:\Users\nursi\AppData\Roaming\DefinedTypes\IterationCount (Nenhum Arquivo)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Nenhum Arquivo)
Task: {E90CD071-BE09-4138-BA41-AAAC86583212} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {EB6C88FD-2935-42F7-A8AC-A9FD3B3DE60A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2019-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EE3A4C7D-83B8-468E-9B1A-4B3258D74D59} - \faka -> Nenhum Arquivo <==== ATENÇÃO
Task: {EFBD9700-C01E-45FB-8327-A2762C1EF853} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-04] (Google Inc -> Google Inc.)
Task: {F00BB55C-CB25-4E87-8B60-0ED9F8C4D15F} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHotkeyExec64.exe [176064 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {F1CA1299-F3B4-4FCF-8C47-EDEC9BAA81BB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277528 2019-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F4BC2FB6-E0AD-4A64-8C8B-D915C6A8F7D1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC5855C5-EDF8-4136-8494-9DF310D8161C} - System32\Tasks\Method\Size => C:\Users\nursi\AppData\Local\Method\bxxntqhh\Size.exe [7168 2023-06-09] () [Arquivo não assinado] [O arquivo está em uso]
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
StartBatch:
@echo off
echo "VERIFICANDO CHAVE DO REGEDIT..."
echo.
echo.
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run"
echo.
echo.
echo "VERIFICANDO CHAVE DO REGEDIT..."
echo.
echo.
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
echo.
echo.
echo "VERIFICANDO CHAVE DO REGEDIT..."
echo.
echo.
reg query "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig"
echo.
echo.
echo "VERIFICANDO CHAVE DO REGEDIT..."
echo.
echo.
reg query "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run"
EndBatch:
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
C:\Users\nursi\AppData\Local\Temp\Fmocnpecplpmgokmihrjohgewqz.exe => Não foi encontrado em execução o processo
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Update: Restrição <==== ATENÇÃO => Erro: Nenhuma correção automática foi encontrada para esta entrada.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03CF5ED7-F6EF-433C-9804-52C1BAE7CE66}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\CCleaner Update => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{08387746-2324-4345-8016-A28AA1115DC5}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08387746-2324-4345-8016-A28AA1115DC5}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel\Thunderbolt\Start Thunderbolt application on login if service is up" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09F9477C-1B5B-4FFF-A749-EC901EC7B063}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F9477C-1B5B-4FFF-A749-EC901EC7B063}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUSUpdateTaskMachineCore" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0AC62FB3-3F7F-447D-8747-DC914CB04A60}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AC62FB3-3F7F-447D-8747-DC914CB04A60}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D69DED8-C7BA-4F0C-BE20-632587859D39}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D69DED8-C7BA-4F0C-BE20-632587859D39}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22838C5B-7FB2-4BC3-B08F-F6EC9DE6A1F1}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23A2C2E9-E278-4AE4-9276-443D67B8616C}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23A2C2E9-E278-4AE4-9276-443D67B8616C}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GarminUpdaterTask => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GarminUpdaterTask" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3020E1DD-2B33-4756-A425-E6F4CEEAF44D}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3020E1DD-2B33-4756-A425-E6F4CEEAF44D}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34E674F9-2AB1-49F0-96DD-A110C4B99AAA}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35C8EA5F-4317-4C5B-BC01-925AFB055646}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35C8EA5F-4317-4C5B-BC01-925AFB055646}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CB0C6B6-7DB0-4F82-86D2-317660974B79}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CB0C6B6-7DB0-4F82-86D2-317660974B79}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3E717B58-C5EB-4CA1-9428-B3C57EA93F5E}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E717B58-C5EB-4CA1-9428-B3C57EA93F5E}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F16825E-4A23-4BE5-BFF3-E8875BE51957}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Verification" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DB2E56F-33C6-46D4-9626-134B1FA7B1F9}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DB2E56F-33C6-46D4-9626-134B1FA7B1F9}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\S-1-5-21-3848878613-230039650-1154610324-1001\DataSenseLiveTileTask => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\S-1-5-21-3848878613-230039650-1154610324-1001\DataSenseLiveTileTask" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55C45FC8-E007-494C-A58F-F033D657E907}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\CCleanerCrashReporting => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerCrashReporting" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68ED2B15-9716-4F7F-AC2E-E853DF81A725}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68ED2B15-9716-4F7F-AC2E-E853DF81A725}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AEAC83B-69C1-4110-A7E4-63CD753D8ED9}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AEAC83B-69C1-4110-A7E4-63CD753D8ED9}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-3848878613-230039650-1154610324-1001 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Meta\Messenger-SL-Helper-S-1-5-21-3848878613-230039650-1154610324-1001" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75C6ECC2-A97B-43FE-955F-F19B1B756E6D}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75C6ECC2-A97B-43FE-955F-F19B1B756E6D}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Method\Size => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Method\Size" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82DED51B-11BB-4D6E-8849-C79650191760}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82DED51B-11BB-4D6E-8849-C79650191760}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\ROG Gaming Center => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ROG Gaming Center" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{837548B2-5C32-40F1-B199-428018558A58}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{837548B2-5C32-40F1-B199-428018558A58}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{883D674E-9997-4C06-998C-1AD66B25BDAF}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{883D674E-9997-4C06-998C-1AD66B25BDAF}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EF2319F-75C3-49AC-BFFD-50AA2D5F8A25}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EF2319F-75C3-49AC-BFFD-50AA2D5F8A25}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\SS3Svc32Run => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SS3Svc32Run" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{919B36F3-225D-4214-B6A3-3A7CA9BE35CC}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{919B36F3-225D-4214-B6A3-3A7CA9BE35CC}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9990B736-2BB8-4363-9FB8-7DCA98953BCB}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9990B736-2BB8-4363-9FB8-7DCA98953BCB}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AB6CB96E-24C0-4CCF-9899-535BF4C17800}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB6CB96E-24C0-4CCF-9899-535BF4C17800}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B130E7A0-31B1-40FD-9840-E02126D42CA5}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B130E7A0-31B1-40FD-9840-E02126D42CA5}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B3155E12-5FE2-42D1-925C-08E4A0E25E6B}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3155E12-5FE2-42D1-925C-08E4A0E25E6B}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\ASUS Promotion => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Promotion" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B81C4395-30C4-4666-97A1-8ECC080C4751}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B81C4395-30C4-4666-97A1-8ECC080C4751}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0AD9454-15CC-4B36-8BDA-E25E156109D3}" => não encontrado (a)
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C5A67A2B-2DEE-489B-93A5-FBFED80F8A3D}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5A67A2B-2DEE-489B-93A5-FBFED80F8A3D}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9B82602-1D68-47D0-90FF-6899003F7E64}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9B82602-1D68-47D0-90FF-6899003F7E64}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\SS3Svc64Run => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SS3Svc64Run" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB552C89-A0CC-4E63-A286-429E65028A3B}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB552C89-A0CC-4E63-A286-429E65028A3B}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CE8524D6-D814-4436-B963-C64311AC0A6A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE8524D6-D814-4436-B963-C64311AC0A6A}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GameFirstV => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GameFirstV" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D64B1995-474C-4E6E-9CFB-2FC258248192}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D64B1995-474C-4E6E-9CFB-2FC258248192}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7E72569-BA75-4B21-BA36-33E28EF979EC}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7E72569-BA75-4B21-BA36-33E28EF979EC}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC - nursi => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC - nursi" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DA0066AB-D295-44A9-8C7F-8754D040F711}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA0066AB-D295-44A9-8C7F-8754D040F711}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\USBChargerPlusUWP => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USBChargerPlusUWP" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E008A5EA-2090-4D75-A97F-61D18099AE55}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E008A5EA-2090-4D75-A97F-61D18099AE55}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\IterationCount => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IterationCount" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E90CD071-BE09-4138-BA41-AAAC86583212}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E90CD071-BE09-4138-BA41-AAAC86583212}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUSUpdateTaskMachineUA" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EB6C88FD-2935-42F7-A8AC-A9FD3B3DE60A}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB6C88FD-2935-42F7-A8AC-A9FD3B3DE60A}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RtHDVBg_ListenToDevice" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE3A4C7D-83B8-468E-9B1A-4B3258D74D59}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE3A4C7D-83B8-468E-9B1A-4B3258D74D59}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\faka" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EFBD9700-C01E-45FB-8327-A2762C1EF853}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFBD9700-C01E-45FB-8327-A2762C1EF853}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F00BB55C-CB25-4E87-8B60-0ED9F8C4D15F}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F00BB55C-CB25-4E87-8B60-0ED9F8C4D15F}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ATK Package 36D18D69AFC3" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F1CA1299-F3B4-4FCF-8C47-EDEC9BAA81BB}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1CA1299-F3B4-4FCF-8C47-EDEC9BAA81BB}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\RTKCPL => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RTKCPL" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4BC2FB6-E0AD-4A64-8C8B-D915C6A8F7D1}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4BC2FB6-E0AD-4A64-8C8B-D915C6A8F7D1}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC5855C5-EDF8-4136-8494-9DF310D8161C}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC5855C5-EDF8-4136-8494-9DF310D8161C}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Method\Size => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Method\Size" => removido (a) com sucesso.
C:\WINDOWS\Tasks\CCleanerCrashReporting.job => movido com sucesso

========= Batch: =========
"VERIFICANDO CHAVE DO REGEDIT..."

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
OneDrive REG_SZ "C:\Users\nursi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
GoogleDriveFS REG_SZ "C:\Program Files\Google\Drive File Stream\76.0.3.0\GoogleDriveFS.exe" --startup_mode
CCleaner Smart Cleaning REG_SZ "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
iCloudServices REG_SZ "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
Skype for Desktop REG_SZ C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
GarminExpress REG_SZ "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
MicrosoftEdgeAutoLaunch_E9654F28324299FCE4DDE5EEE2A42508 REG_SZ "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5

"VERIFICANDO CHAVE DO REGEDIT..."

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SecurityHealth REG_EXPAND_SZ %windir%\system32\SecurityHealthSystray.exe
Sonic Studio 3 REG_SZ "C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe" /start SonicStudioSystray /silent
EvtMgr6 REG_SZ C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
Logitech Download Assistant REG_SZ C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
Emsisoft Anti-Malware REG_SZ "C:\Program Files\Emsisoft Anti-Malware\a2guard.exe"

"VERIFICANDO CHAVE DO REGEDIT..."

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\state

"VERIFICANDO CHAVE DO REGEDIT..."

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run
GoogleDriveFS REG_SZ C:\Program Files\Google\Drive File Stream\76.0.3.0\GoogleDriveFS.exe --startup_mode

========= Fim de Batch: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= Fim de CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-3848878613-230039650-1154610324-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-3848878613-230039650-1154610324-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.

========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

FlushDNS => completado
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19035863 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1300 B
Windows/system/drivers => 1278171 B
Edge => 91136 B
Chrome => 483499348 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 13312 B
NetworkService => 29328 B
nursi => 140252943 B

RecycleBin => 53115441 B
EmptyTemp: => 665 MB de dados temporários Removidos.

================================

O sistema precisou ser reiniciado.

==== Fim de Fixlog 16:55:49 ====

Elias Pereira · 28 de junho de 2023

Em relação a malwares, não temos mais problemas.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Nurgui · 30 de junho de 2023

Obrigado Elias pelo seu tempo e ajuda.

KairanD · 1 de julho de 2023

Problema resolvido!

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.