Clau de Oliveira

Algum outro membro pode me ajudar a resolver esse erro?? Penso que ficou alguma "sujeira" no registro (regedit), pois quando tento instalar o Google Drive, diz que já está instalado.

@Mega Blaster Olá já passei antivirus e passei o sfc... só não tirei as memórias ainda, cada vez que abre o notebook sempre algum ponto da tampa quebra... os notebooks antigos eram mais fortes... esses são porcaria... queria ver se consigo resolver sem ter que abrir. Tentei reiniciar no modo de segurança (pelo msconfig) e piorou... não ligava mais, o pin não era aceito, a senha da conta também né... demorei pra responder pois estava resolvendo a m&rda que fiz em tentar colocar no modo de segurança. Alguma outra alternativa pra resolver?

Olá Erro ocorrendo quando inicia o windows, Google Drive não abre, já desinstalei, passei antivirus (esetnod), ccleaner, adwcleaner e ainda continua o erro. Preciso do Google Drive, o que faço???

Vou formatar para ver se dá certo, só gostaria de entender uma placa de Vídeo que serviria para melhorar o desempenho esteja ocorrendo o contrário.

@Alexsandro Krzj Não me ajudou

Preciso de ajuda, meu computador: Aspire A515-52G Processador Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz 1.80 GHz RAM instalada 16,0 GB (utilizável: 15,9 GB) Tipo de sistema Sistema operacional de 64 bits, processador baseado em x64 Tem uma placa de vídeo: NVIDIA GeForce MX130 Porém para abrir alguns jogos e programas fica com chuvisco como mostro nas imagens que anexei. O programa CAPCUT não consigo usar, jogos disponíveis no windows store não consigo jogar... tem alguma configuração errada, não é possível meu notebook não rodar programas e jogos simples, ou é? NVIDIA System Information 07-23-2023 17-57-08.txt

@Elias Pereira Bem melhor, aparentemente não está mais com virus. Iniciando rápido e sem problemas. Muito obrigada!

@Elias Pereira

@Elias Pereira Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 10-04-2023 Executado por clare (12-04-2023 22:53:15) Run:1 Executando a partir de C:\Users\clare\OneDrive\Área de Trabalho Perfis Carregados: clare Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274] AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [8946] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2334] AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274] AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [8946] AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274] AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [8946] AlternateDataStreams: C:\ProgramData\Application Data:chnpbmzkyg [274] AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [8946] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [8946] AlternateDataStreams: C:\ProgramData\Temp:9494338C [252] GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO Task: {01FEFF8A-93A2-4E1B-B8E9-CD3FB7A6AA70} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [462848 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {0219B601-8F68-4E0F-AADB-F064BB6BE383} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {10CA2D03-6D42-4E6A-A5F5-1EEFEB37B568} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [834032 2019-02-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {1500BF84-CCC6-4FBD-8123-9401637C6FC7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {1B5AF7DA-A632-4B17-BA80-65E489426A8A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {1BABCB9C-19E9-4947-A869-394EA85F11AD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {27E8FD4D-C5D6-488D-B731-3B1A4F486C59} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {2A4EA318-BD0D-420D-B860-C365A0393524} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2C33F99E-C38A-460D-86B7-989A916F92C0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {31F6A644-F40E-4213-8188-09DCD6B1B329} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {384034EC-2BD9-414E-97BD-788C3CD92FF1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Nenhum Arquivo) Task: {3D8280CE-976F-4281-84B5-BCDF1BC367A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-14] (Google LLC -> Google LLC) Task: {3DB554B4-2BB9-4560-9FAD-F2C8045FD935} - System32\Tasks\CareCenter\GoogleDriveFS_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (Nenhum Arquivo) <==== ATENÇÃO Task: {4FDD8597-A20D-4A1A-BDB9-5415E8DB0700} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.) Task: {55A55051-9D6E-41BF-A3C6-830842CE4CD2} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {568CCD61-B443-48B3-8219-7932F3867604} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Nenhum Arquivo) Task: {5A758AEE-B9AA-43DC-B791-782C60B00C5E} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\clare\AppData\Roaming\\sysinfotool\\sitool.exe -st -tu 3 (Nenhum Arquivo) <==== ATENÇÃO Task: {64B570F5-FC37-4211-8199-EB9848FBB8D3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {69F5D084-06BF-4295-ABB9-993000940009} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\clare\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-16] (ESET, spol. s r.o. -> ESET) Task: {6D6A4622-9B4F-43BD-A972-B8AEE4BCFD55} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {727BE017-6B03-4730-BAA4-7837422309B3} - System32\Tasks\CareCenter\Wondershare Helper Compact.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) Task: {78D500F6-8B68-4E26-9DC3-94DC356B21C4} - System32\Tasks\Microsoft\Windows\Windows Update\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe (Nenhum Arquivo) Task: {7F39972B-17FF-49CC-B995-E9D9DCFAB08C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8130A3F4-0C36-4139-9FDD-F7E94823E8B6} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-MLMFK.tmp\corefixer.exe /norerun (Nenhum Arquivo) <==== ATENÇÃO Task: {828FDE0A-9939-45D4-902D-83E69A942278} - System32\Tasks\pdfforge GmbH\Update => C:\Program Files\PDF Architect 8\architect.exe --update --mode check auto notify (Nenhum Arquivo) Task: {8E9B8598-E418-4CFD-B959-873B5C90BDFE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002032 2022-12-07] (Intel Corporation -> Intel Corporation) Task: {9342B0A9-7442-4E40-80A0-2DCE92498587} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (Nenhum Arquivo) Task: {9AEB1BF5-70CA-4633-A6BB-49F5194859EF} - System32\Tasks\CareCenter\AnyDesk.lnk_FolderCommonAppdata => C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH) Task: {9B5E199F-9D12-4C45-9E89-CC654CD5E88C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196792 2023-03-31] (Microsoft Corporation -> Microsoft Corporation) Task: {A7FFC8F9-66E2-48A8-B11E-B7A710B822D8} - System32\Tasks\CareCenter\MEGAsync.lnk_FolderAppdata_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Users\clare\AppData\Local\MEGAsync\MEGAsync.exe [65128112 2023-03-27] (Mega Limited -> Mega Limited) Task: {AD061118-8FA7-4C74-8116-BF5E9A2A95FA} - System32\Tasks\CareCenter\HP Software Update_Reg_HKLMWow6432Run => C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) Task: {ADBDBD1E-0035-4F89-AAF8-9BBD4A3D7868} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {B2514D61-EA2B-4B51-9765-528234104B9B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Users\clare\AppData\Local\MEGAsync\MEGAupdater.exe [1776304 2023-03-27] (Mega Limited -> ) Task: {B42748F9-085A-4717-B98E-452D60FAD011} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Maintenance Schedule created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {B55E241A-D276-4295-8EBA-0B612E4FAEAE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196792 2023-03-31] (Microsoft Corporation -> Microsoft Corporation) Task: {C2808C9E-412F-47E0-921A-BF62CA4C81C6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {C3431AFB-D315-43B9-8C83-1760F917DFB5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DAA1C8DC-12D0-4A91-B9FF-3CC838D534B9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {DB072358-8F7B-47F8-A668-7748A6F40766} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [462848 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {DDAAAF73-1AB1-49B5-866C-3330A2981ECF} - System32\Tasks\CareCenter\MicrosoftEdgeAutoLaunch_A295FA842BF5E5CB2E822951A6B7AC5E_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [4056016 2023-03-30] (Microsoft Corporation -> Microsoft Corporation) Task: {DF65097F-00A0-410E-82EF-222D780A8333} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DFAE1CB0-BB59-4418-B1D8-34FA138F8D31} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\clare\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-16] (ESET, spol. s r.o. -> ESET) Task: {E549B32C-8404-4E58-97D2-24B7A474C9F3} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002032 2022-12-07] (Intel Corporation -> Intel Corporation) Task: {EA6CDDF7-033A-49AD-87F7-F386E5D27EF0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {FDBC3071-DC9B-4F0B-A22D-EBADD2F4FA1B} - System32\Tasks\CareCenter\BCSSync_Reg_HKLMWow6432Run => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) Task: {FF3E2D09-67EB-42FA-BF10-9AD593A199DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-14] (Google LLC -> Google LLC) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe S2 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X] S4 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [X] S3 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X] S3 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X] S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X] reg: reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" reg: reg query "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig" reg: reg query "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run" CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: CreateRestorePoint: ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. C:\ProgramData => ":chnpbmzkyg" ADS removido (a) com sucesso. C:\ProgramData => ":YXVtLmh6aQ" ADS removido (a) com sucesso. C:\WINDOWS\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso. "C:\Users\All Users" => ":chnpbmzkyg" ADS não encontrado (a). "C:\Users\All Users" => ":YXVtLmh6aQ" ADS não encontrado (a). "C:\Users\Todos os Usuários" => ":chnpbmzkyg" ADS não encontrado (a). "C:\Users\Todos os Usuários" => ":YXVtLmh6aQ" ADS não encontrado (a). "C:\ProgramData\Application Data" => ":chnpbmzkyg" ADS não encontrado (a). "C:\ProgramData\Application Data" => ":YXVtLmh6aQ" ADS não encontrado (a). "C:\ProgramData\Dados de Aplicativos" => ":chnpbmzkyg" ADS não encontrado (a). "C:\ProgramData\Dados de Aplicativos" => ":YXVtLmh6aQ" ADS não encontrado (a). C:\ProgramData\Temp => ":9494338C" ADS removido (a) com sucesso. C:\WINDOWS\system32\GroupPolicy\Machine => movido com sucesso C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido com sucesso C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido com sucesso C:\ProgramData\NTUSER.pol => movido com sucesso HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => valor restaurado com sucesso HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => valor restaurado com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01FEFF8A-93A2-4E1B-B8E9-CD3FB7A6AA70}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01FEFF8A-93A2-4E1B-B8E9-CD3FB7A6AA70}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by server => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by server" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0219B601-8F68-4E0F-AADB-F064BB6BE383}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0219B601-8F68-4E0F-AADB-F064BB6BE383}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Software Update Application => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Update Application" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10CA2D03-6D42-4E6A-A5F5-1EEFEB37B568}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10CA2D03-6D42-4E6A-A5F5-1EEFEB37B568}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\RtkAudUService64_BG => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RtkAudUService64_BG" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1500BF84-CCC6-4FBD-8123-9401637C6FC7}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1500BF84-CCC6-4FBD-8123-9401637C6FC7}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushLaunch => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushLaunch" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B5AF7DA-A632-4B17-BA80-65E489426A8A}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B5AF7DA-A632-4B17-BA80-65E489426A8A}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BABCB9C-19E9-4947-A869-394EA85F11AD}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BABCB9C-19E9-4947-A869-394EA85F11AD}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27E8FD4D-C5D6-488D-B731-3B1A4F486C59}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27E8FD4D-C5D6-488D-B731-3B1A4F486C59}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Win10 S Mode event listener created by enrollment client => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Win10 S Mode event listener created by enrollment client" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A4EA318-BD0D-420D-B860-C365A0393524}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A4EA318-BD0D-420D-B860-C365A0393524}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C33F99E-C38A-460D-86B7-989A916F92C0}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C33F99E-C38A-460D-86B7-989A916F92C0}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Provisioning initiated session => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Provisioning initiated session" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31F6A644-F40E-4213-8188-09DCD6B1B329}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31F6A644-F40E-4213-8188-09DCD6B1B329}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{384034EC-2BD9-414E-97BD-788C3CD92FF1}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384034EC-2BD9-414E-97BD-788C3CD92FF1}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3D8280CE-976F-4281-84B5-BCDF1BC367A5}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D8280CE-976F-4281-84B5-BCDF1BC367A5}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3DB554B4-2BB9-4560-9FAD-F2C8045FD935}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DB554B4-2BB9-4560-9FAD-F2C8045FD935}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CareCenter\GoogleDriveFS_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\GoogleDriveFS_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FDD8597-A20D-4A1A-BDB9-5415E8DB0700}" => não encontrado (a) C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{55A55051-9D6E-41BF-A3C6-830842CE4CD2}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55A55051-9D6E-41BF-A3C6-830842CE4CD2}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC_QUEENCREEK" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{568CCD61-B443-48B3-8219-7932F3867604}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{568CCD61-B443-48B3-8219-7932F3867604}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\ACC => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACC" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A758AEE-B9AA-43DC-B791-782C60B00C5E}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A758AEE-B9AA-43DC-B791-782C60B00C5E}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\SystemInfo" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64B570F5-FC37-4211-8199-EB9848FBB8D3}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64B570F5-FC37-4211-8199-EB9848FBB8D3}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69F5D084-06BF-4295-ABB9-993000940009}" => não encontrado (a) C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D6A4622-9B4F-43BD-A972-B8AEE4BCFD55}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D6A4622-9B4F-43BD-A972-B8AEE4BCFD55}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushUpgrade => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushUpgrade" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{727BE017-6B03-4730-BAA4-7837422309B3}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{727BE017-6B03-4730-BAA4-7837422309B3}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CareCenter\Wondershare Helper Compact.exe_Reg_HKLMWow6432Run => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\Wondershare Helper Compact.exe_Reg_HKLMWow6432Run" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78D500F6-8B68-4E26-9DC3-94DC356B21C4}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78D500F6-8B68-4E26-9DC3-94DC356B21C4}" => removido (a) com sucesso. "C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Update\RUXIM\PLUGScheduler" => não encontrado (a) "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Update\RUXIM\PLUGScheduler" => não encontrado (a) "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F39972B-17FF-49CC-B995-E9D9DCFAB08C}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F39972B-17FF-49CC-B995-E9D9DCFAB08C}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8130A3F4-0C36-4139-9FDD-F7E94823E8B6}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8130A3F4-0C36-4139-9FDD-F7E94823E8B6}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Rerun Warsaw's CoreFixer => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Rerun Warsaw's CoreFixer" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{828FDE0A-9939-45D4-902D-83E69A942278}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{828FDE0A-9939-45D4-902D-83E69A942278}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\pdfforge GmbH\Update => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pdfforge GmbH\Update" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8E9B8598-E418-4CFD-B959-873B5C90BDFE}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E9B8598-E418-4CFD-B959-873B5C90BDFE}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9342B0A9-7442-4E40-80A0-2DCE92498587}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9342B0A9-7442-4E40-80A0-2DCE92498587}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Oem\AcerJumpstartTask => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Oem\AcerJumpstartTask" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9AEB1BF5-70CA-4633-A6BB-49F5194859EF}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AEB1BF5-70CA-4633-A6BB-49F5194859EF}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CareCenter\AnyDesk.lnk_FolderCommonAppdata => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\AnyDesk.lnk_FolderCommonAppdata" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B5E199F-9D12-4C45-9E89-CC654CD5E88C}" => não encontrado (a) C:\WINDOWS\System32\Tasks\OneDrive Per-Machine Standalone Update Task => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Per-Machine Standalone Update Task" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A7FFC8F9-66E2-48A8-B11E-B7A710B822D8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7FFC8F9-66E2-48A8-B11E-B7A710B822D8}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CareCenter\MEGAsync.lnk_FolderAppdata_S-1-5-21-868159705-1825106094-3080552626-1001 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\MEGAsync.lnk_FolderAppdata_S-1-5-21-868159705-1825106094-3080552626-1001" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD061118-8FA7-4C74-8116-BF5E9A2A95FA}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD061118-8FA7-4C74-8116-BF5E9A2A95FA}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CareCenter\HP Software Update_Reg_HKLMWow6432Run => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\HP Software Update_Reg_HKLMWow6432Run" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADBDBD1E-0035-4F89-AAF8-9BBD4A3D7868}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADBDBD1E-0035-4F89-AAF8-9BBD4A3D7868}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2514D61-EA2B-4B51-9765-528234104B9B}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2514D61-EA2B-4B51-9765-528234104B9B}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-868159705-1825106094-3080552626-1001 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MEGA\MEGAsync Update Task S-1-5-21-868159705-1825106094-3080552626-1001" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B42748F9-085A-4717-B98E-452D60FAD011}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B42748F9-085A-4717-B98E-452D60FAD011}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Maintenance Schedule created by enrollment client => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Maintenance Schedule created by enrollment client" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B55E241A-D276-4295-8EBA-0B612E4FAEAE}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B55E241A-D276-4295-8EBA-0B612E4FAEAE}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2808C9E-412F-47E0-921A-BF62CA4C81C6}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2808C9E-412F-47E0-921A-BF62CA4C81C6}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Passport for Work alert created by enrollment client => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Passport for Work alert created by enrollment client" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3431AFB-D315-43B9-8C83-1760F917DFB5}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3431AFB-D315-43B9-8C83-1760F917DFB5}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAA1C8DC-12D0-4A91-B9FF-3CC838D534B9}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAA1C8DC-12D0-4A91-B9FF-3CC838D534B9}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\OS Edition Upgrade event listener created by enrollment client => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\OS Edition Upgrade event listener created by enrollment client" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB072358-8F7B-47F8-A668-7748A6F40766}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB072358-8F7B-47F8-A668-7748A6F40766}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by client => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by client" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DDAAAF73-1AB1-49B5-866C-3330A2981ECF}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDAAAF73-1AB1-49B5-866C-3330A2981ECF}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CareCenter\MicrosoftEdgeAutoLaunch_A295FA842BF5E5CB2E822951A6B7AC5E_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\MicrosoftEdgeAutoLaunch_A295FA842BF5E5CB2E822951A6B7AC5E_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF65097F-00A0-410E-82EF-222D780A8333}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF65097F-00A0-410E-82EF-222D780A8333}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFAE1CB0-BB59-4418-B1D8-34FA138F8D31}" => não encontrado (a) C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E549B32C-8404-4E58-97D2-24B7A474C9F3}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E549B32C-8404-4E58-97D2-24B7A474C9F3}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA6CDDF7-033A-49AD-87F7-F386E5D27EF0}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA6CDDF7-033A-49AD-87F7-F386E5D27EF0}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule #3 created by enrollment client => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule #3 created by enrollment client" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FDBC3071-DC9B-4F0B-A22D-EBADD2F4FA1B}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDBC3071-DC9B-4F0B-A22D-EBADD2F4FA1B}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CareCenter\BCSSync_Reg_HKLMWow6432Run => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\BCSSync_Reg_HKLMWow6432Run" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF3E2D09-67EB-42FA-BF10-9AD593A199DA}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF3E2D09-67EB-42FA-BF10-9AD593A199DA}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso. C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => movido com sucesso HKLM\System\CurrentControlSet\Services\ACCSvc => removido (a) com sucesso. ACCSvc => o serviço removido (a) com sucesso. HKLM\System\CurrentControlSet\Services\EaseUS UPDATE SERVICE => removido (a) com sucesso. EaseUS UPDATE SERVICE => o serviço removido (a) com sucesso. HKLM\System\CurrentControlSet\Services\QALSvc => removido (a) com sucesso. QALSvc => o serviço removido (a) com sucesso. HKLM\System\CurrentControlSet\Services\QASvc => removido (a) com sucesso. QASvc => o serviço removido (a) com sucesso. HKLM\System\CurrentControlSet\Services\UEIPSvc => removido (a) com sucesso. UEIPSvc => o serviço removido (a) com sucesso. ========= reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" ========= HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run GoogleDriveFS REG_SZ "C:\Program Files\Google\Drive File Stream\73.0.4.0\GoogleDriveFS.exe" --startup_mode com.squirrel.Teams.Teams REG_SZ C:\Users\clare\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated" CanvaAutoLaunchAvailabilityCheckAgent REG_SZ "C:\Users\clare\AppData\Local\Programs\Canva\Canva.exe" --start-availability-check-agent ========= Fim de Reg: ========= ========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" ========= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SecurityHealth REG_EXPAND_SZ %windir%\system32\SecurityHealthSystray.exe IAStorIcon REG_SZ "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 WSVCUUpdateHelper.exe REG_SZ C:\Program Files (x86)\Wondershare\UniConverter\WSVCUUpdateHelper.exe Wondershare Helper Compact.exe REG_SZ C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ========= Fim de Reg: ========= ========= reg query "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig" ========= HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\state ========= Fim de Reg: ========= ========= reg query "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" ========= HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run GoogleDriveFS REG_SZ C:\Program Files\Google\Drive File Stream\73.0.4.0\GoogleDriveFS.exe --startup_mode ========= Fim de Reg: ========= ========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run" ========= HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run BCSSync REG_SZ "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices Wondershare Helper Compact.exe REG_SZ C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HP Software Update REG_SZ C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe (padrÆo) REG_SZ Aimersoft Helper Compact.exe REG_SZ C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe TeamsMachineUninstallerLocalAppData REG_EXPAND_SZ %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default TeamsMachineUninstallerProgramData REG_EXPAND_SZ %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default ========= Fim de Reg: ========= ========= ipconfig /flushdns ========= Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-21-868159705-1825106094-3080552626-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-21-868159705-1825106094-3080552626-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. ========= Fim de RemoveProxy: ========= Ponto de Restauração criado com sucesso. =========== EmptyTemp: ========== FlushDNS => completado BITS transfer queue => 1310720 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 95947127 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B Windows/system/drivers => 78165446 B Edge => 81537 B Chrome => 119208046 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 447397044 B systemprofile32 => 447397087 B LocalService => 447551371 B NetworkService => 456705167 B clare => 1956810982 B RecycleBin => 3043793 B EmptyTemp: => 3.8 GB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 22:58:41 ====

@Elias Pereira Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 03-04-2023 Executado por clare (03-04-2023 23:32:32) Executando a partir de C:\Users\clare\OneDrive\Área de Trabalho Microsoft Windows 10 Home Single Language Versão 22H2 19045.2728 (X64) (2020-07-11 18:20:45) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-868159705-1825106094-3080552626-500 - Administrator - Disabled) clare (S-1-5-21-868159705-1825106094-3080552626-1001 - Administrator - Enabled) => C:\Users\clare Convidado (S-1-5-21-868159705-1825106094-3080552626-501 - Limited - Disabled) DefaultAccount (S-1-5-21-868159705-1825106094-3080552626-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-868159705-1825106094-3080552626-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden Acer Jumpstart (HKLM-x32\...\{4335EAF1-21F1-43D3-8F6F-D7E481E6959A}) (Version: 3.3.19180.60 - Acer) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1046-1033-7760-BC15014EA700}) (Version: 23.001.20093 - Adobe) Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_1_2) (Version: 22.1.2 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.14 - philandro Software GmbH) Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design) Canva (HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\3d0ba22d-e02b-5c6d-93a1-4e2a9af9c1f2) (Version: 1.62.0 - Canva Pty Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.147 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 72.0.3.0 - Google LLC) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Chipset Device Software (HKLM\...\{631C57C3-B765-4327-822A-057C34D691CC}) (Version: 10.1.17695.8086 - Intel Corporation) Hidden Intel(R) Computing Improvement Program (HKLM\...\{C5A3E7E0-34F2-4582-A7FF-F335C8ED582B}) (Version: 2.4.09007 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{310C6D71-5D6E-41EC-8D57-90A45FAFF6DB}) (Version: 16.8.0.1000 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.0.1000 - Intel Corporation) Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{2D79E334-B178-45B9-A2A6-7A60A084C268}) (Version: 16.8.0.1000 - Intel Corporation) Malwarebytes version 4.5.25.256 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.25.256 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft ASP.NET Core 3.1.10 Targeting Pack (x64) (HKLM\...\{3DCD041B-A4CB-3585-893D-60E7B8D74C37}) (Version: 3.1.10.20560 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 5.0.14 Shared Framework (x64) (HKLM\...\{1DDE3A7E-9E64-38C4-A76B-EEC6CE0EC9C6}) (Version: 5.0.14.22063 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.62 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.62 - Microsoft Corporation) Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0015-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0016-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-00BA-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0044-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-00A1-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-001A-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0018-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-001F-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-002C-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0019-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010 (HKLM\...\{90140000-002A-0416-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-006E-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-001B-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.054.0313.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.4053 False (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.57102 False (HKLM\...\{f0cbd694-71ce-4391-9690-5da93b2f0445}) (Version: 8.0.57102 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.58298 False (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.4053 False (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.57103 False (HKLM-x32\...\{d8fea624-4f2c-432d-9a54-6eee9cd1a77e}) (Version: 8.0.57103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False (HKLM\...\{D04659D1-EB2D-3DE5-A833-837A623CCCF7}) (Version: 9.0.21022 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False (HKLM\...\{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}) (Version: 9.0.30411 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.0 False (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 False (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148.0 False (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.0 False (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.0 False (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Hidden Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Hidden Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 False (HKLM-x32\...\{0f12c81f-93ef-46ec-bc94-d952c1a775d4}) (Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 False Eng (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 False (HKLM-x32\...\{35459b22-19a6-44ec-8d34-27eb3131acac}) (Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 False Eng (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 False (HKLM-x32\...\{dde2682b-961a-41ea-8d44-6005991b7947}) (Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 False Eng (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 False Eng (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False (HKLM-x32\...\{6c95b50e-cb5a-4a1f-a7b4-8a6004f8dd6a}) (Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False Eng (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False (HKLM-x32\...\{615bc16d-60f5-482e-91b3-b51d8130963b}) (Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False Eng (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False (HKLM-x32\...\{01db25f3-1b76-4d97-88c8-1c90634d88fb}) (Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False Eng (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 False Eng (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 False (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 False (HKLM\...\{3C28BFD4-90C7-3138-87EF-418DC16E9598}) (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 False (HKLM\...\{764384C5-BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 False (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 False (HKLM\...\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}) (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 False (HKLM\...\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (HKLM-x32\...\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}) (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False (HKLM-x32\...\{3D6AD258-61EA-35F5-812C-B7A02152996E}) (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (HKLM-x32\...\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}) (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False (HKLM-x32\...\{E7D4E834-93EB-351F-B8FB-82CDAE623003}) (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 False (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 False Eng (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 False (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 False Eng (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 False (HKLM-x32\...\{c6870a89-ef30-4f22-bbd1-49cd2516bc56}) (Version: 12.0.40649.5 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 False Eng (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 False (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 False Eng (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 False Eng (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False Eng (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False Eng (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 False (HKLM-x32\...\{78142960-066b-4581-b984-0bdcf560c4be}) (Version: 12.0.40649.5 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 False Eng (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 False (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 False Eng (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 False Eng (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 False (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649 False (HKLM\...\{20C1086D-C843-36B1-B678-990089D1BD44}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 False (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 False (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649 False (HKLM\...\{ABB19BB4-838D-3082-BDA4-87C6604181A2}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 False (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 False (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40649 False (HKLM-x32\...\{A8589745-51BC-3963-B4E9-201CF8693538}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 False (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 False (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40649 False (HKLM-x32\...\{DEA7F8E3-B7B9-3C3C-945B-7F8CE9041748}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 False (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden NVIDIA Driver de gráficos 531.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.29 - NVIDIA Corporation) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.0 - OBS Project) PDFCreator (HKLM\...\{1E0CF1C6-D640-4566-8E6F-2C2708422A25}) (Version: 4.4.2 - pdfforge GmbH) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0416-0000-0000000FF1CE}_Office14.PROPLUS_{51C5D139-1A25-4F98-880C-9A1619D2882C}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0416-1000-0000000FF1CE}_Office14.PROPLUS_{0852D5D5-CEE8-4D04-8106-93A6DFB09341}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0416-0000-0000000FF1CE}_Office14.PROPLUS_{2F01C7C0-8077-4C14-BC52-0A00190D386D}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0416-0000-0000000FF1CE}_Office14.PROPLUS_{E703A730-E5DD-4E57-81E9-C7BF7A89F00E}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version: - Microsoft) Hidden Software de dispositivo do Chipset Intel® (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation) Warsaw 2.34.1.1 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.34.1.1 - Topaz) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) Wondershare Filmora9(Build 9.5.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software) Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare) Zoom (HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\ZoomUMX) (Version: 5.13.7 (12602) - Zoom vídeo Communications, Inc.) Packages: ========= Acer Collection S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated) Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3040.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated) Área de Trabalho Remota da Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3005.0_x64__8wekyb3d8bbwe [2023-03-14] (Microsoft Corporation) Assistência Rápida -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corp.) Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated) Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4628.0_x64__8j3eq9eme6ctt [2023-03-24] (INTEL CORP) [Startup Task] ColorNote Bloco de Notas -> C:\Program Files\WindowsApps\DBA41F73.ColorNoteNotepadNotes_1.1.0.20_neutral__3jn8vbmxrzmj2 [2023-03-13] (Social &amp; Mobile, Inc.) Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-13] (HP Inc.) Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad] Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.5.3021.0_x86__8wekyb3d8bbwe [2023-03-14] (Microsoft Studios) PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2023-03-13] (CYBERLINK COM CORP) PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2023-03-13] (CYBERLINK COM CORP) Pride 2019 -> C:\Program Files\WindowsApps\Microsoft.Pride2019_9.0.0.0_neutral__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.158.0_x64__dt26b99r8h8gj [2023-03-13] (Realtek Semiconductor Corp) Sherlock: Casos ocultos -> C:\Program Files\WindowsApps\828B5831.SherlockHiddenMatch-3Cases_1.29.2902.0_x64__ytsefhwckbdv6 [2023-03-14] (G5 Entertainment AB) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Studios) [MS Ad] Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.6.3.0_x64__t4vj0pshhgkwm [2023-03-22] (Telegram Messenger LLP) [Startup Task] TeleprompterPAD -> C:\Program Files\WindowsApps\ThePixelDiscovery.TeleprompterPAD_1.27.2.0_x64__ah442vqtwsnvy [2023-03-31] (The Pixel Discovery) User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3104.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm [2023-03-14] (WhatsApp Inc.) [Startup Task] WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-03-14] (Microsoft Corporation) WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-03-14] (Microsoft Corporation) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-868159705-1825106094-3080552626-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\clare\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-868159705-1825106094-3080552626-1001_Classes\CLSID\{E5DF1139-B036-497A-A287-8A93CCD4763C} -> [MEGAsync] => C:\Users\clare\OneDrive\Documentos\MEGAsync [2020-01-03 08:40] ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [Arquivo não assinado] [O arquivo está em uso] ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> ) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.054.0313.0001\FileSyncShell64.dll [2023-03-31] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> ) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2021-11-18] (pdfforge GmbH -> pdfforge GmbH) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> ) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-04] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> ) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [Arquivo não assinado] [O arquivo está em uso] ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.054.0313.0001\FileSyncShell64.dll [2023-03-31] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> ) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.054.0313.0001\FileSyncShell64.dll [2023-03-31] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-03-21] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_0141c6d660e4d11a\nvshext.dll [2023-03-09] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-04] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2020-07-07 14:33 - 2016-07-21 10:54 - 000137728 _____ () [Arquivo não assinado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2020-07-07 14:33 - 2017-09-12 10:34 - 001506304 _____ () [Arquivo não assinado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2023-03-11 11:59 - 2023-03-11 11:59 - 001530368 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\e_sqlite3.dll 2023-03-14 19:08 - 2023-03-14 19:08 - 105989120 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsApp.dll 2023-03-14 19:08 - 2023-03-14 19:08 - 008795648 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll 2023-03-26 21:45 - 2023-03-13 01:32 - 002767872 _____ () [Arquivo não assinado] C:\Users\clare\AppData\Local\Programs\Canva\ffmpeg.dll 2018-12-03 22:19 - 2018-12-03 22:19 - 000126976 _____ (Intel Corporation) [Arquivo não assinado] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll 2020-04-17 15:49 - 2022-07-15 20:06 - 000181248 _____ (pdfforge GmbH) [Arquivo não assinado] C:\WINDOWS\System32\pdfcmon.dll 2019-05-13 21:06 - 2022-07-22 11:23 - 005114544 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Arquivo não assinado] C:\Users\clare\AppData\Local\MEGAsync\Qt5Core.dll 2020-07-07 14:33 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [Arquivo não assinado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274] AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [8946] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2334] AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274] AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [8946] AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274] AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [8946] AlternateDataStreams: C:\ProgramData\Application Data:chnpbmzkyg [274] AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [8946] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [8946] AlternateDataStreams: C:\ProgramData\Temp:9494338C [252] ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE SearchScopes: HKU\S-1-5-21-868159705-1825106094-3080552626-1001 -> DefaultScope {02A9CDE3-EC5E-46C9-97A2-9075BFE987E1} URL = SearchScopes: HKU\S-1-5-21-868159705-1825106094-3080552626-1001 -> {02A9CDE3-EC5E-46C9-97A2-9075BFE987E1} URL = BHO: Sem Nome -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Nenhum Arquivo Filter: text/xml - Nenhum Valor CLSID (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\sharepoint.com -> hxxps://clareroli-files.sharepoint.com ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2020-08-27 13:53 - 2023-03-19 22:06 - 000000860 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 platform.wondershare.com 2021-08-08 22:50 - 2021-08-08 22:50 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\clare\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 8.8.8.8 - 1.1.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Firewall do Windows está habilitado. Network Binding: ============= Wi-Fi: Diebold Network Monitor -> nt_wsddntf (enabled) Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled) ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) MSCONFIG\Services: EaseUS UPDATE SERVICE => 2 MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2 MSCONFIG\Services: HPPrintScanDoctorService => 2 MSCONFIG\Services: PDF Architect 8 => 2 MSCONFIG\Services: PDF Architect 8 Creator => 3 MSCONFIG\Services: PDF Architect 8 Update Service => 3 MSCONFIG\Services: ss_conn_launcher_service => 3 MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2 MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3 HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "WSVCUUpdateHelper.exe" HKLM\...\StartupApproved\Run32: => "BCSSync" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData" HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData" HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\StartupApproved\Run: => "CanvaAutoLaunchAvailabilityCheckAgent" HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{70A4D341-86A6-4D61-AA4C-9A5FD3555895}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{711B0503-FD9E-4A7B-98B2-8F1218531686}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{7CF937E2-9E6D-4B29-A252-4A799AD67363}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{2964E9E9-0634-4E79-B5A7-AF2F10AEDE24}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{306D23D0-5FE2-4316-BF4D-C87FBB2EAA0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{572EFC4B-638A-49B9-B6EE-EDD8BE2040E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{FF446469-5EFB-40C7-B931-9CB480FA86AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{153D5720-51D2-442F-8FC3-632483165660}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{72F6DA85-CE05-4301-A57B-3E4CDAEC390D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{CFC14462-7018-40E1-B847-F9514EA16EA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{721B4CF1-EAD3-4B76-BF64-D0FB7543395A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{F333A289-9044-424E-9FA1-E19EE0562434}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4855AE8B-D1FF-410C-88C4-31DC1AB826E7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{DE8A449E-3834-435B-89D4-3CF97922DE51}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{6406B5A6-D92B-4B93-AE4D-7E1DE7ECD8A7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{D48D4D5D-0634-48B1-B2F0-E5B06E84ACE1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{3217E818-7B17-48D9-8B18-0B089313D2F8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{CA6DA78B-7754-4EFF-86BD-12D881373241}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) ==================== Pontos de Restauração ========================= 21-03-2023 15:27:20 Ponto de Verificação Agendado 03-04-2023 11:30:06 ZHPcleaner ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (04/03/2023 09:05:30 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: CLARE) Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status. Error: (04/03/2023 06:05:32 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: CLARE) Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status. Error: (04/03/2023 03:05:32 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: CLARE) Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status. Error: (04/03/2023 12:05:37 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: CLARE) Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status. Error: (04/03/2023 11:48:17 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado. . Error: (04/03/2023 11:48:17 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado. ] Error: (04/03/2023 11:48:17 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado. . Error: (04/03/2023 11:48:17 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado. ] Erros de Sistema: ============= Error: (04/03/2023 11:50:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço ACCSvc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (04/03/2023 11:48:10 AM) (Source: DCOM) (EventID: 10010) (User: CLARE) Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário. Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço NVIDIA Display Container LS foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço. Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Realtek Audio Universal Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Graphics Command Center Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Qualcomm Atheros WLAN Driver Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço AtherosSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (04/03/2023 11:17:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Adobe Acrobat Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Windows Defender: ================ Date: 2023-03-13 22:40:02 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=PUAMarketing:Win32/Comscore&threatid=311418&enterprise=1 Nome: PUAMarketing:Win32/Comscore Gravidade: Grave Categoria: Software Potencialmente Indesejado Caminho: file:_C:\Users\clare\AppData\Local\Temp\is-3I7LB.tmp\rk_setup.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: CLARE\clare Nome do Processo: C:\Users\clare\AppData\Local\Temp\is-L2AT8.tmp\dvrsetup.tmp Versão da Inteligência de Segurança: AV: 1.383.1760.0, AS: 1.383.1760.0, NIS: 1.383.1760.0 Versão do Mecanismo: AM: 1.1.20100.6, NIS: 1.1.20100.6 Date: 2023-02-24 14:16:44 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=1 Nome: HackTool:Win32/AutoKMS Gravidade: Alto Categoria: Ferramenta Caminho: file:_C:\Windows\KMSEmulator.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: CLARE\clare Nome do Processo: C:\Users\clare\Downloads\office 2010\Office 2010 Toolkit.exe Versão da Inteligência de Segurança: AV: 1.381.80.0, AS: 1.381.80.0, NIS: 1.381.80.0 Versão do Mecanismo: AM: 1.1.19900.2, NIS: 1.1.19900.2 Date: 2023-02-24 14:15:19 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.E!MSR&threatid=2147743252&enterprise=1 Nome: HackTool:Win32/AutoKMS.E!MSR Gravidade: Alto Categoria: Ferramenta Caminho: file:_C:\Users\clare\Downloads\office 2010\Office 2010 Toolkit.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: CLARE\clare Nome do Processo: C:\Windows\explorer.exe Versão da Inteligência de Segurança: AV: 1.381.80.0, AS: 1.381.80.0, NIS: 1.381.80.0 Versão do Mecanismo: AM: 1.1.19900.2, NIS: 1.1.19900.2 Date: 2022-08-24 13:29:47 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=1 Nome: HackTool:Win32/Keygen Gravidade: Alto Categoria: Ferramenta Caminho: file:_C:\Windows\KMSEmulator.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: CLARE\clare Nome do Processo: C:\Users\clare\OneDrive\Área de Trabalho\office 2010\office 2010\autenticar office 2010\Office 2010 Toolkit.exe Versão da Inteligência de Segurança: AV: 1.341.201.0, AS: 1.341.201.0, NIS: 1.341.201.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2022-08-24 13:27:50 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=1 Nome: HackTool:Win32/Keygen Gravidade: Alto Categoria: Ferramenta Caminho: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\Windows\KMSEmulator.exe; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22775DAB-9D15-4631-AC94-F458547C1D63}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: CLARE\clare Nome do Processo: C:\Users\clare\OneDrive\Área de Trabalho\office 2010\office 2010\autenticar office 2010\Office 2010 Toolkit.exe Versão da Inteligência de Segurança: AV: 1.341.201.0, AS: 1.341.201.0, NIS: 1.341.201.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Event[0]: Date: 2023-03-13 22:27:32 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.383.1760.0 Fonte da Atualização: Servidor do Microsoft Update Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.20100.6 Código de Erro: 0x80070102 Descrição do Erro: O tempo limite de espera foi atingido. Date: 2023-01-08 23:34:22 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou. Recurso: Sistema de Inspeção de Rede Código do Erro: 0x8007041d Descrição do erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Motivo: O sistema não possui atualizações que são necessárias para executar o Sistema de Inspeção de Rede. Instale as atualizações necessárias e reinicie o dispositivo. Date: 2022-11-18 23:32:49 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.375.781.0 Fonte da Atualização: Servidor do Microsoft Update Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.19600.3 Código de Erro: 0x8024001e Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte. CodeIntegrity: =============== Date: 2023-04-03 23:25:01 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Topaz OFD\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements. Date: 2023-04-03 15:22:36 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\72.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements. ==================== Informações da Memória =========================== BIOS: Insyde Corp. V1.14 05/24/2019 placa-mãe: WL Raticate_WL Processador: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz Percentagem de memória em uso: 38% RAM física total: 16232.24 MB RAM física disponível: 9920.4 MB Virtual Total: 38232.24 MB Virtual disponível: 31598.66 MB ==================== Drives ================================ Drive (Acer) (Fixed) (Total:930.4 GB) (Free:422.9 GB) (Model: WDC WD10SPZX-21Z10T0) NTFS Drive g: ([email protected] - Google Drive) (Fixed) (Total:15 GB) (Free:15 GB) (Model: WDC WD10SPZX-21Z10T0) FAT32 Drive h: ([email protected] - G...) (Fixed) (Total:15 GB) (Free:15 GB) (Model: WDC WD10SPZX-21Z10T0) FAT32 \\?\Volume{a1ec22da-27c4-433e-aafc-4fcca9655532}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.48 GB) NTFS \\?\Volume{56eb7a99-f1ba-431f-b0ca-223b99f831c2}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 65632B75) Partition: GPT. ==================== Fim de Addition.txt ======================= Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 03-04-2023 Executado por clare (administrador) em CLARE (Acer Aspire A515-52G) (03-04-2023 23:28:43) Executando a partir de C:\Users\clare\OneDrive\Área de Trabalho Perfis Carregados: clare Plataforma: Microsoft Windows 10 Home Single Language Versão 22H2 19045.2728 (X64) Idioma: Português (Brasil) Navegador padrão: Edge Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Canva -> Canva Pty Ltd) C:\Users\clare\AppData\Local\Programs\Canva\Canva.exe <2> (DriverStore\FileRepository\cui_dch.inf_amd64_bb78abeaf9afb67e\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bb78abeaf9afb67e\igfxEM.exe (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\72.0.3.0\crashpad_handler.exe <2> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe <7> (explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\clare\AppData\Local\MEGAsync\MEGAsync.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <33> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bb78abeaf9afb67e\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_8739c242c92433b5\OneApp.IGCC.WinService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b57a83a6990c9a72\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b57a83a6990c9a72\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacig.inf_amd64_0141c6d660e4d11a\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2> (svchost.exe ->) (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\Wondershare\UniConverter\WSVCUUpdateHelper.exe (Nenhum Arquivo) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nenhum Arquivo) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (Nenhum Arquivo) HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\clare\AppData\Local\Microsoft\Teams\Update.exe [2585824 2022-12-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Nenhum Arquivo) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.) HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.) HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\clare\AppData\Local\Microsoft\Teams\Update.exe [2585824 2022-12-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\clare\AppData\Local\Programs\Canva\Canva.exe [158071432 2023-03-13] (Canva -> Canva Pty Ltd) HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\Windows\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP c111 Status Monitor: hpinkstsc111LM.dll (Nenhum Arquivo) HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-07-15] (pdfforge GmbH) [Arquivo não assinado] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.147\Installer\chrmstp.exe [2023-03-29] (Google LLC -> Google LLC) Startup: C:\Users\clare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-04-26] ShortcutTarget: MEGAsync.lnk -> C:\Users\clare\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {01FEFF8A-93A2-4E1B-B8E9-CD3FB7A6AA70} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [462848 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {0219B601-8F68-4E0F-AADB-F064BB6BE383} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {10CA2D03-6D42-4E6A-A5F5-1EEFEB37B568} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [834032 2019-02-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {1500BF84-CCC6-4FBD-8123-9401637C6FC7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {1B5AF7DA-A632-4B17-BA80-65E489426A8A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {1BABCB9C-19E9-4947-A869-394EA85F11AD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {27E8FD4D-C5D6-488D-B731-3B1A4F486C59} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {2A4EA318-BD0D-420D-B860-C365A0393524} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2C33F99E-C38A-460D-86B7-989A916F92C0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {31F6A644-F40E-4213-8188-09DCD6B1B329} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {384034EC-2BD9-414E-97BD-788C3CD92FF1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Nenhum Arquivo) Task: {3D8280CE-976F-4281-84B5-BCDF1BC367A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-14] (Google LLC -> Google LLC) Task: {3DB554B4-2BB9-4560-9FAD-F2C8045FD935} - System32\Tasks\CareCenter\GoogleDriveFS_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (Nenhum Arquivo) <==== ATENÇÃO Task: {4FDD8597-A20D-4A1A-BDB9-5415E8DB0700} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.) Task: {55A55051-9D6E-41BF-A3C6-830842CE4CD2} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {568CCD61-B443-48B3-8219-7932F3867604} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Nenhum Arquivo) Task: {5A758AEE-B9AA-43DC-B791-782C60B00C5E} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\clare\AppData\Roaming\\sysinfotool\\sitool.exe -st -tu 3 (Nenhum Arquivo) <==== ATENÇÃO Task: {64B570F5-FC37-4211-8199-EB9848FBB8D3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {69F5D084-06BF-4295-ABB9-993000940009} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\clare\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-16] (ESET, spol. s r.o. -> ESET) Task: {6D6A4622-9B4F-43BD-A972-B8AEE4BCFD55} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {727BE017-6B03-4730-BAA4-7837422309B3} - System32\Tasks\CareCenter\Wondershare Helper Compact.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) Task: {78D500F6-8B68-4E26-9DC3-94DC356B21C4} - System32\Tasks\Microsoft\Windows\Windows Update\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe (Nenhum Arquivo) Task: {7F39972B-17FF-49CC-B995-E9D9DCFAB08C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8130A3F4-0C36-4139-9FDD-F7E94823E8B6} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-MLMFK.tmp\corefixer.exe /norerun (Nenhum Arquivo) <==== ATENÇÃO Task: {828FDE0A-9939-45D4-902D-83E69A942278} - System32\Tasks\pdfforge GmbH\Update => C:\Program Files\PDF Architect 8\architect.exe --update --mode check auto notify (Nenhum Arquivo) Task: {8E9B8598-E418-4CFD-B959-873B5C90BDFE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002032 2022-12-07] (Intel Corporation -> Intel Corporation) Task: {9342B0A9-7442-4E40-80A0-2DCE92498587} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (Nenhum Arquivo) Task: {9AEB1BF5-70CA-4633-A6BB-49F5194859EF} - System32\Tasks\CareCenter\AnyDesk.lnk_FolderCommonAppdata => C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH) Task: {9B5E199F-9D12-4C45-9E89-CC654CD5E88C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196792 2023-03-31] (Microsoft Corporation -> Microsoft Corporation) Task: {A7FFC8F9-66E2-48A8-B11E-B7A710B822D8} - System32\Tasks\CareCenter\MEGAsync.lnk_FolderAppdata_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Users\clare\AppData\Local\MEGAsync\MEGAsync.exe [65128112 2023-03-27] (Mega Limited -> Mega Limited) Task: {AD061118-8FA7-4C74-8116-BF5E9A2A95FA} - System32\Tasks\CareCenter\HP Software Update_Reg_HKLMWow6432Run => C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) Task: {ADBDBD1E-0035-4F89-AAF8-9BBD4A3D7868} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {B2514D61-EA2B-4B51-9765-528234104B9B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Users\clare\AppData\Local\MEGAsync\MEGAupdater.exe [1776304 2023-03-27] (Mega Limited -> ) Task: {B42748F9-085A-4717-B98E-452D60FAD011} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Maintenance Schedule created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {B55E241A-D276-4295-8EBA-0B612E4FAEAE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196792 2023-03-31] (Microsoft Corporation -> Microsoft Corporation) Task: {C2808C9E-412F-47E0-921A-BF62CA4C81C6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {C3431AFB-D315-43B9-8C83-1760F917DFB5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DAA1C8DC-12D0-4A91-B9FF-3CC838D534B9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {DB072358-8F7B-47F8-A668-7748A6F40766} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [462848 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {DDAAAF73-1AB1-49B5-866C-3330A2981ECF} - System32\Tasks\CareCenter\MicrosoftEdgeAutoLaunch_A295FA842BF5E5CB2E822951A6B7AC5E_Reg_HKCURun_S-1-5-21-868159705-1825106094-3080552626-1001 => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [4056016 2023-03-30] (Microsoft Corporation -> Microsoft Corporation) Task: {DF65097F-00A0-410E-82EF-222D780A8333} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DFAE1CB0-BB59-4418-B1D8-34FA138F8D31} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\clare\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-16] (ESET, spol. s r.o. -> ESET) Task: {E549B32C-8404-4E58-97D2-24B7A474C9F3} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002032 2022-12-07] (Intel Corporation -> Intel Corporation) Task: {EA6CDDF7-033A-49AD-87F7-F386E5D27EF0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\AD5F7DB2-C88C-4563-BDF0-4FC5F01D240B\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [466944 2023-03-11] (Microsoft Windows -> Microsoft Corporation) Task: {FDBC3071-DC9B-4F0B-A22D-EBADD2F4FA1B} - System32\Tasks\CareCenter\BCSSync_Reg_HKLMWow6432Run => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) Task: {FF3E2D09-67EB-42FA-BF10-9AD593A199DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-14] (Google LLC -> Google LLC) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: 127.0.0.1 platform.wondershare.com Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 1.1.1.1 Tcpip\..\Interfaces\{260b3c9e-989f-432d-ac3d-67dd72ca6fe2}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{39a84177-32c5-4971-8e8a-563d704db63e}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{85a08483-54af-4980-8a82-7b60c469a4a0}: [DhcpNameServer] 192.168.10.1 Tcpip\..\Interfaces\{8f10f5d3-ad23-46eb-952d-04f4e2ac6b5b}: [DhcpNameServer] 8.8.8.8 1.1.1.1 Edge: ======= Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)] Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)] Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)] Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)] Edge DefaultProfile: Default Edge Profile: C:\Users\clare\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-03] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\clare\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-04-03] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-03-21] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default [2023-04-03] CHR Extension: (Image Downloader) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2022-11-11] CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2023-01-21] CHR Extension: (vídeo downloader - CocoCut) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\gddbgllpilhpnjpkdbopahnpealaklle [2023-03-08] CHR Extension: (Google Docs Offline) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-03] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-03-12] CHR Extension: (Stream Recorder - download HLS as MP4) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogidnfllpdhagebkblkgbfijkbkjdmm [2023-02-23] CHR Extension: (Live Stream Downloader) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\looepbdllpjgdmkpdcdffhdbmpbcfekj [2023-02-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2023-03-08] CHR Profile: C:\Users\clare\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-03-13] CHR Profile: C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-04-03] CHR Extension: (Google Docs Offline) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-01] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-01-01] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-01] CHR Extension: (Chrome Web Store Payments) - C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-01] CHR Profile: C:\Users\clare\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-13] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKU\S-1-5-21-868159705-1825106094-3080552626-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.054.0313.0001\FileSyncHelper.exe [3417008 2023-03-31] (Microsoft Corporation -> Microsoft Corporation) S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-09-21] (HP Inc. -> HP Inc.) S2 KMService; C:\WINDOWS\SysWOW64\srvany.exe [8192 2020-06-24] () [Arquivo não assinado] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9094440 2023-03-29] (Malwarebytes Inc. -> Malwarebytes) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado] S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.054.0313.0001\OneDriveUpdaterService.exe [3801008 2023-03-31] (Microsoft Corporation -> Microsoft Corporation) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado] R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [188736 2023-03-19] (Qualcomm Atheros, Inc. -> ) R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1001256 2022-09-19] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-04-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-04-03] (Microsoft Windows Publisher -> Microsoft Corporation) S2 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X] S4 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_0141c6d660e4d11a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_0141c6d660e4d11a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S3 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X] S3 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X] S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X] ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2023-03-19] (Acer Incorporated -> Acer Incorporated) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2021-03-23] (EldoS Corporation -> EldoS Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198584 2023-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-04-03] (Malwarebytes Inc. -> Malwarebytes) R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2018-12-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2023-03-08] (Nvidia Corporation -> NVIDIA Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49608 2023-04-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [495896 2023-04-03] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-04-03] (Microsoft Windows -> Microsoft Corporation) S3 WsAudio_Device(1); C:\WINDOWS\system32\drivers\VirtualAudio1.sys [31080 2015-08-03] (Wondershare Software Co., Ltd. -> Wondershare) S1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [47800 2023-03-14] (Gas Informatica Ltda -> GAS Tecnologia) R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [51160 2021-05-21] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [34768 2021-05-21] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [36768 2022-02-25] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-04-03 23:25 - 2023-04-03 23:25 - 000000000 ____D C:\Users\clare\AppData\LocalLow\IGDump 2023-04-03 11:52 - 2023-04-03 11:52 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2023-04-03 11:21 - 2023-04-03 11:36 - 000000000 ____D C:\Users\clare\AppData\Roaming\ZHP 2023-04-03 11:21 - 2023-04-03 11:21 - 000000000 ____D C:\Users\clare\AppData\Local\ZHP 2023-03-27 22:05 - 2023-03-27 22:05 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn 2023-03-27 18:19 - 2023-03-27 18:19 - 000019867 _____ C:\Users\clare\Downloads\Abril.pdf 2023-03-26 21:45 - 2023-04-03 23:24 - 000000000 ____D C:\Users\clare\AppData\Roaming\Canva 2023-03-26 21:45 - 2023-03-26 21:45 - 000002217 _____ C:\Users\clare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Canva.lnk 2023-03-23 20:54 - 2023-03-23 20:54 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\CURSO JORNADA 2023-03-23 19:11 - 2023-03-23 19:12 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\Adobe 2023-03-23 18:55 - 2023-03-23 18:55 - 000000000 ____D C:\Users\clare\Downloads\igfx_win10_100.8476 2023-03-23 18:55 - 2020-07-28 13:54 - 024385824 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll 2023-03-23 18:55 - 2020-07-28 13:54 - 023040656 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll 2023-03-23 18:55 - 2020-07-28 13:54 - 000161376 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll 2023-03-23 18:55 - 2020-07-28 13:54 - 000136880 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll 2023-03-23 18:53 - 2023-03-23 18:55 - 336985352 _____ C:\Users\clare\Downloads\igfx_win10_100.8476.zip 2023-03-23 18:49 - 2023-03-23 18:49 - 000000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk 2023-03-23 18:42 - 2022-01-07 23:10 - 1035202898 _____ (KpoJIuK) C:\Users\clare\Downloads\Adobe Premiere Pro 2022 (22.1.2.1).exe 2023-03-23 18:42 - 2021-04-18 23:22 - 000000640 _____ C:\Users\clare\Downloads\README.txt 2023-03-23 18:02 - 2023-03-23 18:37 - 000000000 ____D C:\Users\clare\Downloads\Telegram Desktop 2023-03-21 16:02 - 2023-04-03 23:18 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\1a PODOLOGIA YOUTUBE 2023-03-21 15:36 - 2023-03-21 15:53 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-03-20 22:37 - 2023-03-20 22:37 - 000000336 _____ C:\Users\clare\OneDrive\Documentos\20-03-2023 escaneamento.txt 2023-03-19 22:17 - 2023-04-03 23:29 - 000000000 ____D C:\FRST 2023-03-19 22:14 - 2023-03-19 22:15 - 000000000 ____D C:\AdwCleaner 2023-03-19 21:59 - 2023-03-19 21:59 - 000063116 _____ C:\Users\clare\OneDrive\Documentos\System Information Report.html 2023-03-19 21:57 - 2023-03-19 21:57 - 000053632 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys 2023-03-19 21:16 - 2023-03-19 21:16 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys 2023-03-19 21:10 - 2023-03-19 21:10 - 000106280 _____ (Qualcomm) C:\WINDOWS\system32\Drivers\btfilter.sys 2023-03-19 21:08 - 2023-03-19 21:08 - 001210248 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2023-03-19 21:07 - 2023-03-19 21:07 - 010098480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll 2023-03-19 21:07 - 2023-03-19 21:07 - 001854072 _____ (Logitech, Inc.) C:\WINDOWS\system32\LkmdfCoInst.dll 2023-03-19 21:07 - 2023-03-19 21:07 - 000086648 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LHidFilt.Sys 2023-03-19 21:07 - 2023-03-19 21:07 - 000069240 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LMouFilt.Sys 2023-03-19 21:07 - 2023-03-19 21:07 - 000063096 _____ (Logitech, Inc.) C:\WINDOWS\system32\LMouFiltCoInst.dll 2023-03-19 21:07 - 2023-03-19 21:07 - 000050808 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LUsbFilt.sys 2023-03-19 20:52 - 2023-03-19 20:52 - 000000000 ____D C:\Users\clare\AppData\LocalLow\Intel 2023-03-19 20:47 - 2023-03-19 22:01 - 000000000 ____D C:\ProgramData\ProductData 2023-03-19 20:47 - 2023-03-19 20:47 - 000000000 ____D C:\Users\clare\AppData\LocalLow\IObit 2023-03-19 20:46 - 2023-03-19 22:15 - 000000000 ____D C:\Users\clare\AppData\Roaming\IObit 2023-03-19 20:46 - 2023-03-19 21:58 - 000000000 ____D C:\ProgramData\IObit 2023-03-16 15:37 - 2023-03-16 15:37 - 000003838 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2023-03-16 15:37 - 2023-03-16 15:37 - 000003396 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2023-03-15 13:06 - 2023-03-15 13:06 - 000000000 ___HD C:\$WinREAgent 2023-03-14 22:01 - 2023-03-20 18:49 - 000001382 _____ C:\Users\clare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2023-03-14 22:01 - 2023-03-14 22:01 - 015274968 _____ (ESET) C:\Users\clare\Downloads\esetonlinescanner.exe 2023-03-14 22:01 - 2023-03-14 22:01 - 000000000 ____D C:\Users\clare\AppData\Local\ESET 2023-03-14 18:31 - 2023-03-14 18:31 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-03-14 18:31 - 2023-03-14 18:31 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-03-14 18:31 - 2023-03-08 08:17 - 002904632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2023-03-14 18:31 - 2023-03-08 08:17 - 002234920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2023-03-14 18:31 - 2023-03-08 08:17 - 001297464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll 2023-03-14 18:30 - 2023-03-14 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2023-03-14 18:30 - 2023-03-14 18:30 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-03-14 18:30 - 2023-03-14 18:30 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-03-14 18:30 - 2023-03-14 18:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-03-14 18:30 - 2023-03-14 18:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-03-14 18:30 - 2023-03-14 18:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-03-14 18:30 - 2023-03-14 18:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-03-14 18:30 - 2023-03-14 18:30 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-03-14 18:30 - 2023-03-14 18:30 - 000000000 ____D C:\WINDOWS\system32\lxss 2023-03-14 18:30 - 2023-03-08 08:17 - 000169512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2023-03-14 18:30 - 2023-03-08 08:17 - 000148520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2023-03-14 18:26 - 2023-03-08 08:17 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2023-03-14 18:25 - 2023-03-09 02:06 - 000851432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2023-03-14 18:25 - 2023-03-09 02:01 - 005835312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2023-03-14 18:24 - 2023-03-09 02:11 - 002172512 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2023-03-14 18:24 - 2023-03-09 02:11 - 002172512 _____ C:\WINDOWS\system32\vulkaninfo.exe 2023-03-14 18:24 - 2023-03-09 02:11 - 001607776 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-03-14 18:24 - 2023-03-09 02:11 - 001607776 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2023-03-14 18:24 - 2023-03-09 02:11 - 001487384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2023-03-14 18:24 - 2023-03-09 02:11 - 001479264 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2023-03-14 18:24 - 2023-03-09 02:11 - 001479264 _____ C:\WINDOWS\system32\vulkan-1.dll 2023-03-14 18:24 - 2023-03-09 02:11 - 001226776 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2023-03-14 18:24 - 2023-03-09 02:11 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2023-03-14 18:24 - 2023-03-09 02:11 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2023-03-14 18:24 - 2023-03-09 02:07 - 000671744 _____ C:\WINDOWS\system32\nvofapi64.dll 2023-03-14 18:24 - 2023-03-09 02:07 - 000506344 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2023-03-14 18:24 - 2023-03-09 02:05 - 001534488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2023-03-14 18:24 - 2023-03-09 02:05 - 001193000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2023-03-14 18:24 - 2023-03-09 02:04 - 000741400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2023-03-14 18:24 - 2023-03-09 02:03 - 002163696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2023-03-14 18:24 - 2023-03-09 02:03 - 001620016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2023-03-14 18:24 - 2023-03-09 02:02 - 013765680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2023-03-14 18:24 - 2023-03-09 02:02 - 011645952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2023-03-14 18:24 - 2023-03-09 02:02 - 006084096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2023-03-14 18:24 - 2023-03-09 02:02 - 003430448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2023-03-14 18:24 - 2023-03-09 02:02 - 000457712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2023-03-14 18:24 - 2023-03-09 02:01 - 005911552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2023-03-14 18:24 - 2023-03-09 02:00 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2023-03-14 18:24 - 2023-03-09 01:58 - 006788432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2023-03-14 18:24 - 2023-03-08 08:17 - 000104256 _____ C:\WINDOWS\system32\nvinfo.pb 2023-03-14 18:19 - 2023-03-14 18:19 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2023-03-14 18:06 - 2023-03-14 18:06 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2023-03-14 18:06 - 2023-03-14 18:06 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2023-03-14 18:06 - 2023-03-14 18:06 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2023-03-14 18:06 - 2022-12-13 08:21 - 000047240 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys 2023-03-14 12:51 - 2023-03-14 12:51 - 000000000 ____D C:\WINDOWS\Panther 2023-03-14 12:40 - 2023-03-14 16:49 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2023-03-14 12:36 - 2023-03-14 18:51 - 000000000 ____D C:\WINDOWS\pss 2023-03-14 11:35 - 2023-03-14 11:35 - 000000000 ___HD C:\$SysReset 2023-03-12 22:23 - 2023-03-13 10:57 - 000000000 ____D C:\Users\clare\AppData\Roaming\EaseUS 2023-03-12 20:23 - 2023-03-12 20:23 - 000000000 ____D C:\Users\clare\AppData\Roaming\Remo 2023-03-12 20:21 - 2021-03-23 17:28 - 000026024 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys 2023-03-12 19:06 - 2023-03-13 20:56 - 000000000 ____D C:\Users\clare\AppData\Local\unali-100514406 2023-03-12 19:06 - 2023-03-13 20:56 - 000000000 ____D C:\Users\clare\AppData\Local\unali-100514281 2023-03-12 18:02 - 2023-03-16 11:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\DocumentosUSOShared-type6.6.9.7 2023-03-12 17:45 - 2023-03-14 11:47 - 000000000 ____D C:\Users\clare\AppData\Roaming\SysInfoTool 2023-03-12 13:19 - 2023-03-12 18:07 - 000684984 _____ (Mozilla Foundation) C:\Users\clare\AppData\LocalLow\freebl3.dll 2023-03-12 13:19 - 2023-03-12 18:07 - 000627128 _____ (Mozilla Foundation) C:\Users\clare\AppData\LocalLow\mozglue.dll 2023-03-12 13:19 - 2023-03-12 18:07 - 000254392 _____ (Mozilla Foundation) C:\Users\clare\AppData\LocalLow\softokn3.dll 2023-03-12 11:36 - 2023-03-12 11:36 - 000000000 ____D C:\Users\clare\AppData\Roaming\TSMonitor 2023-03-11 16:24 - 2023-03-11 16:24 - 000000000 ____D C:\Users\clare\AppData\Local\ServiceHub 2023-03-11 15:53 - 2023-03-11 15:53 - 000000000 ____D C:\Users\clare\AppData\Roaming\Bytedance 2023-03-11 15:52 - 2023-03-11 15:52 - 000000000 ____D C:\Users\clare\AppData\Roaming\NVIDIA 2023-03-11 15:43 - 2023-03-09 01:59 - 007924696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2023-03-11 13:33 - 2023-03-14 18:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2023-03-11 12:28 - 2023-03-13 14:44 - 000000000 ____D C:\Users\clare\AppData\Local\VEDetector 2023-03-11 12:27 - 2023-03-23 19:17 - 000000000 ____D C:\Users\clare\AppData\Local\CapCut 2023-03-09 19:13 - 2023-03-09 19:14 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\CURSO DESCOMPLICANDO O YOUTUBE 2023-03-08 16:02 - 2023-03-16 21:09 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\CURSO SALA VIP ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-04-03 22:43 - 2020-07-11 14:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-04-03 22:32 - 2019-12-14 18:30 - 000000000 ____D C:\Program Files (x86)\Google 2023-04-03 22:12 - 2020-07-07 14:31 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\Wondershare Filmora 9 2023-04-03 22:12 - 2020-07-07 14:31 - 000000000 ____D C:\ProgramData\Wondershare Filmora 2023-04-03 21:05 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-04-03 16:03 - 2019-12-14 18:37 - 000000000 ___RD C:\Users\clare\Google Drive 2023-04-03 12:25 - 2019-06-27 01:04 - 000000000 ____D C:\ProgramData\NVIDIA 2023-04-03 12:21 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2023-04-03 12:03 - 2020-01-03 08:40 - 000000000 ___RD C:\Users\clare\OneDrive\Documentos\MEGAsync 2023-04-03 12:01 - 2019-12-14 18:19 - 000000000 __SHD C:\Users\clare\IntelGraphicsProfiles 2023-04-03 11:50 - 2020-07-11 15:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-04-03 11:50 - 2020-07-11 14:50 - 000008192 ___SH C:\DumpStack.log.tmp 2023-04-03 11:50 - 2019-06-27 00:59 - 000000000 ___HD C:\Intel 2023-04-03 11:49 - 2021-12-14 15:45 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-04-03 11:49 - 2019-12-07 06:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2023-04-03 11:31 - 2019-06-27 00:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-04-02 19:47 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-04-02 19:47 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-04-02 17:20 - 2019-12-14 18:19 - 000000000 ____D C:\Users\clare\AppData\Roaming\Adobe 2023-04-02 11:47 - 2020-06-24 11:33 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-03-31 21:32 - 2020-07-11 15:18 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-03-31 21:32 - 2020-07-11 15:18 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-03-31 19:54 - 2021-12-14 15:46 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-868159705-1825106094-3080552626-1001 2023-03-31 19:54 - 2021-11-27 20:38 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-03-31 19:54 - 2021-11-27 20:38 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-03-31 19:53 - 2020-01-20 15:15 - 000000000 ____D C:\Users\clare\AppData\Local\D3DSCache 2023-03-31 19:50 - 2019-12-14 18:21 - 000000000 ____D C:\Users\clare\AppData\Local\PlaceholderTileLogoFolder 2023-03-31 19:50 - 2019-12-14 18:19 - 000000000 ____D C:\Users\clare\AppData\Local\Packages 2023-03-31 19:50 - 2019-12-14 18:12 - 000000000 ____D C:\ProgramData\Packages 2023-03-30 14:54 - 2022-06-20 17:42 - 000000000 ____D C:\Users\clare\OneDrive\Documentos\TRABALHO MARKETING DIGITAL 2023-03-30 13:50 - 2020-07-11 15:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-03-30 13:49 - 2022-10-13 20:55 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-03-29 16:00 - 2019-12-14 18:32 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-03-27 14:31 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-03-27 11:21 - 2020-01-03 08:39 - 000000000 ____D C:\Users\clare\AppData\Local\MEGAsync 2023-03-24 19:14 - 2019-12-14 18:23 - 000000000 ____D C:\Users\clare\AppData\Local\Publishers 2023-03-23 19:11 - 2019-12-14 18:22 - 000000000 ___RD C:\Users\clare\OneDrive 2023-03-23 18:59 - 2019-06-27 01:12 - 000000000 ____D C:\Program Files (x86)\Intel 2023-03-23 18:59 - 2019-06-27 01:02 - 000000000 ____D C:\Program Files\Intel 2023-03-23 18:52 - 2020-01-03 08:38 - 000000000 ____D C:\Users\clare\AppData\Local\Adobe 2023-03-23 18:49 - 2021-12-14 16:25 - 000000000 ____D C:\Program Files\Adobe 2023-03-23 18:49 - 2021-12-14 16:24 - 000000000 ____D C:\Program Files\Common Files\Adobe 2023-03-23 18:49 - 2020-07-11 13:33 - 000000000 ____D C:\Users\clare 2023-03-23 18:49 - 2020-01-03 08:40 - 000000000 ____D C:\ProgramData\Adobe 2023-03-23 18:48 - 2019-06-27 01:02 - 000000000 ____D C:\ProgramData\Package Cache 2023-03-23 17:19 - 2019-12-14 18:21 - 000000000 ____D C:\Users\clare\AppData\Local\NVIDIA Corporation 2023-03-22 16:51 - 2022-01-04 11:51 - 000000000 ____D C:\Users\clare\AppData\Local\CrashDumps 2023-03-21 18:37 - 2020-07-07 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2023-03-21 18:35 - 2020-07-07 14:31 - 000000000 ____D C:\Program Files\Wondershare 2023-03-21 11:32 - 2021-09-03 15:25 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2023-03-20 20:12 - 2020-07-11 15:02 - 001751504 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-03-20 20:12 - 2019-12-07 11:54 - 000755588 _____ C:\WINDOWS\system32\prfh0416.dat 2023-03-20 20:12 - 2019-12-07 11:54 - 000149642 _____ C:\WINDOWS\system32\prfc0416.dat 2023-03-19 21:25 - 2019-06-26 08:52 - 002455872 _____ (Qualcomm Atheros, Inc.) C:\WINDOWS\system32\Drivers\Qcamain10x64.sys 2023-03-19 21:25 - 2019-06-26 08:52 - 000188736 _____ C:\WINDOWS\system32\Drivers\QcomWlanSrvx64.exe 2023-03-19 21:15 - 2019-06-27 00:45 - 000000000 ____D C:\ProgramData\Intel 2023-03-19 21:09 - 2018-12-22 00:59 - 006539840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2023-03-19 21:08 - 2020-05-12 22:29 - 000036800 _____ (Acer Incorporated) C:\WINDOWS\system32\Drivers\AcerAirplaneModeController.sys 2023-03-19 21:07 - 2018-12-11 00:14 - 001367344 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys 2023-03-19 20:16 - 2020-02-21 21:58 - 000000000 ____D C:\Users\clare\AppData\Local\NVIDIA 2023-03-15 17:06 - 2020-07-11 14:51 - 000486592 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-03-15 17:00 - 2021-11-19 14:30 - 000000000 ____D C:\Program Files (x86)\AnyDesk 2023-03-15 17:00 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-03-15 17:00 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-03-15 15:15 - 2020-07-11 14:59 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-03-15 12:36 - 2019-12-19 10:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-03-15 12:24 - 2019-12-19 10:31 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-03-14 18:32 - 2019-06-27 01:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2023-03-14 18:31 - 2019-06-27 01:04 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2023-03-14 18:31 - 2019-06-27 01:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2023-03-14 18:06 - 2020-07-07 15:10 - 000006649 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1 2023-03-14 18:06 - 2020-07-07 15:03 - 000017260 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1 2023-03-14 18:06 - 2020-07-07 15:03 - 000013481 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1 2023-03-14 18:06 - 2019-12-14 18:19 - 000000000 ____D C:\Users\clare\AppData\Local\Intel 2023-03-14 17:36 - 2022-12-15 17:20 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2023-03-14 17:34 - 2020-01-08 19:03 - 000047800 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys 2023-03-14 11:53 - 2020-11-13 11:39 - 000000000 ____D C:\Program Files\dotnet 2023-03-13 20:59 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-03-13 20:57 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2023-03-13 20:57 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-03-13 20:57 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2023-03-13 20:57 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-03-13 20:57 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\Services 2023-03-13 20:56 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files\Windows Portable Devices 2023-03-13 20:56 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-03-13 20:56 - 2019-12-07 11:57 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning 2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\IME 2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Globalization 2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Containers 2023-03-13 20:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Branding 2023-03-13 20:56 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\servicing 2023-03-13 20:37 - 2019-12-07 11:55 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\dsc 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\MUI 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Keywords 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\IME 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\downlevel 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Com 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-03-13 20:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2023-03-13 20:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemApps 2023-03-13 19:29 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\registration 2023-03-12 19:52 - 2022-11-15 18:24 - 000000000 ____D C:\Users\clare\AppData\LocalLow\Mozilla 2023-03-11 16:41 - 2022-09-11 22:39 - 000000000 ____D C:\Users\clare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2023-03-11 16:41 - 2019-12-14 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer 2023-03-11 16:32 - 2020-11-13 11:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2023-03-11 16:30 - 2020-07-10 16:55 - 000000000 ____D C:\Program Files (x86)\MSBuild 2023-03-11 16:24 - 2020-11-13 11:32 - 000000000 ____D C:\Users\clare\AppData\Roaming\Visual Studio Setup 2023-03-11 12:32 - 2021-08-08 22:11 - 000000000 ____D C:\Users\clare\AppData\Roaming\Code 2023-03-08 08:17 - 2022-02-17 14:24 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll 2023-03-08 08:17 - 2022-02-17 14:24 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll 2023-03-08 08:17 - 2019-06-27 01:32 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys ==================== Arquivos na raiz de alguns diretórios ======== 2021-03-15 11:58 - 2021-03-15 11:58 - 000007604 _____ () C:\Users\clare\AppData\Local\Resmon.ResmonCfg 2022-02-11 23:11 - 2022-02-11 23:11 - 000000000 _____ () C:\Users\clare\AppData\Local\{F46B5C7A-FE23-4578-8A41-2592382CEAEF} ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================

@Elias Pereira # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2022-10-10.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 04-03-2023 # Duration: 00:00:34 # OS: Windows 10 (Build 19045.2728) # Scanned: 32097 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [1567 octets] - [19/03/2023 22:14:55] AdwCleaner[C00].txt - [1699 octets] - [19/03/2023 22:15:48] AdwCleaner[S01].txt - [1542 octets] - [20/03/2023 22:38:45] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ########## ~ ZHPCleaner v2023.4.2.15 by Nicolas Coolman (2023/04/02) ~ Run by clare (Administrator) (03/04/2023 11:36:00) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\clare\OneDrive\Área de Trabalho\ZHPCleaner (R).txt ~ Quarantine : C:\Users\clare\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 19045) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (22) ---\ Scheduled automatic tasks. (1) DELETED task: [AutoKMSDaily] [C:\WINDOWS\Tasks\AutoKMSDaily.job (Not File) ] =>HackTool.AutoKMS ---\ Explorer ( File, Folder) (4) MOVED file: C:\Users\clare\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\clare\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences =>Préférences Chromium MOVED file: C:\Users\clare\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Windows\Tasks\AutoKMSDaily.job =>HackTool.AutoKMS ---\ Registry ( Key, Value, Data) (1) DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask ---\ Summary of the elements found (3) https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask ---\ Other deletions. (0) ~ Registry Keys Tracing deleted (0) ~ Remove the old reports ZHPCleaner. (0) ---\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Internet Explorer OK ---\ Statistics ~ Items scanned : 2677 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h00mn11s ---\ Reports (2) ZHPCleaner-[S]-03042023-11_29_08.txt ZHPCleaner-[R]-03042023-11_36_11.txt

@Elias Pereira Olá Eu já fiz o escaneamento do adwcleaner e postei o resultado no primeiro post.

Peguei vírus, spyware, tudo que possa imaginar depois que tentei recuperar alguns arquivos perdidos com programas baixados da internet. Passei o cclenear, pois o software capcut abre mais cheio de chuvisco, aí o cclenear apagou meus arquivos Aguardo, obrigada!! Addition.txt FRST.txt AdwCleaner[C00].txt AdwCleaner[S00].txt

Problema eliminado e não apareceu mais nenhum. Muito obrigada!!! Fixlog.txt

abaixo seguem os logs... Addition.txt AdwCleaner[C00].txt FRST.txt

Meu computador com so win 7 home pro (não posso atualizar o so por ter um programa que não roda em mais avançado) detectou esse vírus pelo microsoft security essentials e fez a exclusão. Reiniciei o computador e abriu uma tela que deixo anexo. Como resolver?? Tenho que reinstalar e/ou reparar o so??? Obrigada!!!

Bom dia. Estou com um notebook da dell com windows 8.1 que sempre que inicia vai para o modo de reparação automática e não resolve. Então eu desativei essa função, aí aparece várias telas conforme eu vou apertando entrer, F8 ou esc. Eu consigo subir o sistema operacional depois de algumas tentativas entrando no setup, e funciona normal, sem bugs. Mas todo vez que reinicio ou ligo aparecem as telas, isso está errado. Já entrei em contato com a dell que disse "esse problema por enquanto está somente no windows 10" mas o meu é windows 8.1. Já formatei e ficaram dois SO... aí eu apaguei o antigo e fiquei com o atual, mas as telas continuaram. Já passei o chksdk, fiz um monte de procedimentos pelo prompt e nada, as telas voltam do mesmo jeito. Sinceramente não sei mais o que fazer, preciso de ajuda!!! 5 dias mexendo no notebook, estou a ponto de joga-lo na parede.. affff